def editTypeLot(dbtype, item_id):
    """Edit item within the category in the database"""
    # check login status
    if 'email' not in login_session:
        flash('Sorry, the page you tried to access is for members only. '
              'Please sign in first.')
        abort(401)

    # query the item user wants to edit
    editedItem = (session.query(eval(dbtype.capitalize()+'Lot'))
                  .filter_by(id=item_id).one())
    # make sure user is authorized to edit this item
    if login_session['user_id'] != editedItem.user_id:
        flash('You are not authorized to modify items you did not create. '
              'Please create your own item in order to modify it.')
        return redirect(url_for(dbtype))

    # get property names from table, check maximum lot# from ab and cytotoxin
    table = Table('%s_lot' % dbtype, meta, autoload=True, autoload_with=engine)
    maxablot = (session.query(AntibodyLot)
                .order_by(desc(AntibodyLot.id)).first().id)
    maxtoxinlot = (session.query(CytotoxinLot)
                   .order_by(desc(CytotoxinLot.id)).first().id)

    if request.method == 'POST':
        # set date attribute of query object with request form data
        try:
            editedItem.date = (datetime.strptime(request.form['date'].replace('-', ' '), '%Y %m %d'))
        # in some cases users can input 6 digit year, catch this error
        except ValueError as detail:
            print 'Handling run-time error: ', detail
            flash('Invalid date detected. Please type the date in '
                  'format: MM/DD/YYYY')
            return redirect(url_for(dbtype))
        for column in table.columns:
            if column.name in ('id', 'date', 'antibody_id',
                               'cytotoxin_id', 'adc_id', 'user_id'):
                pass  # don't modify item identifier
            # set attribute of query object with request form data
            else:
                setattr(editedItem, column.name, request.form[column.name])
        session.add(editedItem)
        session.commit()
        flash('%s Lot Edited' % dbtype.capitalize())
        return redirect(url_for(dbtype))
    else:
        return render_template('edit-type-lot.html', dbtype=dbtype,
                               columns=table.columns, item_id=item_id,
                               editedItem=editedItem, maxablot=maxablot,
                               maxtoxinlot=maxtoxinlot)
def getUserID(email):
    """Get user's id in the db using its e-mail address"""
    try:
        user = session.query(User).filter_by(email=email).one()
        return user.id
    except:
        return None
def createTypeLot(dbtype, item_id):
    """Create new item within the category in the database"""
    # check login status
    if 'email' not in login_session:
        flash('Sorry, the page you tried to access is for members only. '
              'Please sign in first.')
        return redirect(url_for(dbtype))

    # get property names from table, check maximum lot# from ab and cytotoxin
    table = Table('%s_lot' % dbtype, meta, autoload=True, autoload_with=engine)
    maxablot = (session.query(AntibodyLot)
                .order_by(desc(AntibodyLot.id)).first().id)
    maxtoxinlot = (session.query(CytotoxinLot)
                   .order_by(desc(CytotoxinLot.id)).first().id)
    originID = (session.query(eval(dbtype.capitalize()))
                .filter_by(id=item_id).one().user_id)
    user_id = getUserID(login_session['email'])

    if request.method == 'POST':
        # instantiate new object
        new = eval(dbtype.capitalize()+'Lot')()
        for field in request.form:
            # set date attribute of new object with request form data
            if field == 'date':
                try:
                    setattr(new, field, datetime.strptime(request.form[field].replace('-', ' '), '%Y %m %d'))
                # in some cases users can input 6 digit year, catch this error
                except ValueError as detail:
                    print 'Handling run-time error: ', detail
                    flash('Invalid date detected. Please type the date in '
                          'format: MM/DD/YYYY')
                    return redirect(url_for(dbtype))
            # set attribute of new object with request form data
            if hasattr(new, field):
                setattr(new, field, request.form[field])
        setattr(new, dbtype+'_id', item_id)
        setattr(new, 'user_id', user_id)
        session.add(new)
        session.commit()
        flash('%s Lot Created' % dbtype.capitalize())
        return redirect(url_for(dbtype))
    else:
        return render_template('create-type-lot.html', dbtype=dbtype,
                               columns=table.columns, item_id=item_id,
                               maxablot=maxablot, maxtoxinlot=maxtoxinlot,
                               originID=originID,
                               userID=getUserID(login_session['email']))
def set_category(dbtype):
    """Provide category/item data to pass onto html templates"""
    # define object and object lots
    obj = eval(dbtype.capitalize())
    items = eval(dbtype.capitalize()+'Lot')

