def show_user(username):
# Are you authorized (functions are in models file)
if you_are_not_authorized(username):
return no_authorization(username)
user = User.query.get_or_404(username)
user_feedbacks = Feedback.query.filter(Feedback.username==user.username).all()
return render_template('user.html', user=user, feedbacks=user_feedbacks)
def delete_feedback(id):
feedback = Feedback.query.get_or_404(id)
username = feedback.username
# Are you authorized (functions are in models file)
if you_are_not_authorized(username):
return no_authorization(username)
db.session.delete(feedback)
db.session.commit()
flash("Feedback has been deleted!!", 'danger')
return redirect(f"/users/{username}")
def update_feedback(id):
feedback = Feedback.query.get_or_404(id)
username = feedback.username
# Are you authorized (functions are in models file)
if you_are_not_authorized(username):
return no_authorization(username)
form = FeedbackForm(obj=feedback) # <<== obj keyword argument !!!
if form.validate_on_submit():
feedback.title = form.title.data
feedback.content = form.content.data
db.session.commit()
flash("Feedback updated!", 'success')
return redirect(f"/users/{username}")
return render_template('feedback_update.html', form=form)
def delete_user(username):
# Are you authorized (functions are in models file)
if you_are_not_authorized(username):
return no_authorization(username)
user = User.query.get_or_404(username)
user_feedbacks = Feedback.query.filter(Feedback.username==user.username).all()
for uf in user_feedbacks:
db.session.delete(uf)
db.session.commit()
db.session.delete(user)
db.session.commit()
flash(f"{user.username} account and its feedbacks permanently deleted!!", 'danger')
return redirect('/logout')
def add_feedback(username):
# Are you authorized (functions are in models file)
if you_are_not_authorized(username):
return no_authorization(username)
form = FeedbackForm()
if form.validate_on_submit():
title = form.title.data
content = form.content.data
new_feedback = Feedback(title=title,
content=content,
username=username)
db.session.add(new_feedback)
db.session.commit()
flash("Feedback created!", 'success')
return redirect(f"/users/{username}")
return render_template('feedback_add.html', form=form)