def create_user(self): user = """INSERT INTO users (store_id, role, email, password,added_at) VALUES ('{}','{}','{}','{}','{}')""" \ .format(self.store_id, self.role, self.email, self.password, self.added_at) cur.execute(user) conn.commit()
def put(self): """ Edit password """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 json_data = request.get_json(force=True) password = "".join(json_data['old_password'].split()) email = get_jwt_identity() if password == '': msg = 'The password field can not be empty' return {"status": "Failed!", "message": msg}, 400 user = get_user_by_email(email) if not check_password_hash(user[4], password): return {"status": "Failed!", "message": "Invalid password."}, 400 new_password = "".join(json_data['new_password'].split()) hashed_pass = generate_password_hash(new_password) cur.execute( "UPDATE users SET password='******' WHERE email ='{1}';".format( hashed_pass, email)) conn.commit() return { "status": "success!", "message": "Password Updated successifully" }, 200
def put(self, id): """ Update a category """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 json_data = request.get_json(force=True) category_validator(json_data) cur.execute("SELECT * FROM categories WHERE id={};".format(id)) category = cur.fetchone() store_id = get_store_id(get_jwt_identity()) if not category or category[1] != store_id: msg = {"message": 'Category does not exist'}, 404 return msg name = category[2] if 'name' in json_data: c_name = json_data['name'].lower() name = "".join(c_name.split()) cur.execute("SELECT * FROM categories WHERE name='{}';".format(name)) category_check = cur.fetchone() if category_check: msg = 'That category already exists' return {"status": "Failed", "message": msg}, 406 cur.execute("UPDATE categories SET name='{}' WHERE id ={}".format( name, id)) conn.commit() cur.execute("SELECT * FROM categories WHERE id={};".format(id)) new_c = cur.fetchone() format_new_c = {"category_name": new_c[2]} return {"status": "Updated!", "category": format_new_c}, 200
def delete(self): """ Delete an entire cart """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 cart = cart_helper(get_jwt_identity()) if not cart: return { "status": "Failed!", "message": "You don\'t have any cart at the moment" }, 404 seller = get_user_by_email(get_jwt_identity()) seller_id = seller[0] for c in cart: inventory = c[3] name = c[2] cur.execute( "UPDATE products SET inventory= inventory + {} WHERE name ='{}'" .format(inventory, name)) conn.commit() cur.execute("DELETE FROM carts WHERE seller_id={};".format(seller_id)) conn.commit() return {"status": "Cart Deleted!"}, 200
def delete(self, id): """ Remove a product from cart """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 cur.execute("SELECT * FROM carts WHERE id={};".format(id)) product = cur.fetchone() seller = get_user_by_email(get_jwt_identity()) seller_id = seller[0] if not product or product[1] != seller_id: return { "status": "Failed!", "message": "That product is not in the cart" }, 400 new_p_inv = product[3] cur.execute( "UPDATE products SET inventory= inventory + {} WHERE name ='{}'". format(new_p_inv, product[2])) conn.commit() cur.execute("DELETE FROM carts WHERE id='{}';".format(id)) conn.commit() format_c = { "product": product[2], "number": product[3], "amount": product[4] } return {"status": "Deleted!", "product": format_c}, 200
def create_store(self): store = """INSERT INTO stores (name, category,created_at) VALUES ('%s','%s','%s')""" % (self.name, self.category, self.created_at) cur.execute(store) conn.commit()
def post(self, c_id, p_id): """ Add a category to a product c_id : the category id p_id : the product id """ store_id = get_store_id(get_jwt_identity()) cur.execute("SELECT * FROM categories WHERE id='{}';".format(c_id)) category = cur.fetchone() if not category or category[1] != store_id: msg = 'Category does not exist' return {"status": "Failed!", "message": msg}, 404 cur.execute("SELECT * FROM products WHERE id={};".format(p_id)) product = cur.fetchone() if not product or product[1] != store_id: msg = 'Product does not exist' return {"message": msg}, 404 category_name = category[2] cur.execute("UPDATE products SET category='{}' WHERE id ='{}'".format( category_name, p_id)) conn.commit() cur.execute("SELECT * FROM products WHERE id={};".format(p_id)) new_p = cur.fetchone() format_new_p = { "product_name": new_p[2], "inventory": new_p[3], "price": new_p[4], 'category': new_p[5], 'added_at': new_p[6] } return {"status": "Updated!", "product": format_new_p}, 200
def add_to_cart(self): item = """INSERT INTO carts (seller_id,product, number,amount,created_at) VALUES ('%s','%s','%s','%s','%s')"""\ % (self.seller_id, self.product, self.number, self.amount, self.created_at) cur.execute(item) conn.commit()
