basic admin interface done

calender/calender.py

@@ -2,31 +2,45 @@ import os
 
 from flask import (
     Blueprint, render_template,
-    flash, request, url_for, redirect, abort, g, send_from_directory, current_app)
+    flash, request, url_for, redirect, abort, send_from_directory, current_app)
 from werkzeug.utils import secure_filename
 
 from calender.auth import login_required
 from calender.db import get_db
 
 bp = Blueprint('calender', __name__)
-ALLOWED_EXTENSIONS = {'png', 'jpg', 'jpeg', 'gif'}
+ALLOWED_EXTENSIONS = {'png', 'jpg', 'jpeg', 'gif', 'webm', 'mp4', 'bmp'}
 
-#Todo admin interface for managing submit, comments, submission date
+
+# Todo admin interface for managing submit, comments, submission date
 
 @bp.route('/')
 def index():
     db = get_db()
     posts = db.execute(
-        'SELECT p.id, title, body, created, author_id, username, nickname, file'
-        ' FROM post p JOIN user u ON p.author_id = u.id'
+        'SELECT p.id, title, body, created,  nickname, file, chosen, type'
+        ' FROM post p'
         ' ORDER BY created DESC'
     ).fetchall()
     # noinspection PyUnresolvedReferences
     return render_template('calender/index.html', posts=posts)
 
 
-@bp.route('/create', methods=('GET', 'POST'))
+@bp.route('/admin')
 @login_required
+def admin():
+    db = get_db()
+    posts = db.execute(
+        'SELECT p.id, title, body, created, nickname, file, chosen, type'
+        ' FROM post p'
+        ' ORDER BY created DESC'
+    ).fetchall()
+    # noinspection PyUnresolvedReferences
+    return render_template('calender/admin.html', posts=posts)
+
+
+@bp.route('/create', methods=('GET', 'POST'))
+# @login_required
 def create():
     if request.method == 'POST':
         title = request.form['title']
@@ -52,14 +66,16 @@ def create():
             flash(error)
         else:
             if file and allowed_file(file.filename):
+                file_type = check_file_type(file.filename)
                 filename = secure_filename(file.filename)
                 file.save(os.path.join(current_app.config['UPLOAD_FOLDER'], filename))
+
                 db = get_db()
                 db.execute(
-                    'INSERT INTO post (title, body, author_id, nickname, file)'
-                    ' VALUES (?, ?, ?, ?, ?)',
-                    (title, body, g.user['id'], nickname, url_for('calender.uploaded_file',
-                                                                  filename=filename))
+                    'INSERT INTO post (title, body, nickname, file, chosen, type)'
+                    ' VALUES (?, ?, ?, ?, ?, ?)',
+                    (title, body, nickname, url_for('calender.uploaded_file',
+                                                    filename=filename), False, file_type)
                 )
                 db.commit()
                 # return redirect(url_for('calender.uploaded_file',filename=filename))
@@ -70,8 +86,8 @@ def create():
 
 def get_post(id, check_author=True):
     post = get_db().execute(
-        'SELECT p.id, title, body, created, author_id, username, nickname, file'
-        ' FROM post p JOIN user u ON p.author_id = u.id'
+        'SELECT p.id, title, body, created, nickname, file, chosen, type'
+        ' FROM post p'
         ' WHERE p.id = ?',
         (id,)
     ).fetchone()
@@ -79,8 +95,8 @@ def get_post(id, check_author=True):
     if post is None:
         abort(404, "Post id {0} doesn't exist.".format(id))
 
-    if check_author and post['author_id'] != g.user['id']:
-        abort(403)
+    # if check_author and post['author_id'] != g.user['id']:
+    # abort(403)
 
     return post
 
@@ -92,7 +108,9 @@ def update(id):
 
     if request.method == 'POST':
         title = request.form['title']
+        nickname = request.form['nickname']
         body = request.form['body']
+        chosen = request.form['chosen']
         error = None
 
         if not title:
@@ -103,9 +121,9 @@ def update(id):
         else:
             db = get_db()
             db.execute(
-                'UPDATE post SET title = ?, body = ?'
+                'UPDATE post SET title = ?, body = ?, nickname = ?, chosen = ?'
                 ' WHERE id = ?',
-                (title, body, id)
+                (title, body, nickname, chosen, id)
             )
             db.commit()
             return redirect(url_for('calender.index'))
@@ -128,6 +146,13 @@ def allowed_file(filename):
            filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS
 
