def posts_update(threadId, postId):
dbPost = Post.query.get(postId)
# Allowed: MASTER, ADMIN and USER own post
if (current_user.userrole == "USER"
and dbPost.account_id != current_user.id):
return login_manager.unauthorized()
if request.method == "GET":
form = PostForm()
form.message.data = dbPost.message
return render_template("posts/update.html",
form=form,
threadId=threadId,
postId=postId)
form = PostForm(request.form)
if not form.validate():
return render_template("posts/update.html",
form=form,
threadId=threadId,
postId=postId)
dbPost.message = form.message.data
db.session().commit()
return redirect(url_for("threads_open", threadId=threadId))
def posts_create(thread_id):
thread = Thread.query.get_or_404(thread_id)
form = PostForm(request.form)
if not form.validate():
return render_template("posts/new.html",
form = form,
thread_id = thread_id,
title = thread.title
)
try:
thread.modification_time = db.func.current_timestamp()
posted = Post(form.content.data)
posted.account_id = current_user.id
posted.thread_id = thread_id
db.session().add(posted)
db.session().commit()
flash("Your comment was posted", "alert alert-info")
except:
db.session.rollback()
flash("Error occurred, comment was not posted", "alert alert-danger")
return redirect(url_for("posts_thread", thread_id=thread_id))
def posts_create(theme_num):
form = PostForm(request.form)
if not form.validate():
return render_template("posts/write.html",
form=form,
theme_id=theme_num)
b = Topic(form.topic.data)
old_topic = Topic.query.filter_by(name=form.topic.data).first()
if not old_topic:
b.theme_id = theme_num
db.session().add(b)
db.session().commit()
Subject = Topic.query.filter_by(name=form.topic.data).first()
a = Post(request.form.get("content"))
a.topic = form.topic.data
a.author = current_user.name
a.account_id = current_user.id
a.subject_id = Subject.id
db.session().add(a)
db.session().commit()
return redirect(url_for("topic_id", theme_id=theme_num))
else:
flash("Topic already taken!")
return render_template("posts/write.html",
form=form,
error="Topic already taken!",
theme_id=theme_num)
def posts_edit(thread_id, post_id):
post = Post.query.get_or_404(post_id)
if post.account_id == current_user.id:
form = PostForm(request.form)
if not form.validate():
return render_template("posts/edit_post.html",
form = form, post = post
)
try:
newContent = form.content.data
post.content = newContent
db.session().commit()
flash("Post was edited", "alert alert-info")
except:
db.session.rollback()
flash("Error occurred, changes were not saved", "alert alert-danger")
else:
flash("You are not authorized", "alert alert-danger")
return redirect(url_for("posts_thread", thread_id=thread_id))
def posts_create():
form = PostForm(request.form)
if (form.add_tag.data):
form.tags.append(form.tag.data)
form.tag.data = ''
return render_template("posts/new.html", form=form)
if not form.validate():
return render_template("posts/new.html", form=form)
p = Post(form.name.data, form.content.data)
p.user_id = current_user.id
db.session().add(p)
db.session().commit()
for tag in form.tags:
tagd = Tag.query.filter_by(name=tag).first()
if not tagd:
t = Tag(tag)
db.session().add(t)
db.session().commit()
pt = PostTag(t.id, p.id)
else:
pt = PostTag(tagd.id, p.id)
db.session().add(pt)
db.session().commit()
PostForm.tags = []
return redirect(url_for("posts_index"))
def user_wall(id):
user = User.query.get(id)
subscriber_count = Subscription.query.filter_by(wall_id=user.wall.id).count()
subscription_count = Subscription.query.filter_by(owner_id=user.id).count()
post_count = Post.query.filter_by(owner_id=user.id).count()
comment_count = Comment.query.filter_by(owner_id=user.id).count()
if not user:
return redirect(url_for("oops",
error="Invalid user ID"))
if request.method == "GET":
limit = 5
older_than = request.args.get("older_than")
if older_than == None:
older_than = datetime.datetime.utcnow() + datetime.timedelta(seconds=30)
return render_template("wall/user_wall.html",
posts=Post.get_posts_for_user_wall(id,
older_than=older_than,
limit=limit),
user=user,
form=PostForm(),
limit=limit,
subscriber_count=subscriber_count,
subscription_count=subscription_count,
post_count=post_count,
