def edit_gallery_image(slug):
request_json = request.get_json(force=True)
try:
character = sqla.session.query(sqlm.Character).filter_by(slug=slug.strip().lower())[0]
except IndexError:
return abort(404)
if current_user != character.author and not current_user.is_admin:
return abort(404)
try:
attachment = sqla.session.query(sqlm.Attachment).filter_by(id=request_json["pk"])[0]
except IndexError:
return abort(404)
if attachment.character != character:
return abort(404)
cleaner = ForumHTMLCleaner()
attachment.caption=cleaner.basic_escape(request_json.get("author", ""))
attachment.alt=cleaner.basic_escape(request_json.get("caption", ""))
attachment.origin_url=cleaner.basic_escape(request_json.get("source", ""))
sqla.session.add(attachment)
sqla.session.commit()
return app.jsonify(success=True)
def create_character():
form = CharacterForm(csrf_enabled=False)
if form.validate_on_submit():
cleaner = ForumHTMLCleaner()
try:
name = cleaner.basic_escape(form.name.data)
except:
return abort(500)
try:
species = cleaner.basic_escape(form.species.data)
except:
return abort(500)
try:
motto = cleaner.basic_escape(form.motto.data)
except:
return abort(500)
try:
age = cleaner.basic_escape(form.age.data)
except:
return abort(500)
character = sqlm.Character()
character.age = form.age.data
character.species =form.species.data
character.name = form.name.data
character.motto = form.motto.data
character.appearance = form.appearance.data
character.personality = form.personality.data
character.backstory = form.backstory.data
character.other = form.other.data
character.created = arrow.utcnow().datetime.replace(tzinfo=None)
character.post_count = 0
character.slug = sqlm.get_character_slug(character.name)
character.author = current_user
sqla.session.add(character)
sqla.session.commit()
return redirect("/characters/"+str(character.slug))
else:
pass
return render_template("roleplay/new_character.jade", form=form, page_title="Create a Character - %s" % (app.get_site_config("core.site-name"),))