Пример #1
0
 def decorated_function(*args, **kwargs):
     if not current_user.can(permisssion):
         print "Can it?"
         print current_user.can(permisssion)
         abort(403)
     print "probably can"
     return f(*args, **kwargs)
Пример #2
0
def insert_contract():
    form = ContractForm()
    page = request.args.get('page', 1, type=int)
    pagination = Contract.query.order_by(desc(Contract.timestamp)).outerjoin(Contract_Device).add_entity(Contract_Device).outerjoin(Contract_Device_Number)\
        .add_entity(Contract_Device_Number).outerjoin(Device).add_entity(Device).outerjoin(Purchase).add_entity(Purchase)\
        .paginate(page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],error_out=False)
    contracts = pagination.items

    if  form.validate_on_submit() and current_user.can(Permission.CONTRACT):
        contract = Contract(contract_number=form.contract_number.data,material_operator=form.material_operator.data,\
            contract_date=form.contract_date.data,contract_value=form.contract_value.data,\
            planned_arrival_date=form.planned_arrival_date.data)

        if  not Contract.query.filter_by(contract_number=form.contract_number.data).first():
            db.session.add(contract)
            db.session.commit()
        else:
            db.session.rollback()
            flash("您可能输入了重复的合同编号或者非法字符,请重新刷新网页")
        return redirect(url_for('.insert_contract'))

    elif form.validate_on_submit() and not current_user.can(Permission.PURCHASE) :
        flash('你没有权限写入合同')
        return redirect(url_for('.insert_contract'))

    return render_template('insert_contract.html', form=form, contracts=contracts,pagination=pagination)
Пример #3
0
def insert_contract_device(id):
    form = ContractDeviceForm()
    contract = Contract.query.filter_by(id=id).first()   #已经添加的合同设备
    if  form.validate_on_submit() and current_user.can(Permission.CONTRACT_DEV):
        device_quantity=int(form.device_quantity.data)
        if device_quantity!=form.device_quantity.data:
            flash('设备数量必须为整数')
            return redirect(url_for('.insert_contract_subject',id=id))
        contract_device = Contract_Device(contract_subject_matter=form.contract_subject_matter.data,model=form.model.data,supplier=form.supplier.data,\
            unit_price=form.unit_price.data,device_quantity=form.device_quantity.data,\
            settlement_amount=form.settlement_amount.data,\
            remarks_contract_device=form.remarks_contract_device.data,\
            contract_device=contract)    #将表单信息插入devices表
        db.session.add(contract_device)
        db.session.commit()

        #功能为提交一次合同设备内容,则根据设备数量n提交n个合同设备细项
        for i in range(device_quantity):
            contract_device_number=Contract_Device_Number(serial_number=i+1, contract_device_number=contract_device)
            db.session.add(contract_device_number)
            db.session.commit()
        return redirect(url_for('.insert_contract_device',id=id))
    elif form.validate_on_submit() and not current_user.can(Permission.CONTRACT_DEV) :
        flash('你没有权限写入合同设备')
        return redirect(url_for('.insert_contract_device',id=id))

    contract_devices = Contract_Device.query.filter_by(contract_id=id).order_by(Contract_Device.timestamp.desc()).all() #.filter_by(XXX)
    return render_template('insert_contract_device.html', form=form, contract=contract,contract_devices=contract_devices)
Пример #4
0
def question(id):
    """show the questions"""
    answerForm = AnswerForm()
    commentForm = CommentForm()
    question = Question.query.filter_by(id=id).first_or_404()
    answer_id =  request.args.get('answer_id', -1, type=int)
    comments = Comment.query.filter_by(answer_id=answer_id).order_by(Comment.timestamp.desc())
    answer= Answer.query.filter_by(id=answer_id)
    if current_user.can(Permission.WRITE_ARTICLES) and \
       answerForm.validate_on_submit():
                answer = Answer(answer=answerForm.body.data,
                                 author=current_user._get_current_object(),
                                 authorname=current_user.username,
                                 question=question )
                db.session.add(answer)
                return redirect(url_for('.question', id=id))

    if current_user.can(Permission.WRITE_ARTICLES) and \
       commentForm.validate_on_submit():
                comment = Comment(comment=commentForm.body.data,
                                 author=current_user._get_current_object(),
                                 authorname=current_user.username,
                                 answer=answer)
                db.session.add(answer)
                return redirect(url_for('.question', id=id))

    answers = Answer.query.filter_by(question_id=question.id).order_by(Answer.timestamp.desc())            
    asker = User.query.filter_by(id=question.author_id).first()
    return render_template("question.html", question=question, asker=asker,
                           answerForm=answerForm, answers=answers, comments=comments,
                           commentForm=commentForm, answer_id=answer_id)
Пример #5
0
Файл: views.py Проект: aztec8/ds
def read_article(slug):
    article = Article.query.filter_by(slug=slug).first_or_404()
    # get the latest article
    # we have to account for article.ids that have been deleted
    # we have gaps between some ids
    index = 1
    next_article = Article.query.filter_by(id=article.id + index).first()
    while next_article is None:
        index = index + 1
        next_article = Article.query.filter_by(id=article.id + index).first()
        if next_article is not None:
            break
        else:
            next_article = Article.query.filter_by(id=article.id - index).first()

    # get related articles
    article_category = Category.query.filter_by(id=article.category_id).first()
    related_articles = article_category.posts.order_by(Article.post_date.desc()).limit(3)

