def delete_category_by_id(category_id):
    """
    HTML endpoint providing a form to delete a category
    """
    if not UserUtils.is_authenticated():
        UserUtils.set_preauthentication_url()
        flash('sign in to delete categories')
        return redirect('/login')

    category = session.query(Category).filter_by(id=category_id).one()

    if not Permissions.get_user_permissions_for_category(category).delete:
        flash('you may delete only empty categories you created')
        return redirect(url_for(
            'get_categories'))

    if request.method == 'POST':
        session.delete(category)
        session.commit()

        flash('category deleted')

        return redirect(url_for(
            'get_categories'))
    else:
        return UserUtils.render_user_template(
            'category_delete.html',
            category=category,
            page_title="%s %s Category" % ("Delete", category.name))
Ejemplo n.º 2
0
def delete_item_by_id(category_id, item_id):
    """
    HTML endpoint providing a form to delete an item
    """
    if not UserUtils.is_authenticated():
        UserUtils.set_preauthentication_url()
        flash('sign in to delete an item')
        return redirect('/login')

    item = session.query(Item).filter_by(id=item_id).one()

    # Users may delete only items they created
    if not Permissions.get_user_permissions_for_item(item).delete:
        flash('you may delete only items you created')
        return redirect(url_for('get_category_by_id', category_id=category_id))

    if request.method == 'POST':
        session.delete(item)
        session.commit()

        flash('item deleted')

        return redirect(url_for('get_category_by_id', category_id=category_id))
    else:
        category = session.query(Category).filter_by(id=category_id).one()

        return UserUtils.render_user_template('item_delete.html',
                                              category=category,
                                              category_id=category_id,
                                              item=item,
                                              page_title="%s %s Item" %
                                              ("Delete", item.title))
Ejemplo n.º 3
0
def create_category():
    """
    HTML endpoint providing a form to create a new category
    """
    if not UserUtils.is_authenticated():
        UserUtils.set_preauthentication_url()
        flash('sign in to create categories')
        return redirect('/login')

    if request.method == 'POST':

        # Extract and validate the form inputs
        (name, name_error) = \
            extract_and_validate_category_name(request.form)

        if name_error:
            return UserUtils.render_user_template('category_create.html',
                                                  page_title="New Category",
                                                  name=name,
                                                  name_error=name_error)

        # Create the item in the data store

        item = Category(name=name,
                        user_id=UserUtils.get_authenticated_user_id())
        session.add(item)
        session.commit()

        flash('category created')

        return redirect(url_for('get_category_by_id', category_id=item.id))
    else:
        return UserUtils.render_user_template('category_create.html',
                                              page_title="New Category")
Ejemplo n.º 4
0
def update_item_by_id(category_id, item_id):
    """
    HTML endpoint providing a form to edit an item
    """
    if not UserUtils.is_authenticated():
        UserUtils.set_preauthentication_url()
        flash('sign in to edit an item')
        return redirect('/login')

    item = session.query(Item).filter_by(id=item_id).one()

    # Users may update only items they created
    if not Permissions.get_user_permissions_for_item(item).update:
        flash('you may edit only items you created')
        return redirect(url_for('get_category_by_id', category_id=category_id))

    category = session.query(Category).filter_by(id=category_id).one()

    if request.method == 'POST':
        # Extract and validate the form inputs

        (title, title_error) = \
            extract_and_validate_item_title(request.form)

        (description, description_error) = \
            extract_and_validate_item_description(request.form)

        if title_error or description_error:
            return UserUtils.render_user_template(
                'item_update.html',
                category=category,
                category_id=category_id,
                item=item,
                page_title="%s %s Item" % ("Edit", item.title),
                title=title,
                title_error=title_error,
                description=description,
                description_error=description_error)

        # Create the item in the data store

        item.title = title
        item.description = description
        session.add(item)
        session.commit()

        flash('item updated')

        return redirect(url_for('get_category_by_id', category_id=category_id))
    else:
        return UserUtils.render_user_template('item_update.html',
                                              category=category,
                                              category_id=category_id,
                                              item=item,
                                              page_title="%s %s Item" %
                                              ("Edit", item.title),
                                              title=item.title,
                                              description=item.description)
def create_item(category_id):
    """
    HTML endpoint providing a form to create a new item within a category
    """
    if not UserUtils.is_authenticated():
        UserUtils.set_preauthentication_url()
        flash('sign in to create an item')
        return redirect('/login')

    category = \
        session.query(Category).filter_by(id=category_id).one()

    if request.method == 'POST':
        # Extract and validate the form inputs

        (title, title_error) = \
            extract_and_validate_item_title(request.form)

        (description, description_error) = \
            extract_and_validate_item_description(request.form)

        if title_error or description_error:
            return UserUtils.render_user_template(
                'item_create.html',
                category=category,
                category_id=category_id,
                title=title,
                title_error=title_error,
                description=description,
                description_error=description_error)

        # Create the item in the data store

        item = Item(
            title=title,
            description=description,
            category_id=category_id,
            user_id=UserUtils.get_authenticated_user_id())
        session.add(item)
        session.commit()

        flash('item created')

        return redirect(url_for(
            'get_category_by_id',
            category_id=category_id))
    else:
        return UserUtils.render_user_template(
            'item_create.html',
            category=category,
            category_id=category_id)
def update_category_by_id(category_id):
    """
    HTML endpoint providing a form to edit a category
    """
    if not UserUtils.is_authenticated():
        UserUtils.set_preauthentication_url()
        flash('sign in to edit categories')
        return redirect('/login')

    category = session.query(Category).filter_by(id=category_id).one()

    if not Permissions.get_user_permissions_for_category(category).update:
        flash('you may edit only categories you created')
        return redirect(url_for(
            'get_categories'))

    if request.method == 'POST':
        # Extract and validate the form inputs
        (name, name_error) = \
            extract_and_validate_category_name(request.form)

        if name_error:
            return UserUtils.render_user_template(
                'category_update.html',
                category=category,
                page_title="%s %s Category" % ("Edit", category.name),
                name=name,
                name_error=name_error)

        # Create the item in the data store

        category.name = name
        session.add(category)
        session.commit()

        flash('category updated')

        return redirect(url_for(
            'get_category_by_id',
            category_id=category_id))
    else:
        return UserUtils.render_user_template(
            'category_update.html',
            category=category,
            page_title="%s %s Category" % ("Edit", category.name),
            name=category.name)