from flask import render_template, redirect, url_for, flash, request, \ current_app, abort, make_response from flask_login import login_required, current_user from . import main from .forms import EditProfileForm, EditProfileAdminForm, PostForm from .. import db from ..models import User, Role, Permission, Post from ..decorators import admin_required, permission_required @main.route('/', methods=['GET', 'POST']) def index(): form = PostForm() if current_user.can(Permission.WRITE) and form.validate_on_submit(): post = Post(body=form.body.data, author=current_user._get_current_object()) db.session.add(post) db.session.commit() return redirect(url_for('.index')) page = request.args.get('page', 1, type=int) show_followed = False if current_user.is_authenticated: show_followed = bool(request.cookies.get('show_followed', '')) if show_followed: query = current_user.followed_posts else: query = Post.query pagination = query.order_by(Post.timestamp.desc()).paginate( page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False) posts = pagination.items return render_template('index.html', form=form, posts=posts, show_followed=show_followed, pagination=pagination) @main.route('/user/') def user(username): user = User.query.filter_by(username=username).first_or_404() page = request.args.get('page', 1, type=int) pagination = user.posts.order_by(Post.timestamp.desc()).paginate( page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False) posts = pagination.items return render_template('user.html', user=user, posts=posts, pagination=pagination) @main.route('/edit-profile', methods=['GET', 'POST']) @login_required def edit_profile(): form = EditProfileForm() if form.validate_on_submit(): current_user.name = form.name.data current_user.location = form.location.data current_user.about_me = form.about_me.data db.session.add(current_user._get_current_object()) db.session.commit() flash('Your profile has been updated.') return redirect(url_for('.user', username=current_user.username)) form.name.data = current_user.name form.location.data = current_user.location form.about_me.data = current_user.about_me return render_template('edit_profile.html', form=form) @main.route('/edit-profile/', methods=['GET', 'POST']) @login_required @admin_required def edit_profile_admin(id): user = User.query.get_or_404(id) form = EditProfileAdminForm(user=user) if form.validate_on_submit(): user.email = form.email.data user.username = form.username.data user.comfirmed = form.confirmed.data user.role = Role.query.get(form.role.data) user.name = form.name.data user.location = form.location.data user.about_me = form.about_me.data db.session.add(user) db.session.commit() flash('The profile has been updated.') return redirect(url_for('.user', username=user.username)) form.email.data = user.email form.username.data = user.username form.confirmed.data = user.confirmed form.role.data = user.role_id form.name.data = user.name form.location.data = user.location form.about_me.data = user.about_me return render_template('edit_profile.html', form=form, user=user) @main.route('/post/') def post(id): post = Post.query.get_or_404(id) return render_template('post.html', posts=[post]) @main.route('/edit/', methods=['GET', 'POST']) @login_required def edit(id): post = Post.query.get_or_404(id) if current_user != post.author and \ not current_user.can(Permission.ADMIN): abort(403) form = PostForm() if form.validate_on_submit(): post.body = form.body.data db.session.add(post) db.session.commit() flash('The post has been updated.') return redirect(url_for('.post', id=post.id)) form.body.data = post.body return render_template('edit_post.html', form=form) @main.route('/follow/') @login_required @permission_required(Permission.FOLLOW) def follow(username): user = User.query.filter_by(username=username).first() if user is None: flash('Invalid user') return redirect(url_for('.index')) if current_user.is_following(user): flash('You are already follwoing this user.') return redirect(url_for('.user', username=username)) current_user.follow(user) db.session.commit() flash('You are now following %s' % username) return redirect(url_for('.user', username=username)) @main.route('/unfollow/') @login_required @permission_required(Permission.FOLLOW) def unfollow(username): user = User.query.filter_by(username=username).first() if user is None: flash('Invalid user') return redirect(url_for('.index')) if not current_user.is_following(user): flash('You are not following this user.') return redirect(url_for('.user', username=username)) current_user.unfollow(user) db.session.commit() flash('You are not following %s anymore' % username) return redirect(url_for('.user', username=username)) @main.route('/followers/') def followers(username): user = User.query.filter_by(username=username).first() if user is None: flash('Invalid user') return redirect(url_for('.index')) page = request.args.get('page', 1, type=int) pagination = user.followers.paginate( page, per_page=current_app.config['FLASKY_FOLLOWERS_PER_PAGE'], error_out=False) follows = [{'user': item.follower, 'timestamp': item.timestamp} for item in pagination.items] return render_template('followers.html', user=user, title="Followers of", endpoint='.followers', pagination=pagination, follows=follows) @main.route('/followed-by/') def followed_by(username): user = User.query.filter_by(username=username).first() if user is None: flash('Invalid user') return redirect(url_for('.index')) page = request.args.get('page', 1, type=int) pagination = user.followed.paginate( page, per_page=current_app.config['FLASKY_FOLLOWERS_PER_PAGE'], error_out=False) follows = [{'user': item.followed, 'timestamp': item.timestamp} for item in pagination.items] return render_template('followers.html', user=user, title="Followed by", endpoint='.followed_by', pagination=pagination, follows=follows) @main.route('/all') @login_required def show_all(): resp = make_response(redirect(url_for('.index'))) resp.set_cookie('show_followed', '', max_age=30*24*60*60) # lasts 30 days return resp @main.route('/followed') @login_required def show_followed(): resp = make_response(redirect(url_for('.index'))) resp.set_cookie('show_followed', '1', max_age=30*24*60*60) # lasts 30 days return resp