def item_details_add(): """ item_details_add: add item to selected category :return: html create item or redirect in case of POST (item creation) """ if request.method == 'POST': item = CatalogItem() item.name = request.form['name'] item.description = request.form['description'] item.category = session.query(Category).filter( func.lower(Category.name) == func.lower( request.form['category_name'])).first() item.user = session.query(CatalogUser).filter_by( id=login_session['user_id']).one() session.add(item) session.commit() return redirect(url_for('home'), code=301) else: categories = session.query(Category).all() item = CatalogItem() item.name = '' item.description = '' return render_template( 'item_details_add.html', item=item, categories=categories, username=login_session.get("username", None), )
def newMenuItem(categories_id): categories = session.query(Categories).filter_by(id=categories_id).one() if login_session['user_id'] != categories.user_id: return """ <script> function myFunction() {alert( 'You are not authorized to add menu items to this restaurant. Please create your own restaurant in order to add items.')} </script> < body onload = 'myFunction()''>""" if request.method == 'POST': newItem = CatalogItem(categories_id=categories_id, user_id=categories.user_id) if request.form['name'] == "" or request.form[ 'description'] == "" or request.form['price'] == "": flash('All input fields required') else: newItem.name = request.form['name'] newItem.description = request.form['description'] newItem.price = request.form['price'] session.add(newItem) session.commit() flash('New Catalog %s Item Successfully Created' % (newItem.name)) return redirect(url_for('showMenu', categories_id=categories_id)) else: return render_template('newmenuitem.html', categories_id=categories_id)
def newItem(catalog_id): if 'username' not in login_session: return redirect('/login') catalog = session.query(Catalog).filter_by(id=catalog_id).one() if login_session['user_id'] != catalog.user_id: return '''<script>function myFunction() {alert('You are not authorized to add items to this catalog.');} </script><body onload='myFunction()''> ''' if request.method == 'POST': if request.form['name'] == []: flash("Name needed!") return render_template('newitem.html', catalog_id = catalog_id) newItem = CatalogItem(name = request.form['name']) newItem.description = request.form['description'] newItem.price = request.form['price'] newItem.catalog_id = catalog_id newItem.user_id = catalog.user_id session.add(newItem) session.commit() flash("New item created!") items = session.query(CatalogItem).filter_by(catalog_id=catalog_id).all() return render_template('Items.html', catalog = catalog, items = items) else: return render_template('newitem.html', catalog_id = catalog_id)
def addItem(category_id): ''' Method: add a CatalogItem in the database Args: arg1(int): category_id, parent category for the new item Returns: for GET: Renders HTML template for the additem.html page for POST: Adds item to database and redirects to showCategory method ''' category = session.query(Category).filter_by(id=category_id).one_or_none() if request.method == 'POST': if request.form['name']: user_id = getUserID(login_session['email']) if (request.files): filename = upload_file(request) newItem = CatalogItem(name=request.form['name'], description=request.form['description'], category_id=category.id, picture=filename, user_id=user_id) else: newItem = CatalogItem(name=request.form['name'], description=request.form['description'], category_id=category.id, user_id=user_id) session.add(newItem) flash('Item %s Successfully Created' % newItem.name) session.commit() return redirect(url_for('showCategory', category_id=category.id)) return render_template('additem.html', category_id=category_id, login_session=login_session)
def addItem(): if checkLogin() == False: flash('Only registered users my add items to the catalog. Please log in!') return redirect('/catalog/') if request.method == 'POST': name = request.form['name'] description = request.form['description'] category = request.form['category'] image = request.form['image'] if name != "" and description != "" and category != "": item = CatalogItem(name=name, description=description, category=category, user_id=login_session['user_id']) # Use the image input field and name of item to write the file to disk # If the file can't be downloaded for any reason it will be ignored item.image = writeImage(name, image) session.add(item) session.commit() flash('Added ' + name + ' to the catalog!') return redirect(url_for('mainPage')) else: flash('Invalid input') return render_template(ADD_ITEM_TEMPLATE, login_session=login_session) else: return render_template(ADD_ITEM_TEMPLATE, login_session=login_session)
