def delete_msg(msg_id):
first_msg_id = g.topic.messages[0].id
topic_id = g.topic.id
message = Message.query.get(msg_id)
if not (current_user.id == message.account_id or current_user.has_role('moderator')):
return redirect(url_for("topic", area_name=g.area.name, created=g.topic.created))
if str(first_msg_id) == str(msg_id):
# If first message, delete topic and it's messages.
Message.query.filter_by(topic_id=topic_id).delete()
Topic.query.filter_by(id=topic_id).delete()
else:
Message.query.filter_by(id=msg_id).delete()
db.session().commit()
return redirect(url_for("topic.topic", area_name=g.area.name, created=g.topic.created))
def users_create():
form = UserForm(request.form)
form.permission_id.choices = [(permission.id, permission.name) for permission in Permission.query.all()]
if not form.validate():
return render_template("auth/new.html", form=form)
user = User(form.username.data)
user.first_name = form.first_name.data
user.last_name = form.last_name.data
user.password = form.password.data
user.permission_id = form.permission_id.data
if User.query.filter_by(username=form.username.data).count() > 0:
return render_template("auth/new.html", form=form, error = "Tunnus on jo käytössä. Valitse uusi käyttäjätunnus.")
db.session().add(user)
db.session().commit()
return redirect(url_for("users_index"))
def items_commit_changes(item_id):
form = ItemForm(request.form)
item = Item.query.get(item_id)
form.item_category.choices = [
(c.id, c.name) for c in Category.query.order_by('name').filter_by(
account_id=current_user.id)
]
if not form.validate:
return render_template("items/modify.html", form=form, item=item)
item.name = form.name.data
category = Category.query.get(form.item_category.data)
item.category_id = category.id
item.expired = form.expired.data
db.session().commit()
return redirect(url_for("items_index"))
def ingredients_delete():
form = IngredientDeleteForm(request.form)
if not form.validate():
return render_template("ingredients/delete.html", form=form)
ingredient_delete = Ingredient.query.filter_by(name=form.name.data).first()
if ingredient_delete is None:
flash("Ingredient you are trying to delete do not exist", "warning")
elif ingredient_delete.account_id != current_user.id:
flash("You can only delete ingredients you have added yourself",
"danger")
else:
flash("Ingredient has been deleted", "success")
db.session().delete(ingredient_delete)
db.session().commit()
return redirect(url_for("ingredients_delete"))
def productions_create():
form = ProductionForm(request.form)
if not form.validate():
return render_template("productions/new.html", form=form)
production_name = form.name.data
production = Production(production_name)
production.misc_info = form.misc_info.data
production.show_duration_hours = int(form.show_duration.data.hour)
production.show_duration_minutes = int(form.show_duration.data.minute)
db.session().add(production)
db.session().commit()
return redirect(url_for("productions_index"))
def comment_edit(comment_id, customer_id):
comment = Comment.query.get(comment_id)
customer = Customer.query.get(customer_id)
form = CommentForm()
if request.method == "GET":
form.text.data = comment.text
return render_template("comments/comment.html", comment=comment, form=form, customer=customer)
elif request.method == "POST":
comment.text = request.form.get("text")
db.session().commit()
return redirect(url_for("customer_page", id=customer.id))
def update_password():
form = PasswordForm(request.form)
if request.method == "GET":
return render_template("auth/update_password.html", form=form)
if not form.validate():
return render_template("auth/update_password.html", form=form)
elif (form.new_password.data == form.new_password_again.data):
current_user.password = f_bcrypt.generate_password_hash(
form.new_password.data).decode('utf8')
db.session().commit()
return redirect(url_for("show_scheduled_tasks"))
return render_template("auth/update_password.html",
form=form,
passwords_dont_match=True)
def get_clubs():
query = db.session().query(Fighter.club.distinct().label("club"))
clubs_in_db = [row.club for row in query.all()]
clubs_in_db.sort()
club_choices=[('-1', 'Valitse seura')]
for club in enumerate(clubs_in_db):
club_choices.append(club)
return club_choices
def edit_book_tip(tip_id):
tip_to_edit = Tip.query.get_or_404(tip_id)
form = AddBookForm(formdata=request.form, obj=tip_to_edit)
if form.validate_on_submit():
tip_to_edit.comment = form.comment.data
tip_to_edit.related_courses = form.related_courses.data
tip_to_edit.tags = form.tags.data
tip_to_edit.title = form.title.data
tip_to_edit.author = form.author.data
tip_to_edit.publication_year = form.publication_year.data
tip_to_edit.isbn = form.isbn.data
tip_to_edit.pages = form.pages.data
db.session().commit()
return redirect(url_for("get_tips"))
return render_template("edit_book.html", form=form)
def categories_create():
form = CategoryForm(request.form)
if not form.validate():
return render_template("categories/new.html", form=form)
if Category.query.filter(Category.account_id == current_user.id).filter(
Category.name == form.name.data).first():
form.name.errors.append("Category named " + form.name.data +
" already exists.")