    # comment shit
    comment_form = CommentForm(prefix='comment')
    if comment_form.validate_on_submit() and comment_form.submit.data:
        if current_user.can(Permission.COMMENT):
            comment = Comment(
                body=comment_form.body.data,
                author=current_user._get_current_object(),
                article=article
                )
            db.session.add(comment)
            flash('Your comment has been posted!')
            return redirect(url_for('articles.read_article', slug=article.slug))
        # elif comment_form.email.data:
        #     flash('an email was entered')
        else:
            flash('please login to comment')

    comments = article.comments.filter_by(reply_to=None).order_by(Comment.timestamp.desc()).limit(20)

    reply_form = ReplyForm(prefix='reply')
    if reply_form.validate_on_submit() and reply_form.submit.data:
        if current_user.can(Permission.COMMENT):
            og_comment = Comment.query.filter_by(id=reply_form.comment_id.data).first()
            reply = Comment(
                body=reply_form.body.data,
                author=current_user._get_current_object(),
                article=article,
                reply_to=og_comment
                )
            db.session.add(reply)
            flash('hey you posted a reply!')
            return redirect(url_for('articles.read_article', slug=article.slug))
        else:
            flash('you must login in order to reply')
    return render_template('articles/view.html', article=article,
        next_article=next_article, related_articles=related_articles,
        comment_form=comment_form, comments=comments,
        reply_form=reply_form)
Пример #6
0
def moderate_delete(id):
    comment = Comment.query.get_or_404(id)
    if( not current_user.can(Permission.MODERATE_COMMENTS) ) and( current_user.id != comment.author_id ) and (current_user.id != Post.query.filter_by(id = comment.post_id).first().author_id):
        abort(403)
    else:
        db.session.delete(comment)
        db.session.commit()
        if ( current_user.can(Permission.MODERATE_COMMENTS)):
            return redirect(url_for('main.moderate', page= request.args.get('page',1,type=int)))
        else:
            return redirect(url_for('main.post',id = comment.post_id))
Пример #7
0
def index():
    form = PostForm()
    page = request.args.get("page", 1, type=int)
    if current_user.can(Permission.WRITE_ARTICLES) and \
            form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for(".index"))

    show_followed = False
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get("show_followed", ""))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query

    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config["FLASKY_POSTS_PER_PAGE"],
        error_out=False)
    posts = pagination.items
    return render_template("index.html",
                           form=form,
                           posts=posts,
                           show_followed=show_followed,
                           pagination=pagination)
Пример #8
0
def upload_head(username):
    # get head_img_name by ajax
    head_img_name = request.args.get('head_img_name', '', type=str)

    # get user who is going to change his head_portrait
    user = User.query.filter_by(username=username).first()

    # user is None
    if user is None:
        flash(u'该用户不存在')
        return redirect(url_for('main.user_list'))
    # if you are not admin or self, can't change it
    if current_user != user and not current_user.can(Permission.ADMINISTER):
        flash(u'你没有权限修改他人的头像信息')
        return redirect('main.user', username=user.username)

    # upload image and get status
    img_src, status = upload_image('head', head_img_name)

    if status:
        # uploaded success
        tag = u'头像上传成功'
        # update to db
        user.head_portrait = img_src
        db.session.add(user)
    else:
        # uploaded failed
        tag = u'头像上传失败'

    flash(tag)

    return jsonify(result=json.dumps({'id':1, }, encoding='utf-8'))
Пример #9
0
def index():
    show_followed = False
    form = PostForm()
    page_count = PageCount.query.get_or_404(1)
    if page_count.count is None:
        page_count.count = 1
    else:
        page_count.count = int(page_count.count) + 1
    flash("Site has experienced a breakdown, inconvenience is regretted! ")
    if current_user.can(
            Permission.WRITE_ARTICLE) and form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('main.index'))
    # posts = Post.query.order_by(Post.timestamp.desc()).all()
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    page = request.args.get('page', 1, type=int)
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config['FLASKY_POST_PER_PAGE'],
        error_out=False)
    posts = pagination.items
    return render_template('index.html',
                           posts=posts,
                           form=form,
                           pagination=pagination,
                           show_followed=show_followed,
                           count=page_count.count)
Пример #10
0
def edit_report(id):
    task = ''
    if str(id).count('_') == 2:
        lab_id, st_id, task = str(id).split('_')
        lab_id = int(lab_id)
        st_id = int(st_id)
    else:
        lab_id, st_id, _, __ = [int(i) for i in str(id).split('_')]

    if not current_user.can(Permission.ADMIN):
        if not lab_id in current_user.list_of_labs_to_check():
            return render_template('403.html')

    form = EditReportForm()
    student = get_student_name(current_app.config['DB'], st_id)

    report_fname, report = return_report_content(current_app.config['DB'],
                                                 st_id, lab_id, task,
                                                 current_app.config)
    form.report.data = report

    if form.validate_on_submit():
        with open(report_fname, 'w') as report_f:
            report_f.write(request.form['report'])
        return redirect(
            url_for('main.report', id=str(lab_id) + '_' + str(st_id)))

    return render_template('edit_report.html',
                           lab=lab_id,
                           task=task,
                           student=student,
                           st_id=st_id,
                           report=report,
                           form=form)
Пример #11
0
def index():
    nav = {}
    # add admin tasks
    if current_user.can(Permission.ADMINISTRATOR):
        nav['users'] = _("Users")

    return render_template('window.html', mainnav=nav.items())
Пример #12
0
def edit(id):
    post = Post.query.get_or_404(id)
    if current_user != post.author and not current_user.can(Permission.ADMINISTER):
        abort(403)
    form = EditForm()
    if form.data['submit']:
        post.title = form.title.data
        post.summary = form.summary.data
        post.body = form.body.data
        db.session.add(post)
        flash('The post has been updated.')
        return redirect(url_for('.post', id=post.id))


