def delete_post(post_id): post = Post.objects(id=post_id).first() if not post: abort(404) user = User.objects(id=current_user.id).first() if post.author != user: abort(403) post.delete() flash('Your post has been deleted!', 'success') return redirect(url_for('home'))
def get(self, page=1): query = request.args.get('q') if query == None: return redirect(url_for('posts.list')) search_posts = Post.objects(title__icontains=query) posts = search_posts.paginate(page=page, per_page=config.per_page) return render_template('posts/search.html', posts=posts, pagination=posts, query=query, disqus_shortname=config.disqus_shortname )
def update_post(post_id): post = Post.objects(id=post_id).first() if not post: abort(404) user = User.objects(id=current_user.id).first() if post.author != user: abort(403) form = PostForm() if form.validate_on_submit(): post.update(title=form.title.data, content=form.content.data) flash('Your post has been updated!', 'success') return redirect(url_for('post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title="Update Post", form=form, legend="Update Post")
def post(post_id): post = Post.objects(id=post_id).first() if not post: abort(404) return render_template('post.html', title=post.title, post=post)