return render_template("categories/new.html", form=form)
c = Category(form.name.data, form.description.data)
c.account_id = current_user.id
db.session().add(c)
db.session().commit()
return redirect(url_for("categories_index"))
def auth_create():
lomake = UusiLomake(request.form)
if not lomake.validate():
print("täällä")
return render_template("auth/new.html", lomake=lomake)
if not lomake.salasana.data == lomake.salasana2.data:
print("vai täällä")
return render_template("auth/new.html", lomake=lomake)
k = Käyttäjä(lomake.nimi.data)
k.kayttajanimi = lomake.kayttajanimi.data
k.salasana = lomake.salasana.data
db.session().add(k)
db.session().commit()
return render_template("auth/kirjautuminen.html",
lomake=KirjautumisLomake())
def rename_pokemon(pokeid):
pokeToRename = Collections.query.filter_by(id=pokeid).first()
form = PokeForm()
form.name.data = pokeToRename.name
if request.method == "GET":
return render_template("collections/rename.html",
pokeid=pokeid,
pokemon=pokeToRename,
form=form)
form = PokeForm(request.form)
pokeToRename.name = form.name.data
db.session().commit()
return redirect(url_for("all_collections"))
def auth_adminregister():
if request.method == "GET":
return render_template("auth/infoform.html",
form=RegisterForm(),
num=0)
if request.method == "POST":
form = RegisterForm(request.form)
if not form.validate():
return render_template("auth/infoform.html", form=form, num=0)
new = User(form.name.data, form.username.data, form.password.data,
form.address.data, form.phone.data, False)
db.session().add(new)
db.session().commit()
return redirect(url_for("auth_index"))
def posts_create():
content = request.get_json(silent=True)
print("\nTrying to create post: ", content["title"])
current_user = get_jwt_identity()
print("Current user: "******"id"]
print("Current user id: ", user_id)
post_title = content["title"].strip()
post_text = content["text"]
if not post_title or not post_text:
return jsonify({"error":
"Post title and text must not be empty."}), 400
if len(post_title) < 3 or len(post_title) > 256:
return jsonify({
"error":
"Post title must be 3 or more characters and less than or equal to 256 characters."
}), 400
if len(post_text.strip()) < 1 or len(post_text) > 4096:
return jsonify({
"error":
"Post text must be 1 or more characters and less than or equal to 4096 characters."