def add_product(self): """ Add product method """ product = """INSERT INTO products (store_id,name, inventory,price,category,created_at) VALUES ('%s','%s','%s','%s','%s','%s')"""\ % (self.store_id, self.name, self.inventory, self.price, self.category, self.created_at) cur.execute(product) conn.commit()
def sell(self): """ The sell sql query """ sale = """INSERT INTO sales (store_id,seller_id,product, number,amount,created_at) VALUES ('%s','%s','%s','%s','%s','%s')""" \ % (self.store_id, self.seller_id, self.product, self.number, self.amount, self.created_at) cur.execute(sale) conn.commit()
def put(self, id): """ Update a product """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 json_data = request.get_json(force=True) res = product_update_validator(json_data) if not res: cur.execute("SELECT * FROM products WHERE id={};".format(id)) product = cur.fetchone() store_id = get_store_id(get_jwt_identity()) if not product or product[1] != store_id: return { "status": "Failed!", "message": 'Product does not exist' }, 404 name = product[2] inventory = product[3] price = product[4] if 'name' in json_data: name = json_data['name'].lower() cur.execute( "SELECT * FROM products WHERE name='{}';".format(name)) product_check = cur.fetchone() if product_check: msg = 'That product already exists' return {"status": "Failed!", "message": msg}, 406 if 'inventory' in json_data: inventory = json_data['inventory'] if 'price' in json_data: price = json_data['price'] cur.execute( "UPDATE products SET name='{}',inventory='{}',price='{}'\ WHERE id ={}".format(name, inventory, price, id)) conn.commit() cur.execute("SELECT * FROM products WHERE id={};".format(id)) new_p = cur.fetchone() format_new_p = { "product_name": new_p[2], "inventory": new_p[3], "price": new_p[4], 'category': new_p[5], 'added_at': new_p[6] } res = {"status": "Updated!", "product": format_new_p}, 200 return res
def put(self, id): """ Update a product on a cart """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 json_data = request.get_json(force=True) res = sales_validator(json_data) if not res: cur.execute("SELECT * FROM carts WHERE id={};".format(id)) product = cur.fetchone() seller = get_user_by_email(get_jwt_identity()) seller_id = seller[0] if not product or product[1] != seller_id: return { "status": "Failed!", "message": "That product is not in the cart" }, 404 cur.execute("SELECT * FROM products WHERE name='{}';".format( product[2])) p = cur.fetchone() number = int(json_data['number']) total_num = p[3] + product[3] if number > int(total_num): msg = 'There are only {0} {1} available'.format( total_num, p[2]) return {"status": "Failed!", "message": msg}, 400 new_amnt = number * p[4] cur.execute( "UPDATE carts SET number={0},amount={1} WHERE id ={2}".format( number, new_amnt, id)) conn.commit() new_p_inv = total_num - number cur.execute( "UPDATE products SET inventory= '{}' WHERE name ='{}'".format( new_p_inv, product[2])) conn.commit() cur.execute("SELECT * FROM carts WHERE id={};".format(id)) new_c = cur.fetchone() format_new_c = { "product": new_c[2], "number": new_c[3], "amount": new_c[4] } res = {"status": "Cart Updated", "cart": format_new_c}, 200 return res
def post(self): """ Logout """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 jti = get_raw_jwt()['jti'] b_token = """INSERT INTO tokens (token) VALUES ('{}')""".format(jti) cur.execute(b_token) conn.commit() return { "status": "Success!", "message": "Successfully logged out" }, 200
def patch(self, id): ''' Down votes ''' user = get_user_by_email(get_jwt_identity()) if user: username = user[5] qsn = get_question_by_id(id) if not qsn or qsn[0] != id: msg = 'Question with that id does not exist' return {"Message": msg}, 404 question_id = qsn[0] votes = qsn[3] - 1 cur.execute("UPDATE questions SET votes = '{}'\ WHERE id={};".format(votes, id)) conn.commit() votes_count(username, question_id, votes) msg = 'You have disliked this question' return {'Status': 201, 'Votes': votes, 'Message': msg}
def post(self): """ Add Attendant """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 json_data = request.get_json(force=True) res = login_validator(json_data) if not res: newattendant = get_user_by_email(json_data['email']) if newattendant and newattendant[2] == 2: return { "status": "Failed!", "message": "User already exists and is an Attendant" }, 409 if newattendant and newattendant[2] > 0: cur.execute("DELETE FROM users WHERE email='{}';".format( json_data['email'])) conn.commit() email = get_jwt_identity() user = get_user_by_email(email) store_id = user[1] role = 2 user_reg = User(store_id, role, json_data['email'], json_data['password']) user_reg.create_user() cur.execute("SELECT * FROM stores WHERE id='{}';".format(store_id)) store = cur.fetchone() store_name = store[1] email = json_data['email'] passd = json_data['password'] msg = Message('{} new Attendant'.format(store_name), recipients=[email]) body = 'You have been made Attendant at {} Store.\nUse the email < {} > and the password < {} > to login at the StoreMangerSite.'.format( store_name, email, passd) msg.body = body mail.send(msg) res = { "status": "Success!", "message": "Attendant added!", "data": user_reg.json_dump() }, 201 return res
