def newCategory(): """ Create new category """ # user must be authenticated if 'user_id' not in session: return redirect('/login') form = CategoryForm() if form.validate_on_submit(): # check that name != 'new', which is used for routing if form.name.data.lower() == 'new': form.name.errors.append("'new' is a reserved word, and cannot" " be used as a category name.") return render_template('new_category.html', form=form) category = Category(name=form.name.data, user_id=session['user_id']) db_session.add(category) try: db_session.commit() except exc.IntegrityError: # category name should be unique db_session.rollback() form.name.errors.append("Category already exists.") return render_template('new_category.html', form=form) flash("Created new category %s." % category.name) return redirect(url_for('catalog')) return render_template('new_category.html', form=form)
def editCategory(name): """ Edit a category """ # user must be authenticated if 'user_id' not in session: return redirect('/login') category = db_session.query(Category).filter_by(name=name).first() if category is None: abort(404) if category.user_id != session['user_id']: abort(401) form = CategoryForm(obj=category) if form.validate_on_submit(): form.populate_obj(category) db_session.add(category) try: db_session.commit() except exc.IntegrityError: # category name should be unique db_session.rollback() form.name.errors.append("Category already exists.") return render_template('edit_category.html', category=category, form=form) flash("Category %s edited." % category.name) return redirect(url_for('category', name=category.name)) return render_template('edit_category.html', category=category, form=form)
def editItem(name): if "user_id" not in session: return redirect("/login") item = db_session.query(Item).filter_by(name=name).one() if item is None: abort(404) if item.user_id != session["user_id"]: abort(401) form = ItemForm(obj=item) categories = db_session.query(Category.id, Category.name).all() form.category.choices = categories if form.validate_on_submit(): # form.populate_obj(item) item.name = form.name.data item.description = form.description.data item.category_id = form.category.data filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename? filename = secure_filename(form.image.data.filename) form.image.data.save(os.path.join(app.config["UPLOAD_FOLDER"], filename)) item.image = filename db_session.add(item) db_session.commit() flash("Item %s edited." % item.name) return redirect(url_for("item", name=item.name)) return render_template("editItem.html", item=item, form=form)
def newItem(): if "user_id" not in session: return redirect("/login") form = ItemForm() categories = db_session.query(Category.id, Category.name).all() form.category.choices = categories if form.validate_on_submit(): filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename? filename = secure_filename(form.image.data.filename) form.image.data.save(os.path.join(app.config["UPLOAD_FOLDER"], filename)) # create new item and commit to database item = Item( name=form.name.data, description=form.description.data, category_id=form.category.data, image=filename, user_id=session["user_id"], pub_date=datetime.utcnow(), ) db_session.add(item) db_session.commit() flash("New item created.") return redirect(url_for("item", name=item.name)) return render_template("newItem.html", form=form)
def createUser(session): """ Create new user record """ newUser = User(name=session['username'], email=session[ 'email'], picture=session['picture']) db_session.add(newUser) db_session.commit() user = db_session.query(User).filter_by(email=session['email']).one() return user.id
def newCategory(): if "user_id" not in session: return redirect("/login") form = CategoryForm() if form.validate_on_submit(): category = Category(name=form.name.data, user_id=session["user_id"]) db_session.add(category) db_session.commit() flash("New category created.") return redirect(url_for("catalog")) return render_template("newCategory.html", form=form)
def newItem(): """ Create a new item """ # user must be authenticated if 'user_id' not in session: return redirect('/login') form = ItemForm() categories = db_session.query(Category.id, Category.name).all() form.category_id.choices = categories if form.validate_on_submit(): # check that name != 'new', which is used for routing if form.name.data.lower() == 'new': form.name.errors.append("'new' is a reserved word, and cannot" " be used as an item name.") return render_template('new_item.html', form=form) filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # get the filename, ensuring that it is safe filename = secure_filename(form.image.data.filename) form.image.data.save( os.path.join(app.config['UPLOAD_FOLDER'], filename)) # create new item and commit to database item = Item( name=form.name.data, description=form.description.data, category_id=form.category_id.data, image=filename, user_id=session['user_id'], pub_date=datetime.utcnow() ) db_session.add(item) try: db_session.commit() except exc.IntegrityError: # item name should be unique db_session.rollback() form.name.errors.append("Item already exists.") return render_template('new_item.html', form=form) flash("Created new item %s." % item.name) return redirect(url_for('item', name=item.name)) return render_template('new_item.html', form=form)
def editCategory(name): if "user_id" not in session: return redirect("/login") category = db_session.query(Category).filter_by(name=name).one() if category is None: abort(404) if category.user_id != session["user_id"]: abort(401) form = CategoryForm(obj=category) if form.validate_on_submit(): form.populate_obj(category) db_session.add(category) db_session.commit() flash("Category %s edited." % category.name) return redirect(url_for("category", name=category.name)) return render_template("editCategory.html", category=category, form=form)
def editItem(name): """ Edit an item """ # user must be authenticated if 'user_id' not in session: return redirect('/login') item = db_session.query(Item).filter_by(name=name).first() if item is None: abort(404) if item.user_id != session['user_id']: abort(401) form = ItemForm(obj=item) categories = db_session.query(Category.id, Category.name).all() form.category_id.choices = categories if form.validate_on_submit(): filename = item.image # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename, ensuring that it is safe filename = secure_filename(form.image.data.filename) form.image.data.save( os.path.join(app.config['UPLOAD_FOLDER'], filename)) form.populate_obj(item) item.image = filename db_session.add(item) try: db_session.commit() except exc.IntegrityError: # item name should be unique db_session.rollback() form.name.errors.append("Item already exists.") return render_template('edit_item.html', item=item, form=form) flash("Item %s edited." % item.name) return redirect(url_for('item', name=item.name)) return render_template('edit_item.html', item=item, form=form)
def createUser(session): newUser = User(name=session["username"], email=session["email"], picture=session["picture"]) db_session.add(newUser) db_session.commit() user = db_session.query(User).filter_by(email=session["email"]).one() return user.id