|
@@ -2,6 +2,8 @@ from datetime import datetime
|
2
|
2
|
import hashlib
|
3
|
3
|
from werkzeug.security import generate_password_hash, check_password_hash
|
4
|
4
|
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
|
|
5
|
+from markdown import markdown
|
|
6
|
+import bleach
|
5
|
7
|
from itsdangerous import BadSignature
|
6
|
8
|
from flask import current_app
|
7
|
9
|
from flask_login import UserMixin, AnonymousUserMixin
|
|
@@ -191,9 +193,22 @@ class Post(db.Model):
|
191
|
193
|
__tablename__ = 'posts'
|
192
|
194
|
id = db.Column(db.Integer, primary_key=True)
|
193
|
195
|
body = db.Column(db.Text)
|
|
196
|
+ body_html = db.Column(db.Text)
|
194
|
197
|
timestamp = db.Column(db.DateTime, index=True, default=datetime.utcnow)
|
195
|
198
|
author_id = db.Column(db.Integer, db.ForeignKey('users.id'))
|
196
|
199
|
|
|
200
|
+ @staticmethod
|
|
201
|
+ def on_changed_body(target, value, oldvalue, initiator):
|
|
202
|
+ allowed_tags = ['a', 'abbr', 'acronym', 'b', 'blockquote', 'code',
|
|
203
|
+ 'em', 'i', 'li', 'ol', 'pre', 'strong', 'ul',
|
|
204
|
+ 'h1', 'h2', 'h3', 'p']
|
|
205
|
+ md = markdown(value, output_format='html')
|
|
206
|
+ clean_md = bleach.clean(md, tags=allowed_tags, strip=True)
|
|
207
|
+ target.body_html = bleach.linkify(clean_md)
|
|
208
|
+
|
|
209
|
+
|
|
210
|
+db.event.listen(Post.body, 'set', Post.on_changed_body)
|
|
211
|
+
|
197
|
212
|
|
198
|
213
|
class AnonymousUser(AnonymousUserMixin):
|
199
|
214
|
def can(self, perm):
|