def delete_msg(msg_id): first_msg_id = g.topic.messages[0].id topic_id = g.topic.id message = Message.query.get(msg_id) if not (current_user.id == message.account_id or current_user.has_role('moderator')): return redirect(url_for("topic", area_name=g.area.name, created=g.topic.created)) if str(first_msg_id) == str(msg_id): # If first message, delete topic and it's messages. Message.query.filter_by(topic_id=topic_id).delete() Topic.query.filter_by(id=topic_id).delete() else: Message.query.filter_by(id=msg_id).delete() db.session().commit() return redirect(url_for("topic.topic", area_name=g.area.name, created=g.topic.created))
def users_create(): form = UserForm(request.form) form.permission_id.choices = [(permission.id, permission.name) for permission in Permission.query.all()] if not form.validate(): return render_template("auth/new.html", form=form) user = User(form.username.data) user.first_name = form.first_name.data user.last_name = form.last_name.data user.password = form.password.data user.permission_id = form.permission_id.data if User.query.filter_by(username=form.username.data).count() > 0: return render_template("auth/new.html", form=form, error = "Tunnus on jo käytössä. Valitse uusi käyttäjätunnus.") db.session().add(user) db.session().commit() return redirect(url_for("users_index"))
def items_commit_changes(item_id): form = ItemForm(request.form) item = Item.query.get(item_id) form.item_category.choices = [ (c.id, c.name) for c in Category.query.order_by('name').filter_by( account_id=current_user.id) ] if not form.validate: return render_template("items/modify.html", form=form, item=item) item.name = form.name.data category = Category.query.get(form.item_category.data) item.category_id = category.id item.expired = form.expired.data db.session().commit() return redirect(url_for("items_index"))
def ingredients_delete(): form = IngredientDeleteForm(request.form) if not form.validate(): return render_template("ingredients/delete.html", form=form) ingredient_delete = Ingredient.query.filter_by(name=form.name.data).first() if ingredient_delete is None: flash("Ingredient you are trying to delete do not exist", "warning") elif ingredient_delete.account_id != current_user.id: flash("You can only delete ingredients you have added yourself", "danger") else: flash("Ingredient has been deleted", "success") db.session().delete(ingredient_delete) db.session().commit() return redirect(url_for("ingredients_delete"))
def productions_create(): form = ProductionForm(request.form) if not form.validate(): return render_template("productions/new.html", form=form) production_name = form.name.data production = Production(production_name) production.misc_info = form.misc_info.data production.show_duration_hours = int(form.show_duration.data.hour) production.show_duration_minutes = int(form.show_duration.data.minute) db.session().add(production) db.session().commit() return redirect(url_for("productions_index"))
def comment_edit(comment_id, customer_id): comment = Comment.query.get(comment_id) customer = Customer.query.get(customer_id) form = CommentForm() if request.method == "GET": form.text.data = comment.text return render_template("comments/comment.html", comment=comment, form=form, customer=customer) elif request.method == "POST": comment.text = request.form.get("text") db.session().commit() return redirect(url_for("customer_page", id=customer.id))
def update_password(): form = PasswordForm(request.form) if request.method == "GET": return render_template("auth/update_password.html", form=form) if not form.validate(): return render_template("auth/update_password.html", form=form) elif (form.new_password.data == form.new_password_again.data): current_user.password = f_bcrypt.generate_password_hash( form.new_password.data).decode('utf8') db.session().commit() return redirect(url_for("show_scheduled_tasks")) return render_template("auth/update_password.html", form=form, passwords_dont_match=True)
def get_clubs(): query = db.session().query(Fighter.club.distinct().label("club")) clubs_in_db = [row.club for row in query.all()] clubs_in_db.sort() club_choices=[('-1', 'Valitse seura')] for club in enumerate(clubs_in_db): club_choices.append(club) return club_choices
