def category_info(category_id): """ Function to return a page to view items for specified category. Args: category_id: ID value of the category to view. """ set_redirect_url() # Retrieve Category object for template rendering. # If not found, render error template. category = db_session.query(Category)\ .filter_by(id=category_id)\ .first() if not category: return render_template( 'error.html', headline_text='Category Not Found', error_text='The specified category was not found.') login_session['last_category_id'] = category.id category_items = db_session.query(CategoryItem).filter_by( category_id=category.id).all() creator = category.user user = get_user() return render_template('category_info.html', categories=get_all_objects_of_type(Category), category=category, category_items=category_items, creator=creator, items=get_all_items(), user=user)
def category_info(category_id): """ Function to return a page to view items for specified category. Args: category_id: ID value of the category to view. """ set_redirect_url() # Retrieve Category object for template rendering. # If not found, render error template. category = db_session.query(Category)\ .filter_by(id=category_id)\ .first() if not category: return render_template('error.html', headline_text='Category Not Found', error_text='The specified category was not found.') login_session['last_category_id'] = category.id category_items = db_session.query(CategoryItem).filter_by(category_id=category.id).all() creator = category.user user = get_user() return render_template('category_info.html', categories=get_all_objects_of_type(Category), category=category, category_items=category_items, creator=creator, items=get_all_items(), user=user)
def category_items_info_json(category_id): """ Function to return JSON of category items for specified category. Args: category_id: ID value of the category for the item. """ category = db_session.query(Category).filter_by(id=category_id).first() if not category: return jsonify({'error': 'The specified category was not found.'}) items = db_session.query(CategoryItem).filter_by(category_id=category_id).all() return jsonify(items=[item.serialize for item in items])
def category_items_info_json(category_id): """ Function to return JSON of category items for specified category. Args: category_id: ID value of the category for the item. """ category = db_session.query(Category).filter_by(id=category_id).first() if not category: return jsonify({'error': 'The specified category was not found.'}) items = db_session.query(CategoryItem).filter_by( category_id=category_id).all() return jsonify(items=[item.serialize for item in items])
def new_category_item(): """ Function to return a page to create a new category item. """ set_redirect_url() user = get_user() categories = get_all_objects_of_type(Category) category = None if not user: return redirect(url_for('login')) if request.method == 'POST': if request.form.get('name', '') == '' and request.form.get('category', '') != '': category = db_session.query(Category)\ .filter_by(id=request.form.get('category'))\ .first() return render_template('new_category_item.html', user=user, category=category, categories=categories, request=request) new_item = CategoryItem(name=request.form['name'], user_id=login_session['user_id'], description=request.form['description'], category_id=request.form['category']) db_session.add(new_item) db_session.commit() flash('New Item {} Successfully Created!'.format(new_item.name)) return redirect(url_for('index')) else: return render_template('new_category_item.html', user=user, category=category, categories=categories)
def category_item_info_json(category_id, item_id): """ Function to return JSON of specified category item. Args: category_id: ID value of the category for the item. item_id: ID value of the category item to view. """ category = db_session.query(Category).filter_by(id=category_id).first() if not category: return jsonify({'error': 'The specified category was not found.'}) item = db_session.query(CategoryItem).filter_by(id=item_id).first() if not item: return jsonify({'error': 'The specified category item was not found.'}) return jsonify(item.serialize)
def category_item_info(item_id): """ Function to return a page to view a category item. Args: item_id: ID value of the category item to view. """ set_redirect_url() # Retrieve CategoryItem object for template rendering. # If not found, render error template. category_item = db_session.query(CategoryItem)\ .filter_by(id=item_id)\ .first() if not category_item: return render_template('error.html', headline_text='Item Not Found', error_text='The specified item was not found.') creator = category_item.user user = get_user() return render_template('category_item_info.html', categories=get_all_objects_of_type(Category), category=category_item.category, item=category_item, items=get_all_items(), creator=creator, user=user)
def edit_category_item(item_id): """ Function to return a page to edit a category item. Args: item_id: ID value of the category item to edit. """ user = get_user() categories = get_all_objects_of_type(Category) edited_item = db_session.query(CategoryItem)\ .filter_by(id=item_id)\ .first() if not edited_item: return render_template('error.html', headline_text='Item Not Found', error_text='The specified item was not found.') # Make sure the user is the creator of the item. if not user or user and user.id != edited_item.user.id: return render_template('error.html', headline_text='Access Denied', error_text='Sorry, but you are not the creator of '\ 'the item "{}". As such, you are not authorized '\ 'to make edits to it.'.format(edited_item.name)) if request.method == 'POST': edited_item.name = request.form['name'] edited_item.description = request.form['description'] edited_item.category_id = request.form['category'] db_session.add(edited_item) db_session.commit() flash('Item Successfully Updated!') category = db_session.query(Category)\ .filter_by(id=edited_item.category_id)\ .first() return redirect(url_for('category_item_info', item_id=edited_item.id)) else: return render_template('edit_category_item.html', item=edited_item, user=user, categories=categories)