    if form.data['delete']:
        db.session.delete(post)
        flash('The post has been updated.')
        return redirect(url_for('.index'))
        #return render_template('edit_post.html', form=form,delete_form=delete_form)

    if form.data['cancel']:
        return redirect(url_for('.index'))

    form.title.data = post.title
    form.summary.data = post.summary
    form.body.data = post.body
    return render_template('edit_post.html', form=form)
Пример #13
0
 def decorated_function(bug_id):
     bugs = Bugs.get_by_bug_id(bug_id)
     if not (current_user == bugs.author and \
             bugs.status_equal(Bug_Now_Status.CREATED)) and \
             not current_user.can(Permission.ADMINISTER):
         abort(403)
     return f(bug_id)
Пример #14
0
def moderate_delete(id):
    comment = Comment.query.get_or_404(id)
    if (not current_user.can(Permission.MODERATE_COMMENTS)) and (
            current_user.id != comment.author_id) and (
                current_user.id !=
                Post.query.filter_by(id=comment.post_id).first().author_id):
        abort(403)
    else:
        db.session.delete(comment)
        db.session.commit()
        if (current_user.can(Permission.MODERATE_COMMENTS)):
            return redirect(
                url_for('main.moderate',
                        page=request.args.get('page', 1, type=int)))
        else:
            return redirect(url_for('main.post', id=comment.post_id))
Пример #15
0
def edit(id):
    post = Post.query.get_or_404(id)
    if post.category_id:
        category = Category.query.get_or_404(post.category_id)
    if current_user != post.author and not current_user.can(Permission.ADMINISTER):
        abort(403)
    # 这里使用 的 PostForm 表单类和首页中使用的是同一个。
    form = PostForm()
    if form.validate_on_submit():
        post.title = form.title.data
        post.intro = form.intro.data
        post.body = form.body.data
        if form.category_name.data:
            category_name_exists = Category.query.filter_by(category_name=form.category_name.data).first()
            if not category_name_exists:
                category = Category(category_name=form.category_name.data)
                db.session.add(category)
                db.session.commit()
                post.category_id = category.id
            else:
                post.category_id = category_name_exists.id
        db.session.add(post)
        db.session.commit()
        flash('文章已提交 (。・`ω´・)')
        return redirect(url_for('.post', id=post.id))
    form.title.data = post.title
    form.intro.data = post.intro
    form.body.data = post.body
    if post.category_id:
        category = Category.query.filter_by(id=post.category.id).first()
        form.category_name.data = category.category_name
    return render_template('edit_post.html', form=form)
Пример #16
0
def index():
	form = PostForm()
	if current_user.can(Permission.WRITE_ARTICLES) and \
			form.validate_on_submit():
		post = Post(body = form.body.data,
					author = current_user._get_current_object())
		db.session.add(post)
		return redirect(url_for('.index'))
	page = request.args.get('page', 1, type = int)
	#requset.args为请求的查询字符串
	#get()中有三个参数,key, default, type 
	#如果没有指定page,默认为1,type = init为了确保若参数无法转换为整数,返回默认值
	show_followed = False
	if current_user.is_authenticated:
		show_followed = bool(request.cookies.get('show_followed', ''))
	if show_followed:
		query = current_user.followed_posts
	else:
		query = Post.query
	pagination = query.order_by(Post.timestamp.desc()).paginate(
		page, per_page = current_app.config['FLASKY_POSTS_PER_PAGE'],
		error_out = False)
	#Post.timestamp.desc()为按时间戳降序排列
	#paginate()方法接受三个参数,起始页,每一页的数目,错误标志,True为404,False为空列表
	posts = pagination.items
	#迭代器,index.html中要用到
	return render_template('index.html', form = form, posts = posts,
							show_followed = show_followed, pagination = pagination)
Пример #17
0
def index():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and \
            form.validate_on_submit():
        post = Post(body=form.body.data,location=form.location.data,name=form.name.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        f = request.files['avatar']
        fname = secure_filename(f.filename)
        if fname != '':
            UPLOAD_FOLDER = '\\app\\static\\avatar\\'
            f.save(os.getcwd() + UPLOAD_FOLDER + post.name + "_" + fname)
            post.real_avatar = post.name + "_" + fname
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items
    return render_template('index.html', form=form, posts=posts,
                           show_followed=show_followed, pagination=pagination)
Пример #18
0
def index():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and \
            form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    # set show_followed as False first, then get show_followed from cookies
    show_followed = False
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get('show_followed', ''))
    # what's followed_posts? the property?
    # if yes, show followed post, else show all posts
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config['BLOG_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items
    return render_template('index.html',
                           form=form,
                           posts=posts,
                           pagination=pagination,
                           show_followed=show_followed)
Пример #19
0
def edit_post(id):
    post = Post.query.get_or_404(id)
    if current_user != post.author and \
    not current_user.can(Permission.ADMINISTER):
        abort(403)
    form = PostForm()
    if form.validate_on_submit():
        post.title = form.title.data
        post.body = form.body.data
        post.category = Category.query.get(form.category.data)
        if form.tags.data:
            for tag in post.tags.all():
                post.tags.remove(tag)
            for tag in form.tags.data:
                post.tags.append(tag)
        else:
            form.tags.data = post.tags.all()
        db.session.add(post)
        db.session.commit()
        flash(u'文章已更新。')
        return redirect(url_for('.post', id=post.id))
    form.title.data = post.title
    form.body.data = post.body
    form.tags.data = post.tags.all()
    form.category.data = post.category_id
    return render_template('add_post.html', form=form, title=u'编辑文章')
Пример #20
0
def _question():
    form = request.form.get("postform")
    if current_user.can(Permission.WRITE_ARTICLES):
        post = Post(body=form, author=current_user._get_current_object())
        db.session.add(post)
        db.session.commit()
        return redirect(url_for('.index'))
Пример #21
0
def _add_comment():
    """ajax add comment HTML
    """
    per_page = current_app.config['FLASKY_ANSWERS_PER_PAGE']
    id = request.args.get('answer_id')
    answer = Answer.query.get_or_404(id)
    comment = request.args.get('comment')
    answers = Answer.query.get_or_404(id)
    page = 1
    result = False
    if current_user.can(Permission.COMMENT):
        comment = Comment(body=comment,
                          author=current_user._get_current_object(),
                          answer_id=id)
        db.session.add(comment)
        db.session.commit()
        page = (answer.comments.count() - 1) / per_page + 1
        result = True
    pagination = Comment.query.order_by(
        Comment.timestamp).filter_by(answer_id=id).paginate(page,
                                                            per_page=per_page,
                                                            error_out=False)
    macro_comment = get_template_attribute("_comments.html", "render_comments")
    macro_page = get_template_attribute("_page.html", "render_page")
    comments = pagination.items
    return jsonify({
        'result':
        result,
        'comment_html':
        macro_comment(comments),
        'page_html':
        macro_page(pagination),
        'comments_timestamp': [comment.timestamp for comment in comments],
        'comments_id': [comment.id for comment in comments]
    })
Пример #22
0
def edit_post(id):
	post = Post.query.get_or_404(id)
	if current_user != post.author and \
	not current_user.can(Permission.ADMINISTER):
		abort(403)
	form = PostForm()
	if form.validate_on_submit():
		post.title = form.title.data
		post.body = form.body.data
		post.category = Category.query.get(form.category.data)
		if form.tags.data:
			for tag in post.tags.all():
				post.tags.remove(tag)
			for tag in form.tags.data:
				post.tags.append(tag)
		else:
			form.tags.data = post.tags.all()
		db.session.add(post)
		db.session.commit()
		flash(u'文章已更新。')
		return redirect(url_for('.post', id=post.id))
	form.title.data = post.title
	form.body.data = post.body
	form.tags.data = post.tags.all()
	form.category.data = post.category_id
	return render_template('add_post.html', form=form, title=u'编辑文章')
Пример #23
0
def edit(user_id):
    if current_user.id == user_id or current_user.can(
            Permission.UPDATE_OTHERS_INFORMATION):
        the_user = User.query.get_or_404(user_id)
        form = EditProfileForm()
        if form.validate_on_submit():
            the_user.name = form.name.data
            the_user.major = form.major.data
            the_user.headline = form.headline.data
            the_user.about_me = form.about_me.data
            db.session.add(the_user)
            db.session.commit()
            flash(u'Information updatad', "info")
            return redirect(url_for('user.detail', user_id=user_id))
        form.name.data = the_user.name
        form.major.data = the_user.major
        form.headline.data = the_user.headline
        form.about_me.data = the_user.about_me