def edit_book_tip(tip_id): tip_to_edit = Tip.query.get_or_404(tip_id) form = AddBookForm(formdata=request.form, obj=tip_to_edit) if form.validate_on_submit(): tip_to_edit.comment = form.comment.data tip_to_edit.related_courses = form.related_courses.data tip_to_edit.tags = form.tags.data tip_to_edit.title = form.title.data tip_to_edit.author = form.author.data tip_to_edit.publication_year = form.publication_year.data tip_to_edit.isbn = form.isbn.data tip_to_edit.pages = form.pages.data db.session().commit() return redirect(url_for("get_tips")) return render_template("edit_book.html", form=form)
def categories_create(): form = CategoryForm(request.form) if not form.validate(): return render_template("categories/new.html", form=form) if Category.query.filter(Category.account_id == current_user.id).filter( Category.name == form.name.data).first(): form.name.errors.append("Category named " + form.name.data + " already exists.") return render_template("categories/new.html", form=form) c = Category(form.name.data, form.description.data) c.account_id = current_user.id db.session().add(c) db.session().commit() return redirect(url_for("categories_index"))
def auth_create(): lomake = UusiLomake(request.form) if not lomake.validate(): print("täällä") return render_template("auth/new.html", lomake=lomake) if not lomake.salasana.data == lomake.salasana2.data: print("vai täällä") return render_template("auth/new.html", lomake=lomake) k = Käyttäjä(lomake.nimi.data) k.kayttajanimi = lomake.kayttajanimi.data k.salasana = lomake.salasana.data db.session().add(k) db.session().commit() return render_template("auth/kirjautuminen.html", lomake=KirjautumisLomake())
def rename_pokemon(pokeid): pokeToRename = Collections.query.filter_by(id=pokeid).first() form = PokeForm() form.name.data = pokeToRename.name if request.method == "GET": return render_template("collections/rename.html", pokeid=pokeid, pokemon=pokeToRename, form=form) form = PokeForm(request.form) pokeToRename.name = form.name.data db.session().commit() return redirect(url_for("all_collections"))
def auth_adminregister(): if request.method == "GET": return render_template("auth/infoform.html", form=RegisterForm(), num=0) if request.method == "POST": form = RegisterForm(request.form) if not form.validate(): return render_template("auth/infoform.html", form=form, num=0) new = User(form.name.data, form.username.data, form.password.data, form.address.data, form.phone.data, False) db.session().add(new) db.session().commit() return redirect(url_for("auth_index"))
def posts_create(): content = request.get_json(silent=True) print("\nTrying to create post: ", content["title"]) current_user = get_jwt_identity() print("Current user: "******"id"] print("Current user id: ", user_id) post_title = content["title"].strip() post_text = content["text"] if not post_title or not post_text: return jsonify({"error": "Post title and text must not be empty."}), 400 if len(post_title) < 3 or len(post_title) > 256: return jsonify({ "error": "Post title must be 3 or more characters and less than or equal to 256 characters." }), 400 if len(post_text.strip()) < 1 or len(post_text) > 4096: return jsonify({ "error": "Post text must be 1 or more characters and less than or equal to 4096 characters." }), 400 post = Post(post_title, post_text, 0, 0) post.user_id = user_id print("Set post user id") db.session().add(post) db.session().commit() post_vote(post, current_user, True) return jsonify(post_schema.dump(post).data), 201
def account_create(): form = NewAccountForm(request.form) departments = Dept.query.all() form.departments.choices = [(department.departmentID, department.name) for department in departments] # This is needed to validate the form correctly value = dict(form.departments.choices).get(form.departments.data) # Check if user is in the list of existing user and prevent creation users = User.query.all() existing_usersIDs = [user.userID for user in users] if form.username.data in existing_usersIDs: return render_template("auth/new.html", form=form, id_error="User already exists") if not form.validate(): return render_template("auth/new.html", form=form) if form.admin.data == False: form.admin.data = 0 else: form.admin.data = 1 user = User(form.username.data, form.firstname.data, form.lastname.data, sha256_crypt.hash(form.password.data), form.departments.data, form.admin.data) if not current_user.is_authenticated: user.inactive = 1 return_url = "index" else: user.inactive = 0 return_url = "accounts_index" db.session().add(user) db.session().commit() # Pass inactive users to the management badge # This is currently causing trouble in heroku and not yet fully functional locally either app.jinja_env.globals.update(inactive_users=User.countInactives()) return redirect(url_for(return_url))
