Example #1
0
def all_posts():
    db = get_db()
    posts = db.execute(
        'SELECT p.id, title, created, author_id, description, file_name, username, species, condition, timept'
        ' FROM post p JOIN user u ON p.author_id = u.id'
        ' ORDER BY created DESC').fetchall()
    return posts
Example #2
0
def update(id):
    post = get_post(id)

    if request.method == 'POST':
        title = request.form['title']
        description = request.form['description']

        species = request.form['species']
        condition = request.form['condition']
        timept = request.form['timept']

        error = None
        if not title:
            error = 'Title is required.'
        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute(
                'UPDATE post SET title = ?, description = ?, species = ?, condition = ?, timept = ?'
                ' WHERE id = ?',
                (title, description, species, condition, timept, id))
            db.commit()
            return redirect(url_for('posts.index'))

    return render_template('posts/update.html', post=post)
Example #3
0
def load_logged_in_user():
    user_id = session.get('user_id')

    if user_id is None:
        g.user = None
    else:  # check if user id is stored in session and get the user's data
        g.user = get_db().execute('SELECT * FROM user WHERE id = ?',
                                  (user_id, )).fetchone()
Example #4
0
def get_post(id):
    db = get_db()
    post = db.execute(
        'SELECT p.id, title, created, author_id, description, file_name, username, species, condition, timept'
        ' FROM post p JOIN user u ON p.author_id = u.id'
        ' WHERE p.id = ?', (id, )).fetchone()

    if post is None:
        abort(404, "Post id {0} doesn't exist.".format(id))
    # if check_author and post['author_id'] != g.user['id']:
    #    abort(403)

    return post
Example #5
0
def create():
    if request.method == 'POST':
        title = request.form['title']
        description = request.form['description']
        file = request.files['file']
        filename = secure_filename(file.filename)

        species = request.form['species']
        condition = request.form['condition']
        timept = request.form['timept']

        error = None
        if not title:
            error = 'Title is required.'
        if error is not None:
            flash(error)

        if file:  # if there's a file save it
            # save info in SQL database
            db = get_db()
            db.execute(
                'INSERT INTO post (title, author_id, description, file_name, species, condition, timept)'
                ' VALUES (?, ?, ?, ?, ?, ?, ?)',
                (title, g.user['id'], description, filename, species,
                 condition, timept))
            db.commit()

            postid = str(
                db.execute(
                    'SELECT seq from sqlite_sequence WHERE name = "post"').
                fetchone()['seq'])

            # save file on Amazon S3
            my_bucket = get_bucket()
            my_bucket.Object(file.filename).put(Body=file)
            flash("File uploaded successfully! Entries added to index!")

            # make Whoosh index for file
            bucket = "proteomics-db-test"
            file_df = format_file(get_df(bucket, filename))
            file_dict = make_dict(file_df)
            num_proteins = len(file_df)

            # not a great way to pass condition like this, because any
            # modification to post will not be accepted by Whoosh
            create_index(postid, condition, file_dict, create_schema(),
                         num_proteins)

            return redirect(url_for('posts.index'))

    return render_template('posts/create.html')
Example #6
0
def delete(id):
    # remove from SQL database
    get_post(id)
    db = get_db()
    db.execute('DELETE FROM post WHERE id = ?', (id, ))
    db.commit()

    key = request.form['key']
    my_bucket = get_bucket()
    my_bucket.Object(key).delete()

    # remove file contents from Whoosh index
    remove_doc(str(id))

    flash('File deleted successfully! Contents removed from index!')

    return redirect(url_for('posts.index'))
Example #7
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'There is no account associated with this username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            session.clear()  # session dict stores data info across requests
            session['user_id'] = user['id']
            return redirect(url_for('search.search'))

        flash(error)

    return render_template('auth/login.html')
Example #8
0
def register():
    if request.method == 'POST':
        # get registration info
        first_name = request.form['first_name']
        last_name = request.form['last_name']
        email = request.form['email']
        username = request.form['username']
        password = request.form['password']
        affiliation = request.form['affiliation']

        db = get_db()
        error = None

        # validate information
        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif db.execute('SELECT id FROM user WHERE username = ?',
                        (username, )).fetchone() is not None:
            error = 'User {} is already registered.'.format(
                username)  # get first same username, if any

        # save
        if error is None:
            db.execute(
                'INSERT INTO user (first_name, last_name, email, username, password, affiliation) '
                'VALUES (?, ?, ?, ?, ?, ?)',
                (first_name, last_name, email, username,
                 generate_password_hash(password), affiliation))
            db.commit()
            return redirect(url_for('auth.login'))

        flash(error)

    return render_template(
        'auth/register.html')  # register if not already registered