def buy_post(user):
statusMessage = ''
# Gets the information needed from the form to create the Ticket object.
email = session['logged_in']
quantity = request.form.get('buy-quantity')
name = request.form.get('buy-name')
if (checkTicketExists(name)):
if not(checkTicketName(name)):
statusMessage = "Error: The name has to alphanumeric, have no spaces in the beginning or end and be between 6 and 60 characters."
elif not(checkQuantity(quantity)):
statusMessage = "Error: The quantity of the tickets has to be between 1 and 100."
elif not(bn.isEnoughTickets(name, quantity)):
statusMessage = "Error: The specified quantity of tickets not available."
elif not (hasEnoughBalance(user, name, quantity)):
statusMessage = "Error: Your balance is too low!"
if statusMessage != '':
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets, buyMessage=statusMessage)
else:
# evaulates which ticket you want to "buy" and deletes it from the database.
bn.buy_ticket(name, quantity)
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets, buyMessage='Purchase successful')
else:
statusMessage = "Ticket does not exist."
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets, buyMessage=statusMessage)
def sell_ticket():
email = session['logged_in']
user = bn.get_user(email)
ticket_name = request.form.get('name_sell')
ticket_quantity = int(request.form.get('quantity_sell'))
ticket_price = int(request.form.get('price_sell'))
ticket_date = request.form.get('expdate_sell')
error_message = ""
error_list = []
# validate ticket name
error_list.append(validate_ticket_name(ticket_name, error_message))
# validate ticket quantity
error_list.append(validate_ticket_quantity(ticket_quantity, error_message))
# validate ticket price
error_list.append(validate_ticket_price(ticket_price, error_message))
# validate ticket date
error_list.append(validate_ticket_date(ticket_date, error_message))
# For any errors, redirect back to / and show an error message
tickets = bn.get_all_tickets()
if error_list[0] != "":
return render_template('index.html',
user=user,
sell_message=error_list[0],
tickets=tickets)
elif error_list[1] != "":
return render_template('index.html',
user=user,
sell_message=error_list[1],
tickets=tickets)
elif error_list[2] != "":
return render_template('index.html',
user=user,
sell_message=error_list[2],
tickets=tickets)
elif error_list[3] != "":
return render_template('index.html',
user=user,
sell_message=error_list[3],
tickets=tickets)
# The added new ticket information will be posted on the user profile page
else:
try:
bn.sell_ticket(user, ticket_name, ticket_quantity, ticket_price,
ticket_date)
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets)
except exc.IntegrityError:
bn.rollback(
) # need to roll the database back before uniquness error
return render_template(
'index.html',
user=user,
sell_message="This ticket name already exists",
tickets=tickets)
def profile(user):
# authentication is done in the wrapper function
# see above.
# by using @authenticate, we don't need to re-write
# the login checking code all the time for other
# front-end portals
# Get all tickets' info from backend.
tickets = bn.get_all_tickets()
all_name = []
all_price = []
all_quantity = []
all_email = []
# Add all information to corresponding collumn.
for ticket in tickets:
all_name.append(ticket.name)
all_price.append(ticket.price)
all_quantity.append(ticket.quantity)
all_email.append(ticket.owner_email)
# Pass all information to the HTML page.
return render_template('index.html',
user=user,
names=all_name,
prices=all_price,
quantities=all_quantity,
emails=all_email)
def profile(user):
# authentication is done in the wrapper function
# see above
# by using @authenticate, we don't need to re-write
# the login checking code all the time for other
# front-end portals
tickets = bn.get_all_tickets()
s = request.args.get('sMessage')
if s == None:
s = ''
b = request.args.get('bMessage')
if b == None:
b = ''
u = request.args.get('uMessage')
if u == None:
u = ''
return render_template('index.html',
user=user,
tickets=tickets,
sMessage=s,
bMessage=b,
uMessage=u)
def sell():
"""
Route to sell a new ticket.
This route will validate the ticket form, if valid it will use a backend function
to commit to the database
"""
if 'logged_in' not in session:
return redirect('/login')
name = request.form.get('name')
quantity = request.form.get('quantity')
price = request.form.get('price')
date = request.form.get('date')
error_message = check_ticket_form(name, quantity, price, date)
tickets = bn.get_all_tickets()
user = bn.get_user(session['logged_in'])
if error_message:
return render_template('index.html',
sell_message=error_message,
tickets=tickets,
user=user)
bn.create_ticket(name, quantity, price, date, user.email)
return redirect('/', code=303)
def buy():
"""
Route to buy a ticket.
