def updateCustomer(request):
Authorizer.authorizeCustomer(request)
postVars = request.POST
validKeys = ['lastName', 'firstName', 'address', 'city', 'state', 'zipCode', 'telephone', 'email', 'creditCardNumber']
acceptedValues = []
queryAppend = []
query = "UPDATE Customers SET "
for key in validKeys:
if key in postVars:
queryAppend.append(key + " = %s")
acceptedValues.append(postVars[key])
acceptedValues.append(request.matchdict['id'])
query = query + ', '.join(queryAppend) + " WHERE ID = %s"
try:
cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305')
cursor = cnx.cursor()
cursor.execute(query, tuple(acceptedValues))
cursor.close()
cnx.commit()
cnx.close()
except mysql.connector.Error as err:
return Response("Something went wrong: {}".format(err))
Authorizer.refreshSession(request)
raise exc.HTTPOk()
def addAuction(request):
Authorizer.authorizeCustomer(request)
requiredKeys = ["itemID", "sellerID", "closingTime", "openingBid", "reserve", "increment"]
postVars = request.POST
acceptedKeys = []
for key in requiredKeys:
if key in postVars:
acceptedKeys.append(postVars[key])
else:
print(key)
raise exc.HTTPBadRequest()
# print(postVars['password'])
try:
cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305")
cursor = cnx.cursor(dictionary=True)
employees = []
query = "SELECT id FROM Employees WHERE type = 1"
cursor.execute(query)
for row in cursor:
employees.append(row["id"])
acceptedKeys.append(employees[randint(0, len(employees) - 1)])
query = "INSERT INTO Auctions(itemID, sellerID, openingTime, closingTime, openingBid, reserve, increment, employeeID)\
VALUES (%s, %s, NOW(), %s, %s, %s, %s, %s);"
cursor.execute(query, tuple(acceptedKeys))
cursor.close()
cnx.commit()
cnx.close()
except mysql.connector.Error as err:
cursor.close()
cnx.close()
return Response("Something went wrong: {}".format(err))
raise exc.HTTPOk()
def itemSuggestions(request):
Authorizer.authorizeCustomer(request)
session = request.session
customerID = None
if(Authorizer.getCurrentUserType(request) == 0):
customerID = Authorizer.getCurrentUser(request)['id']
else:
if('customerID' in request.GET):
customerID = request.GET['customerID']
else:
raise exc.HTTPBadRequest()
query = """
SELECT * FROM Items WHERE type IN (
SELECT type FROM Items WHERE id IN (
SELECT itemID FROM Searches WHERE customerID = %s
)
)
AND Items.name NOT IN (
SELECT name FROM Items WHERE id IN (
SELECT itemID FROM Auctions WHERE id IN (
SELECT auctionID FROM Bids WHERE customerID = %s
)
)
)
LIMIT 5
"""
suggestedItems = []
try:
cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305')
cursor = cnx.cursor(dictionary=True)
cursor.execute(query, tuple([str(customerID), str(customerID)]))
for row in cursor:
item = {}
for key in row:
if(isinstance(row[key], datetime)):
item[key] = row[key].isoformat()
elif(isinstance(row[key], Decimal)):
item[key] = str(row[key])
else:
item[key] = row[key]
suggestedItems.append(item)
for item in suggestedItems:
query = ("SELECT url FROM ItemsImages WHERE itemID = %s")
cursor.execute(query, tuple([str(item['id'])]))
urls = []
for row in cursor:
urls.append(row['url'])
item['images'] = urls
cursor.close()
cnx.close()
except mysql.connector.Error as err:
return Response("Something went wrong: {}".format(err), status=500)
return suggestedItems
def apiAddBid(request):
Authorizer.authorizeCustomer(request)
auctionID = request.matchdict["id"]
customer = request.session["currentUser"]
