|
|
- from flask import render_template, redirect, url_for, flash, request, \
- current_app, abort
- from flask_login import login_required, current_user
- from . import main
- from .forms import EditProfileForm, EditProfileAdminForm, PostForm
- from .. import db
- from ..models import User, Role, Permission, Post
- from ..decorators import admin_required
-
-
- @main.route('/', methods=['GET', 'POST'])
- def index():
- form = PostForm()
- if current_user.can(Permission.WRITE) and form.validate_on_submit():
- post = Post(body=form.body.data,
- author=current_user._get_current_object())
- db.session.add(post)
- db.session.commit()
- return redirect(url_for('.index'))
- page = request.args.get('page', 1, type=int)
- pagination = Post.query.order_by(Post.timestamp.desc()).paginate(
- page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
- error_out=False)
- posts = pagination.items
- return render_template('index.html', form=form, posts=posts,
- pagination=pagination)
-
-
- @main.route('/user/<username>')
- def user(username):
- user = User.query.filter_by(username=username).first_or_404()
- page = request.args.get('page', 1, type=int)
- pagination = user.posts.order_by(Post.timestamp.desc()).paginate(
- page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
- error_out=False)
- posts = pagination.items
- return render_template('user.html', user=user, posts=posts,
- pagination=pagination)
-
-
- @main.route('/edit-profile', methods=['GET', 'POST'])
- @login_required
- def edit_profile():
- form = EditProfileForm()
- if form.validate_on_submit():
- current_user.name = form.name.data
- current_user.location = form.location.data
- current_user.about_me = form.about_me.data
- db.session.add(current_user._get_current_object())
- db.session.commit()
- flash('Your profile has been updated.')
- return redirect(url_for('.user', username=current_user.username))
- form.name.data = current_user.name
- form.location.data = current_user.location
- form.about_me.data = current_user.about_me
- return render_template('edit_profile.html', form=form)
-
-
- @main.route('/edit-profile/<int:id>', methods=['GET', 'POST'])
- @login_required
- @admin_required
- def edit_profile_admin(id):
- user = User.query.get_or_404(id)
- form = EditProfileAdminForm(user=user)
- if form.validate_on_submit():
- user.email = form.email.data
- user.username = form.username.data
- user.comfirmed = form.confirmed.data
- user.role = Role.query.get(form.role.data)
- user.name = form.name.data
- user.location = form.location.data
- user.about_me = form.about_me.data
- db.session.add(user)
- db.session.commit()
- flash('The profile has been updated.')
- return redirect(url_for('.user', username=user.username))
- form.email.data = user.email
- form.username.data = user.username
- form.confirmed.data = user.confirmed
- form.role.data = user.role_id
- form.name.data = user.name
- form.location.data = user.location
- form.about_me.data = user.about_me
- return render_template('edit_profile.html', form=form, user=user)
-
-
- @main.route('/post/<int:id>')
- def post(id):
- post = Post.query.get_or_404(id)
- return render_template('post.html', posts=[post])
-
-
- @main.route('/edit/<int:id>', methods=['GET', 'POST'])
- @login_required
- def edit(id):
- post = Post.query.get_or_404(id)
- if current_user != post.author and \
- not current_user.can(Permission.ADMIN):
- abort(403)
- form = PostForm()
- if form.validate_on_submit():
- post.body = form.body.data
- db.session.add(post)
- db.session.commit()
- flash('The post has been updated.')
- return redirect(url_for('.post', id=post.id))
- form.body.data = post.body
- return render_template('edit_post.html', form=form)
|