def edit_course(course_id=None): if course_id: course = Course.query.get(course_id) else: course = Course() if not course: abort(404) latest_term = course.latest_term if not latest_term: abort(404) course_form = CourseForm(formdata=request.form, obj=course) if course_form.validate_on_submit(): course_form.introduction.data = sanitize(course_form.introduction.data) course_form.populate_obj(latest_term) if not latest_term.homepage.startswith('http'): latest_term.homepage = 'http://' + course.homepage latest_term.save() db.session.commit() return redirect(url_for('course.view_course', course_id=course.id)) return render_template('course-edit.html', form=course_form, course=course)
def edit_course(course_id=None): if not current_user.is_admin: abort(403) if course_id: course = Course.query.get(course_id) else: course = Course() if not course: abort(404) latest_term = course.latest_term if not latest_term: abort(404) course_form = CourseForm(request.form, course) if course_form.validate_on_submit(): course_form.introduction.data = sanitize(course_form.introduction.data) course_form.populate_obj(latest_term) if not latest_term.homepage.startswith("http"): latest_term.homepage = "http://" + course.homepage latest_term.save() db.session.commit() return redirect(url_for("course.view_course", course_id=course.id)) return render_template("course-edit.html", form=course_form, course=course)