From a5a35654963238a52ee49bff8ff797669ce860aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lera=20Elvo=C3=A9?= Date: Wed, 20 May 2026 00:07:06 +0300 Subject: [PATCH] add delete post route --- app/routes/posts.py | 59 ++++++++++++++++++++++++++++++--- app/routes/threads.py | 2 +- app/routes/users.py | 19 +++++++++++ app/templates/posts/delete.html | 16 +++++++++ app/templates/posts/edit.html | 5 +++ 5 files changed, 95 insertions(+), 6 deletions(-) create mode 100644 app/templates/posts/delete.html diff --git a/app/routes/posts.py b/app/routes/posts.py index 208f29f..706ffe3 100644 --- a/app/routes/posts.py +++ b/app/routes/posts.py @@ -1,9 +1,10 @@ -from flask import Blueprint, abort, render_template, redirect, url_for, request +from flask import Blueprint, abort, render_template, redirect, url_for, request, flash from functools import wraps from ..auth import login_required, get_active_user -from ..models import Posts, Threads +from ..models import Posts, Threads, Topics from ..util import get_post_url from ..db import db +from ..constants import InfoboxKind bp = Blueprint('posts', __name__, url_prefix='/posts/') @@ -39,12 +40,15 @@ def ownership_or_mod_required(view_func): @ownership_required def edit(post_id): post = Posts.find({'id': post_id}) + if not post: + abort(404) + thread = Threads.find({'id': post.thread_id}) - user = get_active_user() if not thread: # what? abort(404) + user = get_active_user() if thread.locked() and not user.is_mod(): abort(403) @@ -66,12 +70,15 @@ def edit(post_id): @ownership_required def edit_post(post_id): post = Posts.find({'id': post_id}) + if not post: + abort(404) + thread = Threads.find({'id': post.thread_id}) - user = get_active_user() if not thread: # what? abort(404) + user = get_active_user() if thread.locked() and not user.is_mod(): abort(403) @@ -83,4 +90,46 @@ def edit_post(post_id): @login_required @ownership_or_mod_required def delete(post_id): - return 'stub' + post = Posts.find({'id': post_id}) + if not post: + abort(404) + + thread = Threads.find({'id': post.thread_id}) + if not thread: + # what? + abort(404) + + user = get_active_user() + if thread.locked() and not user.is_mod(): + abort(403) + + return render_template('posts/delete.html', post=post.get_full_post_view()) + + +@bp.post('//delete/') +@login_required +@ownership_or_mod_required +def delete_post(post_id): + post = Posts.find({'id': post_id}) + if not post: + abort(404) + + thread = Threads.find({'id': post.thread_id}) + if not thread: + # what? + abort(404) + + user = get_active_user() + if thread.locked() and not user.is_mod(): + abort(403) + + post.delete() + + if Posts.count({'thread_id': thread.id}) == 0: + topic = Topics.find({'id': thread.topic_id}) + thread.delete() + flash('Thread deleted.', InfoboxKind.INFO) + return redirect(url_for('topics.topic_by_id', topic_id=topic.id)) + + flash('Post deleted.', InfoboxKind.INFO) + return redirect(url_for('threads.thread_by_id', thread_id=thread.id)) diff --git a/app/routes/threads.py b/app/routes/threads.py index 255d4b5..13af218 100644 --- a/app/routes/threads.py +++ b/app/routes/threads.py @@ -192,4 +192,4 @@ def new_post(): content = request.form.get('babycode_content') thread = Threads.new(user.id, topic.id, title, content) - return redirect(url_for('.thread', slug=thread.slug)) + return redirect(url_for('.thread_by_id', thread_id=thread.id)) diff --git a/app/routes/users.py b/app/routes/users.py index e93b719..77603ad 100644 --- a/app/routes/users.py +++ b/app/routes/users.py @@ -24,6 +24,19 @@ def redirect_if_logged_in(destination='topics.all_topics'): return wrapper return decorator +def redirect_to_own(view_func): + @wraps(view_func) + def wrapper(username, *args, **kwargs): + user = get_active_user() + if username.lower() != user.username: + view_args = dict(request.view_args) + view_args.pop('username', None) + new_args = {**view_args, 'username': user.username} + return redirect(url_for(request.endpoint, **new_args)) + return view_func(username, *args, **kwargs) + return wrapper + + @bp.get('/log-in/') @redirect_if_logged_in() def log_in(): @@ -166,16 +179,22 @@ def comments(username): return 'stub' @bp.get('//settings/') +@login_required +@redirect_to_own def settings(username): username = username.lower() return 'stub' @bp.get('//inbox/') +@login_required +@redirect_to_own def inbox(username): username = username.lower() return 'stub' @bp.get('//bookmarks/') +@login_required +@redirect_to_own def bookmarks(username): username = username.lower() return 'stub' diff --git a/app/templates/posts/delete.html b/app/templates/posts/delete.html new file mode 100644 index 0000000..b371db2 --- /dev/null +++ b/app/templates/posts/delete.html @@ -0,0 +1,16 @@ +{%- from 'common/macros.html' import subheader -%} +{%- from 'common/macros.html' import full_post with context -%} +{%- extends 'base.html' -%} +{%- block title -%}deleting a post{%- endblock -%} +{%- block content -%} + {%- call() subheader("Delete post", "Are you sure you want to delete this post? This action can not be undone.") -%} +
+
+ Please confirm + Cancel + +
+
+ {%- endcall -%} +
{{- full_post(post=post, show_toolbar=false, show_reactions=false) -}}
+{%- endblock -%} diff --git a/app/templates/posts/edit.html b/app/templates/posts/edit.html index e9f9ab3..65d296e 100644 --- a/app/templates/posts/edit.html +++ b/app/templates/posts/edit.html @@ -1,7 +1,12 @@ +{%- from 'common/macros.html' import subheader -%} {%- from 'common/macros.html' import full_post with context -%} {%- extends 'base.html' -%} {%- block title -%}editing a post{%- endblock -%} {%- block content -%} + {%- set nav -%} + ← Back to thread + {%- endset -%} + {{ subheader("Editing your post", nav)}} {%- for post in context_prev -%}
{{- full_post(post=post, show_toolbar=false, show_reactions=false) -}}
{%- endfor -%}