def new_item(): if request.method == 'POST': #null check if not request.json or not 'name' in request.json: abort(400) DBSession = sessionmaker(bind = engine) session = DBSession() #if creating item and category does not yet exist, create it. try: categ = session.query(Category).filter_by(name=request.json['category_name']).one() except NoResultFound: categ = Category(name = request.json['category_name'], description="") session.add(categ) session.commit() #create new item and persist it newItem = CatalogItem(name = request.json['name'], price=request.json['price'], description=request.json.get('description',""), owner_id=request.json['owner_id'],category_id=categ.id) session.add(newItem) session.commit() session.close() return jsonify({'status':'success'}) elif request.method == 'GET': #return all catalog items DBSession = sessionmaker(bind = engine) session = DBSession() items = session.query(CatalogItem).all() data = [] for item in items: print item data.append(item.serialize()) session.close() return jsonify({'items':data}) else: abort(400)
def create_item(session, item_name, desc, cat_name): # Create a new item catalogItem = CatalogItem(name=item_name, description=desc, category=cat_name) # Add and commit the item add_commit(session, catalogItem) return
def add_item(): """ Handles the inserting of a new item. """ if request.method == 'POST': # Get posted values title = request.form['title'] description = request.form['description'] category_id = request.form['category_id'] # Create new item new_item = CatalogItem(name=title, description=description, category_id=category_id, user_id=login_session['user_id']) session.add(new_item) session.commit() return redirect( url_for('itemcatalog.catalog_items', category_name=new_item.category.name)) else: cat = session.query(Category).all() return render_template('add-item.html', categories=cat, login_session=login_session)
def newCatalogItem(cat_name): """ newCatalogItem creates a new catalogItem args: takes post method and category name """ if request.method == 'POST': category = session.query(Category).filter_by(name=cat_name).one() newItem = CatalogItem(name=request.form['name'], title=request.form['title'], description=request.form['description'], price=request.form['price'], img=request.form['img'], category_id=category.id, user=getUserInfo(login_session['user_id'])) session.add(newItem) session.commit() flash("new catalog item created!") return redirect( url_for('categoryMenu', cat_name=cat_name, login_session=login_session)) else: return render_template('newcatalogitem.html', cat_name=cat_name, login_session=login_session)
def addItem(catalog_id): if request.method == 'POST': catalog = Catalog.query.filter_by(id=catalog_id).first() if catalog.created_by == current_user: newItem = CatalogItem(name=request.form['item_name'], description=request.form['item_description'], catalog_id=request.form['catalog_select']) db.session.add(newItem) db.session.commit() flash('Item Added Succesfully') return redirect( url_for('catalogDetails', catalog_id=newItem.catalog_id)) else: flash('Only creator of this category can add the item') catalog = Catalog.query.filter_by(id=catalog_id).first() items = CatalogItem.query.filter_by(catalog_id=catalog_id).all() return render_template('catalog_item.html', catalog=catalog, catalogItems=items) else: catalogs = Catalog.query.all() catalog = Catalog.query.filter_by(id=catalog_id).first() return render_template('add_item.html', catalogs=catalogs, catalog=catalog, method="ADD")
def newCatalogItem(category_name): """Create a new item in the database Args: category_name(str): the name of the category the item belongs to Returns: render the newcatalogitem template if a GET request is sent redirect to the category page if the POST request succeeds""" if 'provider' in login_session: form = FormItem() if form.validate_on_submit(): category = session.query(Category).filter_by( name=category_name).one() newItem = CatalogItem(name=form.name.data, description=form.description.data, category_id=category.id, image_loc=form.image_loc.data) session.add(newItem) session.commit() return redirect( url_for('showCategory', category_name=category_name)) return render_template('newcatalogitem.html', category_name=category_name, form=form) else: flash("Please login to be able to add a new item") return redirect(url_for('showCategory', category_name=category_name))
def addItem(): if is_logged_in(): categories_names = session.query(Category).all() # if the method is GET just show the adding item # form. if request.method == 'GET': return render_template("addItem.html", categories_names=categories_names) # if the method is POST the code will process # the sent data and act accordingly if request.method == 'POST': if request.form['itemName'] == '' \ or request.form['category_selection'] == '': flash("Couldn't add the " "item because you didn't fill the fields") return showCategories() item_name = request.form['itemName'] category_id = request.form['category_selection'] item_description = request.form['itemDescription'] new_item = CatalogItem(name=item_name, category_id=category_id, user_id=str(login_session['userId']), description=item_description) print("After adding : ") print(login_session['userId']) session.add(new_item) session.commit() flash("Item added successfully") return showCategories() else: flash("You aren't logged in") return showCategories()
