def api_item(request, item_pk=None): created = False if item_pk: item = Item.objects.get(pk=item_pk) if not item.created_by == request.user: import pdb pdb.set_trace() return HttpResponse(status=403) else: item = Item() item.created_by = request.user created = True if request.POST.get('delete'): item.delete() else: expense = Expense.objects.get(pk=request.POST.get('expense')) if not expense.created_by == request.user: return HttpResponse(status=403) item.expense = expense item.description = request.POST.get('description') item.amount = request.POST.get('amount') item.save() user_pks = request.POST.getlist('users') item.users.clear() for pk in user_pks: user = User.objects.get(pk=pk) item.users.add(user) if request.is_ajax(): return HttpResponse(json.dumps({ 'type': 'item', 'item_pk': item.pk, 'item_created': created, 'item_form': render_to_response('item_form.html', {'expense':item.expense, 'item':item}, context_instance = RequestContext(request)).content, 'empty_form': render_to_response('item_form.html', {'expense':item.expense}, context_instance = RequestContext(request)).content })) return HttpResponseRedirect("/%s" % item.expense_id)
def categoryItems(category_name): """ Displays Items for a selected category Adding new Items requires user login """ if request.method == 'GET': categories = session.query(Category).all() selected_category_id = session.query(Category).filter_by( name=category_name).first().id category_items = session.query(Item).filter_by( category_id=selected_category_id).order_by(Item.name).all() return render_template('category-items.html', categories=categories, category_name=category_name, category_items=category_items, user=login_session['username'], userID=login_session['user_id']) if request.method == 'POST': category_id_for_item = session.query(Category).filter_by( name=category_name).first().id newItem = Item(name=request.form['newItemName'], description=request.form['newItemDescription']) newItem.category_id = category_id_for_item try: user = session.query(User).filter_by( email=login_session['email']).first() userId = user.id except AttributeError, e: print(e) return redirect(url_for('pickProvider')) print("userID is : %s") % userId newItem.created_by = userId # DONE : make it the actual signed in user newItem.last_edit = datetime.now() session.add(newItem) session.commit() return redirect(url_for('categoryItems', category_name=category_name))
DBSession = sessionmaker(bind=engine) # A DBSession() instance establishes all conversations with the database # and represents a "staging zone" for all the objects loaded into the # database session object. Any change made against the objects in the # session won't be persisted into the database until you call # session.commit(). If you're not happy about the changes, you can # revert all of them back to the last commit by calling # session.rollback() session = DBSession() test_user = User() test_user.username = "******" test_user.email = "*****@*****.**" session.add(test_user) session.commit() new_category = Category() new_category.name = "Soccer" session.add(new_category) session.commit() new_item = Item() new_item.name = "Abibas Predadors" new_item.description = "I was created by admin and can't be deleted." new_item.price = 120.59 new_item.category_id = new_category.id new_item.created_by = test_user.id session.add(new_item) session.commit()