def buy_post(user): statusMessage = '' # Gets the information needed from the form to create the Ticket object. email = session['logged_in'] quantity = request.form.get('buy-quantity') name = request.form.get('buy-name') if (checkTicketExists(name)): if not(checkTicketName(name)): statusMessage = "Error: The name has to alphanumeric, have no spaces in the beginning or end and be between 6 and 60 characters." elif not(checkQuantity(quantity)): statusMessage = "Error: The quantity of the tickets has to be between 1 and 100." elif not(bn.isEnoughTickets(name, quantity)): statusMessage = "Error: The specified quantity of tickets not available." elif not (hasEnoughBalance(user, name, quantity)): statusMessage = "Error: Your balance is too low!" if statusMessage != '': tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets, buyMessage=statusMessage) else: # evaulates which ticket you want to "buy" and deletes it from the database. bn.buy_ticket(name, quantity) tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets, buyMessage='Purchase successful') else: statusMessage = "Ticket does not exist." tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets, buyMessage=statusMessage)
def sell_ticket(): email = session['logged_in'] user = bn.get_user(email) ticket_name = request.form.get('name_sell') ticket_quantity = int(request.form.get('quantity_sell')) ticket_price = int(request.form.get('price_sell')) ticket_date = request.form.get('expdate_sell') error_message = "" error_list = [] # validate ticket name error_list.append(validate_ticket_name(ticket_name, error_message)) # validate ticket quantity error_list.append(validate_ticket_quantity(ticket_quantity, error_message)) # validate ticket price error_list.append(validate_ticket_price(ticket_price, error_message)) # validate ticket date error_list.append(validate_ticket_date(ticket_date, error_message)) # For any errors, redirect back to / and show an error message tickets = bn.get_all_tickets() if error_list[0] != "": return render_template('index.html', user=user, sell_message=error_list[0], tickets=tickets) elif error_list[1] != "": return render_template('index.html', user=user, sell_message=error_list[1], tickets=tickets) elif error_list[2] != "": return render_template('index.html', user=user, sell_message=error_list[2], tickets=tickets) elif error_list[3] != "": return render_template('index.html', user=user, sell_message=error_list[3], tickets=tickets) # The added new ticket information will be posted on the user profile page else: try: bn.sell_ticket(user, ticket_name, ticket_quantity, ticket_price, ticket_date) tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets) except exc.IntegrityError: bn.rollback( ) # need to roll the database back before uniquness error return render_template( 'index.html', user=user, sell_message="This ticket name already exists", tickets=tickets)
def profile(user): # authentication is done in the wrapper function # see above. # by using @authenticate, we don't need to re-write # the login checking code all the time for other # front-end portals # Get all tickets' info from backend. tickets = bn.get_all_tickets() all_name = [] all_price = [] all_quantity = [] all_email = [] # Add all information to corresponding collumn. for ticket in tickets: all_name.append(ticket.name) all_price.append(ticket.price) all_quantity.append(ticket.quantity) all_email.append(ticket.owner_email) # Pass all information to the HTML page. return render_template('index.html', user=user, names=all_name, prices=all_price, quantities=all_quantity, emails=all_email)
def profile(user): # authentication is done in the wrapper function # see above # by using @authenticate, we don't need to re-write # the login checking code all the time for other # front-end portals tickets = bn.get_all_tickets() s = request.args.get('sMessage') if s == None: s = '' b = request.args.get('bMessage') if b == None: b = '' u = request.args.get('uMessage') if u == None: u = '' return render_template('index.html', user=user, tickets=tickets, sMessage=s, bMessage=b, uMessage=u)
def sell(): """ Route to sell a new ticket. This route will validate the ticket form, if valid it will use a backend function to commit to the database """ if 'logged_in' not in session: return redirect('/login') name = request.form.get('name') quantity = request.form.get('quantity') price = request.form.get('price') date = request.form.get('date') error_message = check_ticket_form(name, quantity, price, date) tickets = bn.get_all_tickets() user = bn.get_user(session['logged_in']) if error_message: return render_template('index.html', sell_message=error_message, tickets=tickets, user=user) bn.create_ticket(name, quantity, price, date, user.email) return redirect('/', code=303)