This route will validate the ticket form, if valid it will update the database
through a backend function
"""
if 'logged_in' not in session:
return redirect('/login')
email = session['logged_in']
# Get user information
user = bn.get_user(email)
# Sets the error message to blank initially
error_message = ""
# Get information from the form
name = request.form.get('name')
quantity = request.form.get('quantity')
# Get all tickets to pass to backend function
tickets = bn.get_all_tickets()
error_message = check_ticket_form(name, quantity)
if not error_message:
if bn.buy_ticket(name, user, int(quantity)):
message = "Tickets bought succesfully"
else:
error_message = "Ticket could not be bought"
# Checks if there is an error, and if there is set the error message
if len(error_message) > 0:
session['error'] = error_message
message = session["error"]
del session["error"]
return render_template('index.html',
buy_message=message,
user=user,
tickets=tickets)
def sell_get():
#returning a user object of the current session to get the current users email.
email = session['logged_in']
#storing the returned user in a variable
user = bn.get_user(email)
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets)
def update_post(user):
statusMessage = ''
email = session['logged_in']
quantity_old = request.form.get('quantity-old')
name_old = request.form.get('name-old')
price_old = request.form.get('price-old')
expiration_date_old = request.form.get('expiration-date-old')
# New update changes.
quantity_new = request.form.get('quantity-new')
name_new = request.form.get('name-new')
price_new = request.form.get('price-new')
expiration_date_new = request.form.get('expiration-date-new')
# Checking validity of the 'new' parameters.
if not(checkTicketName(name_new)):
statusMessage = "Error: The updated name has to alphanumeric, have no spaces in the begining or end and be between 6 and 60 characters."
elif not(checkQuantity(quantity_new)):
statusMessage = "Error: The updated quantity of tickets needs to be between 1 and 100."
elif not(checkPrice(price_new)):
statusMessage = "Error: The updated price needs to be between $10 and $100."
elif not(checkDateFormat(expiration_date_new)):
statusMessage = "Error: The updated exipiration date needs to be follow the 'YYYYMMDD' format."
elif not(checkExpire(expiration_date_new)):
statusMessage = "Error: The updated exipiration date cannot be expired."
elif not(bn.verify_ticket(quantity_old, name_old, price_old, expiration_date_old, email)):
statusMessage = "Error: The entered ticket either does not exist or was entered incorrectly, please try again."
if statusMessage != '':
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets, updateMessage=statusMessage)
else:
# deletes old ticket(s).
bn.delete_ticket(quantity_old, name_old, price_old,
expiration_date_old, email)
# submits new ticket(s) to the database.
bn.sell_ticket(quantity_new, name_new, email,
price_new, expiration_date_new)
# updates the ticket list.
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets, updateMessage='Listing update successful')
def profile(user):
# authentication is done in the wrapper function
# see above.
# by using @authenticate, we don't need to re-write
# the login checking code all the time for other
# front-end portals
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets)
def sell_post(user):
name = request.form.get('tname')
quantity = request.form.get('tquantity')
price = request.form.get('tprice')
expiration = request.form.get('expiration')
error_message = None
#checks if the expirationdate is in the correct format, assigns checkDate
#to None if it is not
try:
checkDate = datetime.datetime.strptime(expiration, '%Y%m%d')
except:
checkDate = None
#each character of the ticketname has to be alphanumeric or a space
if not all(chr.isalnum() or chr.isspace() for chr in name):
error_message = "name not alphanumeric"
#verifies that checkDate is not equal to None
elif checkDate == None:
error_message = "Incorrect expiration date format"
#ticketname cannot have spaces at start or end
elif name.startswith(" ") or name.endswith(" "):
error_message = "space at start/end"
#verifies that the ticketname is between 6 and 60 characters
elif len(name) < 6 or len(name) > 60:
error_message = "ticketname too short or too long"
#verifies that the quantity is more than 0 and less than/equal to 100.
