def delete_blog(blog_id):
"""Delete blog.
:param id: blog id.
"""
blog = api_blog.get(blog_id)
if blog.user != current_user:
return jsonres(rv=None, metacode=403, msg=u'这不是您的,你不能删除', code=403)
api_blog.delete(api_blog.get_or_404(blog_id))
return jsonres()
def delete_blogs():
"""Delete blog.
:param id: blog id.
"""
delIds = request.json
for delId in delIds:
blog = api_blog.get(delId)
if blog.user != current_user:
return jsonres(metacode=403, msg=u'有不是您的,不能删除', code=403)
return jsonres()
def change_blog(blog_id, category):
"""Edit the blog.
:param id: blog id.
"""
blog = api_blog.get(blog_id)
if blog.user != current_user:
flash(gettext('This is not your blog'), category='error')
abort(403)
blog_form = BlogForm(obj=blog)
if blog_form.validate_on_submit():
flash(u'更新成功')
api_blog.update(blog, **blog_form.data)
return redirect(url_for('.detail_blog', blog_id=blog_id, category=category))
if request.method == 'POST':
flash(u'更新失败,请检查', category='danger')
return render_template('blog/create.html', blog_form=blog_form, category=category,
action_url=url_for('.change_blog', blog_id=blog_id, category=category))
def change_blog(blog_id):
"""Edit the blog.
:param id: blog id.
"""
blog = api_blog.get(blog_id)
if blog.user != current_user:
return jsonres(rv=None, metacode=403, msg=u'这不是您的,你不能修改', code=403)
blog_form = BlogUpdateForm()
#json方式,不能验证csrf_token
blog_form.csrf_enabled = False
if blog_form.validate_on_submit():
api_blog.update(blog, **blog_form.data)
return jsonres()
#构造表单验证错误,返回
return jsonres(msg=blog_form.errors, metacode=400, code=400)
