def new_item():
"""Create new item."""
# populate form
form = ItemForm(request.form)
categories = db.query(Category).order_by(Category.name).all() # sort alphabetically
form.category_id.choices = [(c.id, c.name) for c in categories]
# display and validate form
if request.method != 'POST' or not form.validate():
return render_template('api/new_item.html', form = form)
# get image file
form_file = request.files[form.image.name]
img_filename = None
if form_file:
filename = secure_filename(form_file.filename)
filename = generate_unique_filename(filename)
form_file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
img_filename = filename
# create item
new_item = Item(
name = form.name.data,
description = form.description.data,
category_id = form.category_id.data,
image = img_filename,
user_id = session['user_id'])
db.add(new_item)
db.commit()
flash(message = "Item successfully created", category = "success")
return redirect(url_for('api.view_item', item_id = new_item.id))
def new_item():
"""Creates new item."""
form = ItemForm(request.form)
categories = db.query(Category).order_by(Category.name).all()
form.category_id.choices = [(c.id, c.name) for c in categories]
if request.method != 'POST' or not form.validate():
return render_template('api/new_item.html', form=form)
form_file = request.files[form.image.name]
img_filename = None
if form_file:
filename = secure_filename(form_file.filename)
filename = generate_unique_filename(filename)
form_file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
img_filename = filename
new_item = Item(name=form.name.data,
description=form.description.data,
category_id=form.category_id.data,
image=img_filename,
user_id=session['user_id'])
db.add(new_item)
db.commit()
flash(message="Item successfully created", category="success")
return redirect(url_for('api.view_item', item_id=new_item.id))
def delete_item(item_id):
"""Delete an item."""
try:
item = db.query(Item).filter_by(id = item_id).one()
except NoResultFound:
abort(404)
# only author can delete item
if item.user_id != session['user_id']:
flash(message = "You are not allowed to remove this item", category = "error")
return render_template("api/item.html", item = item)
# populate form - just a base form here for csrf validation
form = CSRFForm(request.form)
# display and validate form
if request.method != 'POST' or not form.validate():
return render_template('api/delete_item.html', form = form, item = item)
# delete the item
db.delete(item)
db.commit()
flash(message = "Item successfully removed", category = "success")
return redirect(url_for('api.view_catalog'))
def delete_item(item_id):
"""Delete an item."""
try:
item = db.query(Item).filter_by(id = item_id).one()
except NoResultFound:
abort(404)
# only author can delete item
if item.user_id != session['user_id']:
flash(message = "You are not allowed to remove this item", category = "error")
return render_template("api/item.html", item = item)
# populate form - just a base form here for csrf validation
form = CSRFForm(request.form)
# display and validate form
if request.method != 'POST' or not form.validate():
return render_template('api/delete_item.html', form = form, item = item)
# delete the item
db.delete(item)
db.commit()
flash(message = "Item successfully removed", category = "success")
return redirect(url_for('api.view_catalog'))
def create_user(login_session):
newUser = User(name=login_session['username'],
email=login_session['email'],
picture=login_session['picture'])
db.add(newUser)
db.commit()
user = db.query(User).filter_by(email=login_session['email']).one()
return user.id
def create_user(login_session):
newUser = User(
name = login_session['username'],
email = login_session['email'],
picture = login_session['picture'])
db.add(newUser)
db.commit()
user = db.query(User).filter_by(email = login_session['email']).one()
return user.id
def edit_item(item_id):
"""Edit an item."""
try:
item = db.query(Item).filter_by(id = item_id).one()
except NoResultFound:
abort(404)
# only author can edit item
if item.user_id != session['user_id']:
flash(message = "You are not allowed to update this item", category = "error")
return render_template("api/item.html", item = item)
# populate form
form = ItemForm(request.form, item)
categories = db.query(Category).order_by(Category.name).all() # sort alphabetically
form.category_id.choices = [(c.id, c.name) for c in categories]
# display and validate form
if request.method != 'POST' or not form.validate():
return render_template('api/edit_item.html', form = form, item = item)
# get image file
form_file = request.files[form.image.name]
img_filename = None
if form_file:
filename = secure_filename(form_file.filename)
filename = generate_unique_filename(filename)
form_file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
img_filename = filename
# edit item
item.name = form.name.data
item.description = form.description.data
item.category_id = form.category_id.data
# only replace image if new image is uploaded
if img_filename:
item.image = img_filename
db.add(item)
db.commit()
flash(message = "Item successfully updated", category = "success")
return redirect(url_for('api.view_item', item_id = item.id))
def edit_item(item_id):
"""Edit an item."""