def newCatalogItem(): categories = session.query(Category).order_by(asc(Category.name)) if request.method == 'POST': item = session.query(CatalogItem).filter_by( title=request.form['title']).first() if not item: category = session.query(Category).filter_by( id=request.form['category']).one() newCatalogItem = CatalogItem( title=request.form['title'], description=request.form['description'], category=category, user_id=login_session['user_id']) session.add(newCatalogItem) flash('New Catalog Item %s Successfully Created' % newCatalogItem.title) session.commit() return redirect( url_for('showCatalogItem', category_name=category.name, catalogitem_title=newCatalogItem.title)) else: return render_template('formCatalogItem.html', isNew=True, categories=categories, username=checkUserLogged()) else: return render_template('formCatalogItem.html', isNew=True, categories=categories, username=checkUserLogged())
def add_item(): """ Show page with add item form. If the form was filled out, process the form and add new item to database. :return: Redirect the user to the new item page on a successful additon, else return to the add_item page. """ if request.method == 'POST': title = request.form['title'] description = request.form['description'] category_id = int(request.form['category_id']) category = session.query(Category).get(category_id) image = request.files['image'] image_path = store_image_to_media(image) if image_path is not None: new_item = CatalogItem( title=title, description=description, image_path=image_path, category=category ) session.add(new_item) session.commit() return redirect(url_for('view_item', item_id=new_item.id)) categories = session.query(Category).all() return render_template('add_new_item.html', categories=categories)
def newCatalogItem(catalog_name): if 'username' not in login_session: return redirect('/login') catalog = session.query(Catalog).filter_by(name=catalog_name).one() if login_session['user_id'] != catalog.user_id: return "<script>function myFunction() " \ "{alert('You are not authorized to " \ "add menu items to this catalog." \ " Please create your own catalog in " \ "order to add items.');}" \ "</script><body onload='myFunction()'>" if request.method == 'POST': print('create item post') newItem = CatalogItem(name=request.form['name'], description=request.form['description'], price=request.form['price'], course=request.form['course'], catalog_id=catalog.id, user_id=catalog.user_id) session.add(newItem) session.commit() flash('New Menu %s Item Successfully Created' % (newItem.name)) return redirect(url_for('showCatalog', catalog_id=catalog_name)) else: return render_template('newmenuitem.html', catalog_name=catalog_name)
def itemCreate(): if 'username' not in login_session: return redirect(url_for('homepage')) print(login_session) if request.method == 'GET': return render_template('create.html') elif request.method == 'POST': session = DBSession() try: category_id = session.query(Category).filter_by( name=request.form['category']).one().id except: newCategory = Category(name=request.form['category']) session.add(newCategory) session.commit() category_id = session.query(Category).filter_by( name=request.form['category']).one().id user_id = getUserID(login_session['email']) print('current user id:', user_id) newItem = CatalogItem(name=request.form['name'], description=request.form['description'], category_id=category_id, timestamp=datetime.now(), user_id=user_id) session.add(newItem) session.commit() return redirect(url_for('homepage')) else: pass
def newCatalogItem(catalog_name): if 'username' in login_session: isLogin = True else: isLogin = False if request.method == 'POST': selectedCatalog = session.query(Catalog).filter_by( name=catalog_name).one() allItems = session.query(CatalogItem).all() names = [] for item in allItems: names.append(item.name) newItem = CatalogItem(name=request.form['name'], description=request.form['description'], catalog=selectedCatalog, user=login_session['username']) if newItem.name not in names: session.add(newItem) session.commit() flash('Item named ' + request.form['name'] + ' created') return redirect( url_for('ListItems', catalog_name=catalog_name, islogin=isLogin)) flash('Item already exists') return redirect(url_for('Index')) else: return render_template('newCatalogItem.html', catalog_name=catalog_name, islogin=isLogin)
def addItem(category_name): category = \ session.query(CatalogCategory).filter_by(name=category_name).first() if 'user_id' in login_session: if request.method == 'POST': if request.form['ItemName'] and request.form['ItemDescription']: newItem = \ CatalogItem(name=request.form['ItemName'], description=request.form['ItemDescription'], category_id=category.id, user_id=login_session['user_id']) session.add(newItem) session.commit() flash('New Item Added: %s' % newItem.name) return redirect( url_for('showItems', category_name=category.name)) else: flash('Error adding new item. Please provide a name \ and a description.') return render_template('item_add.html', login_session=login_session, category=category) else: return render_template('item_add.html', login_session=login_session, category=category) else: response = jsonify({'message': 'Shoundn\'t you be logged in?'}) return response, 401
def main(): """Creats catalog database entries from a JSON file """ current_dir = os.path.dirname(os.path.abspath(__file__)) engine = create_engine(database_path) Base.metadata.create_all(engine) DBSession = sessionmaker(bind=engine) session = DBSession() json_file_path = os.path.join(current_dir, 'initial_catalog_data.json') with open(json_file_path, 'r') as f: data = json.load(f) for catalog_data in data: catalog = Catalog(name=catalog_data['name']) session.add(catalog) session.commit() catalog_id = session.query(Catalog)\ .filter_by(name=catalog_data['name'])\ .one()\ .id for item_data in catalog_data['items']: item = CatalogItem(name=item_data['name'], description=item_data['description'], catalog_id=catalog_id, creation_date=datetime.now(), user_id=item_data['user_id']) session.add(item) session.commit() session.close()