elif not quantity.isdigit() or int(quantity) <= 0 or int(quantity) > 100:
error_message = "quantity not between 1 and 100 (inclusive)"
#verifies that the price has to be of range [10,100]
elif not price.isdigit() or int(price) < 10 or int(price) > 100:
error_message = "price not in range"
if error_message:
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, message=error_message, tickets=tickets)
else:
bn.add_ticket(name,quantity,price,expiration)
#return redirect('/')
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets)
def profile(user):
# authentication is done in the wrapper function
# see above.
# by using @authenticate, we don't need to re-write
# the login checking code all the time for other
# front-end portals
# The authentication functionality above satisfies R3.1
# Get all tickets from backend
tickets = bn.get_all_tickets()
# We need to filter out expired tickets as per R3.5.2-3.5.3
valid_tickets = list(filter(lambda x: x.expiry >= date.today(), tickets))
return render_template('index.html', user=user, tickets=valid_tickets)
def update_post():
name = request.form.get('tname')
quantity = request.form.get('tquantity')
price = request.form.get('price')
expiration = request.form.get('expiration')
email = session['logged_in']
user = bn.get_user(email)
ticket = bn.get_ticket(name)
error_message = None
#checks if the expiration date is in the correct format, assigns checkDate
#to None if it is not
try:
checkDate = datetime.datetime.strptime(expiration, '%Y%m%d')
except:
checkDate = None
#verifies that checkDate is not equal to None
if checkDate == None:
error_message = "Incorrect expiration date format"
#redirects for any errors
# elif error_message:
#return render_template('/', message=error_message)
#error_message = None
#Validating information submitted in update form
#Name of ticket has to be alphanumeric only
elif not all(chr.isalnum() or chr.isspace() for chr in name):
error_message = "name not alphanumeric"
#Name must have no spaces at the beginning or end
elif name.startswith(" ") or name.endswith(" "):
error_message = "The ticket name can't begin or end with a space."
#Name of the ticket can't be longer than 60 characters
elif len(name) > 60:
error_message = "The ticket name can't be longer than 60 characters."
#Quantity has to be more than zero, and less than or equal to 100
elif int(quantity) <= 0 or int(quantity) > 100:
error_message = "The ticket quantity must be between 1 and 100 (inclusive)."
#Price has to be in the range 10-100
elif int(price) < 10 or int(price) > 100:
error_message = "The ticket price must be between 10 and 100 (inclusive)."
elif ticket == None:
error_message = "Sorry, this ticket is not available."
if error_message:
tickets = bn.get_all_tickets()
return render_template('index.html', message=error_message, user=user, tickets=tickets)
else:
bn.update_ticket(name,quantity,price,int(expiration))
return redirect('/')
def sell_post(user):
statusMessage = ''
# Gets the information needed from the form to create the Ticket object.
email = session['logged_in']
quantity = request.form.get('sell-quantity')
name = request.form.get('sell-name')
price = request.form.get('sell-price')
date = request.form.get('sell-expiration-date')
# checks validity of the parameters specified requirements for 'sell'.
if not(checkQuantity(quantity)):
statusMessage = "Error: The quantity of the tickets has to be between 1 and 100."
elif not(checkTicketName(name)):
statusMessage = "Error: The name has to alphanumeric, have no spaces in the beginning or end and be between 6 and 60 characters."
elif not(checkDateFormat(date)):
statusMessage = "Error: The date has to be in the format 'YYYYMMDD'."
elif not(checkExpire(date)):
statusMessage = "Error: The date cannot be expired."
elif not(checkPrice(price)):
statusMessage = "Error: The price has to be between $10 and $100."
if statusMessage != '':
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets, sellMessage=statusMessage)
else:
# submits the ticket into the database, which then displays in the available tickets.
bn.sell_ticket(quantity, name, email, price, date)
# updates tickets.
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets, sellMessage='Listing posted successful')
def sell_tickets():
"""
This function is responsible for completing the selling action on tickets, so taking
the inputs from the sell section and converting them to tickets that can be bought
:return: If the forms don't adhere to the required formatting, return with error message,
otherwise return with successfull ticket posting
"""
# Retrieve info from forms
ticket_name = request.form.get('sell_ticket_name')
num_tickets = request.form.get('sell_num_tickets')
ticket_price = request.form.get('sell_ticket_price')
ticket_date = request.form.get('sell_ticket_date')
# Check if the inputs are following correct format
error_message = ticket_info_sanitizer(ticket_name,
num_tickets,
ticket_price=ticket_price,
date=ticket_date)
# Get info on the user
email = session['logged_in']
user = bn.get_user(email)
#Convert datetime into something we can put in db
date = datetime.datetime.strptime(ticket_date, '%Y-%m-%d').date()
if error_message == None:
if not bn.post_tickets(ticket_name, num_tickets, ticket_price, date,
email):
error_message = "Failed to store ticket info."
