From df25a48abd69292af55f3356a48a737da829cd20 Mon Sep 17 00:00:00 2001
From: Thibaut Horel <thibaut.horel@gmail.com>
Date: Wed, 7 Nov 2012 01:27:36 +0100
Subject: Add basic news feature: list, show, add

---
 famille.py | 46 ++++++++++++++++++++++++++++++++++------------
 1 file changed, 34 insertions(+), 12 deletions(-)

(limited to 'famille.py')

diff --git a/famille.py b/famille.py
index 5a09c5e..4739f25 100644
--- a/famille.py
+++ b/famille.py
@@ -10,11 +10,6 @@ import hashlib
 app = Flask(__name__)
 app.config.from_envvar('CONF')
 
-def connect_db():
-    conn = sqlite3.connect(app.config['DATABASE'])
-    conn.row_factory = sqlite3.Row 
-    return conn
-
 def query_db(query, args=(), one=False):
     cur = g.db.execute(query, args)
     rv = cur.fetchone() if one else cur.fetchall()
@@ -23,7 +18,9 @@ def query_db(query, args=(), one=False):
 
 @app.before_request
 def before_request():
-    g.db = connect_db()
+    conn = sqlite3.connect(app.config['DATABASE'])
+    conn.row_factory = sqlite3.Row 
+    g.db = conn
 
 @app.teardown_appcontext
 def close_db_connection(exception):
@@ -33,7 +30,7 @@ def close_db_connection(exception):
 def login_required(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
-        if 'username' not in session:
+        if 'name' not in session:
             return redirect(url_for('login', next=request.url))
         return f(*args, **kwargs)
     return decorated_function
@@ -41,12 +38,36 @@ def login_required(f):
 @app.route('/')
 @login_required
 def main():
-    return redirect(url_for('show_news'))
+    return redirect(url_for('list_news'))
 
-@app.route('/nouvelles')
-def show_news():
-    return render_template("toto.html")
+@app.route('/news/')
+@login_required
+def list_news():
+    print "toto"
+    news = query_db("SELECT * FROM news LEFT JOIN users ON news.user_id = users.id")
+    return render_template("news/list.html", news=news)
 
+@app.route('/news/add/', methods=['GET', 'POST'])
+@login_required
+def add_news():
+    if request.method == 'POST':
+        cur = g.db.execute("INSERT INTO news ('title', 'content', 'user_id') "
+                           "VALUES (?, ?, ?)",
+                           (request.form['title'], request.form['content'],
+                           session['user_id']))
+        news_id = cur.lastrowid
+        g.db.commit()
+        return redirect(url_for('show_news', news_id=news_id))
+    elif request.method == 'GET':
+        return render_template("news/add.html")
+
+@app.route('/news/<int:news_id>/')
+@login_required
+def show_news(news_id):
+    news = query_db("SELECT * FROM news LEFT JOIN users ON news.user_id = users.id "
+                    "WHERE news.id = ?", (news_id,), True)
+    return render_template("news/show.html", news=news)
+        
 @app.route('/login', methods=['GET', 'POST'])
 def login():
     error = None
@@ -57,7 +78,8 @@ def login():
         if user:
             if user['password'] == password:
                 session['name'] = user['name']
-                return redirect(url_for('show_news'))
+                session['user_id'] = user['id']
+                return redirect(url_for('list_news'))
             else:
                 error = u'Mot de passe incorrect'
         else:
-- 
cgit v1.2.3-70-g09d2