Changed first() to first_or_404()

flaskbb/admin/views.py

@@ -66,7 +66,7 @@ def forums():
 @admin.route("/users/<int:user_id>/edit", methods=["GET", "POST"])
 @admin_required
 def edit_user(user_id):
-    user = User.query.filter_by(id=user_id).first()
+    user = User.query.filter_by(id=user_id).first_or_404()
 
     secondary_group_query = Group.query.filter(
         db.not_(Group.id == user.primary_group_id),
@@ -114,7 +114,7 @@ def edit_user(user_id):
 @admin.route("/users/<int:user_id>/delete")
 @admin_required
 def delete_user(user_id):
-    user = User.query.filter_by(id=user_id).first()
+    user = User.query.filter_by(id=user_id).first_or_404()
     user.delete()
     flash("User successfully deleted", "success")
     return redirect(url_for("admin.users"))
@@ -135,7 +135,7 @@ def add_user():
 @admin.route("/groups/<int:group_id>/edit", methods=["GET", "POST"])
 @admin_required
 def edit_group(group_id):
-    group = Group.query.filter_by(id=group_id).first()
+    group = Group.query.filter_by(id=group_id).first_or_404()
 
     form = EditGroupForm(group)
     if form.validate_on_submit():
@@ -164,7 +164,7 @@ def edit_group(group_id):
 @admin.route("/groups/<int:group_id>/delete")
 @admin_required
 def delete_group(group_id):
-    group = Group.query.filter_by(id=group_id).first()
+    group = Group.query.filter_by(id=group_id).first_or_404()
     group.delete()
     flash("Group successfully deleted.", "success")
     return redirect(url_for("admin.groups"))
@@ -185,7 +185,7 @@ def add_group():
 @admin.route("/forums/<int:forum_id>/edit", methods=["GET", "POST"])
 @admin_required
 def edit_forum(forum_id):
-    forum = Forum.query.filter_by(id=forum_id).first()
+    forum = Forum.query.filter_by(id=forum_id).first_or_404()
 
     form = ForumForm()
     form._id = forum.id  # Used for validation only.
@@ -229,7 +229,7 @@ def edit_forum(forum_id):
 @admin.route("/forums/<int:forum_id>/delete")
 @admin_required
 def delete_forum(forum_id):
-    forum = Forum.query.filter_by(id=forum_id).first()
+    forum = Forum.query.filter_by(id=forum_id).first_or_404()
 
     involved_users = User.query.filter(Topic.forum_id == forum.id,
                                        Post.user_id == User.id).all()

flaskbb/forum/views.py

@@ -75,7 +75,7 @@ def view_forum(forum_id):
     page = request.args.get('page', 1, type=int)
 
     if current_user.is_authenticated():
-        forum = Forum.query.filter(Forum.id == forum_id).first()
+        forum = Forum.query.filter(Forum.id == forum_id).first_or_404()
 
         subforums = Forum.query.\
             filter(Forum.parent_id == forum.id).\
@@ -94,7 +94,7 @@ def view_forum(forum_id):
             order_by(Post.id.desc()).\
             paginate(page, current_app.config['TOPICS_PER_PAGE'], True)
     else:
-        forum = Forum.query.filter(Forum.id == forum_id).first()
+        forum = Forum.query.filter(Forum.id == forum_id).first_or_404()
 
         subforums = Forum.query.filter(Forum.parent_id == forum.id).all()
         # This isn't really nice imho, but "add_entity" (see above)
@@ -116,7 +116,7 @@ def markread(forum_id=None):
 
     # Mark a single forum as read
     if forum_id:
-        forum = Forum.query.filter_by(id=forum_id).first()
+        forum = Forum.query.filter_by(id=forum_id).first_or_404()
         for topic in forum.topics:
             topic.update_read(current_user, forum)
         return redirect(url_for("forum.view_forum", forum_id=forum.id))
@@ -167,7 +167,7 @@ def view_topic(topic_id):
 
