app/blueprints/admin/tagseditor.py

   1 # ContentDB
   2 # Copyright (C) 2018  rubenwardy
   3 #
   4 # This program is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # This program is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU General Public License
  15 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
  16
  17
  18 from flask import *
  19 from flask_user import *
  20 from . import bp
  21 from app.models import *
  22 from flask_wtf import FlaskForm
  23 from wtforms import *
  24 from wtforms.validators import *
  25 from app.utils import rank_required
  26
  27 @bp.route("/tags/")
  28 @login_required
  29 def tag_list():
  30         if not Permission.EDIT_TAGS.check(current_user):
  31                 abort(403)
  32
  33         query = Tag.query
  34
  35         if request.args.get("sort") == "views":
  36                 query = query.order_by(db.desc(Tag.views))
  37         else:
  38                 query = query.order_by(db.asc(Tag.title))
  39
  40         return render_template("admin/tags/list.html", tags=query.all())
  41
  42 class TagForm(FlaskForm):
  43         title       = StringField("Title", [InputRequired(), Length(3,100)])
  44         description = TextAreaField("Description", [Optional(), Length(0, 500)])
  45         name        = StringField("Name", [Optional(), Length(1, 20), Regexp("^[a-z0-9_]", 0, "Lower case letters (a-z), digits (0-9), and underscores (_) only")])
  46         submit      = SubmitField("Save")
  47
  48 @bp.route("/tags/new/", methods=["GET", "POST"])
  49 @bp.route("/tags/<name>/edit/", methods=["GET", "POST"])
  50 @login_required
  51 def create_edit_tag(name=None):
  52         tag = None
  53         if name is not None:
  54                 tag = Tag.query.filter_by(name=name).first()
  55                 if tag is None:
  56                         abort(404)
  57
  58         if not Permission.checkPerm(current_user, Permission.EDIT_TAGS if tag else Permission.CREATE_TAG):
  59                 abort(403)
  60
  61         form = TagForm(formdata=request.form, obj=tag)
  62         if request.method == "POST" and form.validate():
  63                 if tag is None:
  64                         tag = Tag(form.title.data)
  65                         tag.description = form.description.data
  66                         db.session.add(tag)
  67                 else:
  68                         form.populate_obj(tag)
  69                 db.session.commit()
  70
  71                 if Permission.EDIT_TAGS.check(current_user):
  72                         return redirect(url_for("admin.create_edit_tag", name=tag.name))
  73                 else:
  74                         return redirect(url_for("homepage.home"))
  75
  76         return render_template("admin/tags/edit.html", tag=tag, form=form)