def newItem(): if 'username' not in login_session: flash('You are not logged in!') return redirect('/catalog') categories = session.query(Category).order_by(asc(Category.name)) if request.method == 'GET': return render_template('newItem.html', categories=categories) else: newItem = CatalogItem() if request.form['title']: newItem.title = request.form['title'] # FriendlyTitle is used for an items route URL. # Removes spaces and transforms to lowercase friendlyTitle = request.form['title'].lower() friendlyTitle = friendlyTitle.replace(' ', '') newItem.friendlyTitle = friendlyTitle if request.form['description']: newItem.description = request.form['description'] if request.form['category']: category = session.query(Category).filter_by( name=request.form['category']).one() newItem.category_id = category.id newItem.user_id = login_session['user_id'] session.add(newItem) session.commit() flash('Item successfully added!') return redirect(url_for('catalog'))
def newCatalogItem(): if request.method == 'POST': newCatalog = CatalogItem(title=request.form.get('title'), content=request.form.get('content'), catalog_type=request.form.get('catalog_type')) session.add(newCatalog) session.commit() flash("new post has been created!") return redirect(url_for('showCatalogs')) else: return render_template('newCatalog.html')
def newcatalog(): if 'username' not in login_session: return redirect('/login') if request.method == 'POST': newCatalog = CatalogItem(name=request.form['name'], user_id=login_session['user_id']) session.add(newCatalog) flash('new catalog %s is successfully created' % newCatalog.name) session.commit() return redirect(url_for('Catalog')) else: return render_template('newCatalog.html')
def newItem(category_name): if 'username' in login_session: if request.method == 'POST': #Post Block #CSRF mitigation if request.form['token_id'] != login_session['securityState']: flash("Error, incorrect security Key. please try again") return redirect(url_for('showCatalog')) else: #Authenticated actuallly change #actually post change file = request.files['file'] if file and allowed_file(file.filename): filename = secure_filename(file.filename) print "file to be saved: %s" % filename #should check to see if file exists, if so increment name # # # # # # file.save( os.path.join(app.config['UPLOAD_FOLDER'], filename)) print "file saved at: %s" % os.path.join(UPLOAD_FOLDER + "/" + file.filename) category = session.query(Category).filter_by( name=request.form['Category']).one() newItem = CatalogItem(user_id=login_session['user_id'], name=request.form['name'], description=request.form['description'], category_id=category.id, catalog_image_url=os.path.join( file.filename)) session.add(newItem) session.commit() return redirect(url_for('showCatalog')) else: #GET Block #page to create new item login_session['securityState'] = createState() categories = session.query(Category).all() return render_template('ItemNew.html', category_name=category_name, state=login_session['securityState'], categories=categories, logged_in=1) #if the user isnt' logged in they can't edit the catalog else: return redirect(url_for('login'))
def create_category_item(login_session): """ Create new item :param login_session: user login info :return: """ add_new_item = CatalogItem(name=request.form['name'], description=request.form['description'], price=request.form['price'], category_id=request.form['category'], user_id=login_session['user_id']) session.add(add_new_item) session.commit()
def newCatalogItem(catalog_id): if request.method == 'POST': newItem = CatalogItem(name=request.form['name'], description=request.form['description'], catalog_id=catalog_id) session.add(newItem) session.commit() return redirect(url_for('showItem', catalog_id=catalog_id)) else: return render_template('newcatalogitem.html', catalog_id=catalog_id) return render_template('newcatalogitem.html', catalog=catalog)
def addItem(item_name, item_desc, cat_id): catitem = CatalogItem() catitem.item_name = item_name catitem.description = item_desc catitem.cat_id = cat_id catitem.user_id = login_session['userid'] db_session.add(catitem) db_session.commit()
def newCatalogItem(): # If statement to allow only logged in personale to create items. if 'username' not in login_session: return redirect('/login') items = session.query(CatalogItem) if request.method == 'POST': # This if statement ceates a new name, description, or price for the new catalog item. newItem = CatalogItem(name=request.form['name'], description=request.form['description'], price=request.form['price'], user_id=login_session['user_id']) session.add(newItem) session.commit() return redirect(url_for('ListCatalog', items = items)) else: return render_template('newitemmenu.html', items = items)
