def category_info(category_id):
    """
    Function to return a page to view items for specified category.

    Args:
        category_id: ID value of the category to view.
    """

    set_redirect_url()

    # Retrieve Category object for template rendering.
    # If not found, render error template.
    category = db_session.query(Category)\
        .filter_by(id=category_id)\
        .first()
    if not category:
        return render_template(
            'error.html',
            headline_text='Category Not Found',
            error_text='The specified category was not found.')

    login_session['last_category_id'] = category.id
    category_items = db_session.query(CategoryItem).filter_by(
        category_id=category.id).all()
    creator = category.user
    user = get_user()

    return render_template('category_info.html',
                           categories=get_all_objects_of_type(Category),
                           category=category,
                           category_items=category_items,
                           creator=creator,
                           items=get_all_items(),
                           user=user)
def category_info(category_id):
    """
    Function to return a page to view items for specified category.

    Args:
        category_id: ID value of the category to view.
    """

    set_redirect_url()

    # Retrieve Category object for template rendering.
    # If not found, render error template.
    category = db_session.query(Category)\
        .filter_by(id=category_id)\
        .first()
    if not category:
        return render_template('error.html',
                               headline_text='Category Not Found',
                               error_text='The specified category was not found.')

    login_session['last_category_id'] = category.id
    category_items = db_session.query(CategoryItem).filter_by(category_id=category.id).all()
    creator = category.user
    user = get_user()

    return render_template('category_info.html',
                           categories=get_all_objects_of_type(Category),
                           category=category,
                           category_items=category_items,
                           creator=creator,
                           items=get_all_items(),
                           user=user)
def category_items_info_json(category_id):
    """
    Function to return JSON of category items for specified category.

    Args:
        category_id: ID value of the category for the item.
    """

    category = db_session.query(Category).filter_by(id=category_id).first()
    if not category:
        return jsonify({'error': 'The specified category was not found.'})
    items = db_session.query(CategoryItem).filter_by(category_id=category_id).all()
    return jsonify(items=[item.serialize for item in items])
def category_items_info_json(category_id):
    """
    Function to return JSON of category items for specified category.

    Args:
        category_id: ID value of the category for the item.
    """

    category = db_session.query(Category).filter_by(id=category_id).first()
    if not category:
        return jsonify({'error': 'The specified category was not found.'})
    items = db_session.query(CategoryItem).filter_by(
        category_id=category_id).all()
    return jsonify(items=[item.serialize for item in items])
def new_category_item():
    """
    Function to return a page to create a new category item.
    """

    set_redirect_url()

    user = get_user()
    categories = get_all_objects_of_type(Category)
    category = None
    if not user:
        return redirect(url_for('login'))
    if request.method == 'POST':
        if request.form.get('name', '') == '' and request.form.get('category', '') != '':
            category = db_session.query(Category)\
                .filter_by(id=request.form.get('category'))\
                .first()
            return render_template('new_category_item.html',
                                   user=user,
                                   category=category,
                                   categories=categories,
                                   request=request)
        new_item = CategoryItem(name=request.form['name'],
                                user_id=login_session['user_id'],
                                description=request.form['description'],
                                category_id=request.form['category'])
        db_session.add(new_item)
        db_session.commit()
        flash('New Item {} Successfully Created!'.format(new_item.name))
        return redirect(url_for('index'))
    else:
        return render_template('new_category_item.html',
                               user=user,
                               category=category,
                               categories=categories)
def category_item_info_json(category_id, item_id):
    """
    Function to return JSON of specified category item.

    Args:
        category_id: ID value of the category for the item.
        item_id: ID value of the category item to view.
    """

    category = db_session.query(Category).filter_by(id=category_id).first()
    if not category:
        return jsonify({'error': 'The specified category was not found.'})
    item = db_session.query(CategoryItem).filter_by(id=item_id).first()
    if not item:
        return jsonify({'error': 'The specified category item was not found.'})
    return jsonify(item.serialize)
def category_item_info_json(category_id, item_id):
    """
    Function to return JSON of specified category item.

    Args:
        category_id: ID value of the category for the item.
        item_id: ID value of the category item to view.
    """

    category = db_session.query(Category).filter_by(id=category_id).first()
    if not category:
        return jsonify({'error': 'The specified category was not found.'})
    item = db_session.query(CategoryItem).filter_by(id=item_id).first()
    if not item:
        return jsonify({'error': 'The specified category item was not found.'})
    return jsonify(item.serialize)
def category_item_info(item_id):
    """
    Function to return a page to view a category item.