def buy(): """ Route to buy a ticket. This route will validate the ticket form, if valid it will update the database through a backend function """ if 'logged_in' not in session: return redirect('/login') email = session['logged_in'] # Get user information user = bn.get_user(email) # Sets the error message to blank initially error_message = "" # Get information from the form name = request.form.get('name') quantity = request.form.get('quantity') # Get all tickets to pass to backend function tickets = bn.get_all_tickets() error_message = check_ticket_form(name, quantity) if not error_message: if bn.buy_ticket(name, user, int(quantity)): message = "Tickets bought succesfully" else: error_message = "Ticket could not be bought" # Checks if there is an error, and if there is set the error message if len(error_message) > 0: session['error'] = error_message message = session["error"] del session["error"] return render_template('index.html', buy_message=message, user=user, tickets=tickets)
def sell_get(): #returning a user object of the current session to get the current users email. email = session['logged_in'] #storing the returned user in a variable user = bn.get_user(email) tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets)
def update_post(user): statusMessage = '' email = session['logged_in'] quantity_old = request.form.get('quantity-old') name_old = request.form.get('name-old') price_old = request.form.get('price-old') expiration_date_old = request.form.get('expiration-date-old') # New update changes. quantity_new = request.form.get('quantity-new') name_new = request.form.get('name-new') price_new = request.form.get('price-new') expiration_date_new = request.form.get('expiration-date-new') # Checking validity of the 'new' parameters. if not(checkTicketName(name_new)): statusMessage = "Error: The updated name has to alphanumeric, have no spaces in the begining or end and be between 6 and 60 characters." elif not(checkQuantity(quantity_new)): statusMessage = "Error: The updated quantity of tickets needs to be between 1 and 100." elif not(checkPrice(price_new)): statusMessage = "Error: The updated price needs to be between $10 and $100." elif not(checkDateFormat(expiration_date_new)): statusMessage = "Error: The updated exipiration date needs to be follow the 'YYYYMMDD' format." elif not(checkExpire(expiration_date_new)): statusMessage = "Error: The updated exipiration date cannot be expired." elif not(bn.verify_ticket(quantity_old, name_old, price_old, expiration_date_old, email)): statusMessage = "Error: The entered ticket either does not exist or was entered incorrectly, please try again." if statusMessage != '': tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets, updateMessage=statusMessage) else: # deletes old ticket(s). bn.delete_ticket(quantity_old, name_old, price_old, expiration_date_old, email) # submits new ticket(s) to the database. bn.sell_ticket(quantity_new, name_new, email, price_new, expiration_date_new) # updates the ticket list. tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets, updateMessage='Listing update successful')
def profile(user): # authentication is done in the wrapper function # see above. # by using @authenticate, we don't need to re-write # the login checking code all the time for other # front-end portals tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets)
def sell_post(user): name = request.form.get('tname') quantity = request.form.get('tquantity') price = request.form.get('tprice') expiration = request.form.get('expiration') error_message = None #checks if the expirationdate is in the correct format, assigns checkDate #to None if it is not try: checkDate = datetime.datetime.strptime(expiration, '%Y%m%d') except: checkDate = None #each character of the ticketname has to be alphanumeric or a space if not all(chr.isalnum() or chr.isspace() for chr in name): error_message = "name not alphanumeric" #verifies that checkDate is not equal to None elif checkDate == None: error_message = "Incorrect expiration date format" #ticketname cannot have spaces at start or end elif name.startswith(" ") or name.endswith(" "): error_message = "space at start/end" #verifies that the ticketname is between 6 and 60 characters elif len(name) < 6 or