def edit_movie_tip(tip_id): tip_to_edit = Tip.query.get_or_404(tip_id) form = AddMovieForm(formdata=request.form, obj=tip_to_edit) if form.validate_on_submit(): tip_to_edit.comment = form.comment.data tip_to_edit.related_courses = form.related_courses.data tip_to_edit.tags = form.tags.data tip_to_edit.title = form.title.data tip_to_edit.publication_year = form.publication_year.data tip_to_edit.director = form.director.data tip_to_edit.lengthInSeconds = form.lengthInSeconds.data db.session().commit() return redirect(url_for("get_tips")) return render_template("edit_movie.html", form=form)
def account_create(): form = RegisterForm(request.form) if not form.validate(): return render_template("auth/registerform.html", form=form) if User.query.filter_by(username=form.username.data).first(): form.username.errors.append("Username is already in use") return render_template("auth/registerform.html", form=form) user = User( request.form.get("username"), bcrypt.generate_password_hash(form.password.data).decode('utf-8'), request.form.get("email")) db.session().add(user) db.session().commit() return render_template("auth/loginform.html", form=LoginForm())
def auth_delete(account_id): if current_user.id == account_id or current_user.is_admin: u = User.query.get(account_id) offers = Offer.query.filter(Offer.account_id == account_id) for offer in offers: db.session().delete(offer) db.session().commit() if current_user.id == u.id: db.session().delete(u) db.session().commit() return redirect(url_for("index"))
def person_edit(user_id): alert = {} form = AliasForm() if request.method == "POST": form = AliasForm(request.form) if form.validate(): name = Name(form.name.data, user_id) db.session().add(name) db.session().commit() # empty form form = AliasForm(formdata=None) alert = {"type": "success", "text": "New alias added!"} prsn = User.query.get(int(user_id)) if not prsn: return redirect(url_for("error404")) username = prsn.username name = prsn.name names = list( map(lambda name: { "name": name.name, "id": name.id }, prsn.names)) person = { "id": user_id, "name": name, "username": username, "names": names } return render_template("/people/edit.html", person=person, form=form, alert=alert)
def user_register(): if request.method == 'GET': return render_template('auth/register.html', form=RegisterForm()) form = RegisterForm(request.form) if not form.validate(): return render_template('auth/register.html', form=form) name = form.name.data username = form.username.data password = form.password.data user = User(name, username, password) db.session().add(user) db.session().commit() return render_template('auth/loginform.html', form=LoginForm())
def delete_comment(PostId): comment = Comment.query.get(request.form.get("comment_to_delete")) if not current_user.id == comment.account.id: if not current_user.role == 'Admin': p = Post.query.get(PostId) return render_template( "comments/comments.html", PostName=p.postName, Comments=p.comments, PostID=p.id, form=CommentForm(), error="You are trying to remove a comment you did not make!") db.session().delete(comment) db.session().commit() return redirect(url_for("show_comments", PostId=PostId))
def mod_topics(id): form = TopicForm(request.form) descr = form.desc.data.lower().rstrip() t = Topics.query.get(id) prior_topic = Topics.query.filter_by(desc=form.desc.data.lower().rstrip()).first() same = (t == prior_topic) if len(descr) == 0: return redirect(url_for("topics_index")) elif not form.validate(): return render_template("topics/edit.html", topics = Topics.query.get(id), error = "Topic description should be between 3 and 30 char") elif len(form.desc.data.strip()) < 3: return render_template("topics/edit.html", topics = Topics.query.get(id), error = "Blanks don't count!") elif prior_topic and not same: return render_template("topics/edit.html", topics = Topics.query.get(id), error = "Such topic description already exists") else: t.desc = descr db.session().commit() flash("Topic {} was modified".format(t.desc)) return redirect(url_for("topics_index"))