try:
item = db.query(Item).filter_by(id = item_id).one()
except NoResultFound:
abort(404)
# only author can edit item
if item.user_id != session['user_id']:
flash(message = "You are not allowed to update this item", category = "error")
return render_template("api/item.html", item = item)
# populate form
form = ItemForm(request.form, item)
categories = db.query(Category).order_by(Category.name).all() # sort alphabetically
form.category_id.choices = [(c.id, c.name) for c in categories]
# display and validate form
if request.method != 'POST' or not form.validate():
return render_template('api/edit_item.html', form = form, item = item)
# get image file
form_file = request.files[form.image.name]
img_filename = None
if form_file:
filename = secure_filename(form_file.filename)
filename = generate_unique_filename(filename)
form_file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
img_filename = filename
# edit item
item.name = form.name.data
item.description = form.description.data
item.category_id = form.category_id.data
# only replace image if new image is uploaded
if img_filename:
item.image = img_filename
db.add(item)
db.commit()
flash(message = "Item successfully updated", category = "success")
return redirect(url_for('api.view_item', item_id = item.id))
def edit_item(item_id):
"""Edit an item."""
try:
item = db.query(Item).filter_by(id=item_id).one()
except NoResultFound:
abort(404)
if item.user_id != session['user_id']:
flash(message="You access to update this item id denied",
category="error")
return render_template("api/item.html", item=item)
form = ItemForm(request.form, item)
categories = db.query(Category).order_by(Category.name).all()
form.category_id.choices = [(c.id, c.name) for c in categories]
if request.method != 'POST' or not form.validate():
return render_template('api/edit_item.html', form=form, item=item)
form_file = request.files[form.image.name]
img_filename = None
if form_file:
filename = secure_filename(form_file.filename)
filename = generate_unique_filename(filename)
form_file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
img_filename = filename
item.name = form.name.data
item.description = form.description.data
item.category_id = form.category_id.data
if img_filename:
item.image = img_filename
db.add(item)
db.commit()
flash(message="Item updation is successfull", category="success")
return redirect(url_for('api.view_item', item_id=item.id))
def delete_item(item_id):
"""Deletes an item."""
try:
item = db.query(Item).filter_by(id=item_id).one()
except NoResultFound:
abort(404)
if item.user_id != session['user_id']:
flash(message="You access to remove this item is denied",
category="error")
return render_template("api/item.html", item=item)
form = CSRFForm(request.form)
if request.method != 'POST' or not form.validate():
return render_template('api/delete_item.html', form=form, item=item)
db.delete(item)
db.commit()
flash(message="Item successfully removed", category="success")
return redirect(url_for('api.view_catalog'))
def add_items(category, item_names):
for name in item_names:
item = Item(name=name, category_id=category.id)
db.add(item)
db.commit()
def add_item(category, item):
item.category_id = category.id
db.add(item)
db.commit()
db.add(item)
db.commit()
def add_item(category, item):
item.category_id = category.id
db.add(item)
db.commit()
user = User(name="Peter Pan",
email="*****@*****.**",
picture="https://placehold.it/300x300.png?text=Peter+Pan")
db.add(user)
db.commit()
category1 = Category(name="Books")
db.add(category1)
category2 = Category(name="Electronics")
db.add(category2)
category3 = Category(name="Food")
db.add(category3)
category4 = Category(name="Miscellaneous")
db.add(category4)
db.commit()
def add_items(category, item_names): """Add a list of items to a category.""" for name in item_names: item = Item(name = name, category_id = category.id) db.add(item) db.commit()
def add_item(category, item):
"""Add an item to a category."""
item.category_id = category.id
db.add(item)
db.commit()