}), 400
post = Post(post_title, post_text, 0, 0)
post.user_id = user_id
print("Set post user id")
db.session().add(post)
db.session().commit()
post_vote(post, current_user, True)
return jsonify(post_schema.dump(post).data), 201
def account_create():
form = NewAccountForm(request.form)
departments = Dept.query.all()
form.departments.choices = [(department.departmentID, department.name)
for department in departments]
# This is needed to validate the form correctly
value = dict(form.departments.choices).get(form.departments.data)
# Check if user is in the list of existing user and prevent creation
users = User.query.all()
existing_usersIDs = [user.userID for user in users]
if form.username.data in existing_usersIDs:
return render_template("auth/new.html",
form=form,
id_error="User already exists")
if not form.validate():
return render_template("auth/new.html", form=form)
if form.admin.data == False:
form.admin.data = 0
else:
form.admin.data = 1
user = User(form.username.data, form.firstname.data, form.lastname.data,
sha256_crypt.hash(form.password.data), form.departments.data,
form.admin.data)
if not current_user.is_authenticated:
user.inactive = 1
return_url = "index"
else:
user.inactive = 0
return_url = "accounts_index"
db.session().add(user)
db.session().commit()
# Pass inactive users to the management badge
# This is currently causing trouble in heroku and not yet fully functional locally either
app.jinja_env.globals.update(inactive_users=User.countInactives())
return redirect(url_for(return_url))
def edit_movie_tip(tip_id):
tip_to_edit = Tip.query.get_or_404(tip_id)
form = AddMovieForm(formdata=request.form, obj=tip_to_edit)
if form.validate_on_submit():
tip_to_edit.comment = form.comment.data
tip_to_edit.related_courses = form.related_courses.data
tip_to_edit.tags = form.tags.data
tip_to_edit.title = form.title.data
tip_to_edit.publication_year = form.publication_year.data
tip_to_edit.director = form.director.data
tip_to_edit.lengthInSeconds = form.lengthInSeconds.data
db.session().commit()
return redirect(url_for("get_tips"))
return render_template("edit_movie.html", form=form)
def account_create():
form = RegisterForm(request.form)
if not form.validate():
return render_template("auth/registerform.html", form=form)
if User.query.filter_by(username=form.username.data).first():
form.username.errors.append("Username is already in use")
return render_template("auth/registerform.html", form=form)
user = User(
request.form.get("username"),
bcrypt.generate_password_hash(form.password.data).decode('utf-8'),
request.form.get("email"))
db.session().add(user)
db.session().commit()
return render_template("auth/loginform.html", form=LoginForm())
def auth_delete(account_id):
if current_user.id == account_id or current_user.is_admin:
u = User.query.get(account_id)
offers = Offer.query.filter(Offer.account_id == account_id)
for offer in offers:
db.session().delete(offer)
db.session().commit()
if current_user.id == u.id:
db.session().delete(u)
db.session().commit()
return redirect(url_for("index"))
def person_edit(user_id):
alert = {}
form = AliasForm()
if request.method == "POST":
form = AliasForm(request.form)
if form.validate():
name = Name(form.name.data, user_id)
db.session().add(name)
db.session().commit()
# empty form
form = AliasForm(formdata=None)
alert = {"type": "success", "text": "New alias added!"}
prsn = User.query.get(int(user_id))
if not prsn:
return redirect(url_for("error404"))
username = prsn.username
name = prsn.name
names = list(
map(lambda name: {
"name": name.name,
"id": name.id
}, prsn.names))
person = {
"id": user_id,
"name": name,
"username": username,
"names": names
}
return render_template("/people/edit.html",
person=person,
form=form,
alert=alert)
def user_register():
if request.method == 'GET':
return render_template('auth/register.html', form=RegisterForm())
form = RegisterForm(request.form)
if not form.validate():
return render_template('auth/register.html', form=form)
name = form.name.data
username = form.username.data
password = form.password.data
user = User(name, username, password)
db.session().add(user)
db.session().commit()
return render_template('auth/loginform.html', form=LoginForm())
def delete_comment(PostId):
comment = Comment.query.get(request.form.get("comment_to_delete"))
if not current_user.id == comment.account.id:
if not current_user.role == 'Admin':
p = Post.query.get(PostId)
return render_template(
"comments/comments.html",
PostName=p.postName,
Comments=p.comments,
PostID=p.id,
form=CommentForm(),
error="You are trying to remove a comment you did not make!")
db.session().delete(comment)
db.session().commit()
return redirect(url_for("show_comments", PostId=PostId))
def mod_topics(id):
form = TopicForm(request.form)
descr = form.desc.data.lower().rstrip()
t = Topics.query.get(id)
prior_topic = Topics.query.filter_by(desc=form.desc.data.lower().rstrip()).first()
same = (t == prior_topic)
if len(descr) == 0:
return redirect(url_for("topics_index"))
elif not form.validate():
return render_template("topics/edit.html", topics = Topics.query.get(id), error = "Topic description should be between 3 and 30 char")
elif len(form.desc.data.strip()) < 3:
return render_template("topics/edit.html", topics = Topics.query.get(id), error = "Blanks don't count!")