def set_portfolio_balance(p, transactions): BTC = 0 ETH = 0 LINK = 0 XRP = 0 for transaction in transactions: if transaction.currency == "BTC": BTC = BTC + transaction.amount if transaction.currency == "ETH": ETH = ETH + transaction.amount if transaction.currency == "XRP": XRP = XRP + transaction.amount if transaction.currency == "LINK": LINK = LINK + transaction.amount p.btc_amount = int(BTC) p.eth_amount = int(ETH) p.xrp_amount = int(XRP) p.link_amount = int(LINK) db.session().commit()
def units_create(): form = UnitForm(request.form) if not form.validate(): return render_template("units/new.html", form=form) u = Unit(form.name.data, form.classGP.data, form.level.data, form.hp.data, form.strength.data, form.magic.data, form.skill.data, form.speed.data, form.luck.data, form.defense.data, form.resistance.data, form.movement.data, form.hpGrowth.data, form.strengthGrowth.data, form.magicGrowth.data, form.skillGrowth.data, form.speedGrowth.data, form.luckGrowth.data, form.defenseGrowth.data, form.resistanceGrowth.data) db.session().add(u) db.session().commit() return redirect(url_for("units_index"))
def viestit_luo(): form = ViestiLomake(request.form) # choises asetettava uudelleen koska niitä ole asetettu lomakkeessa # tehtävä jo tässä koska automaattinen validointi tarvitsee niitä form.aiheet.choices = [(aihe.id, aihe.aihe) for aihe in Aihe.query.all()] if not form.validate(): return render_template("viestit/uusi.html", form=form) aiheet = Aihe.query.filter(Aihe.id.in_(form.aiheet.data)).all() viesti = Viesti(form.otsikko.data, form.teksti.data, aiheet, form.vastattava_viesti.data, current_user.id) viesti.lukeneet.append(current_user) db.session().add(viesti) db.session().commit() return redirect(url_for("viestit_index"))
def user_delete(user_id): user = User.query.get(user_id) if user.username != current_user.username: user.appointments.clear() db.session().add(user) db.session().commit() db.session().delete(user) db.session().commit() return redirect(url_for("users_index"))
def questionnaire_save(): form = QuestionnaireForm(request.form) kysymys_id = request.form.get("kysymys_id", type=int) if not form.validate(): return render_template("answers/questionnaire.html", form=form, kysymykset=Question.query.all()) a = Answer(form.vastaus.data) a.kysymys_id = kysymys_id db.session().add(a) db.session().commit() return render_template("answers/questionnaire.html", form=form, kysymykset=Question.query.all())
def team_send_comment(teamid): count = Comment.count_comments_of_team(teamid) form = CreateCommentForm(request.form) if not form.validate(): return render_template("team/teampage.html", team=Team.query.get(teamid), form=form, users=User.list_by_score(team_id=teamid), user=User.query.get(current_user.get_id()), comments=Comment.list_team_comments(teamid, 1), count=count, page=1) text = form.text.data comment = Comment(teamid, current_user.get_id(), text) db.session().add(comment) db.session().commit() return redirect( url_for("team_page", teamid=User.query.get(current_user.get_id()).team_id))
def remove_sign_up(sign_up_id): sign_up = Sign_up.query.get(sign_up_id) league = League.get_one_league(sign_up.league_id) if request.method == "GET": return render_template("/sign_ups/removesignupconfirmation.html", sign_up=sign_up, league=league) db.session().delete(sign_up) db.session().commit() stmt = text( "DELETE FROM Event WHERE Event.league_id =:league_id AND Event.account_id =:account_id" ).params(league_id=league.id, account_id=current_user.id) db.engine.execute(stmt) return redirect(url_for("list_sign_ups"))
def naturesite_change_description(naturesite_id): n = NatureSite.query.get(naturesite_id) if not n: return render_template("error.html", message = "ERROR! Nature site not found") if n.account_id != current_user.id: return login_manager.unauthorized() form = NatureSiteEditForm(request.form) if not form.validate(): return render_template("naturesites/edit.html", form = form, naturesite = n) n.description = form.description.data db.session().commit() return redirect(url_for("naturesite_show", naturesite_id = naturesite_id))