 @forum.route("/post/<int:post_id>")
 def view_post(post_id):
-    post = Post.query.filter_by(id=post_id).first()
+    post = Post.query.filter_by(id=post_id).first_or_404()
     count = post.topic.post_count
     page = math.ceil(count / current_app.config["POSTS_PER_PAGE"])
     if count > 10:
@@ -182,7 +182,7 @@ def view_post(post_id):
 @forum.route("/<int:forum_id>/topic/new", methods=["POST", "GET"])
 @login_required
 def new_topic(forum_id):
-    forum = Forum.query.filter_by(id=forum_id).first()
+    forum = Forum.query.filter_by(id=forum_id).first_or_404()
 
     if forum.locked:
         flash("This forum is locked; you cannot submit new topics or posts.",
@@ -205,7 +205,7 @@ def new_topic(forum_id):
 @forum.route("/topic/<int:topic_id>/delete")
 @login_required
 def delete_topic(topic_id):
-    topic = Topic.query.filter_by(id=topic_id).first()
+    topic = Topic.query.filter_by(id=topic_id).first_or_404()
 
     if not can_delete_topic(user=current_user, forum=topic.forum,
                             post_user_id=topic.first_post.user_id):
@@ -257,7 +257,7 @@ def move_topic(topic_id):
 @forum.route("/topic/<int:topic_id>/post/new", methods=["POST", "GET"])
 @login_required
 def new_post(topic_id):
-    topic = Topic.query.filter_by(id=topic_id).first()
+    topic = Topic.query.filter_by(id=topic_id).first_or_404()
 
     if topic.forum.locked:
         flash("This forum is locked; you cannot submit new topics or posts.",
@@ -283,7 +283,7 @@ def new_post(topic_id):
 @forum.route("/post/<int:post_id>/edit", methods=["POST", "GET"])
 @login_required
 def edit_post(post_id):
-    post = Post.query.filter_by(id=post_id).first()
+    post = Post.query.filter_by(id=post_id).first_or_404()
 
     if post.topic.forum.locked:
         flash("This forum is locked; you cannot submit new topics or posts.",
@@ -316,7 +316,7 @@ def edit_post(post_id):
 @forum.route("/post/<int:post_id>/delete")
 @login_required
 def delete_post(post_id):
-    post = Post.query.filter_by(id=post_id).first()
+    post = Post.query.filter_by(id=post_id).first_or_404()
 
     if not can_delete_post(user=current_user, forum=post.topic.forum,
                            post_user_id=post.user_id):
@@ -371,7 +371,7 @@ def topictracker():
 
 @forum.route("/topictracker/<topic_id>/add")
 def track_topic(topic_id):
-    topic = Topic.query.filter_by(id=topic_id).first()
+    topic = Topic.query.filter_by(id=topic_id).first_or_404()
     current_user.track_topic(topic)
     current_user.save()
     return redirect(url_for("forum.view_topic", topic_id=topic.id))
@@ -379,7 +379,7 @@ def track_topic(topic_id):
 
 @forum.route("/topictracker/<topic_id>/delete")
 def untrack_topic(topic_id):
-    topic = Topic.query.filter_by(id=topic_id).first()
+    topic = Topic.query.filter_by(id=topic_id).first_or_404()
     current_user.untrack_topic(topic)
     current_user.save()
     return redirect(url_for("forum.view_topic", topic_id=topic.id))

flaskbb/user/views.py

@@ -200,7 +200,7 @@ def new_message():
 @user.route("/messages/<int:id>/move")
 @login_required
 def move_message(id):
-    message = PrivateMessage.query.filter_by(id=id).first()
+    message = PrivateMessage.query.filter_by(id=id).first_or_404()
     message.trash = True
     message.save()
     flash("Message moved to Trash!", "success")
@@ -210,7 +210,7 @@ def move_message(id):
 @user.route("/messages/<int:id>/delete")
 @login_required
 def delete_message(id):
-    message = PrivateMessage.query.filter_by(id=id).first()
+    message = PrivateMessage.query.filter_by(id=id).first_or_404()
     message.delete()
     flash("Message deleted!", "success")
     return redirect(url_for("user.inbox"))