    Args:
        item_id: ID value of the category item to view.
    """

    set_redirect_url()

    # Retrieve CategoryItem object for template rendering.
    # If not found, render error template.
    category_item = db_session.query(CategoryItem)\
        .filter_by(id=item_id)\
        .first()
    if not category_item:
        return render_template('error.html',
                               headline_text='Item Not Found',
                               error_text='The specified item was not found.')

    creator = category_item.user
    user = get_user()

    return render_template('category_item_info.html',
                           categories=get_all_objects_of_type(Category),
                           category=category_item.category,
                           item=category_item,
                           items=get_all_items(),
                           creator=creator,
                           user=user)
def category_item_info(item_id):
    """
    Function to return a page to view a category item.

    Args:
        item_id: ID value of the category item to view.
    """

    set_redirect_url()

    # Retrieve CategoryItem object for template rendering.
    # If not found, render error template.
    category_item = db_session.query(CategoryItem)\
        .filter_by(id=item_id)\
        .first()
    if not category_item:
        return render_template('error.html',
                               headline_text='Item Not Found',
                               error_text='The specified item was not found.')

    creator = category_item.user
    user = get_user()

    return render_template('category_item_info.html',
                           categories=get_all_objects_of_type(Category),
                           category=category_item.category,
                           item=category_item,
                           items=get_all_items(),
                           creator=creator,
                           user=user)
def edit_category_item(item_id):
    """
    Function to return a page to edit a category item.

    Args:
        item_id: ID value of the category item to edit.
    """

    user = get_user()
    categories = get_all_objects_of_type(Category)
    edited_item = db_session.query(CategoryItem)\
        .filter_by(id=item_id)\
        .first()
    if not edited_item:
        return render_template('error.html',
                               headline_text='Item Not Found',
                               error_text='The specified item was not found.')

    # Make sure the user is the creator of the item.
    if not user or user and user.id != edited_item.user.id:
        return render_template('error.html',
                               headline_text='Access Denied',
                               error_text='Sorry, but you are not the creator of '\
                               'the item "{}". As such, you are not authorized '\
                               'to make edits to it.'.format(edited_item.name))


    if request.method == 'POST':
        edited_item.name = request.form['name']
        edited_item.description = request.form['description']
        edited_item.category_id = request.form['category']
        db_session.add(edited_item)
        db_session.commit()
        flash('Item Successfully Updated!')
        category = db_session.query(Category)\
            .filter_by(id=edited_item.category_id)\
            .first()
        return redirect(url_for('category_item_info',
                                item_id=edited_item.id))
    else:
        return render_template('edit_category_item.html',
                               item=edited_item,
                               user=user,
                               categories=categories)
def edit_category_item(item_id):
    """
    Function to return a page to edit a category item.

    Args:
        item_id: ID value of the category item to edit.
    """

    user = get_user()
    categories = get_all_objects_of_type(Category)
    edited_item = db_session.query(CategoryItem)\
        .filter_by(id=item_id)\
        .first()
    if not edited_item:
        return render_template('error.html',
                               headline_text='Item Not Found',
                               error_text='The specified item was not found.')

    # Make sure the user is the creator of the item.
    if not user or user and user.id != edited_item.user.id:
        return render_template('error.html',
                               headline_text='Access Denied',
                               error_text='Sorry, but you are not the creator of '\
                               'the item "{}". As such, you are not authorized '\
                               'to make edits to it.'.format(edited_item.name))

    if request.method == 'POST':
        edited_item.name = request.form['name']
        edited_item.description = request.form['description']
        edited_item.category_id = request.form['category']
        db_session.add(edited_item)
        db_session.commit()
        flash('Item Successfully Updated!')
        category = db_session.query(Category)\
            .filter_by(id=edited_item.category_id)\
            .first()
        return redirect(url_for('category_item_info', item_id=edited_item.id))
    else:
        return render_template('edit_category_item.html',
                               item=edited_item,
                               user=user,
                               categories=categories)
def catalog_json():
    """
    Function to return JSON of all categories and items.
    """

    categories = get_all_objects_of_type(Category)
    categories_list = []
    for cat in categories:
        categories_list.append(cat.serialize)
        items = db_session.query(CategoryItem).filter_by(category_id=cat.id).all()
        categories_list[-1]['items'] = [item.serialize for item in items]
    return jsonify(categories=categories_list)
def get_user_id(email):
    """
    Function to return user ID for user with specified email address.