len(name) > 60: error_message = "ticketname too short or too long" #verifies that the quantity is more than 0 and less than/equal to 100. elif not quantity.isdigit() or int(quantity) <= 0 or int(quantity) > 100: error_message = "quantity not between 1 and 100 (inclusive)" #verifies that the price has to be of range [10,100] elif not price.isdigit() or int(price) < 10 or int(price) > 100: error_message = "price not in range" if error_message: tickets = bn.get_all_tickets() return render_template('index.html', user=user, message=error_message, tickets=tickets) else: bn.add_ticket(name,quantity,price,expiration) #return redirect('/') tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets)
def profile(user): # authentication is done in the wrapper function # see above. # by using @authenticate, we don't need to re-write # the login checking code all the time for other # front-end portals # The authentication functionality above satisfies R3.1 # Get all tickets from backend tickets = bn.get_all_tickets() # We need to filter out expired tickets as per R3.5.2-3.5.3 valid_tickets = list(filter(lambda x: x.expiry >= date.today(), tickets)) return render_template('index.html', user=user, tickets=valid_tickets)
def update_post(): name = request.form.get('tname') quantity = request.form.get('tquantity') price = request.form.get('price') expiration = request.form.get('expiration') email = session['logged_in'] user = bn.get_user(email) ticket = bn.get_ticket(name) error_message = None #checks if the expiration date is in the correct format, assigns checkDate #to None if it is not try: checkDate = datetime.datetime.strptime(expiration, '%Y%m%d') except: checkDate = None #verifies that checkDate is not equal to None if checkDate == None: error_message = "Incorrect expiration date format" #redirects for any errors # elif error_message: #return render_template('/', message=error_message) #error_message = None #Validating information submitted in update form #Name of ticket has to be alphanumeric only elif not all(chr.isalnum() or chr.isspace() for chr in name): error_message = "name not alphanumeric" #Name must have no spaces at the beginning or end elif name.startswith(" ") or name.endswith(" "): error_message = "The ticket name can't begin or end with a space." #Name of the ticket can't be longer than 60 characters elif len(name) > 60: error_message = "The ticket name can't be longer than 60 characters." #Quantity has to be more than zero, and less than or equal to 100 elif int(quantity) <= 0 or int(quantity) > 100: error_message = "The ticket quantity must be between 1 and 100 (inclusive)." #Price has to be in the range 10-100 elif int(price) < 10 or int(price) > 100: error_message = "The ticket price must be between 10 and 100 (inclusive)." elif ticket == None: error_message = "Sorry, this ticket is not available." if error_message: tickets = bn.get_all_tickets() return render_template('index.html', message=error_message, user=user, tickets=tickets) else: bn.update_ticket(name,quantity,price,int(expiration)) return redirect('/')
def sell_post(user): statusMessage = '' # Gets the information needed from the form to create the Ticket object. email = session['logged_in'] quantity = request.form.get('sell-quantity') name = request.form.get('sell-name') price = request.form.get('sell-price') date = request.form.get('sell-expiration-date') # checks validity of the parameters specified requirements for 'sell'. if not(checkQuantity(quantity)): statusMessage = "Error: The quantity of the tickets has to be between 1 and 100." elif not(checkTicketName(name)): statusMessage = "Error: The name has to alphanumeric, have no spaces in the beginning or end and be between 6 and 60 characters." elif not(checkDateFormat(date)): statusMessage = "Error: The date has to be in the format 'YYYYMMDD'." elif not(checkExpire(date)): statusMessage = "Error: The date cannot be expired." elif not(checkPrice(price)): statusMessage = "Error: The price has to be between $10 and $100." if statusMessage != '': tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets, sellMessage=statusMessage) else: # submits the ticket into the database, which then displays in the available tickets. bn.sell_ticket(quantity, name, email, price, date) # updates tickets. tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets, sellMessage='Listing posted successful')