# get Info on Tickets
tickets = bn.get_all_tickets()
# if there is any error messages when registering new user
# at the backend, go back to the register page.
if error_message:
return render_template('index.html',
user=user,
sell_message=error_message,
tickets=tickets)
return render_template('index.html', user=user, tickets=tickets)
def profile(user):
"""
This function is responsible for generating the main/profile page
with all the needed info
:param user: user object representing the current active user
:return: instructions to render the profile page with
all the required info (balance, name, tickets)
"""
# authentication is done in the wrapper function
# see above.
# by using @authenticate, we don't need to re-write
# the login checking code all the time for other
# front-end portals
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets)
def sell_ticket(user):
ticket_name = request.form.get('name')
ticket_quantity = int(float(request.form.get('quantity')))
ticket_price = float(request.form.get('price'))
ticket_date = request.form.get('exp_date')
error_message = ""
# There must not be a space at beginning or end, and the name mus tbe alphanumeric
if not check_spaces(ticket_name):
return render_template('index.html',
user=user,
message="Invalid spaces found in word")
# Ticket name must be shorter than 60 characters
if len(ticket_name) > 60:
return render_template('index.html',
user=user,
message="Ticket name is too long")
# Ticket quantity must be greater than 0 and less than or equal to 100
if not check_quantity(0, 101, ticket_quantity):
return render_template('index.html',
user=user,
message="Invalid quantity of tickets")
# Ticket price has to be of range [10,100]
if ticket_price > 100 or ticket_price < 10:
return render_template('index.html',
user=user,
message="Ticket price outside of valid range")
# Ticket date must be in valid format - YYYYMMDD
# Assumption: ticket dates will start from today (2020-11-26) and go onwards
if (int(ticket_date[:4]) < 2020 or int(ticket_date[4:6]) < 0
or int(ticket_date[4:6]) > 12 or int(ticket_date[6:]) < 0
or int(ticket_date[4:6]) > 31):
return render_template('index.html',
user=user,
message="Invalid ticket date")
bn.sell_ticket(ticket_name, ticket_quantity, ticket_price, ticket_date,
user.email)
tickets = bn.get_all_tickets()
# Add the ticket to the user's list of tickets.
return render_template('index.html', user=user, ticket=tickets)
def profile(user):
# authentication is done in the wrapper function
# see above.
# by using @authenticate, we don't need to re-write
# the login checking code all the time for other
# front-end portals
welcome_header = 'Hi {}!'.format(user.name)
alltickets = bn.get_all_tickets()
currdate = int(datetime.datetime.now().strftime("%Y%m%d"))
tickets = []
for ticket in alltickets:
if ticket.expiration_date > currdate:
tickets.append(ticket)
return render_template('index.html',
welcome_header=welcome_header,
user=user,
balance=user.balance,
tickets=tickets)
def form_button():
if "Update" in request.form['submit']:
error_message = update_post()
elif "Buy" in request.form['submit']:
error_message = buy_post()
elif "Sell" in request.form['submit']:
error_message = sell_post()
# if there is any error messages
# go back to the index page with the error message.
user = bn.get_user(session['logged_in'])
tickets = bn.get_all_tickets()
if error_message:
return render_template('index.html',
message=error_message,
user=user,
tickets=tickets)
else:
return redirect('/')
def buy_post():
name = request.form.get('tname')
quantity = request.form.get('tquantity')
price = request.form.get('tprice')
error_message = None
#returning a user object of the current session to get the current users email.
email = session['logged_in']
#storing the returned user in a variable
user = bn.get_user(email)
#finalprice = (price*quantity) + 0.35*(price*quantity) + 0.05*(price*quantity)
ticket = bn.get_ticket(name)
#each character of the ticketname has to be alphanumeric or a space
if not all(chr.isalnum() or chr.isspace() for chr in name):
error_message = "name not alphanumeric"
#ticketname cannot have spaces at start or end
elif name.startswith(" ") or name.endswith(" "):
error_message = "space at start/end"
#verifies that the ticketname is between 6 and 60 characters
elif len(name) < 6 or len(name) > 60:
error_message = "username too short or too long"
#verifies that the quantity is more than 0 and less than/equal to 100.