requiredKeys = ["value", "maxBid"]
postVars = request.POST
acceptedKeys = []
for key in requiredKeys:
if key in postVars:
acceptedKeys.append(postVars[key])
else:
print(key)
raise exc.HTTPBadRequest()
try:
cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305")
cursor = cnx.cursor(dictionary=True, buffered=True)
query = "SELECT COUNT(*) as count, itemID, increment, openingBid, sellerID FROM Auctions WHERE id = %s AND closingTime > NOW()"
cursor.execute(query, tuple([str(auctionID)]))
row = cursor.fetchone()
auctionCount = row["count"]
if auctionCount == 0:
cursor.close()
cnx.close()
raise exc.HTTPBadRequest()
itemID = row["itemID"]
increment = row["increment"]
if customer["id"] < row["sellerID"]:
raise exc.HTTPForbidden()
postVars["value"] = Decimal(postVars["value"])
postVars["maxBid"] = Decimal(postVars["maxBid"])
if postVars["value"] < row["openingBid"]:
raise exc.HTTPForbidden()
# Check if bid already exists
query = "SELECT * FROM Bids WHERE customerID = %s AND auctionID = %s"
cursor.execute(query, tuple([customer["id"], auctionID]))
print("rowcount", cursor.rowcount)
if cursor.rowcount > 0:
row = cursor.fetchone()
query = "UPDATE Bids SET amount = %s, maxBid = %s WHERE id = %s"
cursor.execute(query, tuple([postVars["value"], postVars["maxBid"], row["id"]]))
else:
query = "INSERT INTO Bids(itemID, customerID, maxBid, amount, time, auctionID) VALUES (%s, %s, %s, %s, NOW(), %s)"
cursor.execute(
query, tuple([str(itemID), str(customer["id"]), postVars["maxBid"], postVars["value"], auctionID])
)
query = "INSERT INTO BidLogs (amount, customerID, auctionID, time) VALUES (%s, %s, %s, NOW())"
cursor.execute(query, tuple([postVars["value"], customer["id"], auctionID]))
query = "SELECT * from Bids WHERE auctionID = %s"
cursor.execute(query, tuple([str(auctionID)]))
bids = []
for row in cursor:
bid = {}
for key in row:
if isinstance(row[key], datetime):
bid[key] = row[key].isoformat()
else:
bid[key] = row[key]
bids.append(bid)
changed = True
currentMaxBid = 0
while changed:
changed = False
currentMaxBid = max([bid["amount"] for bid in bids])
numOccurences = [bid["amount"] for bid in bids].count(currentMaxBid)
print(numOccurences)
# print(currentMaxBid)
if numOccurences == 1:
for bid in bids:
print("\n")
print(bid["amount"])
print(increment)
if (bid["amount"] + increment) <= bid["maxBid"] and bid["amount"] < currentMaxBid:
bid["changed"] = True
changed = True
bid["amount"] = bid["amount"] + increment
else:
for bid in bids:
print("\n")
print(bid["amount"])
print(increment)
if (bid["amount"] + increment) <= bid["maxBid"] and bid["amount"] <= currentMaxBid:
bid["changed"] = True
changed = True
bid["amount"] = bid["amount"] + increment
for bid in bids:
if "changed" in bid:
# print('wut')
query = "UPDATE Bids SET amount = %s, time = NOW() WHERE id = %s"
cursor.execute(query, tuple([bid["amount"], bid["id"]]))
# print('HIIII')
query = "INSERT INTO BidLogs (customerID, amount, time, auctionID) VALUES (%s, %s, NOW(), %s)"
cursor.execute(query, tuple([bid["customerID"], str(bid["amount"]), auctionID]))
query = "UPDATE Auctions SET currentBid = %s WHERE id = %s"
cursor.execute(query, tuple([str(currentMaxBid), auctionID]))
cursor.close()
print("COMMITTING")
cnx.commit()
cnx.close()
except mysql.connector.Error as err:
cursor.close()
cnx.close()
return Response("Something went wrong: {}".format(err), 500)
raise exc.HTTPOk()