    # query the object items and object lots items
    cat = session.query(obj).order_by(obj.name).all()
    lots = session.query(items).all()

    # create a dict to associate object id with its respective object lot items
    lotdict = {}
    for x in range(1, session.query(obj).count()+1):
        lotdict[x] = (session.query(items)
                      .filter(getattr(items, dbtype+'_id') == x)
                      .order_by(items.date).all())
    return (cat, lotdict, lots)
def createUser(name, email, picture):
	user = User(name=name, email=email)
	session.add(user)
	session.commit()
	newUserID = session.query(User).filter_by(email=email).one().id
	if picture.startswith("https"):
		attach_picture_url(User, newUserID, picture)
	else:
		attach_picture(User, newUserID, picture)
def antibodylot():
    total = []
    for x in range(1, 6):
        lotlist = []
        antibodies = session.query(AntibodyLot).filter(AntibodyLot.antibody_id == x).all()
        for antibody in antibodies:
            lotlist.append(antibody.id)
        total.append(lotlist)
    return total
def cytotoxinlot():
    total = []
    for x in range(1, 6):
        lotlist = []
        cytotoxins = session.query(CytotoxinLot).filter(CytotoxinLot.cytotoxin_id == x).all()
        for cytotoxin in cytotoxins:
            lotlist.append(cytotoxin.id)
        total.append(lotlist)
    return total
def createUser(login_session):
    """Create a new user in the db using user info in the login_session"""
    newUser = User(name=login_session['username'], email=login_session[
                   'email'])
    session.add(newUser)
    session.commit()
    user = session.query(User).filter_by(email=login_session['email']).one()
    attach_picture_url(User, user.id, login_session['picture'])
    return user.id
def get_picture_url(dbtype, item_id):
    """Redirect stored image url within the db to an organized url for
       Antibody/Cytotoxin/Adc.html to access
    """
    item = session.query(eval(dbtype.capitalize())).filter_by(id=item_id).one()
    with store_context(fs_store):
        try:
            picture_url = item.picture.locate()
        except IOError:
            print "No picture found for lot# %s" % str(item_id)
            picture_url = ''
    return render_template('img.html', item=item,
                           picture_url=picture_url, dbtype=dbtype)
def editType(dbtype, item_id):
    """Edit the category (within 3 pre-defined type) in the database"""
    # check login status
    if 'email' not in login_session:
        flash('Sorry, the page you tried to access is for members only. '
              'Please sign in first.')
        abort(401)

    # query the item user wants to edit
    editedItem = (session.query(eval(dbtype.capitalize()))
                  .filter_by(id=item_id).one())
    # make sure user is authorized to edit this item
    if login_session['user_id'] != editedItem.user_id:
        flash('You are not authorized to modify items you did not create. '
              'Please create your own item in order to modify it.')
        return redirect(url_for(dbtype))

    # get property names from table
    table = Table(dbtype, meta, autoload=True, autoload_with=engine)

    if request.method == 'POST':
        for column in table.columns:
            if column.name in ('id', 'user_id'):
                pass  # don't modify item id# and user_id#
            else:
                # set attribute of query object with request form data
                setattr(editedItem, column.name, request.form[column.name])
        session.add(editedItem)
        session.commit()
        flash('%s Edited' % dbtype.capitalize())

