Ejemplo n.º 1
0
def delete_image(album_id, image_id):
    """Page for deleting image from album."""

    item = session.query(Image).filter_by(id=image_id).one()

    # protect page from unauthorized people using url to directly access:
    if login_session['user_id'] != item.user_id:
        return alert_script("delete this image")

    album = session.query(Album).filter_by(id=album_id).one()

    if request.method == 'POST':

        # delete image, if exits:
        if item.file_name:
            os.remove(os.path.join(
                app.config['UPLOAD_FOLDER'], str(album_id), item.file_name))

        # try committing changes:
        if not commit_changes(item, 'delete'):
            return redirect(url_for('show_albums'))

        # flash message:
        flash("Image successfully deleted")

        return redirect(url_for('show_images', album_id=album_id))
    else:
        return render_template('deleteImage.html', album=album, item=item, title='Delete Image')
Ejemplo n.º 2
0
def delete_album(album_id):
    """Page for deleting an album."""

    album = session.query(Album).filter_by(id=album_id).one()

    # protect page from unauthorized people using url to directly access:
    if login_session['user_id'] != album.user_id:
        return alert_script("delete this album")

    if request.method == 'POST':

        # we want to delete all items recursively when we delete an album:
        album_images = session.query(Image).filter_by(album_id=album_id).all()
        for x in album_images:
            session.delete(x)

        # try committing changes:
        if not commit_changes(album, 'delete'):
            return redirect(url_for('show_albums'))

        # delete media folder:
        shutil.rmtree(album.file_path)

        # flash message:
        flash("Album successfully deleted")

        return redirect(url_for('show_albums'))
    else:
        return render_template('deleteAlbum.html', album=album, title='Delete Album')
Ejemplo n.º 3
0
def show_images(album_id):
    """Page that shows all images in the album."""

    album = session.query(Album).filter_by(id=album_id).one()
    images = session.query(Image).filter_by(album_id=album_id).all()

    # check to see if images belong to creator of the images:
    creator = get_user_info(album.user_id)

    # if user is creator, render the page where he has add/delete/edit options:
    if 'username' not in login_session or \
            (creator.id != login_session['user_id']):
        return render_template('publicImages.html', album=album, images=images, title='Public Images')
    else:
        return render_template('images.html', album=album, images=images, title='Images')
Ejemplo n.º 4
0
def edit_image(album_id, image_id):
    """Page for editing image's name and description."""

    item = session.query(Image).filter_by(id=image_id).one()

    # protect page from unauthorized people using url to directly access:
    if login_session['user_id'] != item.user_id:
        return alert_script("edit this image")

    if request.method == 'POST':

        # make changes to items:
        item.name        = request.form['itemName']
        item.description = request.form['itemText']

        # try committing changes:
        if not commit_changes(item, 'add'):
            return redirect(url_for('show_albums'))

        # flash message:
        flash("Image successfully edited")

        return redirect(url_for('show_images', album_id=album_id))
    else:
        return render_template('editImage.html', album_id=album_id, item=item, title='Edit Image')
Ejemplo n.º 5
0
def get_user_id(email):
    """Returns user_id given email address."""

    try:
        user = session.query(User).filter_by(email=email).first()
        return user.id
    except AttributeError:
        return None
Ejemplo n.º 6
0
def image_items_xml(album_id, image_id):
    """List image info for given image as XML."""

    item = session.query(Image).filter_by(id=image_id).all()
    data = [x.serialize for x in item]
    template = render_template("xmlEndpoint.xml", data=data, wrap="image")
    response_ = make_response(template)
    response_.headers['Content-Type'] = 'application/xml'
    return response_
Ejemplo n.º 7
0
def albums_xml():
    """List all albums as XML."""

    albums = session.query(Album).all()
    data = [x.serialize for x in albums]
    template = render_template("xmlEndpoint.xml", data=data, wrap="all_albums")
    response_ = make_response(template)
    response_.headers['Content-Type'] = 'application/xml'
    return response_
Ejemplo n.º 8
0
def show_albums():
    """The main/home page where user sees all created albums."""

    albums = session.query(Album).all()

    # if logged in, render the page where user has add/delete/edit options:
    if 'username' not in login_session:
        return render_template('publicAlbums.html', albums=albums, title='Public Albums')
    else:
        return render_template('albums.html', albums=albums, title='Albums')
Ejemplo n.º 9
0
def create_user(login_session):
    """Uses login_session to add user to database."""

    new_user = User(name    =login_session['username'],
                    email   =login_session['email'],
                    picture =login_session['picture'])
    session.add(new_user)
    session.commit()

    user = session.query(User).filter_by(email=login_session['email']).one()
    return user.id
Ejemplo n.º 10
0
def edit_album(album_id):
    """Page for editing album name."""

    album = session.query(Album).filter_by(id=album_id).one()

    # protect page from unauthorized people using url to directly access:
    if login_session['user_id'] != album.user_id:
        return alert_script("edit this album")

    if request.method == 'POST':
        if request.form['name']:
            album.name = request.form['name']
            # flash message:
            flash("Album successfully edited")
            return redirect(url_for('show_albums'))
    else:
        return render_template('editAlbum.html', album=album, title='Edit Album')
Ejemplo n.º 11
0
def new_image(album_id):
    """Page for adding image to album."""

    album = session.query(Album).filter_by(id=album_id).one()

    # protect page from unauthorized people using url to directly access:
    if login_session['user_id'] != album.user_id:
        return alert_script("create a new image")

    if request.method == 'POST':

        # for handling image upload:
        file_ = request.files['file_']
        # check if a file was uploaded and filename is valid:
        if file_ and allowed_file(file_.filename):
            file_name = secure_filename(file_.filename)
            file_path = album.file_path + "/" + file_name
            file_.save(file_path)

        else:
            flash("Please select a valid file to upload")
            return redirect(url_for('show_images', album_id=album_id))

        # create Image object with all fields [name, description, file_name]
        item = Image(name         =request.form['itemName'],
                     description  =request.form['itemText'],
                     file_name    =file_name,
                     album_id     =album_id,
                     user_id      =album.user_id
                     )
        # try committing changes:
        if not commit_changes(item, 'add'):
            return redirect(url_for('show_albums'))

        # flash message:
        flash("New image successfully created: %s" % item.file_name)

        return redirect(url_for('show_images', album_id=album_id))
    else:
        return render_template('newImage.html', album=album, title='New Image')
Ejemplo n.º 12
0
def get_user_info(user_id):
    """Returns User object given user_id."""

    user_object = session.query(User).filter_by(id=user_id).first()
    return user_object
Ejemplo n.º 13
0
def image_items_json(album_id, image_id):
    """List image info for given image as JSON."""

    item = session.query(Image).filter_by(id=image_id).all()
    return jsonify(ImageItem=[x.serialize for x in item])
Ejemplo n.º 14
0
def images_json(album_id):
    """List images for given album as JSON."""

    items = session.query(Image).filter_by(album_id=album_id).all()
    return jsonify(Images=[x.serialize for x in items])
Ejemplo n.º 15
0
def albums_json():
    """List all albums as JSON."""

    albums = session.query(Album).all()
    return jsonify(Albums=[x.serialize for x in albums])