def edit_catalog(id): title = 'Edit catalog' catalog = Catalog.find_by_id(id) if not catalog: message = 'No catalog with id %s' % id return render_template('common/not-found.html', message=message) if catalog.user_id != login_session['user_id']: flash('Not authorized to edit this catalog') return redirect(url_for('show_catalogs')) if request.method == 'GET': return render_template('catalog/catalog-form.html', title=title, name=catalog.name, description=catalog.description) else: name = request.form['name'].strip() description = request.form['description'].strip() if name and description: catalog.name = name catalog.description = description catalog.save_to_db() flash('Catalog is successfully updated') return redirect(url_for('show_catalogs')) error = 'Name and description are required' return render_template('catalog/catalog-form.html', title=title, error=error)
def delete_catalog(user, id): if not user: return jsonify({'message': 'Unauthorized'}), 401 catalog = Catalog.find_by_id(id) if not catalog: return jsonify({'message': 'Catalog not found'}), 404 if user.id != catalog.user_id: return jsonify({'message': 'No permission'}), 403 items = Item.find_by_catalog_id(id) for item in items: item.delete_from_db() catalog.delete_from_db() return jsonify({'message': 'Catalog deleted'}), 200
def delete_catalog(id): catalog = Catalog.find_by_id(id) if not catalog: message = 'No catalog with id %s' % id return render_template('common/not-found.html', message=message) if catalog.user_id != login_session['user_id']: flash('Not authorized to delete this catalog') return redirect(url_for('show_catalogs')) if request.method == 'GET': return render_template('catalog/catalog-delete.html', catalog=catalog) else: items = Item.find_by_catalog_id(id) for item in items: item.delete_from_db() catalog.delete_from_db() flash('Catalog is successfully deleted') return redirect(url_for('show_catalogs'))
def create_item(user, catalog_id): if not user: return jsonify({'message': 'Unauthorized'}), 401 catalog = Catalog.find_by_id(catalog_id) if not catalog: return jsonify({'message': 'Catalog not found'}), 404 data = request.json if 'name' not in data or not data['name']: return jsonify({'message': 'No item name'}), 400 if 'description' not in data or not data['description']: data['description'] = '' name = data['name'].strip() description = data['description'].strip() if not name or len(name) > MAX_NAME_LENGTH or len( description) > MAX_DESCRIPTION_LENGTH: return jsonify({'message': 'Bad request'}), 400 item = Item(name, description, catalog_id, user.id) item.save_to_db() return jsonify({'message': 'Item created', 'item': item.serializer}), 200
def edit_catalog(user, id): if not user: return jsonify({'message': 'Unauthorized'}), 401 catalog = Catalog.find_by_id(id) if not catalog: return jsonify({'message': 'Catalog not found'}), 404 if user.id != catalog.user_id: return jsonify({'message': 'No permission'}), 403 data = request.json if 'name' in data and data['name']: name = data['name'].strip() if not name or len(name) > MAX_NAME_LENGTH: return jsonify({'message': 'Bad request'}), 400 catalog.name = name if 'description' in data and data['description']: description = data['description'].strip() if len(description) > MAX_DESCRIPTION_LENGTH: return jsonify({'message': 'Bad request'}), 400 catalog.description = description catalog.save_to_db() return jsonify({ 'message': 'Catalog edited', 'catalog': catalog.serializer }), 200
def get_catalog(id): catalog = Catalog.find_by_id(id) if not catalog: return jsonify({'message': 'Catalog not found'}), 404 return jsonify({'catalog': catalog.serializer}), 200
def get_items(catalog_id): catalog = Catalog.find_by_id(catalog_id) if not catalog: return jsonify({'message': 'Catalog not found'}), 404 items = Item.find_by_catalog_id(catalog_id) return jsonify({'items': [item.serializer for item in items]}), 200