        return render_template('user_edit.html',
                               form=form,
                               user=the_user,
                               title=u"Edit information")
    else:
        abort(403)
Пример #24
0
def post(id):
    post = Post.query.get_or_404(id)
    form = CommentForm()
    if form.validate_on_submit():
        comment = Comment(body=form.body.data,
                          post=post,
                          author=current_user._get_current_object())
        db.session.add(comment)
        db.session.commit()
        flash('Your comment has been published.')
        return redirect(url_for('main.post', id=post.id) + '#comments')
    page = request.args.get('page', 1, type=int)
    if page == -1:
        page = (post.comments.count() -
                1) / current_app.config['FLASKY_COMMENTS_PER_PAGE'] + 1
    pagination = post.comments.order_by(Comment.timestamp.asc()).paginate(
        page,
        per_page=current_app.config['FLASKY_COMMENTS_PER_PAGE'],
        error_out=False)
    comments = pagination.items
    if current_user.is_anonymous:
        moderate = False
    else:
        if current_user.id == post.author_id or current_user.can(
                Permission.MODERATE_COMMENTS):
            moderate = True
        else:
            moderate = False
    return render_template('main/articles.html',
                           posts=[post],
                           form=form,
                           comments=comments,
                           pagination=pagination,
                           moderate_set=moderate)
Пример #25
0
def delete_post_confirm(id):
    post = Post.query.get_or_404(id)
    if current_user != post.author and not current_user.can(Permission.ADMINISTER):
        abort(403)
    db.session.delete(post)
    db.session.commit()
    return redirect(url_for('main.index'))
Пример #26
0
def search():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and \
            form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = False
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query

    # search key values
    search_data = g.search_form.search.data
    if not search_data:
        search_data = request.args.get('search')
    if search_data:
        query = query.filter(Post.body.like('%{0}%'.format(search_data.encode('utf-8'))))

    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items
    return render_template('index.html', form=form, search_form=g.search_form, search_data=search_data, posts=posts,
                           show_followed=show_followed, pagination=pagination)
Пример #27
0
def index():
    form = PostForm()
    user = User() 
    message = Message()
    
    if current_user.can(Permission.WRITE_ARTICLES) and \
            form.validate_on_submit():
        post = Post(body=form.body.data,head=form.head.data,
                    author=current_user._get_current_object())                   #内容、标题、作者
        db.session.add(post)
        flash("博客已发布")
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = False    
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items[:] #分页显示

    return render_template('index.html', form=form, posts=posts,user=current_user,message=message,
                           show_followed=show_followed, pagination=pagination,current_time=datetime.utcnow())
Пример #28
0
def unanswer():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and \
            form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = False
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    print query.filter(Post.comments).count()
    print type(Post.comments)