elif int(quantity) <= 0 or int(quantity) > 100:
error_message = "quantity not between 1 and 100 (inclusive)"
#verifies that the ticket exists
elif ticket == None:
error_message = "Sorry, this ticket is not available."
elif ticket.quantity < int(quantity) :
error_message = "There are not enough tickets"
#checks if the user balance is more than the price of the ticket
elif user.balance < ((ticket.price*int(quantity)) + 0.35*(ticket.price*int(quantity)) + 0.05*(ticket.price*int(quantity))):
error_message = "The user does not have enough balance"
if error_message:
#return render_template('/', message=error_message)
tickets = bn.get_all_tickets()
return render_template('index.html', message=error_message, user=user, tickets=tickets)
else:
#bn.ticket_bought(name)
user.balance = user.balance - ((ticket.price*int(quantity)) + 0.35*(ticket.price*int(quantity)) + 0.05*(ticket.price*int(quantity)))
if ticket.quantity == 1:
bn.remove_ticket(name)
else:
bn.update_quantity(name,quantity)
return redirect('/')
def update_tickets():
"""
This function is responsible for completing the update action on tickets, so taking
the inputs from the update section and converting them to updated tickets
:return: If the forms don't adhere to the required formatting, return with error message,
otherwise return with successfull ticket modification
"""
# Retrieve info from forms
ticket_name = request.form.get('update_ticket_name')
num_tickets = request.form.get('update_num_tickets')
ticket_price = request.form.get('update_ticket_price')
ticket_date = request.form.get('update_ticket_date')
error_message = ticket_info_sanitizer(ticket_name,
num_tickets,
ticket_price=ticket_price,
date=ticket_date)
# Find out info on logged in user and tickets
email = session['logged_in']
user = bn.get_user(email)
#Convert datetime into something we can put in db
date = datetime.datetime.strptime(ticket_date, '%Y-%m-%d').date()
if error_message == None:
if not bn.update_ticket(ticket_name, num_tickets, ticket_price, date):
error_message = "No such Ticket with that name."
# get Info on Tickets
tickets = bn.get_all_tickets()
# if there is any error messages when updating ticket info
# at the backend, go back to the register page.
if error_message:
return render_template('index.html',
user=user,
update_message=error_message,
tickets=tickets)
return render_template('index.html', user=user, tickets=tickets)
def buy_post(user):
buy_name = request.form.get('buy_name')
qty = request.form.get('buy_qty')
error_list = []
error_list = bn.buy_ticket(buy_name, qty, user)
tickets = bn.get_all_tickets()
if len(error_list) > 0:
return render_template('index.html',
user=user,
tickets=tickets,
balance=user.balance,
message=error_list[0])
else:
return render_template('index.html',
user=user,
tickets=tickets,
balance=user.balance,
message='Ticket Purchased')
def sell_post(user):
sell_name = request.form.get('sell_name')
qty = request.form.get('sell_qty')
price = request.form.get('sell_price')
date = request.form.get('sell_date')
error_list = []
error_list = bn.sell_ticket(sell_name, qty, price, date)
tickets = bn.get_all_tickets()
if len(error_list) > 0:
return render_template('index.html',
user=user,
tickets=tickets,
balance=user.balance,
message=error_list[0])
else:
return render_template('index.html',
user=user,
tickets=tickets,
balance=user.balance,
message='Ticket Posted for Sale')
def update():
"""
Route to update a ticket.
This route will validate the ticket form, if valid it will update the ticket on the database
through a backend function
"""
if 'logged_in' not in session:
return redirect('/login')
# Grab necessary information from update form
user = bn.get_user(session['logged_in'])
tickets = bn.get_all_tickets()
name = request.form.get('name')
quantity = request.form.get('quantity')
price = request.form.get('price')
date = request.form.get('date')
error_message = check_ticket_form(name, quantity, price, date)
if error_message:
return render_template('index.html',
update_message=error_message,
user=user,
tickets=tickets)
# Check if ticket exists in database
ticket = bn.get_ticket(name)
if ticket is None:
return render_template('index.html',
update_message='Ticket does not exist',
user=user,
tickets=tickets)
# Update tickets to database
bn.update_ticket(name, quantity, price, date)
return render_template('index.html',
update_message='Successfully updated tickets',
user=user,
tickets=tickets)
def profile(user):
