def category(category_id): try: # Fetch the data from database category = act.category(id=category_id) return render_template( "category.html", category=category, items=act.items(For="category", pointer=category_id), ) except BaseException: return redirect(url_for("notFound"))
def profileNested(pointer): try: # Fetch the data from database user = act.user(pointer=pointer) return render_template( "profile.html", categories=act.categories(user_id=user.id), items=act.items(For="user", pointer=user.id), user=user, ) except BaseException: return redirect(url_for("notFound"))
def api_v1_items(): item_id = request.args.get("id", "") view_type = request.args.get("view", "") if view_type == "full": view_properity = "serialize" else: view_properity = "mini_serialize" if item_id: try: item = act.item(id=item_id) return jsonify(getattr(item, view_properity)) except BaseException: return jsonify(error="NOT FOUND"), 404 else: item_owner = request.args.get("for", "all") if item_owner == "all": return jsonify(all_items=[ getattr(item, view_properity) for item in act.all_items() ]) elif item_owner == "me": return jsonify(my_items=[ getattr(item, view_properity) for item in act.items(For="user", pointer=g.USER.id) ]) else: try: items = act.items(For="user", pointer=item_owner) return jsonify(user_items=[ getattr(item, view_properity) for item in items ]) except BaseException: return jsonify(error="NOT FOUND"), 404
def deleteCategory(category_id): try: # Fetch the data from database category = act.category(id=category_id) # Check the authority of the logged-in user if category.user_id == g.USER.id: if request.method == "GET": TYPE = "category" return render_template("delete.html", TYPE=TYPE, object=category) elif request.method == "POST": # Make delete action on database and check if passed correctly if act.delete_category(category=category) and act.delete_items( items=act.items(For="category", pointer=category_id)): flash( Markup("The category and its items " "have been deleted successfully. " 'Go to your <a href="/me">profile</a>.')) else: flash(Markup("An error occurred during deletion.")) # Check if the next redirect # is not related to the deleted category # and redirect to the user profile if (request.args.get("next", "") == url_for( "category", category_id=category_id) or request.args.get("next", "") == url_for( "editCategory", category_id=category_id) or request.args.get("next", "") == url_for( "deleteCategory", category_id=category_id)): return redirect(url_for("me")) return redirect(request.args.get("next", "")) except BaseException: pass return redirect(url_for("notFound"))
def profile(username): try: try: # Check that it's not a user id # to make sure it's only allowed # to pass usernames after the root directory int(username) return redirect(url_for("notFound")) except BaseException: # Fetch the data from database user = act.user(pointer=username) return render_template( "profile.html", categories=act.categories(user_id=user.id), items=act.items(For="user", pointer=user.id), user=user, ) except BaseException: return redirect(url_for("notFound"))
def api_v1_category(): category_id = request.args.get("id", "") colors_ids = [str(color.id) for color in act.all_colors()] if request.method == "POST": colors_id = request.form.get("colors") if colors_id not in colors_ids: return jsonify(error="An error occurred adding the category"), 404 if act.add_category( user_id=g.USER.id, name=request.form.get("name", ""), colors_id=colors_id, ): return jsonify("The category has been added successfully") else: return jsonify(error="An error occurred adding the category"), 404 else: try: category = act.category(id=category_id) if request.method == "PUT": colors_id = request.form.get("colors") if colors_id not in colors_ids: return ( jsonify(error="An error occurred adding the category"), 404, ) if category.user_id == g.USER.id: if act.edit_category( category=category, name=request.form.get("name", ""), colors_id=colors_id, ): return jsonify( "The category has been edited successfully") else: return ( jsonify( error="An error occurred editing the category" ), 404, ) else: return ( jsonify( error="You are not allowed to modify this category" ), 404, ) elif request.method == "DELETE": if category.user_id == g.USER.id: if act.delete_category( category=category) and act.delete_items( items=act.items(For="category", pointer=category_id)): return jsonify("The category and its items " "have been deleted successfully") else: return ( jsonify( error="An error occurred deleting the category" ), 404, ) else: return ( jsonify( error="You are not allowed to delete this category" ), 404, ) except BaseException: return jsonify(error="NOT FOUND"), 404