def audit_blog():
can_publish = request.json.get('can_publish', None)
blog_id = request.json.get('blog_id', None)
if can_publish is None or blog_id is None:
return jsonify(dict(success=False, message=u'操作有误,不要乱搞哦'))
blog = api_blog.get_or_404(blog_id)
api_blog.update(blog, can_publish=can_publish)
return jsonify(dict(success=True))
def change_blog(blog_id, category):
"""Edit the blog.
:param id: blog id.
"""
blog = api_blog.get(blog_id)
if blog.user != current_user:
flash(gettext('This is not your blog'), category='error')
abort(403)
blog_form = BlogForm(obj=blog)
if blog_form.validate_on_submit():
flash(u'更新成功')
api_blog.update(blog, **blog_form.data)
return redirect(url_for('.detail_blog', blog_id=blog_id, category=category))
if request.method == 'POST':
flash(u'更新失败,请检查', category='danger')
return render_template('blog/create.html', blog_form=blog_form, category=category,
action_url=url_for('.change_blog', blog_id=blog_id, category=category))
def change_blog(blog_id):
"""Edit the blog.
:param id: blog id.
"""
blog = api_blog.get(blog_id)
if blog.user != current_user:
return jsonres(rv=None, metacode=403, msg=u'这不是您的,你不能修改', code=403)
blog_form = BlogUpdateForm()
#json方式,不能验证csrf_token
blog_form.csrf_enabled = False
if blog_form.validate_on_submit():
api_blog.update(blog, **blog_form.data)
return jsonres()
#构造表单验证错误,返回
return jsonres(msg=blog_form.errors, metacode=400, code=400)
def detail_blog(blog_id, category):
blog = api_blog.get_or_404(blog_id)
api_blog.update(blog, read_count=blog.read_count + 1)
return render_template('blog/detail.html', blog=blog, category=category)