        # upload image
        image = request.files['picture']
        if image and allowed_file(image.filename):
            with store_context(fs_store):
                editedItem.picture.from_file(image)
        # prevent user uploading unsupported file type
        elif image and not allowed_file(image.filename):
            flash('Unsupported file detected. No image has been uploaded.')
        return redirect(url_for(dbtype))
    else:
        return render_template('edit-type.html', dbtype=dbtype,
                               columns=table.columns, item_id=item_id,
                               editedItem=editedItem)
def attach_picture_url(table, item_id, location):
    """
    A helper function used in populator.py to upload picture to the db from web
    Args:
        table: The category which the picture belongs to
        item_id: The category's id number which the picture should be
                 uploaded to
        location: a web url of where the picture is found
    Returns:
        None
    """
    try:
        item = session.query(table).filter_by(id=item_id).one()
        with store_context(fs_store):
            item.picture.from_file(urlopen(location))
            session.commit()
    except Exception:
        session.rollback()
        raise
def delete(dbtype, item_id):
    """Delete either the item or category in the database"""
    # check login status
    if 'email' not in login_session:
        flash('Sorry, the page you tried to access is for members only. '
              'Please sign in first.')
        abort(401)

    # query the item user wants to delete
    deleteItem = (session.query(eval(dbtype[0].upper()+dbtype[1:]))
                  .filter_by(id=item_id).one())

    # make sure user is authorized to delete this item
    if login_session['user_id'] != deleteItem.user_id:
        flash('You are not authorized to modify items you did not create. '
              'Please create your own item in order to modify it.')
        return redirect(url_for(dbtype))

    if request.method == 'POST':
        try:
            session.delete(deleteItem)
            session.commit()
        # handling legacy error when delete invovled cascade-delete
        except IntegrityError as detail:
            print 'Handling run-time error: ', detail
            session.rollback()
            flash('Delete Operation Failed')
            return redirect(url_for('home'))
        if dbtype.endswith('Lot'):
            flash('%s Lot Deleted' % dbtype[:-3].capitalize())
            return redirect(url_for(dbtype[:-3]))
        else:
            flash('%s  Deleted' % dbtype.capitalize())
            return redirect(url_for(dbtype))
    else:
        pass
def antibodyJSON():
    """Create an JSON endpoint with all antibody categories"""
    antibodies = session.query(Antibody).all()
    return jsonify(Antibodies=[i.serialize for i in antibodies])
def getUserInfo(user_id):
    """Get user object in the db using its user_id"""
    user = session.query(User).filter_by(id=user_id).one()
    return user
def adcLotJSON():
    """Create an JSON endpoint with all items within the ADC categories"""
    lots = session.query(AdcLot).all()
    return jsonify(Adc_Lots=[i.serialize for i in lots])
def cytotoxinLotJSON():
    """Create an JSON endpoint with all items within the cytotoxin categories"""
    lots = session.query(CytotoxinLot).all()
    return jsonify(Cytotoxin_Lots=[i.serialize for i in lots])
def adcJSON():
    """Create an JSON endpoint with all ADC categories"""
    adcs = session.query(Adc).all()
    return jsonify(Adcs=[i.serialize for i in adcs])
def cytotoxinJSON():
    """Create an JSON endpoint with all cytotoxin categories"""
    cytotoxins = session.query(Cytotoxin).all()
    return jsonify(Cytotoxins=[i.serialize for i in cytotoxins])
def collectionLots(dbtype):
    """Create an XML endpoint with all items within the categories available"""
    collections = session.query(eval(dbtype.capitalize()+'Lot')).all()
    return render_template('collections-lot.xml', dbtype=dbtype,
                           collections=collections)
def collections(dbtype):
    """Create an XML endpoint with all categories"""
    collections = session.query(eval(dbtype.capitalize())).all()
    return render_template('collections.xml', dbtype=dbtype,
                           collections=collections)