# authentication is done in the wrapper function
# see above.
# by using @authenticate, we don't need to re-write
# the login checking code all the time for other
# front-end portals
sellErrorMessage = ""
if "sellErrorMessage" in request.args:
sellErrorMessage = request.args["sellErrorMessage"]
buyErrorMessage = ""
if "buyErrorMessage" in request.args:
buyErrorMessage = request.args["buyErrorMessage"]
updateErrorMessage = ""
if "updateErrorMessage" in request.args:
updateErrorMessage = request.args["updateErrorMessage"]
tickets = bn.get_all_tickets()
return render_template('index.html',
user=user,
tickets=tickets,
sellErrorMessage=sellErrorMessage,
buyErrorMessage=buyErrorMessage,
updateErrorMessage=updateErrorMessage)
def update_post(user):
"""
"""
orig_name = request.form.get('orig_name')
update_name = request.form.get('update_name')
qty = request.form.get('update_qty')
price = request.form.get('update_price')
date = request.form.get('update_date')
error_list = []
error_list = bn.update_ticket(orig_name, update_name, qty, price, date)
tickets = bn.get_all_tickets()
if len(error_list) > 0:
return render_template('index.html',
user=user,
tickets=tickets,
balance=user.balance,
message=error_list[0])
else:
return render_template('index.html',
user=user,
tickets=tickets,
balance=user.balance,
message='Ticket Updated')
def sell_post():
email = session['logged_in']
name = request.form.get('sell-name')
quantity = int(request.form.get('sell-quantity'))
price = int(request.form.get('sell-price'))
expiry = (request.form.get('sell-date'))
tickets = bn.get_all_tickets()
if ticket_name_check(name) is None: # no match in regex
error_message = 'ticket name format is incorrect'
elif quantity_check(quantity):
error_message = "quantity format is incorrect"
elif price_check(price):
error_message = "price format is incorrect"
elif date_check(expiry):
error_message = "date format is incorrect"
else:
error_message = bn.set_ticket(email, name, quantity, price, expiry)
return error_message
def update_post():
# Always check if the user is logged in
if 'logged_in' not in session:
return redirect('/login', code=303)
# get the ticket information from the user's form inputs
update_name = request.form.get('update_name')
update_quantity = request.form.get('update_quantity')
update_price = request.form.get('update_price')
update_expiration_date = request.form.get('update_expiration_date')
# get the currently logged in user
email = session['logged_in']
user = bn.get_user(email)
# some regex's to validate the user's form inputs
namepattern = re.compile("^[a-zA-Z0-9][a-zA-z0-9 ]{0,58}[a-zA-Z0-9]$")
quantitypattern = re.compile("^(100|[1-9][0-9]?)$")
pricepattern = re.compile("(100)|(^[1-9][0-9]$)")
datepattern = re.compile(
"([2-9][0-9][0-9][0-9])(([0][1-9])|([1][0-2]))(([0][1-9])|([1-2][0-9])|([3][0-1]))"
)
# use the regex's to validate that their form inputs match the required format
# if they don't, display the appropriate error message
if not (namepattern.match(update_name)):
return render_template(
'index.html',
message=
'Ticket name must be alphanumeric, between 1 and 60 characters, and not start or end with a space.',
balance=user.balance,
tickets=bn.get_all_tickets())
elif not (quantitypattern.match(update_quantity)):
return render_template('index.html',
message='Quantity must be between 1 and 100',
balance=user.balance,
tickets=bn.get_all_tickets())
elif not (pricepattern.match(update_price)):
return render_template('index.html',
message='Price must be between 10 and 100',
balance=user.balance,
tickets=bn.get_all_tickets())
elif not (datepattern.match(update_expiration_date)):
return render_template(
'index.html',
message='Expiration date must be in form YYYYMMDD',
balance=user.balance,
tickets=bn.get_all_tickets())
# attempt to retrieve the user's desired tickets
update_ticket = None
all_tickets = bn.get_all_tickets()
for ticket in all_tickets:
if ticket.name == update_name:
update_ticket = ticket
#update_ticket=bn.get_all_tickets().filter_by(name=update_name).first()
# if the tickets could not be retrieved, display an appropriate error message
if update_ticket == None:
return render_template(
'index.html',
message='No such ticket {}. '.format(update_name),
balance=user.balance,
tickets=bn.get_all_tickets())
