ForME/app/admin.py

import uuid as uuid_lib
from datetime import datetime
from flask import Blueprint, render_template, request, redirect, url_for, flash

from .db import get_db
from .auth import login_required


admin_bp = Blueprint("admin", __name__, url_prefix="/admin")


@admin_bp.route("/", methods=["GET", "POST"])
def index():
    login_required()
    db = get_db()
    if request.method == "POST":
        title = request.form.get("title", "").strip()
        html = request.form.get("html", "").strip()
        if not html:
            flash("HTML не может быть пустым.", "error")
        else:
            uid = uuid_lib.uuid4().hex
            db.execute(
                "INSERT INTO pages (uuid, title, html, created_at) VALUES (?, ?, ?, ?)",
                (uid, title, html, datetime.utcnow().isoformat(timespec="seconds")),
            )
            db.commit()
            flash("Страница опубликована.", "success")
            return redirect(url_for("admin.index"))

    pages = db.execute(
        "SELECT id, uuid, title, created_at FROM pages ORDER BY id DESC"
    ).fetchall()
    from flask import request as _request  # local import

    base_url = _request.host_url.rstrip("/")
    return render_template("admin.html", pages=pages, base_url=base_url)


@admin_bp.route("/edit/<int:pid>", methods=["GET", "POST"])
def edit(pid: int):
    login_required()
    db = get_db()
    if request.method == "POST":
        title = request.form.get("title", "").strip()
        html = request.form.get("html", "").strip()
        if not html:
            flash("HTML не может быть пустым.", "error")
        else:
            db.execute("UPDATE pages SET title = ?, html = ? WHERE id = ?", (title, html, pid))
            db.commit()
            flash("Страница обновлена.", "success")
            return redirect(url_for("admin.index"))

    row = db.execute("SELECT id, uuid, title, html, created_at FROM pages WHERE id = ?", (pid,)).fetchone()
    if row is None:
        from flask import abort as _abort
        _abort(404)
    return render_template("edit.html", page=row)


@admin_bp.route("/delete/<int:pid>", methods=["POST"])
def delete(pid: int):
    login_required()
    db = get_db()
    cur = db.execute("DELETE FROM pages WHERE id = ?", (pid,))
    db.commit()
    if cur.rowcount:
        flash("Страница удалена.", "success")
    else:
        flash("Страница не найдена.", "error")
    return redirect(url_for("admin.index"))