    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items

    # list topic
    topic_query = Topic.query.filter(Topic.id == TopicMapping.topic_id)
    topic_pagination = topic_query.order_by(Topic.add_time.asc()).paginate(
        1, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'] * 5,
        error_out=False)
    topics = topic_pagination.items

    return render_template('unanswer.html', form=form, search_form=g.search_form, posts=posts, topics=topics,
                           show_followed=show_followed, pagination=pagination)
Пример #29
0
def index():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('.index'))  # redirs within blueprint can use this form, across needs 'bpname.index'
    page = request.args.get('page',1, type=int)  # request's query string is available as request.args. When explicit
    # page isn't given, default=1. type=int ensures will be int.
    show_followed = False
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get('show_followed',''))  # choice of showing all or none stored in cookie
            # called show_followed. When set to nonempty string means only followed posts should be shown.
            # Cookies are stored in request obj as a request.cookies dict.
            # String val of cookie converted to Boolean
    if show_followed:
        query = current_user.followed_posts  # uses user's followed posts property.
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False)  # paginate obj takes page num
    # as first required arg, then optional per_page defaults to 20 or whatever is config'd. Error_out: True issues 404
    # if a page outside valid range requested, error_out:Flase returns empty list. looks like ?page=2.
    #posts = Post.query.order_by(Post.timestamp.desc()).all()  # loads all posts
    posts = pagination.items
    return render_template('index.html',
                           form=form,
                           pagination=pagination,
                           posts  = posts,
                           current_time = datetime.utcnow(),
                           show_followed=show_followed)
Пример #30
0
def index():
    form = QuestionForm()
    if current_user.can(Permission.ASK) and form.validate_on_submit():
        question = Question(body=form.body.data, detail=form.detail.data, author=current_user._get_current_object())
        db.session.add(question)
        db.session.flush()
        question_activity = Activity(
            verb="asked", object=question, actor_id=current_user.id, timestamp=question.timestamp
        )
        db.session.add(question_activity)
        return redirect(url_for(".index"))
    page = request.args.get("page", 1, type=int)
    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get("show_followed", ""))
    if show_followed:
        query = current_user.followed_activities
    else:
        query = Activity.query
    pagination = query.order_by(Activity.timestamp.desc()).paginate(
        page, per_page=current_app.config["FLASKQ_ACTIVITIES_PER_PAGE"], error_out=False
    )
    activities = pagination.items
    comment_form = CommentForm()
    return render_template(
        "index.html",
        form=form,
        activities=activities,
        show_followed=show_followed,
        pagination=pagination,
        comment_form=comment_form,
    )
Пример #31
0
def index():
    from utils import cheese
    cheese()
    form = PostForm()
    if current_user.can(
            Permission.WRITE_ARTICLES) and form.validate_on_submit():
        post = Post(body=form.body.data, author_id=current_user.id)
        #post.on_changed_body()
        db.session.add(post)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items
    return render_template('index.html',
                           form=form,
                           posts=posts,
                           show_followed=show_followed,
                           pagination=pagination)
Пример #32
0
def index():
    form = PostForm()
    user = User()
    message = Message()

    if current_user.can(Permission.WRITE_ARTICLES) and \
            form.validate_on_submit():
        post = Post(body=form.body.data,
                    head=form.head.data,
                    author=current_user._get_current_object())  #内容、标题、作者
        db.session.add(post)
        flash("博客已发布")
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items[:]  #分页显示

    return render_template('index.html',
                           form=form,
                           posts=posts,
                           user=current_user,
                           message=message,
                           show_followed=show_followed,
                           pagination=pagination,
                           current_time=datetime.utcnow())
Пример #33
0
def index():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and \
      form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    #requset.args为请求的查询字符串
    #get()中有三个参数,key, default, type
    #如果没有指定page,默认为1,type = init为了确保若参数无法转换为整数,返回默认值
    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    #Post.timestamp.desc()为按时间戳降序排列
    #paginate()方法接受三个参数,起始页,每一页的数目,错误标志,True为404,False为空列表
    posts = pagination.items
    #迭代器,index.html中要用到
    return render_template('index.html',
                           form=form,
                           posts=posts,
                           show_followed=show_followed,
                           pagination=pagination)
Пример #34
0
def write_post():
	form = PostForm()
	if current_user.can(Permission.WRITE_ARTICLES) and form.validate_on_submit():
		post = Post(title=form.title.data, body=form.body.data,author=current_user._get_current_object())
		db.session.add(post)
		return redirect(url_for('main.index', posts=[post]))
	return render_template('write_post.html', form=form)
Пример #35
0
def tags():
    search_tags = request.args.get('search', None)
    page = request.args.get('page', 1, type=int)
    the_tags = Tag.query.outerjoin(book_tag).group_by(
        book_tag.c.tag_id).order_by(db.func.count(
            book_tag.c.book_id).desc()).limit(30).all()
    search_form = SearchForm()
    search_form.search.data = search_tags

    data = None
    pagination = None

    if search_tags:
        tags_list = [
            s.strip() for s in search_tags.split(',') if len(s.strip()) > 0
        ]
        if len(tags_list) > 0:
            the_books = Book.query
            if not current_user.can(Permission.UPDATE_BOOK_INFORMATION):
                the_books = Book.query.filter_by(hidden=0)
            the_books = the_books.filter(
                db.and_(*[
                    Book.tags.any(Tag.name.ilike(word)) for word in tags_list
                ])).outerjoin(Log).group_by(Book.id).order_by(
                    db.func.count(Log.id).desc())
            pagination = the_books.paginate(page, per_page=8)
            data = pagination.items