    Args:
        email: Email address for user whose ID will be returned.
    """

    try:
        user = db_session.query(User).filter_by(email=email).one()
        return user.id
    except NoResultFound:
        return None
def catalog_json():
    """
    Function to return JSON of all categories and items.
    """

    categories = get_all_objects_of_type(Category)
    categories_list = []
    for cat in categories:
        categories_list.append(cat.serialize)
        items = db_session.query(CategoryItem).filter_by(
            category_id=cat.id).all()
        categories_list[-1]['items'] = [item.serialize for item in items]
    return jsonify(categories=categories_list)
def get_user_info(user_id):
    """
    Function to return User object for user with specified user ID.

    Args:
        user_id: User ID for user object to return.
    """

    try:
        user = db_session.query(User).filter_by(id=user_id).one()
        return user
    except NoResultFound:
        return None
def get_user_info(user_id):
    """
    Function to return User object for user with specified user ID.

    Args:
        user_id: User ID for user object to return.
    """

    try:
        user = db_session.query(User).filter_by(id=user_id).one()
        return user
    except NoResultFound:
        return None
def get_user_id(email):
    """
    Function to return user ID for user with specified email address.

    Args:
        email: Email address for user whose ID will be returned.
    """

    try:
        user = db_session.query(User).filter_by(email=email).one()
        return user.id
    except NoResultFound:
        return None
def delete_category(category_id):
    """
    Function to return a page to delete a category.

    Args:
        category_id: ID of the category to delete.
    """

    user = get_user()
    category = db_session.query(Category)\
        .filter_by(id=category_id).first()
    if not category:
        return redirect(url_for('index'))

    # Make sure the user is the creator of the category.
    if not user or user and user.id != category.user.id:
        return render_template('error.html',
                               headline_text='Access Denied',
                               error_text='Sorry, but you are not the creator of '\
                               'the category "{}". As such, you are not authorized '\
                               'to delete it.'.format(category.name))

    if request.method == 'POST':
        # Get and delete all items associated with this category.
        items = db_session.query(CategoryItem)\
            .filter_by(category_id=category.id)\
            .all()
        for item in items:
            db_session.delete(item)

        # Delete the category itself and commit everything.
        db_session.delete(category)
        db_session.commit()
        flash("Category {} deleted.".format(category.name))
        return redirect(url_for('index'))
    else:
        return render_template('delete_category.html',
                               category=category)
def create_user():
    """
    Function to create a new user with the info from login session.
    """

    new_user = User(name=login_session['username'],
                    email=login_session['email'],
                    picture=login_session['picture'])
    db_session.add(new_user)
    db_session.commit()
    user = db_session.query(User)\
        .filter_by(email=login_session['email'])\
        .one()
    return user.id
def create_user():
    """
    Function to create a new user with the info from login session.
    """

    new_user = User(name=login_session['username'],
                    email=login_session['email'],
                    picture=login_session['picture'])
    db_session.add(new_user)
    db_session.commit()
    user = db_session.query(User)\
        .filter_by(email=login_session['email'])\
        .one()
    return user.id
def delete_category(category_id):
    """
    Function to return a page to delete a category.

    Args:
        category_id: ID of the category to delete.
    """

    user = get_user()
    category = db_session.query(Category)\
        .filter_by(id=category_id).first()
    if not category:
        return redirect(url_for('index'))

    # Make sure the user is the creator of the category.
    if not user or user and user.id != category.user.id:
        return render_template('error.html',
                               headline_text='Access Denied',
                               error_text='Sorry, but you are not the creator of '\
                               'the category "{}". As such, you are not authorized '\
                               'to delete it.'.format(category.name))

    if request.method == 'POST':
        # Get and delete all items associated with this category.
        items = db_session.query(CategoryItem)\
            .filter_by(category_id=category.id)\
            .all()
        for item in items:
            db_session.delete(item)

        # Delete the category itself and commit everything.
        db_session.delete(category)
        db_session.commit()
        flash("Category {} deleted.".format(category.name))
        return redirect(url_for('index'))
    else:
        return render_template('delete_category.html', category=category)
def delete_category_item(item_id):
    """
    Function to return a page to delete a category item.

