Exemple #1
0
def book(bid):
    # Information about the book
    book = db.get_book(bid)

    uid = db.get_uid(session['user'])

    # Book rating and reviews
    avg_rating = db.get_avg_rating(bid)
    reviews = db.get_reviews(bid)

    # Book rating on GoodReads
    gr_rating = goodreads_rating(book['isbn'])

    form = ReviewForm()
    if form.validate_on_submit():
        # Checks whether the user has reviewed this book
        review_counter = db.get_review(bid, uid)

        if review_counter == 0:
            review = form.review.data
            rating = int(form.rating.data)
            db.add_review(uid, bid, review, rating)
        else:
            flash("You have already left a review")

        return redirect(url_for('book', bid=bid))

    return render_template('book.html',
                           title=book['title'],
                           book=book,
                           form=form,
                           reviews=reviews,
                           rating=avg_rating,
                           gr_rating=gr_rating)
    def POST(self):
        options = [0, 1, 2]
        review = db.get_review()
        schema = db.wikischema()
        data = web.input()
        banned = []

        for k, v in data.items():
            table, col = k.split('.')
            # validate all params and options against source schema
            if schema[table][col] and int(v) in options:
                if table not in review:
                    review[table] = {}
                review[table][col] = int(v)
                if int(v) == 2:
                    banned.append(k)
            else:
                # add a check for other allowed form post params here
                # instead of bailing
                raise web.HTTPError("400 Bad request",
                                    {'content-type': 'text/html'},
                                    "invalid option")
        db.save_review(review, banned)
 def GET(self):
     schema = db.wikischema()
     tables = sorted(schema)
     review = db.get_review()
     return render.base(view.menu('review'),
                        view.review(schema, tables, review))