elif prior_topic and not same:
return render_template("topics/edit.html", topics = Topics.query.get(id), error = "Such topic description already exists")
else:
t.desc = descr
db.session().commit()
flash("Topic {} was modified".format(t.desc))
return redirect(url_for("topics_index"))
def set_portfolio_balance(p, transactions):
BTC = 0
ETH = 0
LINK = 0
XRP = 0
for transaction in transactions:
if transaction.currency == "BTC":
BTC = BTC + transaction.amount
if transaction.currency == "ETH":
ETH = ETH + transaction.amount
if transaction.currency == "XRP":
XRP = XRP + transaction.amount
if transaction.currency == "LINK":
LINK = LINK + transaction.amount
p.btc_amount = int(BTC)
p.eth_amount = int(ETH)
p.xrp_amount = int(XRP)
p.link_amount = int(LINK)
db.session().commit()
def units_create():
form = UnitForm(request.form)
if not form.validate():
return render_template("units/new.html", form=form)
u = Unit(form.name.data, form.classGP.data, form.level.data, form.hp.data,
form.strength.data, form.magic.data, form.skill.data,
form.speed.data, form.luck.data, form.defense.data,
form.resistance.data, form.movement.data, form.hpGrowth.data,
form.strengthGrowth.data, form.magicGrowth.data,
form.skillGrowth.data, form.speedGrowth.data,
form.luckGrowth.data, form.defenseGrowth.data,
form.resistanceGrowth.data)
db.session().add(u)
db.session().commit()
return redirect(url_for("units_index"))
def viestit_luo():
form = ViestiLomake(request.form)
# choises asetettava uudelleen koska niitä ole asetettu lomakkeessa
# tehtävä jo tässä koska automaattinen validointi tarvitsee niitä
form.aiheet.choices = [(aihe.id, aihe.aihe) for aihe in Aihe.query.all()]
if not form.validate():
return render_template("viestit/uusi.html", form=form)
aiheet = Aihe.query.filter(Aihe.id.in_(form.aiheet.data)).all()
viesti = Viesti(form.otsikko.data, form.teksti.data, aiheet,
form.vastattava_viesti.data, current_user.id)
viesti.lukeneet.append(current_user)
db.session().add(viesti)
db.session().commit()
return redirect(url_for("viestit_index"))
def user_delete(user_id):
user = User.query.get(user_id)
if user.username != current_user.username:
user.appointments.clear()
db.session().add(user)
db.session().commit()
db.session().delete(user)
db.session().commit()
return redirect(url_for("users_index"))
def questionnaire_save():
form = QuestionnaireForm(request.form)
kysymys_id = request.form.get("kysymys_id", type=int)
if not form.validate():
return render_template("answers/questionnaire.html",
form=form,
kysymykset=Question.query.all())
a = Answer(form.vastaus.data)
a.kysymys_id = kysymys_id
db.session().add(a)
db.session().commit()
return render_template("answers/questionnaire.html",
form=form,
kysymykset=Question.query.all())
def team_send_comment(teamid):
count = Comment.count_comments_of_team(teamid)
form = CreateCommentForm(request.form)
if not form.validate():
return render_template("team/teampage.html",
team=Team.query.get(teamid),
form=form,
users=User.list_by_score(team_id=teamid),
user=User.query.get(current_user.get_id()),
comments=Comment.list_team_comments(teamid, 1),
count=count,
page=1)
text = form.text.data
comment = Comment(teamid, current_user.get_id(), text)
db.session().add(comment)
db.session().commit()
return redirect(
url_for("team_page",
teamid=User.query.get(current_user.get_id()).team_id))
def remove_sign_up(sign_up_id):
sign_up = Sign_up.query.get(sign_up_id)
league = League.get_one_league(sign_up.league_id)
if request.method == "GET":
return render_template("/sign_ups/removesignupconfirmation.html",
sign_up=sign_up,
league=league)
db.session().delete(sign_up)
db.session().commit()
stmt = text(
"DELETE FROM Event WHERE Event.league_id =:league_id AND Event.account_id =:account_id"
).params(league_id=league.id, account_id=current_user.id)
db.engine.execute(stmt)
return redirect(url_for("list_sign_ups"))
def naturesite_change_description(naturesite_id):
n = NatureSite.query.get(naturesite_id)
if not n:
return render_template("error.html", message = "ERROR! Nature site not found")
if n.account_id != current_user.id:
return login_manager.unauthorized()
form = NatureSiteEditForm(request.form)
if not form.validate():
return render_template("naturesites/edit.html", form = form, naturesite = n)
n.description = form.description.data
db.session().commit()
return redirect(url_for("naturesite_show", naturesite_id = naturesite_id))