def editItem(item_id):
# filter for the passed in item_id
editedItem = db_session.query(CatalogItem).filter_by(id=item_id).one()
creator = getUserInfo(editedItem.user_id)
if creator.id != login_session['user_id']:
flash('You must be the owner to edit')
return redirect(url_for('showCategories'))
form = editItemForm()
# couldn't seem to set this in the template
form.categories.data = editedItem.category_id
form.description.data = editedItem.description
# validate_on_submit checks that the request is POST and that all validators
# are True
if form.validate_on_submit():
filename = images.save(request.files['item_image'])
url = images.url(filename)
editedItem.name = form.name.data
editedItem.category_id = form.categories.data
editedItem.description = form.description.data
editedItem.image_filename = filename
editedItem.image_url = url
db_session.commit()
flash('Item successfully edited')
return redirect(url_for('showCategories'))
return render_template('editItem.html', form=form, item=editedItem)
def showItem(item_id):
# filter down to the item_id passed in
item = db_session.query(CatalogItem).filter_by(id=item_id).one()
creator = getUserInfo(item.user_id)
category = db_session.query(Category).filter_by(id=item.category_id).one()
return render_template('showItem.html',
item=item,
category=category,
creator=creator)
def deleteItem(item_id):
# filter for the passed in item_id
deletedItem = db_session.query(CatalogItem).filter_by(id=item_id).one()
creator = getUserInfo(deletedItem.user_id)
if creator.id != login_session['user_id']:
flash('You must be the owner to delete')
return redirect(url_for('showCategories'))
form = deleteItemForm()
# validate_on_submit checks that the request is POST and that all validators
# are True
if form.validate_on_submit():
db_session.delete(deletedItem)
db_session.commit()
flash('Item successfully deleted')
return redirect(url_for('showCategories'))
return render_template('deleteItem.html', form=form, item=deletedItem)
def deleteCategory(category_id):
# filter for the passed in category_id
deletedCategory = db_session.query(Category).filter_by(
id=category_id).one()
creator = getUserInfo(deletedCategory.user_id)
if creator.id != login_session['user_id']:
flash('You must be the owner to delete')
return redirect(url_for('showCategories'))
form = deleteCategoryForm()
if form.validate_on_submit():
db_session.delete(deletedCategory)
db_session.commit()
flash('Category %s successfully deleted' % deletedCategory.name)
return redirect(url_for('showCategories'))
return render_template('deleteCategory.html',
form=form,
category=deletedCategory)
def editCategory(category_id):
# filter for the passed in category_id
editedCategory = db_session.query(Category).filter_by(id=category_id).one()
creator = getUserInfo(editedCategory.user_id)
if creator.id != login_session['user_id']:
flash('You must be the owner to edit')
return redirect(url_for('showCategories'))
form = editCategoryForm()
# validate_on_submit checks that the request is POST and that all validators
# are True
if form.validate_on_submit():
editedCategory.name = form.name.data
db_session.commit()
flash('Category successfully edited')
return redirect(url_for('showCategories'))
return render_template('editCategory.html',
form=form,
category=editedCategory)