Beispiel #1
0
def deleteAuthor(author_id):
    authorToDelete = session.query(Authors).filter_by(id=author_id).one()
    creator = getUserInfo(authorToDelete.user_id)
    if creator.id != login_session['user_id']:
        flash('You are not authorised to delete this profile')
        return redirect(url_for('showAuthors'))
    if request.method == 'POST':
        session.delete(authorToDelete)
        flash('%s Successfully Deleted' % authorToDelete.name)
        session.commit()
        return redirect(url_for('showAuthors', author_id=author_id))
    else:
        return render_template('deleteAuthor.html', author=authorToDelete)
Beispiel #2
0
def editAuthor(author_id):
    editedAuthor = session.query(Authors).filter_by(id=author_id).one()
    creator = getUserInfo(editedAuthor.user_id)
    if creator.id != login_session['user_id']:
        flash('You are not authorised to edit this profile')
        return redirect(url_for('showAuthors'))
    if request.method == 'POST':
        if request.form['name']:
            editedAuthor.name = request.form['name']
            flash('Author detail Successfully Edited %s' % editedAuthor.name)
        return redirect(url_for('showAuthors'))
    else:
        return render_template('editAuthor.html', author=editedAuthor)
Beispiel #3
0
def deleteBooks(author_id, book_id):
    authorQuery = session.query(Authors).filter_by(id=author_id).one()
    itemToDelete = session.query(Books).filter_by(id=book_id).one()
    creator = getUserInfo(authorQuery.user_id)
    if creator.id != login_session['user_id']:
        flash('You are not authorised to delete this book')
        return redirect(url_for('showAuthors'))
    if request.method == 'POST':
        session.delete(itemToDelete)
        session.commit()
        flash('Book Successfully Deleted')
        return redirect(url_for('showBooks', author_id=author_id))
    else:
        return render_template('deleteBook.html', item=itemToDelete)
Beispiel #4
0
def showBooks(author_id):
    author = session.query(Authors).filter_by(id=author_id).one()
    creator = getUserInfo(author.user_id)
    book = session.query(Books).filter_by(author_id=author_id).all()
    if 'username' not in login_session\
            or creator.id != login_session['user_id']:
        return render_template('publicbooks.html',
                               author=author,
                               books=book,
                               creator=creator)
    else:
        return render_template('books.html',
                               author=author,
                               books=book,
                               creator=creator)
Beispiel #5
0
def editBooks(author_id, book_id):
    editbook = session.query(Books).filter_by(id=book_id).one()
    authorQuery = session.query(Authors).filter_by(id=author_id).one()
    creator = getUserInfo(authorQuery.user_id)
    if creator.id != login_session['user_id']:
        flash('You are not authorised to edit this book')
        return redirect(url_for('showAuthors'))
    if request.method == 'POST':
        if request.form['name']:
            editbook.name = request.form['name']
        if request.form['description']:
            editbook.description = request.form['description']
        if request.form['price']:
            editbook.price = request.form['price']
        session.add(editbook)
        session.commit()
        flash('Book Successfully Edited')
        return redirect(url_for('showBooks', author_id=author_id))
    else:
        return render_template('editBook.html',
                               author_id=author_id,
                               book_id=book_id,
                               item=editbook)