def sell_tickets(): """ This function is responsible for completing the selling action on tickets, so taking the inputs from the sell section and converting them to tickets that can be bought :return: If the forms don't adhere to the required formatting, return with error message, otherwise return with successfull ticket posting """ # Retrieve info from forms ticket_name = request.form.get('sell_ticket_name') num_tickets = request.form.get('sell_num_tickets') ticket_price = request.form.get('sell_ticket_price') ticket_date = request.form.get('sell_ticket_date') # Check if the inputs are following correct format error_message = ticket_info_sanitizer(ticket_name, num_tickets, ticket_price=ticket_price, date=ticket_date) # Get info on the user email = session['logged_in'] user = bn.get_user(email) #Convert datetime into something we can put in db date = datetime.datetime.strptime(ticket_date, '%Y-%m-%d').date() if error_message == None: if not bn.post_tickets(ticket_name, num_tickets, ticket_price, date, email): error_message = "Failed to store ticket info." # get Info on Tickets tickets = bn.get_all_tickets() # if there is any error messages when registering new user # at the backend, go back to the register page. if error_message: return render_template('index.html', user=user, sell_message=error_message, tickets=tickets) return render_template('index.html', user=user, tickets=tickets)
def profile(user): """ This function is responsible for generating the main/profile page with all the needed info :param user: user object representing the current active user :return: instructions to render the profile page with all the required info (balance, name, tickets) """ # authentication is done in the wrapper function # see above. # by using @authenticate, we don't need to re-write # the login checking code all the time for other # front-end portals tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets)
def sell_ticket(user): ticket_name = request.form.get('name') ticket_quantity = int(float(request.form.get('quantity'))) ticket_price = float(request.form.get('price')) ticket_date = request.form.get('exp_date') error_message = "" # There must not be a space at beginning or end, and the name mus tbe alphanumeric if not check_spaces(ticket_name): return render_template('index.html', user=user, message="Invalid spaces found in word") # Ticket name must be shorter than 60 characters if len(ticket_name) > 60: return render_template('index.html', user=user, message="Ticket name is too long") # Ticket quantity must be greater than 0 and less than or equal to 100 if not check_quantity(0, 101, ticket_quantity): return render_template('index.html', user=user, message="Invalid quantity of tickets") # Ticket price has to be of range [10,100] if ticket_price > 100 or ticket_price < 10: return render_template('index.html', user=user, message="Ticket price outside of valid range") # Ticket date must be in valid format - YYYYMMDD # Assumption: ticket dates will start from today (2020-11-26) and go onwards if (int(ticket_date[:4]) < 2020 or int(ticket_date[4:6]) < 0 or int(ticket_date[4:6]) > 12 or int(ticket_date[6:]) < 0 or int(ticket_date[4:6]) > 31): return render_template('index.html', user=user, message="Invalid ticket date") bn.sell_ticket(ticket_name, ticket_quantity, ticket_price, ticket_date, user.email) tickets = bn.get_all_tickets() # Add the ticket to the user's list of tickets. return render_template('index.html', user=user, ticket=tickets)
def profile(user): # authentication is done in the wrapper function # see above. # by using @authenticate, we don't need to re-write # the login checking code all the time for other # front-end portals welcome_header = 'Hi {}!'.format(user.name) alltickets = bn.get_all_tickets() currdate = int(datetime.datetime.now().strftime("%Y%m%d")) tickets = [] for ticket in alltickets: if ticket.expiration_date > currdate: tickets.append(ticket) return render_template('index.html', welcome_header=welcome_header, user=user, balance=user.balance, tickets=tickets)
def form_button(): if "Update" in request.form['submit']: error_message = update_post() elif "Buy" in request.form['submit']: error_message = buy_post() elif "Sell" in request.form['submit']: error_message = sell_post() # if there is any error messages # go back to the index page with the error message. user = bn.get_user(session['logged_in']) tickets = bn.get_all_tickets() if error_message: return render_template('index.html', message=error_message, user=user, tickets=tickets) else: return redirect('/')