    return render_template('book_tag.html',
                           tags=the_tags,
                           title='Tags',
                           search_form=search_form,
                           books=data,
                           pagination=pagination)
Пример #36
0
def index():
    form = QuestionForm()
    if current_user.can(Permission.ASK) and \
            form.validate_on_submit():
        question = Question(body=form.body.data,
                            detail=form.detail.data,
                            author=current_user._get_current_object())
        db.session.add(question)
        db.session.flush()
        question_activity = Activity(verb='asked', object=question,
                                  actor_id=current_user.id,
                                     timestamp=question.timestamp)
        db.session.add(question_activity)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_activities
    else:
        query = Activity.query
    pagination = query.order_by(Activity.timestamp.desc()).paginate(
            page, per_page=current_app.config['FLASKQ_ACTIVITIES_PER_PAGE'],
            error_out=False)
    activities = pagination.items
    comment_form = CommentForm()
    return render_template('index.html', form=form, activities=activities,
                           show_followed=show_followed, pagination=pagination,
                           comment_form=comment_form)
Пример #37
0
def index():
    search_word = request.args.get('search', None)
    search_form = SearchForm()
    page = request.args.get('page', 1, type=int)

    the_books = Book.query
    if not current_user.can(Permission.UPDATE_BOOK_INFORMATION):
        the_books = Book.query.filter_by(hidden=0)

    if search_word:
        search_word = search_word.strip()
        the_books = the_books.filter(
            db.or_(Book.title.ilike(u"%%%s%%" % search_word),
                   Book.author.ilike(u"%%%s%%" % search_word),
                   Book.isbn.ilike(u"%%%s%%" % search_word),
                   Book.tags.any(Tag.name.ilike(u"%%%s%%" % search_word)),
                   Book.subtitle.ilike(
                       u"%%%s%%" % search_word))).outerjoin(Log).group_by(
                           Book.id).order_by(db.func.count(Log.id).desc())
        search_form.search.data = search_word
    else:
        the_books = Book.query.order_by(Book.id.desc())

    pagination = the_books.paginate(page, per_page=8)
    result_books = pagination.items
    return render_template("book.html",
                           books=result_books,
                           pagination=pagination,
                           search_form=search_form,
                           title=u"书籍清单")
Пример #38
0
def show_quiz(id):
    form = None
    quiz = Quiz.query.get_or_404(id)
    if current_user.can(Permission.MANAGE_QUIZ):
        is_moderator = True
        form = CreateTaskForm()
    return render_template("quiz.html", quiz=quiz, is_moderator=is_moderator, form=form)
Пример #39
0
def index():
    form = QuestionForm()
    if current_user.can(Permission.WRITE_QUESTIONS) and form.validate_on_submit():
        question = Question(body=form.body.data, content=form.content.data,
                            author=current_user._get_current_object())
        db.session.add(question)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = 0
    session['act'] = u'提出'
    if current_user.is_authenticated:
        show_followed = int(request.cookies.get('show_followed', '0'))
    if show_followed == 1:
        query = current_user.followed_questions
    elif show_followed == 2:
        query = current_user.followed_replys
        session['act'] = u'回答'
        pagination = query.order_by(Reply.timestamp.desc()).paginate(
            page, per_page=current_app.config['FLASKY_REPLYS_PER_PAGE'],
            error_out=False)
        replys = pagination.items
        return render_template('index.html', form=form, replys=replys,
                               show_followed=show_followed, pagination=pagination, act=session.get('act'))
    else:
        query = Question.query
    pagination = query.order_by(Question.timestamp.desc()).paginate(
        page, per_page=current_app.config['FLASKY_QUESTIONS_PER_PAGE'],
        error_out=False)
    questions = pagination.items
    return render_template('index.html', form=form, questions=questions,
                           show_followed=show_followed, pagination=pagination, act=session.get('act'))
Пример #40
0
def question(id):
    """
    Shows question description etc, and maybe also creator info.
    Also has answer question form
    Todo: Delete button. Should it be a simple button with a POST and refresh, or should it be a form?
    :param id:
    :return:
    """
    form = CreateAnswerForm()
    question = Question.query.get_or_404(id)  # get gets things based on primary key, otherwise use .filter_by
    if form.validate_on_submit() and current_user.can(Permission.CREATE):
        # Add answer
        answer = Answer(author=current_user._get_current_object(), question=question, content=form.answer.data)
        db.session.add(answer)
        db.session.commit()
        return redirect(url_for('main.question', id=id))
    elif form.validate_on_submit() and current_app.has_answered(id=id):
        # just in case
        flash("Sorry, you can't answer a question more than once")
        return redirect(url_for('main.question', id=id))
    elif not question.visible and not current_user.is_administrator():
        # just in case
        flash("That page isn't ready for the public yet, sorry!")
        return redirect(url_for("main.index"))
    else:
        creator = User.query.filter_by(id=question.creator_id).first()
        if question.solved:
            accepted = Answer.query.get_or_404(question.accepted_id)
        else:
            accepted = None
        # some way to find if a user has already answered the question
        return render_template("question.html", creator=creator, id=id, form=form, Permission=Permission,
                               question=question, a=accepted)
Пример #41
0
		def wrapper(*args, **kwargs):
			if not current_user.can(permission):
				abort(403)
			'''
			要return,否则会出现View function did not return a response错误
			'''
			return func(*args, **kwargs)
Пример #42
0
def new():
    form = PostForm()
    if not current_user.can(Permission.WRITE_ARTICLES):
        abort(403)
    if form.validate_on_submit():
        post = Post(body=form.body.data,
                    title=form.title.data,
                    viewed_count=0,
                    author=current_user._get_current_object(),
                    tags_txt=form.tags.data)
        db.session.add(post)
        tags = form.tags.data.split(';')
        for tag in tags:
            ttag = Tag.query.filter_by(content=tag).first()
            if ttag is not None:
                ttag.refer_count = ttag.refer_count + 1
            else:
                ttag = Tag(content=tag, refer_count=1)
            post_tag = PostTag(post=post, tag=ttag)
            db.session.add(ttag)
            db.session.add(post_tag)
        flash(messages.post_create_ok)
        db.session.commit()
        return redirect(url_for('main.index', shows='home'))
    if None == form.body.data:
        form.body.data = '# 标题\n\n内容'
    if None == form.title.data:
        form.title.data = '输入博文名字'
    if None == form.tags.data:
        form.tags.data = '标签通过;隔开。'
    return render_template('edit.html', form=form)
Пример #43
0
def index():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and \
            form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)