    Args:
        item_id: ID of the category item to delete.
    """

    user = get_user()
    item = db_session.query(CategoryItem)\
        .filter_by(id=item_id)\
        .first()
    category_id = ''
    if not item:
        if login_session.get('last_category_id', '') == '':
            return redirect(url_for('index'))
        else:
            category_id = login_session.get('last_category_id')
    else:
        category_id = item.category.id

    # Make sure the user is the creator of the item.
    if not user or user and user.id != item.user.id:
        return render_template('error.html',
                               headline_text='Access Denied',
                               error_text='Sorry, but you are not the creator of '\
                               'the item "{}". As such, you are not authorized '\
                               'to delete it.'.format(item.name))

    if request.method == 'POST':
        db_session.delete(item)
        db_session.commit()
        flash("Item {} deleted.".format(item.name))
        return redirect(url_for('category_info',
                                category_id=category_id))
    else:
        return render_template('delete_category_item.html',
                               item=item)
def new_category_item():
    """
    Function to return a page to create a new category item.
    """

    set_redirect_url()

    user = get_user()
    categories = get_all_objects_of_type(Category)
    category = None
    if not user:
        return redirect(url_for('login'))
    if request.method == 'POST':
        if request.form.get(
                'name', '') == '' and request.form.get('category', '') != '':
            category = db_session.query(Category)\
                .filter_by(id=request.form.get('category'))\
                .first()
            return render_template('new_category_item.html',
                                   user=user,
                                   category=category,
                                   categories=categories,
                                   request=request)
        new_item = CategoryItem(name=request.form['name'],
                                user_id=login_session['user_id'],
                                description=request.form['description'],
                                category_id=request.form['category'])
        db_session.add(new_item)
        db_session.commit()
        flash('New Item {} Successfully Created!'.format(new_item.name))
        return redirect(url_for('index'))
    else:
        return render_template('new_category_item.html',
                               user=user,
                               category=category,
                               categories=categories)
def delete_category_item(item_id):
    """
    Function to return a page to delete a category item.

    Args:
        item_id: ID of the category item to delete.
    """

    user = get_user()
    item = db_session.query(CategoryItem)\
        .filter_by(id=item_id)\
        .first()
    category_id = ''
    if not item:
        if login_session.get('last_category_id', '') == '':
            return redirect(url_for('index'))
        else:
            category_id = login_session.get('last_category_id')
    else:
        category_id = item.category.id

    # Make sure the user is the creator of the item.
    if not user or user and user.id != item.user.id:
        return render_template('error.html',
                               headline_text='Access Denied',
                               error_text='Sorry, but you are not the creator of '\
                               'the item "{}". As such, you are not authorized '\
                               'to delete it.'.format(item.name))

    if request.method == 'POST':
        db_session.delete(item)
        db_session.commit()
        flash("Item {} deleted.".format(item.name))
        return redirect(url_for('category_info', category_id=category_id))
    else:
        return render_template('delete_category_item.html', item=item)
if __name__ == "__main__":
    
    if len(sys.argv) < 3:
        print "Insufficient arguments"
        exit()

    command = sys.argv[1].lower()
    email_address = sys.argv[2]

    if command not in ("grant", "revoke"):
        print "command not recognised"
        exit()

    print "Looking for a user with email address: %s" % email_address
    
    users = db_session.query(User).filter_by(email=email_address).all()

    if not len(users):
        print "No users found with that email address."
        print "Goodbye."
        exit()

    print "Found the following users:"
    print
    for user in users:
        print user
    print

    confirmation = "%s admin privileges? (y/n): " % command.capitalize()
    decision = raw_input(confirmation).lower()
    if not decision.startswith("y"):
Beispiel #26
0
if __name__ == "__main__":

    if len(sys.argv) < 3:
        print "Insufficient arguments"
        exit()

    command = sys.argv[1].lower()
    email_address = sys.argv[2]

    if command not in ("grant", "revoke"):
        print "command not recognised"
        exit()

    print "Looking for a user with email address: %s" % email_address

    users = db_session.query(User).filter_by(email=email_address).all()

    if not len(users):
        print "No users found with that email address."
        print "Goodbye."
        exit()

    print "Found the following users:"
    print
    for user in users:
        print user
    print

    confirmation = "%s admin privileges? (y/n): " % command.capitalize()
    decision = raw_input(confirmation).lower()
    if not decision.startswith("y"):