comment_count=comment_count)
form = PostForm(request.form)
if not form.validate():
return render_template("wall/user_wall.html",
posts=Post.get_posts_for_user_wall(id),
user=user,
form=form,
subscriber_count=subscriber_count,
subscription_count=subscription_count,
post_count=post_count,
comment_count=comment_count)
content = re.sub(r"^\s+",
"",
form.content.data,
flags=re.MULTILINE).strip()
owner_id = current_user.id
wall_id = user.wall.id
post = Post(content, owner_id, wall_id)
db.session().add(post)
db.session().commit()
return redirect(url_for("user_wall",
id=id))
def posts_create():
form = PostForm(request.form)
if not form.validate():
return render_template("posts/list.html", posts = Post.query.filter_by(parent_id=None).order_by(Post.create_time.desc()).all(), hashtags = Hashtag.get_trending_hashtags(1, 5), form = form, show = True)
post = Post(current_user.id, form.content.data, None)
db.session().add(post)
db.session().commit()
return redirect(url_for("posts_index"))
def posts_create():
form = PostForm(request.form)
if not form.validate():
return render_template("posts/new.html", form=form)
post = Post(form.name.data)
post.accountId = current_user.id
db.session().add(post)
db.session().commit()
return redirect(url_for("posts_index"))
def posts_reply_to(post_id):
form = PostForm(request.form)
if not form.validate():
post = Post.query.get(post_id)
return render_template("posts/reply_to.html", post = post, form = form)
post = Post(current_user.id, form.content.data, post_id)
db.session().add(post)
db.session().commit()
return redirect(url_for("posts_thread", post_id = post_id))
def post_edit(post_id):
form = PostForm(request.form)
if not form.validate():
return render_template("/posts/post.html",
form=form,
post=Post.query.get(post_id),
commentform=CommentForm())
p = Post.query.get(post_id)
if p.account_id == current_user.id:
p.content = form.content.data
db.session().commit()
return redirect(url_for('post_specific', post_id=post_id))
def posts_submit():
form = PostForm(request.form)
if not form.validate():
return render_template('posts/submit.html', form=form)
with session_scope() as session:
post = Post(form.title.data, form.content.data)
post.account_id = current_user.id
session.add(post)
session.commit()
return redirect(url_for('posts_index'))
def posts_edit(post_id):
post = Post.query.get(post_id)
form = PostForm(request.form)
post.title = form.title.data
post.content = form.content.data
if not form.validate():
return render_template('posts/edit.html', post=post, form=form)
with session_scope() as session:
session.commit()
return redirect(url_for('posts_details', post_id=post_id))
def post_create(thread_id):
form = PostForm(request.form)
form.content.data = escape(form.content.data)
if not form.validate():
return render_template("post/new.html", form=form, thread_id=thread_id)
if not current_user.is_authenticated:
flash("Authentication error")
return redirect(url_for("category_index"))
p = Post(form.content.data)
p.account_id = current_user.id
p.thread_id = thread_id
db.session().add(p)
db.session().commit()
return redirect(url_for("thread_view", thread_id=thread_id))
def thread_reply(thread_id):
thread = Thread.query.get(thread_id)
form = PostForm(request.form)
if not form.validate():
return redirect(url_for("view_thread", thread_id=thread_id, form=form))
post = Post(form.message.data)
post.user_id = current_user.id
post.thread_id = thread.id
db.session().add(post)
db.session().commit()
return redirect(
url_for("view_thread", thread_id=thread_id, form=ThreadForm()))
def posts_new(threadId):
if request.method == "GET":
return render_template("posts/new.html",
form=PostForm(),
threadId=threadId)
form = PostForm(request.form)
if not form.validate():
return render_template("posts/new.html", form=form, threadId=threadId)
dbPost = Post(form.message.data, 0)
dbPost.account_id = current_user.id
dbPost.thread_id = threadId
db.session().add(dbPost)
db.session().commit()
return redirect(url_for("threads_open", threadId=threadId))
def index(user_id):
date = datetime.datetime.now().strftime('%A, %b %d, %Y')
delete_form = DeleteForm()
found_user = User.query.get(user_id)
if request.method == 'POST':
form = PostForm(request.form)