def delete(self, id): """ Delete a category """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 cur.execute("SELECT * FROM categories WHERE id={};".format(id)) category = cur.fetchone() store_id = get_store_id(get_jwt_identity()) if not category or category[1] != store_id: msg = {"message": 'Category does not exist'}, 404 return msg cur.execute("DELETE FROM categories WHERE id={};".format(id)) conn.commit() format_c = {"category_name": category[2]} return {"status": "Deleted!", "prpduct": format_c}, 200
def post(self): """ Sell a cart """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 cart = cart_helper(get_jwt_identity()) store_id = get_store_id(get_jwt_identity()) if not cart: return { "status": "Failed!", "message": "You don\'t have any cart at the moment" }, 404 seller = get_user_by_email(get_jwt_identity()) seller_id = seller[0] sale_order = [] totalamount = 0 for c in cart: product = c[2] number = c[3] amount = c[4] new_sale_record = Sale(store_id, seller_id, product, number, amount) new_sale_record.sell() format_sale = { 'product': c[2], 'number_of_products': c[3], 'amount': c[4] } totalamount += c[4] sale_order.append(format_sale) cur.execute("DELETE FROM carts WHERE seller_id={};".format(seller_id)) conn.commit() return { "status": "Sold!", "TotalAmount": totalamount, "Items": sale_order }, 201
def delete(self, id): """ Delete a product """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 cur.execute("SELECT * FROM products WHERE id={};".format(id)) product = cur.fetchone() store_id = get_store_id(get_jwt_identity()) if not product or product[1] != store_id: msg = 'Product does not exist' return {"status": "Failed!", "message": msg}, 404 cur.execute("DELETE FROM products WHERE id={};".format(id)) conn.commit() format_p = { "product_name": product[2], "inventory": product[3], "price": product[4] } return {"status": "Deleted!", "product": format_p}, 200
def delete(self): """ Remove User """ current_user = get_jwt_identity() if current_user is None: msg = 'Please login to access to access this resource' return {"status": "Failed!", "message": msg}, 400 json_data = request.get_json(force=True) email = "".join(json_data['email'].split()) super_admin = get_jwt_identity() if super_admin == email: msg = 'The owner can not be deleted' return {"status": "Failed!", "message": msg}, 406 user = get_user_by_email(super_admin) store_id = user[1] del_user = get_user_by_email(email) if not del_user or del_user[1] != store_id: msg = 'User does not exist' return {"status": "Failed!", "message": msg}, 404 cur.execute("DELETE FROM users WHERE email='{}';".format(email)) conn.commit() return {"status": "User deleted!"}, 200
def add_comment(self): commen = """ INSERT INTO comments (username, question_id, comment, time_added) VALUES ('{}','{}','{}','{}') """\ .format(self.username, self.question_id, self.comment, self.time_added) cur.execute(commen) conn.commit()
def votes_count(username, question_id, votes): p_votes = """ INSERT INTO votes (username, question_id, votes) VALUES ('{}','{}','{}') """\ .format(username, question_id, votes) cur.execute(p_votes) conn.commit()
def add_category(self): cat = """INSERT INTO categories (store_id,name,created_at) VALUES ('%s','%s','%s')""" % (self.store_id, self.name, self.created_at) cur.execute(cat) conn.commit()
def add_question(self): question = """ INSERT INTO questions (username, meetup_id, votes, title, body, time_added) VALUES ('{}','{}','{}','{}','{}', '{}') """\ .format(self.username, self.meetup_id, self.votes, self.title, self.body, self.time_added) cur.execute(question) conn.commit()
def add_new_user(self): user = """ INSERT INTO users (firstname, lastname, email, phoneNumber, username, password, isAdmin, time_created) VALUES ('{}','{}','{}','{}','{}', '{}' , '{}' , '{}') """\ .format(self.firstname, self.lastname, self.email, self.phoneNumber, self.username, self.password, self.isAdmin, self.time_created) cur.execute(user) conn.commit()
def add_new_meetup(self): meetup = """ INSERT INTO meetups (location, images, title, happeningOn, tags, time_added) VALUES ('{}','{}','{}','{}','{}', '{}') """\ .format(self.location, self.images, self.title, self.tags, self.happeningOn, self.time_added) cur.execute(meetup) conn.commit()