def add_review(work_id):
check_login()
work = Work.get_work(work_id)
if request.method == 'GET':
form = ReviewForm()
return render_template('add_review.html', work=work, form=form)
elif request.method == 'POST':
form = ReviewForm(request.form)
if form.validate():
user_id = session['user_id']
title = cgi.escape(form.title.data)
content = cgi.escape(form.content.data)
new_review_id = Review.add_review(work_id, user_id, title, content)
return redirect(url_for('single_review', review_id=new_review_id))
else:
return render_template('add_review.html', work=work, form=form)
def edit_review(review_id):
review = Review.get_review(review_id)
check_private(review['UserID'])
if request.method == 'GET':
form = ReviewForm(title=review['Title'], content=review['Content'])
return render_template('edit_review.html', review=review, form=form)
elif request.method == 'POST':
form = ReviewForm(request.form)
if form.validate():
title = cgi.escape(form.title.data)
content = cgi.escape(form.content.data)
Review.edit_review(review_id, title, content)
return redirect(url_for('single_review', review_id=review_id))
else:
return render_template('edit_review.html',
review=review,
form=form)
def add_work_review(work_id):
work = Work.query.get_or_404(work_id)
if request.method == 'GET':
form = ReviewForm()
return render_template('work_review/add_work_review.html',
work=work,
form=form)
else:
form = ReviewForm(request.form)
if form.validate():
is_publish = True if 'publish' in request.form else False
review = WorkReview(title=cgi.escape(form.title.data),
content=cgi.escape(form.content.data),
user_id=session['user_id'],
work_id=work_id,
is_publish=is_publish)
db.session.add(review)
db.session.commit()
return redirect(url_for('work_review', review_id=review.id))
else:
return render_template('work_review/add_work_review.html',
work=work,
form=form)
def edit_work_review(review_id):
review = WorkReview.query.get_or_404(review_id)
if review.user_id != session['user_id']:
abort(404)
if request.method == 'GET':
form = ReviewForm(title=review.title, content=review.content)
return render_template('work_review/edit_work_review.html',
review=review,
form=form)
else:
form = ReviewForm(request.form)
if form.validate():
review.title = cgi.escape(form.title.data)
review.content = cgi.escape(form.content.data)
review.is_publish = True if 'publish' in request.form else False
db.session.add(review)
db.session.commit()
return redirect(url_for('work_review', review_id=review_id))
else:
return render_template('work_review/edit_work_review.html',
review=review,
form=form)