if form.validate():
new_posts = Post(request.form['title'], datetime.datetime.now(),
request.form['post_body'], user_id)
db.session.add(new_posts)
db.session.commit()
return redirect(url_for('posts.index', user_id=user_id))
else:
return render_template('posts/new.html', form=form)
return render_template('posts/index.html',
user=found_user,
delete_form=delete_form,
date=date)
def posts_update(post_id):
form = PostForm(request.form)
if not form.validate():
return render_template("posts/update.html", form = form, post_id = post_id)
post = Post.query.get(post_id)
if not (post.user_id is current_user.id or current_user.has_role("MODERATOR")):
return login_manager.unauthorized()
post.set_content(form.content.data)
db.session().commit()
if ast.literal_eval(request.args.get("redirect_thread", "False")):
return redirect(url_for("posts_thread", post_id = post_id))
else:
return redirect(url_for("posts_index"))
def edit_post(post_id, topic_id):
post_in_db = Post.query.get(post_id)
if post_in_db is None:
return redirect(url_for("view_topic", topic_id=topic_id))
if UserService.user_not_admin_nor_editing_own_content(
post_in_db.author_id):
return redirect(url_for("view_topic", topic_id=topic_id))
form = PostForm(request.form)
if not form.validate():
return render_template("posts/edit_post.html",
post=post_in_db,
form=form)
post_in_db.body = form.body.data
db.session.commit()
return redirect(url_for("view_topic", topic_id=topic_id))
def create_post(topic_id):
topic = Topic.query.get(topic_id)
if topic is None:
return redirect(url_for("topics_index"))
form = PostForm(request.form)
if not form.validate():
return render_template("topics/single.html", topic=topic, form=form)
body = request.form.get("body")
post = Post(body)
post.topic = topic
post.author_id = current_user.id
db.session().add(post)
db.session().commit()
return redirect(url_for("view_topic", topic_id=topic_id))
def posts_create():
form = PostForm(request.form)
if not form.validate():
return render_template("posts/new.html", form=form)
post = Post(form.title.data, False, form.url.data)
post.author = current_user
if not form.url.data:
post.content = form.text.data
post.is_text = True
db.session().add(post)
# insert post to database to generate id
db.session().flush()
upvote = Upvote(current_user.id, post.id)
db.session().add(upvote)
db.session().commit()
return redirect(url_for("posts_index"))
def post_edit(post_id):
post = Post.query.get(post_id)
if request.method == "POST":
form = PostForm(request.form)
form.content.data = escape(form.content.data)
if form.validate() and (current_user.id == post.account_id
or current_user.has_role("admin")):
Post.query.filter(Post.id == post.id).update({
'name':
'reply',
'content':
form.content.data
})
db.session().commit()
flash("Post successful!")
return redirect(url_for("thread_view", thread_id=post.thread_id))
else:
return render_template("post/edit.html", form=form, post=post)
form = PostForm()
form.content.data = post.content
return render_template("post/edit.html", form=form, post=post)
def posts_index():
if request.method == "GET":
return render_template("posts/list.html",
posts=Post.query.order_by(
Post.date_created.desc()).all(),
form=PostForm())
if not current_user.is_authenticated:
return redirect("/auth/login")
form = PostForm(request.form)
if not form.validate():
return render_template("posts/list.html",
form=form,
posts=Post.query.order_by(
Post.date_created.desc()).all())
p = Post(form.content.data)
p.account_id = current_user.id
db.session().add(p)
db.session().commit()
return redirect(url_for("posts_index"))
def posts_edit(post_id):
post = Post.query.get(post_id)
if not post.owner_id == current_user.id:
return redirect(url_for("oops", error="Not authorized"))
if request.method == "GET":
return render_template("posts/edit.html",
post_id=post_id,
form=PostForm(
MultiDict({"content": post.content})),
**request.args)
form = PostForm(request.form)
if not form.validate():
return render_template("posts/edit.html",
post_id=post_id,
form=form,
**request.args)
post.content = re.sub(r"^\s+", "", form.content.data,
flags=re.MULTILINE).strip()
db.session().commit()
return try_redirect("oops", **request.args)