def catalog_json(): """ Function to return JSON of all categories and items. """ categories = get_all_objects_of_type(Category) categories_list = [] for cat in categories: categories_list.append(cat.serialize) items = db_session.query(CategoryItem).filter_by(category_id=cat.id).all() categories_list[-1]['items'] = [item.serialize for item in items] return jsonify(categories=categories_list)
def get_user_id(email): """ Function to return user ID for user with specified email address. Args: email: Email address for user whose ID will be returned. """ try: user = db_session.query(User).filter_by(email=email).one() return user.id except NoResultFound: return None
def catalog_json(): """ Function to return JSON of all categories and items. """ categories = get_all_objects_of_type(Category) categories_list = [] for cat in categories: categories_list.append(cat.serialize) items = db_session.query(CategoryItem).filter_by( category_id=cat.id).all() categories_list[-1]['items'] = [item.serialize for item in items] return jsonify(categories=categories_list)
def get_user_info(user_id): """ Function to return User object for user with specified user ID. Args: user_id: User ID for user object to return. """ try: user = db_session.query(User).filter_by(id=user_id).one() return user except NoResultFound: return None
def delete_category(category_id): """ Function to return a page to delete a category. Args: category_id: ID of the category to delete. """ user = get_user() category = db_session.query(Category)\ .filter_by(id=category_id).first() if not category: return redirect(url_for('index')) # Make sure the user is the creator of the category. if not user or user and user.id != category.user.id: return render_template('error.html', headline_text='Access Denied', error_text='Sorry, but you are not the creator of '\ 'the category "{}". As such, you are not authorized '\ 'to delete it.'.format(category.name)) if request.method == 'POST': # Get and delete all items associated with this category. items = db_session.query(CategoryItem)\ .filter_by(category_id=category.id)\ .all() for item in items: db_session.delete(item) # Delete the category itself and commit everything. db_session.delete(category) db_session.commit() flash("Category {} deleted.".format(category.name)) return redirect(url_for('index')) else: return render_template('delete_category.html', category=category)
def create_user(): """ Function to create a new user with the info from login session. """ new_user = User(name=login_session['username'], email=login_session['email'], picture=login_session['picture']) db_session.add(new_user) db_session.commit() user = db_session.query(User)\ .filter_by(email=login_session['email'])\ .one() return user.id
def delete_category_item(item_id): """ Function to return a page to delete a category item. Args: item_id: ID of the category item to delete. """ user = get_user() item = db_session.query(CategoryItem)\ .filter_by(id=item_id)\ .first() category_id = '' if not item: if login_session.get('last_category_id', '') == '': return redirect(url_for('index')) else: category_id = login_session.get('last_category_id') else: category_id = item.category.id # Make sure the user is the creator of the item. if not user or user and user.id != item.user.id: return render_template('error.html', headline_text='Access Denied', error_text='Sorry, but you are not the creator of '\ 'the item "{}". As such, you are not authorized '\ 'to delete it.'.format(item.name)) if request.method == 'POST': db_session.delete(item) db_session.commit() flash("Item {} deleted.".format(item.name)) return redirect(url_for('category_info', category_id=category_id)) else: return render_template('delete_category_item.html', item=item)
def new_category_item(): """ Function to return a page to create a new category item. """ set_redirect_url() user = get_user() categories = get_all_objects_of_type(Category) category = None if not user: return redirect(url_for('login')) if request.method == 'POST': if request.form.get( 'name', '') == '' and request.form.get('category', '') != '': category = db_session.query(Category)\ .filter_by(id=request.form.get('category'))\ .first() return render_template('new_category_item.html', user=user, category=category, categories=categories, request=request) new_item = CategoryItem(name=request.form['name'], user_id=login_session['user_id'], description=request.form['description'], category_id=request.form['category']) db_session.add(new_item) db_session.commit() flash('New Item {} Successfully Created!'.format(new_item.name)) return redirect(url_for('index')) else: return render_template('new_category_item.html', user=user, category=category, categories=categories)
if __name__ == "__main__": if len(sys.argv) < 3: print "Insufficient arguments" exit() command = sys.argv[1].lower() email_address = sys.argv[2] if command not in ("grant", "revoke"): print "command not recognised" exit() print "Looking for a user with email address: %s" % email_address users = db_session.query(User).filter_by(email=email_address).all() if not len(users): print "No users found with that email address." print "Goodbye." exit() print "Found the following users:" print for user in users: print user print confirmation = "%s admin privileges? (y/n): " % command.capitalize() decision = raw_input(confirmation).lower() if not decision.startswith("y"):