        ##
        db.session.commit()
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)

    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))#?????????????
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items
    return render_template('index.html', form=form, posts=posts,
                           show_followed=show_followed, pagination=pagination)
Пример #44
0
def index():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and \
      form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object()
                    )  #这里要用真正的用户对象因此调用_get_current_object()方法
        db.session.add(post)
        return redirect(url_for('.index'))
    page = request.args.get(
        'page', 1, type=int)  #这里得到的是一个int型,也就是一个数字,默认1,1代表这个路由渲染第一页,当然也可以改成其他页
    show_followed = False
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)  #传入渲染的页数和每页的纪录数
    #可选参数为 error_ out,当其设为 True 时(默认值),如果请求的页数超出了范围,则会返回 404 错误;如果 设为 False,页数超出范围时会返回一个空列表。
    posts = pagination.items
    return render_template('index.html',
                           form=form,
                           posts=posts,
                           show_followed=show_followed,
                           pagination=pagination)
Пример #45
0
def post_article():
    if not current_user.can(Permission.WRITE_ARTICLES):
        abort(403)
    form = PostForm()
    if form.validate_on_submit():
        #filter cover img
        coverFile = request.files['cover']
        if coverFile and allowed_file(coverFile.filename):
            filename = secure_filename(coverFile.filename)
            coverFile.save(os.path.join(UPLOAD_FOLDER, filename))
            cover = url_for('static', filename="upload/" + filename)
        else:
            body = form.editor1.data
            cover = re.findall(r"<img.+src=[\"|\']([^=]+)[\"|\'] *.*>", body)
            if len(cover) == 0:
                abort(403)
            else:
                cover = cover[0]
        post = Post(title=form.title.data,
                    abstract=form.abstract.data,
                    cover=cover,
                    body=form.editor1.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('main.index'))
    return render_template('post_article.html', form=form)
Пример #46
0
def index():
    form = PostForm()
    if current_user.can(Permission.WRITE_ARTICLES) and form.validate_on_submit():
        post = Post(body=form.body.data, author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)

    # Выбор между отображением всех сообщений или только пренадлежащих
    # зарегистрированным пользователям. Берется из кук

    # per_page - число элементов на странице
    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    # pagination = query.order_by(
    #     Post.timestamp.desc()
    # ).paginate(page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False)
    pagination = query.order_by(
        Post.timestamp.desc()
    ).paginate(page, per_page=20, error_out=False)
    posts = pagination.items
    return render_template(
        'index.html', form=form, posts=posts, show_followed=show_followed, pagination=pagination
    )
Пример #47
0
def index():
    #return render_template('index.html')
    form = PostForm()
    if current_user.can(
            Permission.WRITE_ARTICLES) and form.validate_on_submit():
        post = Post(body=form.body.data,
                    author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('.index'))
    page = request.args.get('page', 1, type=int)
    show_followed = False
    if current_user.is_authenticated:
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config.get('FLASK_POSTS_PER_PAGE', 10),
        error_out=False)
    #posts = Post.query.order_by(Post.timestamp.desc()).all()
    posts = pagination.items
    return render_template('index.html',
                           form=form,
                           posts=posts,
                           Permission=Permission,
                           pagination=pagination,
                           show_followed=show_followed)
Пример #48
0
def new():
    form = PostForm()
    if not current_user.can(Permission.WRITE_ARTICLES):
        abort(403)
    if form.validate_on_submit():
        post = Post(body=form.body.data, title=form.title.data, viewed_count=0, author=current_user._get_current_object(), tags_txt=form.tags.data)
        db.session.add(post)
        tags = form.tags.data.split(';')
        for tag in tags:
            ttag = Tag.query.filter_by(content=tag).first()
            if ttag is not None:
                ttag.refer_count = ttag.refer_count + 1
            else:
                ttag = Tag(content=tag, refer_count=1)
            post_tag = PostTag(post=post, tag=ttag)
            db.session.add(ttag)
            db.session.add(post_tag)
        flash(messages.post_create_ok)
        db.session.commit()
        return redirect(url_for('main.index', shows='home'))
    if None == form.body.data:
        form.body.data = '# 标题\n\n内容'
    if None == form.title.data:
        form.title.data = '输入博文名字'
    if None == form.tags.data:
        form.tags.data = '标签通过;隔开。'
    return render_template('edit.html', form=form)
Пример #49
0
def index():
    form = PostForm()
    #检查当前用户是否有写文章的权限
    if current_user.can(Permission.WRITE_ARTICLES) and form.validate_on_submit():
        post = Post(body=form.body.data, author=current_user._get_current_object())
        db.session.add(post)
        return redirect(url_for('.index'))
    #posts = Post.query.order_by(Post.timestamp.desc()).all()    #按时间戳进行降序排序(大到小排序)
    #return render_template('index.html', form=form, posts=posts)
    
    #分页(默认20条记录 paginate()方法 配置文件FLASKY_POSTS_PER_PAGE = 20 )
    page = request.args.get('page', 1, type=int)
    
