def permission_manager(): user_role = Role.query.filter_by(name='User').first() admin_role = Role.query.filter_by(name='Admin').first() users = User.query.filter( or_(User.role == user_role, User.role == admin_role)).order_by(User.publish_date.desc()) return render_template('blog/permissions_manager.html', users=users)
def tag_adminter(username): if current_user.username == username: tags = Tag.query.filter_by(user_id=current_user.id).all() # 现在要求得到用户创建的tag 获取列表 return render_template('blog/tag_adminter.html', tags=tags) else: abort(404)
def new_post(): if current_user.is_authenticated: categories = Category.query.all() tags = Tag.query.all() if request.method == 'POST': post = Post( title=request.values.get('title'), text=request.values.get('context'), publish_date=datetime.datetime.now(), modified_date=datetime.datetime.now(), user_id=current_user.id, ) if request.values.get('category') and isinstance( request.values.get('category'), int): post.category_id = request.values.get('category') if request.values.getlist('s_option'): for tag_id in request.values.getlist('s_option'): tag = Tag.query.filter_by(id=tag_id).first() post.tags.append(tag) db.session.add(post) db.session.commit() logger.info('用户"{}"新增了"{}"博文'.format(current_user.username, post.title)) return redirect( url_for('my_admin.post_adminter', username=current_user.username)) return render_template('blog/new_post.html', categories=categories, tags=tags) else: abort(404)
def category_adminter(username): if current_user.username == username: categories = Category.query.filter_by(user_id=current_user.id).all() # 现在要求得到用户创建的tag 获取列表 return render_template('blog/category_adminter.html', categories=categories) else: abort(404)
def post_adminter(username): if current_user.username == username: posts = Post.query.filter_by(user_id=current_user.id).order_by( Post.publish_date.desc()).all() categories = Category.query.filter_by(user_id=current_user.id).all() tags = Tag.query.filter_by(user_id=current_user.id).all() # 现在要求得到用户创建的tag 获取列表 return render_template('blog/post_adminter.html', posts=posts, categories=categories, tags=tags) else: return "您无权访问他人页面"
def user_detail(username): if current_user.username == username: if request.method == 'POST': current_user.username = request.values.get('username') current_user.qq_num = request.values.get('qq_num') current_user.email = request.values.get('email') current_user.introduction = request.values.get('introduction') current_user.modified_date = datetime.datetime.now() db.session.add(current_user) db.session.commit() return redirect( url_for('my_admin.user_detail', username=current_user.username)) return render_template('blog/user_detail.html') else: abort(404)
def new_tag(): if current_user.is_authenticated: if request.method == 'POST': tag = Tag() tag.name = request.values.get('tag_name') tag.publish_date = datetime.datetime.now() tag.modified_date = datetime.datetime.now() tag.user_id = current_user.id db.session.add(tag) db.session.commit() logger.info('用户"{}"新增了"{}"标签'.format(current_user.username, tag.name)) return redirect( url_for('my_admin.tag_adminter', username=current_user.username)) return render_template('blog/new_tag.html') else: abort(404)
def new_category(): if current_user.is_authenticated: if request.method == 'POST': category = Category() category.name = request.values.get('category_name') category.publish_date = datetime.datetime.now() category.modified_date = datetime.datetime.now() category.user_id = current_user.id db.session.add(category) db.session.commit() logger.info('用户"{}"新增了"{}"分类'.format(current_user.username, category.name)) return redirect( url_for('my_admin.category_adminter', username=current_user.username)) return render_template('blog/new_category.html') else: abort(404)
def tag_edit(user_id, tag_id): if current_user.id == user_id: tag = Tag.query.filter_by(id=tag_id).first_or_404() b_tag_name = tag.name if request.method == 'POST': tag.name = request.values.get('tag_name') tag.modified_date = datetime.datetime.now() tag.user_id = current_user.id db.session.add(tag) db.session.commit() logger.info('用户"{}"将标签"{}"修改为"{}"'.format(current_user.username, b_tag_name, tag.name)) return redirect( url_for('my_admin.tag_adminter', username=current_user.username)) return render_template('blog/tag_edit.html', tag=tag) else: abort(404)
def category_edit(user_id, category_id): if current_user.id == user_id: category = Category.query.filter_by(id=category_id).first_or_404() b_category_name = category.name if request.method == 'POST': category.name = request.values.get('category_name') category.modified_date = datetime.datetime.now() category.user_id = current_user.id db.session.add(category) db.session.commit() logger.info('用户"{}"将分类"{}"修改为"{}"'.format(current_user.username, b_category_name, category.name)) return redirect( url_for('my_admin.category_adminter', username=current_user.username)) return render_template('blog/category_edit.html', category=category) else: abort(404)
def post_edit(user_id, post_id): user = User.query.filter_by(id=user_id).first_or_404() post = Post.query.filter_by(id=post_id).first_or_404() categories = Category.query.filter_by(user_id=current_user.id).all() cat = Category.query.filter_by(id=post.category_id).first() tags = Tag.query.filter_by(user_id=current_user.id).all() title = post.title if request.method == 'POST': if post.user_id == user.id: post.title = request.values.get('title') post.text = request.values.get('context') post.modified_date = datetime.datetime.now() tag_s = request.values.getlist('s_option') # 得到Tag 的 id if tag_s: for tag_id in tag_s: t = Tag.query.filter_by(id=int(tag_id)).first() post.tags.append(t) if request.values.get('category') == '' or None: db.session.add(post) db.session.commit() else: post.category_id = request.values.get('category') logger.info('用户"{}"修改了"{}"博文'.format(current_user.username, title)) db.session.add(post) db.session.commit() return redirect( url_for('my_admin.post_adminter', username=user.username)) return render_template('blog/post_edit.html', post=post, categories=categories, cat=cat, tags=tags)