 
+def check_file_type(filename):
+    if filename.rsplit('.', 1)[1].lower() in ['webm', 'mp4']:
+        return 'video'
+    else:
+        return 'image'
+
+
 @bp.route('/uploads/<filename>')
 def uploaded_file(filename):
     return send_from_directory(current_app.config['UPLOAD_FOLDER'],

calender/schema.sql

@@ -9,11 +9,11 @@ CREATE TABLE user (
 
 CREATE TABLE post (
   id INTEGER PRIMARY KEY AUTOINCREMENT,
-  author_id INTEGER NOT NULL,
   created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
   title TEXT NOT NULL,
   nickname TEXT NOT NULL,
   body TEXT NOT NULL,
   file TEXT NOT NULL,
-  FOREIGN KEY (author_id) REFERENCES user (id)
+  chosen INTEGER NOT NULL ,
+  type TEXT NOT NULL
 );

calender/templates/calender/index.html

@@ -8,11 +8,11 @@
         <div>
             <h6>Submit your meme for the next day now! Feel free to create and submit your own creations. </h6>
             <br>
-            {% if g.user %}
-                <a class="action" href="{{ url_for('calender.create') }}">
-                    <button>Submit a Meme</button>
-                </a>
-            {% endif %}
+
+            <a class="action" href="{{ url_for('calender.create') }}">
+                <button>Submit a Meme</button>
+            </a>
+
         </div>
     </div>
 {% endblock %}
@@ -20,26 +20,32 @@
 {% block content %}
     <div class="container w3-center">
         {% for post in posts %}
-            <div class="item">
-                <article class="post">
-                    <header>
-                        <div>
-                            <h1>{{ post['title'] }}</h1>
-                            <h2>{{ post['nickname'] }}</h2>
-                            <div class="about">by {{ post['username'] }}
-                                on {{ post['created'].strftime('%Y-%m-%d') }}</div>
-                        </div>
-                        {% if g.user['id'] == post['author_id'] %}
-                            <a class="action" href="{{ url_for('calender.update', id=post['id']) }}">Edit</a>
+            {% if post['chosen'] == 1 %}
+                <div class="item">
+                    <article class="post">
+                        <header>
+                            <div>
+                                <h1>{{ post['title'] }}</h1>
+                                <h2>{{ post['nickname'] }}</h2>
+                                <div class="about">by {{ post['username'] }}
+                                    on {{ post['created'].strftime('%Y-%m-%d') }}</div>
+                            </div>
+                        </header>
+                        {% if post['type'] == 'image' %}
+                            <img class="file" src="{{ post['file'] }}">
                         {% endif %}
-                    </header>
-                    <img class="file" src="{{ post['file'] }}">
-                    <p class="body">{{ post['body'] }}</p>
-                </article>
-                {% if not loop.last %}
-                    <hr>
-                {% endif %}
-            </div>
+                        {% if post['type'] == 'video' %}
+                            <video class="file" preload="none" controls="" width="500">
+                                <source src="{{ post['file'] }}">
+                            </video>
+                        {% endif %}
+                        <p class="body">{{ post['body'] }}</p>
+                    </article>
+                    {% if not loop.last %}
+                        <hr>
+                    {% endif %}
+                </div>
+            {% endif %}
         {% endfor %}
     </div>
 {% endblock %}

calender/templates/calender/update.html

@@ -4,12 +4,30 @@
 {% endblock %}
 
 {% block content %}
-    <form method="post">
+    <form method=post enctype=multipart/form-data>
         <label for="title">Title</label>
         <input name="title" id="title"
                value="{{ request.form['title'] or post['title'] }}" required>
+        <label for="nickname">Nickname</label>
+        <input name="nickname" id="nickname" value="{{ request.form['nickname'] or post['nickname'] }}" required>
         <label for="body">Body</label>
         <textarea name="body" id="body">{{ request.form['body'] or post['body'] }}</textarea>
+        <label for="file">Body</label>
+        {% if post['type'] == 'image' %}
+            <img class="file" src="{{ post['file'] }}">
+        {% endif %}
+        {% if post['type'] == 'video' %}
+            <video class="file" preload="none" controls="" width="500">
+                <source src="{{ post['file'] }}">
+            </video>
+        {% endif %}
+        <div>
+            <p>Choose a mp4, webm, gif , png or jpg file.(max 25MB)</p>
+            <input type="file" placeholder="meme" name="file" id="file"
+                   value="{{ request.form['file'] or post['file'] }}">
+        </div>
+        <label for="chosen">Chosen</label><br>
+        <input id="chosen" name="chosen" value="{{ request.form['chosen'] or post['chosen'] }}">
         <input type="submit" value="Save">
     </form>
     <hr>