35 lines
1.0 KiB
Python
35 lines
1.0 KiB
Python
|
from app import app, db
|
||
|
|
from app.models.post import Post
|
||
|
|
from app.utils.render import render
|
||
|
|
from app.forms.forum import CommentEditForm, AnonymousCommentEditForm
|
||
|
|
from flask import redirect, url_for, abort
|
||
|
|
from flask_login import login_required, current_user
|
||
|
|
|
||
|
|
@app.route('/post/<int:postid>', methods=['GET','POST'])
|
||
|
|
# TODO: Allow guest edit of posts
|
||
|
|
@login_required
|
||
|
|
def edit_post(postid):
|
||
|
|
p = Post.query.filter_by(id=postid).first_or_404()
|
||
|
|
|
||
|
|
# TODO: Check whether privileged user has access to board
|
||
|
|
if p.author != current_user and not current_user.priv("edit-posts"):
|
||
|
|
abort(403)
|
||
|
|
|
||
|
|
if p.type == "comment":
|
||
|
|
form = CommentEditForm()
|
||
|
|
|
||
|
|
if form.validate_on_submit():
|
||
|
|
p.text = form.message.data
|
||
|
|
|
||
|
|
if form.submit.data:
|
||
|
|
db.session.add(p)
|
||
|
|
db.session.commit()
|
||
|
|
|
||
|
|
# TODO: Proper redirection
|
||
|
|
return redirect(url_for('index'))
|
||
|
|
|
||
|
|
form.message.data = p.text
|
||
|
|
return render('forum/edit_comment.html', comment=p, form=form)
|
||
|
|
else:
|
||
|
|
abort(404)
|