def new_post():
user = records.find_one({'_id': current_user._id})
form = PostForm()
if (user['role'] == 'author'):
if form.validate_on_submit():
mongo.db.post.insert({
"author": user,
"title": form.title.data,
"date_posted": datetime.datetime.now(),
"content": form.content.data
})
flash(f'Your post has been created!', 'success')
return redirect(url_for('home'))
else:
abort(403)
return render_template('create_post.html',
legend='New Post',
title='New Post',
form=form)
def update_post(_id):
form = PostForm()
post = mongo.db.post.find_one({'_id': ObjectId(_id)})
user = records.find_one({'_id': current_user._id})
if post['author']['username'] != user['username']:
abort(403)
if form.validate_on_submit():
mongo.db.post.update_one(
{'_id': ObjectId(_id)},
{'$set': {
"title": form.title.data,
"content": form.content.data
}})
flash('Your post has been updated!', 'success')
return redirect(url_for('post', _id=post['_id']))
elif request.method == 'GET':
form.title.data = post['title']
form.content.data = post['content']
return render_template('create_post.html',
title='Update Post',
legend='Update Post',
form=form,
post=post)
