"""Creates a new post with a new id"""
if not request.json:
abort(400)
- form = PostForm.from_json(request.json, skip_unkown_keys=False)
+ form = PostEditForm.from_json(request.json, skip_unkown_keys=False)
if form.validate():
post = Post(json=form.data)
objId = mongo.db.posts.insert(post.to_bson())
@login_required
def edit_post(post_id):
"""Replaces post behind id with submitted one"""
- query = {'_id': post_id}
- post_d = mongo.db.posts.find_one(query)
+ post_d = mongo.db.posts.find_one(post_id)
if post_d is None:
abort(404)
form = PostEditForm.from_json(request.json, skip_unknown_keys=False)
if form.validate():
post = Post(bson=post_d)
post.update(form.data)
+ query = {'_id': post_id}
mongo.db.posts.update(query, post.to_bson())
# needed for chaining multiple edits together
token = generate_csrf_token()
abort(400)
-@api.route('/delete', methods=['DELETE'])
-def delete_post():
- return "yay"
+# no csrf protection here
+@api.route('/delete/<ObjectId:post_id>', methods=['DELETE'])
+@login_required
+def delete_post(post_id):
+ post_d = mongo.db.posts.find_one(post_id)
+ if post_d is None:
+ abort(404)
+ # in future must check that the user is the owner of the post
+ mongo.db.posts.remove(post_id)
+ return jsonify(success=True)
import config
from models import Post, User
-from forms import LoginForm
+from forms import LoginForm, PostEditForm
from utils import generate_csrf_token
# flask configs/helper functions! #
@app.route('/admin/')
@login_required
def admin():
- posts = map(lambda d: Post(bson=d), mongo.db.posts.find().limit(10))
+ posts = map(lambda d: Post(bson=d), mongo.db.posts.find())
return render_template('admin/index.html',
posts=posts,
user=current_user)
user, authenticated = User.authenticate(mongo.db, uname, pw)
if authenticated:
login_user(user)
- print user
- return redirect(url_for('home'))
+ return redirect(url_for('admin'))
else:
error = 'Incorrect username or password.'
return render_template('login.html', form=form, error=error)
clean["created"] = self.created.isoformat()
clean["body"] = self.body
clean["url"] = url_for('api.single_post', post_id=self.id, _external=True)
+ clean["id"] = self.id
return clean
def to_bson(self):
def authenticate(cls, db, username, password):
rdict = db.users.find_one({'username': username})
if rdict is None:
- return False
+ return None, False
user = User(rdict['username'],
rdict['password'],
rdict['_id'])
height: 400px;
}
+#edit-text{
+ display: none;
+}
+
#edit-preview {
height: 400px;
overflow-y: auto;
<a class="navbar-brand">Admin</a>
</div>
<ul class="nav navbar-nav">
+ <li><a href="/">Home</a></li>
<li><a href="/admin/dash">Dashboard</a></li>
- <li class="divider"></li>
<li><a href="/admin/manage">Manage</a></li>
</ul>
<p class="navbar-text navbar-right">{{ current_user.username }} </p>
</nav>
{% block main %}{% endblock main %}
</div>
+ <input type=hidden id=csrf value="{{ csrf_token() }}" >
</body>
</html>
<div class="row">
<div class="col-sm-1"><h4>Posts</h4></div>
<div class="col-sm-2">
- <button class="btn btn-primary">Create New</button>
+ <button id="new-post-btn" class="btn btn-primary">Create New</button>
</div>
</div>
<table class="table table-striped">
</tr>
</thead>
{% for post in posts %}
- {{ brief_row(post) }}
+ {{ brief_row(post) }}
{% endfor %}
</table>
+<script>
+ // attaches to table elements for functionality
+ $('#new-post-btn').click(function(){
+ var payload = {
+ body: "",
+ title: (new Date()).toString(),
+ _csrf_token: $('#csrf').val()
+ }
+
+ function success(d, tS, jqXhr) {
+ console.log(d)
+ // TODO change url structure
+ var url = "/edit/" + d.id + '/';
+ console.log(url);
+ window.location.href = url;
+ };
+
+ $.ajax({
+ type: "POST",
+ url: "{{ url_for('api.create_post') }}",
+ data: JSON.stringify(payload),
+ success: success,
+ dataType: "json",
+ contentType: "application/json"
+ });
+ });
+
+</script>
{% endblock main %}
<div id="body-split-screen">
<div class="col-sm-6" >
<div class="editable" id="edit-body" >
- {{ post.body }}
</div>
+ <div id="edit-text">{{ post.body }}</div>
</div>
<div class="col-sm-6">
<div id="edit-preview" class="linked-bar">
<script>
var filename = "post-{{ post.id }}";
+ var content = $('#edit-text').text()
var editor = new EpicEditor({
container: 'edit-body',
file: {
name: filename,
autoSave: 100,
- content: '',
+ defaultContent: content,
},
button: false,
basePath: '{{ url_for( "static", filename="ee/") }}',
}).load();
// update the preview window whenever the edit window changes
- editor.on('update', function() {
- $('#edit-preview').html(this.exportFile(null, 'html'))
- }).emit('update');
+ editor.on('update', function() {
+ $('#edit-preview').html(this.exportFile(null, 'html'))
+ }).emit('update');
// links the two scrollbars together
// constants for the iframe editor
$eDoc.on('scroll', edit_sync);
$preview.on('scroll', preview_sync);
- // Callback to make a post as json
+ // Callback to post json to endpoint
$("#save").click(function(){
var body = $("#edit-body")[0].innerHTML,
title = $("#edit-title").val(),