def initAll(): # clean up by deleting old resources session.query(Category).delete() session.query(CatalogItem).delete() session.query(User).delete() # load users for user in loadData('usersInit.json', 'Users'): session.add( User(name=user['name'], email=user['email'], picture=user['picture'])) session.commit() # load categories for category in loadData('categoriesInit.json', 'Categories'): user_id = category['user_id'] user = session.query(User).filter_by(id=user_id).one() session.add(Category( name=category['name'], user=user, )) session.commit() # load catalog items for catalogItem in loadData('itemsInit.json', 'CatalogItems'): category_id = catalogItem['category_id'] user_id = catalogItem['user_id'] category = session.query(Category).filter_by(id=category_id).one() user = session.query(User).filter_by(id=user_id).one() session.add( CatalogItem( name=catalogItem['name'], title=catalogItem['title'], description=catalogItem['description'], price=catalogItem['price'], category=category, img=catalogItem['img'], user=user, )) session.commit()
def add_catalog_item(catalog_item, creation_date, catalog_id, name, description, user_id): catalog_item = CatalogItem(catalog_item, creation_date, catalog_id, name, description, user_id) session.add(catalog_item) session.commit()
def newcatalog(): if 'email' not in login_session: return redirect('/login') if request.method == 'POST': new = CatalogItem(name=request.form['name'], user_id=login_session['user_id']) session.add(new) session.commit() flash("New Catalog added") return redirect(url_for('showcatalogs')) else: return render_template('newcatalog.html')
def newCatalogItem(): all_categories = session.query(Category).all() if request.method == 'POST': addNewItem = CatalogItem(name=request.form['name'], description=request.form['desc'], price=request.form['price'], category_id=request.form['category'], user_id=login_session['user_id']) session.add(addNewItem) session.commit() flash("New catalog item created!", 'success') return redirect(url_for('show_Catalog')) return render_template('new_item.html', categories=all_categories)
def newMovie(): """return "This page will be for adding new movie" """ categories = session.query(Category).all() if request.method == 'POST': addNewItem = CatalogItem(name=request.form['name'], description=request.form['description'], category_id=request.form['category'], user_id=login_session['user_id']) session.add(addNewItem) session.commit() flash("New movie has been created!", 'success') return redirect(url_for('showMovieCatalog')) else: return render_template('new_movie.html', categories=categories)
def create_item(category_id): insert_signin_state() # Check if user is logged in. If not, user is not authorized to create new items. if not session['logged_in']: return not_authorized() if request.method == 'GET': # If user is logged in and is trying to access the "create item" form, # insert CSRF token for validation when the form is POST'ed. insert_csrf_token() return render_template('create_item.html', STATE=get_signin_token(), csrf_token=get_csrf_token(), user=get_current_user_profile(), item=CatalogItem(), category_id=category_id, category_summary=get_category_summary()) # Name, description, and category fields are required, so make sure they're # present before inserting any new items into the database. elif request.method == 'POST': # If code reaches this far, form data was valid. First thing is to check # the CSRF token to ensure that the user who requested the item creation # form is the user who is submitting the data. if request.form['csrf_token'] != get_csrf_token(): return bad_csrf_token() if not request.form['name']: flash('Name field is required', 'error') if not request.form['description']: flash('Description field is required', 'error') if not request.form['category']: flash('Description field is required', 'error') # If there are any flashed messages, then the submitted form contained # invalid data. User will be presented with the form again, including # an explanation as to why the previously submitted form was rejected. if len(get_flashed_messages()) > 0: item = CatalogItem(name=request.form['name'], description=request.form['description']) return render_template('create_item.html', STATE=get_signin_token(), csrf_token=get_csrf_token(), user=get_current_user_profile(), item=item, category_id=category_id, category_summary=get_category_summary()) user = get_user(session['google_id']) new_item = CatalogItem(name=request.form['name'], description=request.form['description'], category_id=request.form['category'], user_id=user.id) image_file = request.files['image_file'] # First check to see if form data contains image data. if image_file: # ... then check to see if submitted image has valid extension. file_extension = image_file.filename.lower().rsplit('.', 1)[1] if file_extension not in ALLOWED_EXTENSIONS: flash('Only image files (extensions jpg, jpeg, png, gif) are ' 'allowed for item images.', 'error') # If extension was invalid, redirect user back to item creation # form. return redirect(url_for('create_item', category_id=category_id)) else: new_item.image_blob = image_file.read() db_session.add(new_item) db_session.commit() flash('"' + new_item.name + '" was successfully created!', 'success') # Item was accepted; redirect user to newly-created item's page. return redirect(url_for('view_item', category_id=category_id, item_id=new_item.id))