def buy_post(): name = request.form.get('tname') quantity = request.form.get('tquantity') price = request.form.get('tprice') error_message = None #returning a user object of the current session to get the current users email. email = session['logged_in'] #storing the returned user in a variable user = bn.get_user(email) #finalprice = (price*quantity) + 0.35*(price*quantity) + 0.05*(price*quantity) ticket = bn.get_ticket(name) #each character of the ticketname has to be alphanumeric or a space if not all(chr.isalnum() or chr.isspace() for chr in name): error_message = "name not alphanumeric" #ticketname cannot have spaces at start or end elif name.startswith(" ") or name.endswith(" "): error_message = "space at start/end" #verifies that the ticketname is between 6 and 60 characters elif len(name) < 6 or len(name) > 60: error_message = "username too short or too long" #verifies that the quantity is more than 0 and less than/equal to 100. elif int(quantity) <= 0 or int(quantity) > 100: error_message = "quantity not between 1 and 100 (inclusive)" #verifies that the ticket exists elif ticket == None: error_message = "Sorry, this ticket is not available." elif ticket.quantity < int(quantity) : error_message = "There are not enough tickets" #checks if the user balance is more than the price of the ticket elif user.balance < ((ticket.price*int(quantity)) + 0.35*(ticket.price*int(quantity)) + 0.05*(ticket.price*int(quantity))): error_message = "The user does not have enough balance" if error_message: #return render_template('/', message=error_message) tickets = bn.get_all_tickets() return render_template('index.html', message=error_message, user=user, tickets=tickets) else: #bn.ticket_bought(name) user.balance = user.balance - ((ticket.price*int(quantity)) + 0.35*(ticket.price*int(quantity)) + 0.05*(ticket.price*int(quantity))) if ticket.quantity == 1: bn.remove_ticket(name) else: bn.update_quantity(name,quantity) return redirect('/')
def update_tickets(): """ This function is responsible for completing the update action on tickets, so taking the inputs from the update section and converting them to updated tickets :return: If the forms don't adhere to the required formatting, return with error message, otherwise return with successfull ticket modification """ # Retrieve info from forms ticket_name = request.form.get('update_ticket_name') num_tickets = request.form.get('update_num_tickets') ticket_price = request.form.get('update_ticket_price') ticket_date = request.form.get('update_ticket_date') error_message = ticket_info_sanitizer(ticket_name, num_tickets, ticket_price=ticket_price, date=ticket_date) # Find out info on logged in user and tickets email = session['logged_in'] user = bn.get_user(email) #Convert datetime into something we can put in db date = datetime.datetime.strptime(ticket_date, '%Y-%m-%d').date() if error_message == None: if not bn.update_ticket(ticket_name, num_tickets, ticket_price, date): error_message = "No such Ticket with that name." # get Info on Tickets tickets = bn.get_all_tickets() # if there is any error messages when updating ticket info # at the backend, go back to the register page. if error_message: return render_template('index.html', user=user, update_message=error_message, tickets=tickets) return render_template('index.html', user=user, tickets=tickets)
def buy_post(user): buy_name = request.form.get('buy_name') qty = request.form.get('buy_qty') error_list = [] error_list = bn.buy_ticket(buy_name, qty, user) tickets = bn.get_all_tickets() if len(error_list) > 0: return render_template('index.html', user=user, tickets=tickets, balance=user.balance, message=error_list[0]) else: return render_template('index.html', user=user, tickets=tickets, balance=user.balance, message='Ticket Purchased')
def sell_post(user): sell_name = request.form.get('sell_name') qty = request.form.get('sell_qty') price = request.form.get('sell_price') date = request.form.get('sell_date') error_list = [] error_list = bn.sell_ticket(sell_name, qty, price, date) tickets = bn.get_all_tickets() if len(error_list) > 0: return render_template('index.html', user=user, tickets=tickets, balance=user.balance, message=error_list[0]) else: return render_template('index.html', user=user, tickets=tickets, balance=user.balance, message='Ticket Posted for Sale')