# if the tickets were successfully retrieved, attempt to update said tickets
# if the user left any non-required forms blank, assume that those values will stay the same
if update_quantity == '':
update_quantity = update_ticket.quantity
if update_price == '':
update_price = update_ticket.price
if update_expiration_date == '':
update_expiration_date = update_ticket.expiration_date
# check that the user is the owner of the tickets they want to update, and return an error message if they aren't
if update_ticket.email != email:
return render_template('index.html',
message='Can only update your own tickets. ',
balance=user.balance,
tickets=bn.get_all_tickets())
# if no errors have occurred thus far, attempt to update the tickets
else:
update_error_message = bn.update_tickets(update_name, update_quantity,
update_price,
update_expiration_date)
# if bn.update_tickets fails, display the error message it returns
if update_error_message != None:
return render_template('index.html',
message=update_error_message,
balance=user.balance,
tickets=bn.get_all_tickets())
# else, display that the tickets have been succesfully updated
return render_template('index.html',
message='Listing updated',
balance=user.balance,
tickets=bn.get_all_tickets())
def buy_post():
# Always check if the user is logged in
if 'logged_in' not in session:
return redirect('/login', code=303)
# get the ticket information from the user's form inputs
buy_name = request.form.get('buy_name')
buy_quantity = request.form.get('buy_quantity')
# attempt to retrieve the tickets with that name from backend
buyticket = None
all_tickets = bn.get_all_tickets()
for ticket in all_tickets:
if ticket.name == buy_name:
buyticket = ticket
#buyticket=bn.get_all_tickets().filter_by(name=buy_name).first()
# regex's to validate the user's form input
namepattern = re.compile("^[a-zA-Z0-9][a-zA-z0-9 ]{0,58}[a-zA-Z0-9]$")
quantitypattern = re.compile("^(100|[1-9][0-9]?)$")
# get the currently logged in user
email = session['logged_in']
user = bn.get_user(email)
# validate the inputs
if not (namepattern.match(buy_name)):
return render_template(
'index.html',
message=
'Ticket name must be alphanumeric, between 1 and 60 characters, and not start or end with a space.',
balance=user.balance,
tickets=bn.get_all_tickets())
elif not (quantitypattern.match(buy_quantity)):
return render_template(
'index.html',
message='Ticket quantity must be between 1 and 100',
balance=user.balance,
tickets=bn.get_all_tickets())
# if the tickets could not be retrieved, display an appropriate error message
if buyticket == None:
return render_template('index.html',
message='No such ticket {}'.format(buy_name),
balance=user.balance,
tickets=bn.get_all_tickets())
elif buyticket.quantity < int(buy_quantity):
return render_template('index.html',
message='Not enough tickets. ',
balance=user.balance,
tickets=bn.get_all_tickets())
elif buyticket.price * int(buy_quantity) > user.balance:
return render_template(
'index.html',
message='Not enough balance to purchase tickets. ',
balance=user.balance,
tickets=bn.get_all_tickets())
# if the tickets were successfully retrieved, attempt to buy the tickets
else:
buy_error_message = bn.buy_tickets(buy_name, buy_quantity)
# if bn.buy_tickets fails, display the error message it returns
if buy_error_message != None:
return render_template('index.html',
message=buy_error_message,
balance=user.balance,
tickets=bn.get_all_tickets())
# else, update the user's balance based on the price of the tickets purchased
user.balance -= buyticket.price * int(buy_quantity)
bn.set_balance(email, user.balance)
# display that the tickets have succesfully been purchased
return render_template('index.html',
message='Tickets purchased',
balance=user.balance,
tickets=bn.get_all_tickets())
def sell_post():
# Always check if the user is logged in
if 'logged_in' not in session:
return redirect('/login', code=303)
# get the ticket information from the user's form inputs
sell_name = request.form.get('sell_name')
sell_quantity = request.form.get('sell_quantity')
sell_price = request.form.get('sell_price')
sell_expiration_date = request.form.get('sell_expiration_date')
# get the currently logged in user
email = session['logged_in']
user = bn.get_user(email)