    # 显示所有博客文章 或 只显示所关注用户的博客文章 
    show_followed = False  #默认显示所有文章
    #如果cookie的show_followed字段中有值,则显示所关注用户的文章
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts #限制只显示所关注用户的文章
    else:
        query = Post.query  #显示所有文章
            
    #pagination = Post.query.order_by(Post.timestamp.desc()).paginate(page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False)
    pagination = query.order_by(Post.timestamp.desc()).paginate(page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False)
    posts = pagination.items
    #return render_template('index.html', form=form, posts=posts, pagination=pagination)
    return render_template('index.html', form=form, posts=posts, show_followed=show_followed, pagination=pagination)
Пример #50
0
def _add_comment():
    """ajax add comment HTML
    """
    per_page = current_app.config['FLASKY_ANSWERS_PER_PAGE']
    id = request.args.get('answer_id')
    answer = Answer.query.get_or_404(id)
    comment =request.args.get('comment')
    answers = Answer.query.get_or_404(id)
    page = 1
    result= False
    if current_user.can(Permission.COMMENT):
        comment = Comment(body=comment,
                          author=current_user._get_current_object(),
                          answer_id=id)
        db.session.add(comment)
        db.session.commit()
        page = (answer.comments.count()-1)/per_page + 1
        result=True
    pagination = Comment.query.order_by(Comment.timestamp).filter_by(answer_id=id).paginate(
        page,per_page=per_page,error_out=False
    )
    macro_comment = get_template_attribute("_comments.html", "render_comments")
    macro_page = get_template_attribute("_page.html", "render_page")
    comments = pagination.items
    return jsonify({'result': result,
                    'comment_html': macro_comment(comments),
                    'page_html': macro_page(pagination),
                    'comments_timestamp': [comment.timestamp for comment in comments],
                    'comments_id': [comment.id for comment in comments]
                    })
Пример #51
0
def post(id):
    post = Post.query.get_or_404(id)
    post.viewed_count = post.viewed_count + 1
    db.session.add(post)
    form = CommentForm()
    if not current_user.can(Permission.COMMENT):
        flash(messages.comment_cannot_access)
    else:
        if form.validate_on_submit():
            comment = Comment(author_id=current_user.id,
                              body=form.comment.data,
                              post=post,
                              agree_count=0,
                              disagree_count=0)
            db.session.add(comment)
            db.session.commit()
    page = request.args.get('page', 1, type=int)
    pagination = Comment.query.filter_by(post_id=post.id).order_by(
        Comment.timestamp.desc()).paginate(
            page,
            per_page=current_app.config['COMMENTS_PER_PAGE'],
            error_out=False)
    comments = pagination.items
    return render_template('post.html',
                           form=form,
                           post=post,
                           comments=comments,
                           pagination=pagination)
Пример #52
0
def delete_sure(id):
    post = Post.query.get_or_404(id)
    if current_user != post.author and \
      not current_user.can(Permission.ADMINISTER):
        abort(404)
    db.session.delete(post)
    return redirect(url_for('.index'))
Пример #53
0
def index():
    form = PostForm()
    if form.validate_on_submit() and \
            current_user.can(Permission.WRITE_ARTICLES):
        new_post = Post()
        new_post.body = form.body.data
        new_post.author = current_user._get_current_object()
        db.session.add(new_post)
        return redirect(url_for("main.index"))
    show_followed = False
    if current_user.is_authenticated():
        show_followed = bool(request.cookies.get('show_followed', ''))
    if show_followed:
        query = current_user.followed_posts
    else:
        query = Post.query

    page = request.args.get('page', 1, type=int)
    pagination = query.order_by(Post.timestamp.desc()).paginate(
        page,
        per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
        error_out=False)
    posts = pagination.items
    return render_template('index.html',
                           form=form,
                           posts=posts,
                           pagination=pagination,
                           showfollowed=show_followed)
Пример #54
0
def postdel(id):
    post = Post.query.get_or_404(id)
    if current_user != post.author and  not current_user.can(Permission.ADMINISTER):
        abort(403)
    db.session.delete(post)
    db.session.commit()
    flash('The post has been deleted.')
    return redirect( url_for('.index') ) 
Пример #55
0
def delete(id):
    question = Question.query.get_or_404(id)
    if current_user != question.author and not current_user.can(Permission.ADMINISTER):
        abort(403)
    q = Question.query.filter_by(id=id).first()
    Potoca.query.filter_by(question_id=id).delete(synchronize_session=False)
    db.session.delete(q)
    return redirect(url_for('.index'))
Пример #56
0
def post_delete(id):
    post = Post.query.get_or_404(id)
    if current_user != post.author and \
        not current_user.can(Permission.ADMINISTER):
        about(403)
    post.delete()
    flash(u'文章已删除')
    return redirect(url_for('.index'))
Пример #57
0
def delete(id):
    post = Post.query.get_or_404(id)
    if current_user != post.author and \
        not current_user.can(Permission.ADMINISTER):
        abort(403)
    u = post.author
    Post.delete(post)
    return redirect(url_for('user.profile', username=u.username))
Пример #58
0
def delete_post(id):
    post = Post.query.get_or_404(id)
    if current_user !=post.author and not current_user.can(Permission.ADMINISTER):
        abort(403)
    db.session.delete(post)
    db.session.commit()
    flash('文章已被删除')
    return redirect(url_for('.index'))
Пример #59
0
def delete(id):
    post = Post.query.get_or_404(id)
    if current_user == post.author or \
            current_user.can(Permission.ADMINISTER):
        db.session.delete(post)
        db.session.commit()
        flash(u'文章已删除!')
        return redirect(url_for('.user', username=current_user.username))
    return redirect(url_for('.post', id=post.id))