def update(): """ Route to update a ticket. This route will validate the ticket form, if valid it will update the ticket on the database through a backend function """ if 'logged_in' not in session: return redirect('/login') # Grab necessary information from update form user = bn.get_user(session['logged_in']) tickets = bn.get_all_tickets() name = request.form.get('name') quantity = request.form.get('quantity') price = request.form.get('price') date = request.form.get('date') error_message = check_ticket_form(name, quantity, price, date) if error_message: return render_template('index.html', update_message=error_message, user=user, tickets=tickets) # Check if ticket exists in database ticket = bn.get_ticket(name) if ticket is None: return render_template('index.html', update_message='Ticket does not exist', user=user, tickets=tickets) # Update tickets to database bn.update_ticket(name, quantity, price, date) return render_template('index.html', update_message='Successfully updated tickets', user=user, tickets=tickets)
def profile(user): # authentication is done in the wrapper function # see above. # by using @authenticate, we don't need to re-write # the login checking code all the time for other # front-end portals sellErrorMessage = "" if "sellErrorMessage" in request.args: sellErrorMessage = request.args["sellErrorMessage"] buyErrorMessage = "" if "buyErrorMessage" in request.args: buyErrorMessage = request.args["buyErrorMessage"] updateErrorMessage = "" if "updateErrorMessage" in request.args: updateErrorMessage = request.args["updateErrorMessage"] tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets, sellErrorMessage=sellErrorMessage, buyErrorMessage=buyErrorMessage, updateErrorMessage=updateErrorMessage)
def update_post(user): """ """ orig_name = request.form.get('orig_name') update_name = request.form.get('update_name') qty = request.form.get('update_qty') price = request.form.get('update_price') date = request.form.get('update_date') error_list = [] error_list = bn.update_ticket(orig_name, update_name, qty, price, date) tickets = bn.get_all_tickets() if len(error_list) > 0: return render_template('index.html', user=user, tickets=tickets, balance=user.balance, message=error_list[0]) else: return render_template('index.html', user=user, tickets=tickets, balance=user.balance, message='Ticket Updated')
def sell_post(): email = session['logged_in'] name = request.form.get('sell-name') quantity = int(request.form.get('sell-quantity')) price = int(request.form.get('sell-price')) expiry = (request.form.get('sell-date')) tickets = bn.get_all_tickets() if ticket_name_check(name) is None: # no match in regex error_message = 'ticket name format is incorrect' elif quantity_check(quantity): error_message = "quantity format is incorrect" elif price_check(price): error_message = "price format is incorrect" elif date_check(expiry): error_message = "date format is incorrect" else: error_message = bn.set_ticket(email, name, quantity, price, expiry) return error_message
def update_post(): # Always check if the user is logged in if 'logged_in' not in session: return redirect('/login', code=303) # get the ticket information from the user's form inputs update_name = request.form.get('update_name') update_quantity = request.form.get('update_quantity') update_price = request.form.get('update_price') update_expiration_date = request.form.get('update_expiration_date') # get the currently logged in user email = session['logged_in'] user = bn.get_user(email) # some regex's to validate the user's form inputs namepattern = re.compile("^[a-zA-Z0-9][a-zA-z0-9 ]{0,58}[a-zA-Z0-9]$") quantitypattern = re.compile("^(100|[1-9][0-9]?)$") pricepattern = re.compile("(100)|(^[1-9][0-9]$)") datepattern = re.compile( "([2-9][0-9][0-9][0-9])(([0][1-9])|([1][0-2]))(([0][1-9])|([1-2][0-9])|([3][0-1]))" ) # use the regex's to validate that their form inputs match the required format # if they don't, display the appropriate error message if not (namepattern.match(update_name)): return render_template( 'index.html', message= 'Ticket name must be alphanumeric, between 1 and 60 characters, and not start or end with a space.', balance=user.balance, tickets=bn.get_all_tickets()) elif not (quantitypattern.match(update_quantity)): return render_template('index.html', message='Quantity must be between 1 and 100', balance=user.balance, tickets=bn.get_all_tickets()) elif not (pricepattern.match(update_price)): return render_template('index.html', message='Price must be between 10 and 100', balance=user.balance, tickets=bn.get_all_tickets()) elif not (datepattern.match(update_expiration_date)): return render_template( 'index.html', message='Expiration date must be in form YYYYMMDD', balance=user.balance, tickets=bn.get_all_tickets()) # attempt