# some regex's to validate the inputs
namepattern = re.compile("^[a-zA-Z0-9][a-zA-z0-9 ]{0,58}[a-zA-Z0-9]$")
quantitypattern = re.compile("^(100|[1-9][0-9]?)$")
pricepattern = re.compile("(100)|(^[1-9][0-9]$)")
datepattern = re.compile(
"([2-9][0-9][0-9][0-9])(([0][1-9])|([1][0-2]))(([0][1-9])|([1-2][0-9])|([3][0-1]))"
)
# use the regex's to validate that the ticket info is in acceptable format
# display appropriate error messages for any formatting errors
if not (namepattern.match(sell_name)):
return render_template(
'index.html',
message=
'Ticket name must be alphanumeric, between 1 and 60 characters, and not start or end with a space. ',
balance=user.balance,
tickets=bn.get_all_tickets())
elif not (quantitypattern.match(sell_quantity)):
return render_template(
'index.html',
message='Ticket quantity must be between 1 and 100. ',
balance=user.balance,
tickets=bn.get_all_tickets())
elif not (pricepattern.match(sell_price)):
return render_template(
'index.html',
message='Ticket price must be between 10 and 100. ',
balance=user.balance,
tickets=bn.get_all_tickets())
elif not (datepattern.match(sell_expiration_date)):
return render_template(
'index.html',
message='Expiration date must be in form YYYYMMDD. ',
balance=user.balance,
tickets=bn.get_all_tickets())
# if the inputs are formatted correctly, attempt to sell the ticket
else:
sell_error_message = bn.sell_tickets(sell_name, session['logged_in'],
sell_quantity, sell_price,
sell_expiration_date)
# if bn.sell_tickets fails, display the error message it returns
if sell_error_message != None:
return render_template('index.html',
message=sell_error_message,
balance=user.balance,
tickets=bn.get_all_tickets())
# else, display that the ticket has successfully been posted
return render_template('index.html',
message='Tickets added to listing',
balance=user.balance,
tickets=bn.get_all_tickets())
def buy_ticket():
email = session['logged_in']
user = bn.get_user(email)
ticket_name = request.form.get('name_buy')
ticket_quantity = int(
request.form.get('quantity_buy')
) # TODO a user should not have the option to buy their own tickets
ticket = bn.check_name_exist(ticket_name)
error_message = ""
error_list = []
# validate ticket name
error_list.append(validate_ticket_name(ticket_name, error_message))
# validate ticket quantity
error_list.append(validate_ticket_quantity(ticket_quantity, error_message))
if ticket is None:
error_list.append("The ticket of the given name must exist")
else:
error_list.append("")
# validate the ticket quantity in the database
try:
if ticket.quantity < ticket_quantity:
error_list.append(
"ticket quantity cannot exceed more than what is listed")
else:
error_list.append("")
# Validate user balance
if user.balance < (ticket.price * ticket_quantity +
ticket.price * ticket_quantity * 0.35 * 0.05):
error_list.append(
"The user has less balance than the ticket price * quantity + service fee (35%) + tax (5%)"
)
else:
error_list.append("")
except AttributeError:
error_list.append(
""
) # we don't actually need these two lines(just feel like filling in the list all the way is consistent)
error_list.append("")
tickets = bn.get_all_tickets()
if error_list[0] != "":
return render_template('index.html',
user=user,
buy_message=error_list[0],
tickets=tickets)
elif error_list[1] != "":
return render_template('index.html',
user=user,
buy_message=error_list[1],
tickets=tickets)
elif error_list[2] != "":
return render_template('index.html',
user=user,
buy_message=error_list[2],
tickets=tickets)
elif error_list[3] != "":
return render_template('index.html',
user=user,
buy_message=error_list[3],
tickets=tickets)
elif error_list[4] != "":
return render_template('index.html',
user=user,
buy_message=error_list[4],
tickets=tickets)
else:
remaining_tickets = ticket.quantity - ticket_quantity
# if all tickets purchased delete ticket object from data base else update ticket to right quantity
if remaining_tickets == 0:
bn.delete_ticket(ticket_name)
else:
bn.update_ticket(ticket_name, remaining_tickets, ticket.price,
ticket.date)
# update user balance
new_balance = user.balance - ticket.price * ticket_quantity - ticket.price * ticket_quantity * 0.35 * 0.05
bn.update_user_balance(user, new_balance)
tickets = bn.get_all_tickets()
return render_template('index.html', user=user, tickets=tickets)
