def edit_catalog_item(category_name, item_id): """Allows the edition of a catalog item. Shows an edit form if is a GET request, and changes the information of the item if is a POST request. You can only edit an item if you were the one that created it or if the item has no owner (gplus_id is None). Args: category_name: Name of the current category. item_id: Id of the item that will be edited. Returns: An html form if its a GET request, or redirects to the item if is a POST request. """ if 'credentials' in flask.session: if not flask.session['credentials']: flask.abort(403) else: flask.abort(403) db_session = database.get_session() prepare_login() item = db_session.query(database.Item).get(item_id) if item is None: flask.abort(404) if flask.request.method == 'GET': try: if (flask.session['gplus_id'] == item.gplus_id): categories = db_session.query(database.Category).all() return flask.render_template('edit_item.html', category_name=category_name, categories=categories, item=item) else: flask.abort(404) except KeyError: flask.abort(401) elif flask.request.method == 'POST': try: if (flask.session['gplus_id'] == item.gplus_id): item.name = flask.request.form['name'] item.description = flask.request.form['description'] filename = file_upload.save_upload() if filename: if item.image: file_upload.delete_upload(item.image) item.image = filename else: flask.abort(403) except KeyError: flask.abort(401) db_session.commit() return flask.redirect( flask.url_for('show_catalog_item', category_name=category_name, item_id=item_id))
def edit_catalog_item(category_name, item_id): """Allows the edition of a catalog item. Shows an edit form if is a GET request, and changes the information of the item if is a POST request. You can only edit an item if you were the one that created it or if the item has no owner (gplus_id is None). Args: category_name: Name of the current category. item_id: Id of the item that will be edited. Returns: An html form if its a GET request, or redirects to the item if is a POST request. """ if 'credentials' in flask.session: if not flask.session['credentials']: flask.abort(403) else: flask.abort(403) db_session = database.get_session() prepare_login() item = db_session.query(database.Item).get(item_id) if item is None: flask.abort(404) if flask.request.method == 'GET': try: if (flask.session['gplus_id'] == item.gplus_id): categories = db_session.query(database.Category).all() return flask.render_template('edit_item.html', category_name=category_name, categories=categories, item=item) else: flask.abort(404) except KeyError: flask.abort(401) elif flask.request.method == 'POST': try: if (flask.session['gplus_id'] == item.gplus_id): item.name = flask.request.form['name'] item.description = flask.request.form['description'] filename = file_upload.save_upload() if filename: if item.image: file_upload.delete_upload(item.image) item.image = filename else: flask.abort(403) except KeyError: flask.abort(401) db_session.commit() return flask.redirect(flask.url_for('show_catalog_item', category_name=category_name, item_id=item_id))
def new_catalog_item(category_name): """Adds a new item to the chosen category. Shows a insert form if is a GET request, and inserts a new item to the database on a POST request. You can only create an item if you are logged. Args: category_name: Name of the category which the new item will belong. Returns: An html form if is a GET request, or redirects to the catalog if ifs a POST request. """ if 'credentials' in flask.session: if not flask.session['credentials']: flask.abort(403) else: flask.abort(403) db_session = database.get_session() prepare_login() if flask.request.method == 'GET': categories = db_session.query(database.Category).all() return flask.render_template('new_item.html', categories=categories, category_name=category_name) elif flask.request.method == 'POST': categories = db_session.query(database.Category).all() category = db_session.query(database.Category).filter( database.Category.name == category_name ).one() try: item = database.Item( name=flask.request.form['name'], description=flask.request.form['description'], image=file_upload.save_upload(), gplus_id=flask.session['gplus_id'], category_id=category.id ) except KeyError: flask.abort(401) db_session.add(item) db_session.commit() return flask.redirect(flask.url_for('show_category_items', category_name=category_name))
def new_catalog_item(category_name): """Adds a new item to the chosen category. Shows a insert form if is a GET request, and inserts a new item to the database on a POST request. You can only create an item if you are logged. Args: category_name: Name of the category which the new item will belong. Returns: An html form if is a GET request, or redirects to the catalog if ifs a POST request. """ if 'credentials' in flask.session: if not flask.session['credentials']: flask.abort(403) else: flask.abort(403) db_session = database.get_session() prepare_login() if flask.request.method == 'GET': categories = db_session.query(database.Category).all() return flask.render_template('new_item.html', categories=categories, category_name=category_name) elif flask.request.method == 'POST': categories = db_session.query(database.Category).all() category = db_session.query(database.Category).filter( database.Category.name == category_name).one() try: item = database.Item( name=flask.request.form['name'], description=flask.request.form['description'], image=file_upload.save_upload(), gplus_id=flask.session['gplus_id'], category_id=category.id) except KeyError: flask.abort(401) db_session.add(item) db_session.commit() return flask.redirect( flask.url_for('show_category_items', category_name=category_name))