to retrieve the user's desired tickets update_ticket = None all_tickets = bn.get_all_tickets() for ticket in all_tickets: if ticket.name == update_name: update_ticket = ticket #update_ticket=bn.get_all_tickets().filter_by(name=update_name).first() # if the tickets could not be retrieved, display an appropriate error message if update_ticket == None: return render_template( 'index.html', message='No such ticket {}. '.format(update_name), balance=user.balance, tickets=bn.get_all_tickets()) # if the tickets were successfully retrieved, attempt to update said tickets # if the user left any non-required forms blank, assume that those values will stay the same if update_quantity == '': update_quantity = update_ticket.quantity if update_price == '': update_price = update_ticket.price if update_expiration_date == '': update_expiration_date = update_ticket.expiration_date # check that the user is the owner of the tickets they want to update, and return an error message if they aren't if update_ticket.email != email: return render_template('index.html', message='Can only update your own tickets. ', balance=user.balance, tickets=bn.get_all_tickets()) # if no errors have occurred thus far, attempt to update the tickets else: update_error_message = bn.update_tickets(update_name, update_quantity, update_price, update_expiration_date) # if bn.update_tickets fails, display the error message it returns if update_error_message != None: return render_template('index.html', message=update_error_message, balance=user.balance, tickets=bn.get_all_tickets()) # else, display that the tickets have been succesfully updated return render_template('index.html', message='Listing updated', balance=user.balance, tickets=bn.get_all_tickets())
def buy_post(): # Always check if the user is logged in if 'logged_in' not in session: return redirect('/login', code=303) # get the ticket information from the user's form inputs buy_name = request.form.get('buy_name') buy_quantity = request.form.get('buy_quantity') # attempt to retrieve the tickets with that name from backend buyticket = None all_tickets = bn.get_all_tickets() for ticket in all_tickets: if ticket.name == buy_name: buyticket = ticket #buyticket=bn.get_all_tickets().filter_by(name=buy_name).first() # regex's to validate the user's form input namepattern = re.compile("^[a-zA-Z0-9][a-zA-z0-9 ]{0,58}[a-zA-Z0-9]$") quantitypattern = re.compile("^(100|[1-9][0-9]?)$") # get the currently logged in user email = session['logged_in'] user = bn.get_user(email) # validate the inputs if not (namepattern.match(buy_name)): return render_template( 'index.html', message= 'Ticket name must be alphanumeric, between 1 and 60 characters, and not start or end with a space.', balance=user.balance, tickets=bn.get_all_tickets()) elif not (quantitypattern.match(buy_quantity)): return render_template( 'index.html', message='Ticket quantity must be between 1 and 100', balance=user.balance, tickets=bn.get_all_tickets()) # if the tickets could not be retrieved, display an appropriate error message if buyticket == None: return render_template('index.html', message='No such ticket {}'.format(buy_name), balance=user.balance, tickets=bn.get_all_tickets()) elif buyticket.quantity < int(buy_quantity): return render_template('index.html', message='Not enough tickets. ', balance=user.balance, tickets=bn.get_all_tickets()) elif buyticket.price * int(buy_quantity) > user.balance: return render_template( 'index.html', message='Not enough balance to purchase tickets. ', balance=user.balance, tickets=bn.get_all_tickets()) # if the tickets were successfully retrieved, attempt to buy the tickets else: buy_error_message = bn.buy_tickets(buy_name, buy_quantity) # if bn.buy_tickets fails, display the error message it returns if buy_error_message != None: return render_template('index.html', message=buy_error_message, balance=user.balance, tickets=bn.get_all_tickets()) # else, update the user's balance based on the price of the tickets purchased user.balance -= buyticket.price * int(buy_quantity) bn.set_balance(email, user.balance) # display that the tickets have succesfully been purchased return render_template('index.html', message='Tickets purchased', balance=user.balance, tickets=bn.get_all_tickets())
