You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

108 lines
3.9 KiB

  1. from flask import render_template, redirect, url_for, flash, request, \
  2. current_app, abort
  3. from flask_login import login_required, current_user
  4. from . import main
  5. from .forms import EditProfileForm, EditProfileAdminForm, PostForm
  6. from .. import db
  7. from ..models import User, Role, Permission, Post
  8. from ..decorators import admin_required
  9. @main.route('/', methods=['GET', 'POST'])
  10. def index():
  11. form = PostForm()
  12. if current_user.can(Permission.WRITE) and form.validate_on_submit():
  13. post = Post(body=form.body.data,
  14. author=current_user._get_current_object())
  15. db.session.add(post)
  16. db.session.commit()
  17. return redirect(url_for('.index'))
  18. page = request.args.get('page', 1, type=int)
  19. pagination = Post.query.order_by(Post.timestamp.desc()).paginate(
  20. page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
  21. error_out=False)
  22. posts = pagination.items
  23. return render_template('index.html', form=form, posts=posts,
  24. pagination=pagination)
  25. @main.route('/user/<username>')
  26. def user(username):
  27. user = User.query.filter_by(username=username).first_or_404()
  28. page = request.args.get('page', 1, type=int)
  29. pagination = user.posts.order_by(Post.timestamp.desc()).paginate(
  30. page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
  31. error_out=False)
  32. posts = pagination.items
  33. return render_template('user.html', user=user, posts=posts,
  34. pagination=pagination)
  35. @main.route('/edit-profile', methods=['GET', 'POST'])
  36. @login_required
  37. def edit_profile():
  38. form = EditProfileForm()
  39. if form.validate_on_submit():
  40. current_user.name = form.name.data
  41. current_user.location = form.location.data
  42. current_user.about_me = form.about_me.data
  43. db.session.add(current_user._get_current_object())
  44. db.session.commit()
  45. flash('Your profile has been updated.')
  46. return redirect(url_for('.user', username=current_user.username))
  47. form.name.data = current_user.name
  48. form.location.data = current_user.location
  49. form.about_me.data = current_user.about_me
  50. return render_template('edit_profile.html', form=form)
  51. @main.route('/edit-profile/<int:id>', methods=['GET', 'POST'])
  52. @login_required
  53. @admin_required
  54. def edit_profile_admin(id):
  55. user = User.query.get_or_404(id)
  56. form = EditProfileAdminForm(user=user)
  57. if form.validate_on_submit():
  58. user.email = form.email.data
  59. user.username = form.username.data
  60. user.comfirmed = form.confirmed.data
  61. user.role = Role.query.get(form.role.data)
  62. user.name = form.name.data
  63. user.location = form.location.data
  64. user.about_me = form.about_me.data
  65. db.session.add(user)
  66. db.session.commit()
  67. flash('The profile has been updated.')
  68. return redirect(url_for('.user', username=user.username))
  69. form.email.data = user.email
  70. form.username.data = user.username
  71. form.confirmed.data = user.confirmed
  72. form.role.data = user.role_id
  73. form.name.data = user.name
  74. form.location.data = user.location
  75. form.about_me.data = user.about_me
  76. return render_template('edit_profile.html', form=form, user=user)
  77. @main.route('/post/<int:id>')
  78. def post(id):
  79. post = Post.query.get_or_404(id)
  80. return render_template('post.html', posts=[post])
  81. @main.route('/edit/<int:id>', methods=['GET', 'POST'])
  82. @login_required
  83. def edit(id):
  84. post = Post.query.get_or_404(id)
  85. if current_user != post.author and \
  86. not current_user.can(Permission.ADMIN):
  87. abort(403)
  88. form = PostForm()
  89. if form.validate_on_submit():
  90. post.body = form.body.data
  91. db.session.add(post)
  92. db.session.commit()
  93. flash('The post has been updated.')
  94. return redirect(url_for('.post', id=post.id))
  95. form.body.data = post.body
  96. return render_template('edit_post.html', form=form)