def sell_post(): # Always check if the user is logged in if 'logged_in' not in session: return redirect('/login', code=303) # get the ticket information from the user's form inputs sell_name = request.form.get('sell_name') sell_quantity = request.form.get('sell_quantity') sell_price = request.form.get('sell_price') sell_expiration_date = request.form.get('sell_expiration_date') # get the currently logged in user email = session['logged_in'] user = bn.get_user(email) # some regex's to validate the inputs namepattern = re.compile("^[a-zA-Z0-9][a-zA-z0-9 ]{0,58}[a-zA-Z0-9]$") quantitypattern = re.compile("^(100|[1-9][0-9]?)$") pricepattern = re.compile("(100)|(^[1-9][0-9]$)") datepattern = re.compile( "([2-9][0-9][0-9][0-9])(([0][1-9])|([1][0-2]))(([0][1-9])|([1-2][0-9])|([3][0-1]))" ) # use the regex's to validate that the ticket info is in acceptable format # display appropriate error messages for any formatting errors if not (namepattern.match(sell_name)): return render_template( 'index.html', message= 'Ticket name must be alphanumeric, between 1 and 60 characters, and not start or end with a space. ', balance=user.balance, tickets=bn.get_all_tickets()) elif not (quantitypattern.match(sell_quantity)): return render_template( 'index.html', message='Ticket quantity must be between 1 and 100. ', balance=user.balance, tickets=bn.get_all_tickets()) elif not (pricepattern.match(sell_price)): return render_template( 'index.html', message='Ticket price must be between 10 and 100. ', balance=user.balance, tickets=bn.get_all_tickets()) elif not (datepattern.match(sell_expiration_date)): return render_template( 'index.html', message='Expiration date must be in form YYYYMMDD. ', balance=user.balance, tickets=bn.get_all_tickets()) # if the inputs are formatted correctly, attempt to sell the ticket else: sell_error_message = bn.sell_tickets(sell_name, session['logged_in'], sell_quantity, sell_price, sell_expiration_date) # if bn.sell_tickets fails, display the error message it returns if sell_error_message != None: return render_template('index.html', message=sell_error_message, balance=user.balance, tickets=bn.get_all_tickets()) # else, display that the ticket has successfully been posted return render_template('index.html', message='Tickets added to listing', balance=user.balance, tickets=bn.get_all_tickets())
def buy_ticket(): email = session['logged_in'] user = bn.get_user(email) ticket_name = request.form.get('name_buy') ticket_quantity = int( request.form.get('quantity_buy') ) # TODO a user should not have the option to buy their own tickets ticket = bn.check_name_exist(ticket_name) error_message = "" error_list = [] # validate ticket name error_list.append(validate_ticket_name(ticket_name, error_message)) # validate ticket quantity error_list.append(validate_ticket_quantity(ticket_quantity, error_message)) if ticket is None: error_list.append("The ticket of the given name must exist") else: error_list.append("") # validate the ticket quantity in the database try: if ticket.quantity < ticket_quantity: error_list.append( "ticket quantity cannot exceed more than what is listed") else: error_list.append("") # Validate user balance if user.balance < (ticket.price * ticket_quantity + ticket.price * ticket_quantity * 0.35 * 0.05): error_list.append( "The user has less balance than the ticket price * quantity + service fee (35%) + tax (5%)" ) else: error_list.append("") except AttributeError: error_list.append( "" ) # we don't actually need these two lines(just feel like filling in the list all the way is consistent) error_list.append("") tickets = bn.get_all_tickets() if error_list[0] != "": return render_template('index.html', user=user, buy_message=error_list[0], tickets=tickets) elif error_list[1] != "": return render_template('index.html', user=user, buy_message=error_list[1], tickets=tickets) elif error_list[2] != "": return render_template('index.html', user=user, buy_message=error_list[2], tickets=tickets) elif error_list[3] != "": return render_template('index.html', user=user, buy_message=error_list[3], tickets=tickets) elif error_list[4] != "": return render_template('index.html', user=user, buy_message=error_list[4], tickets=tickets) else: remaining_tickets = ticket.quantity - ticket_quantity # if all tickets purchased delete ticket object from data base else update ticket to right quantity if remaining_tickets == 0: bn.delete_ticket(ticket_name) else: bn.update_ticket(ticket_name, remaining_tickets, ticket.price, ticket.date) # update user balance new_balance = user.balance - ticket.price * ticket_quantity - ticket.price * ticket_quantity * 0.35 * 0.05 bn.update_user_balance(user, new_balance) tickets = bn.get_all_tickets() return render_template('index.html', user=user, tickets=tickets)