def add():
"""
Display a form for a logged-in user to add a new item to their collection
or wishlist.
"""
# If the form has previously been submitted, a value will be set for the
# privacy setting and wishlist setting. In order to display the correct
# buttons as selected, read these values and use them to determine which
# buttons should be active.
privacy_setting = request.vars.get('item-privacy')
private = privacy_setting != 'public'
wishlist_setting = request.vars.get('item-list')
on_wishlist = wishlist_setting == 'wishlist'
# Create a blank box editing form.
form = item_edit_form(db, auth.user_id, private=private,
on_wishlist=on_wishlist, submit_button='Add Item')
# Automatically fill in the owner ID based on the logged in user.
form.vars.owner_id = auth.user_id
# Set the title of the page.
response.title = 'Add Item'
# Validate and process the form.
if form.process(onvalidation=validate_item_form).accepted:
# Fill in the missing fields in the newly created item, which were not
# set by the SQLFORM because the fields weren't in the list.
item_id = form.vars.id
category = form.vars.get('category')
privacy = form.vars.get('item-privacy')
private = privacy != 'public'
wishlist = form.vars.get('item-list')
on_wishlist = wishlist == 'wishlist'
db_access.update_item(db, item_id, category=category,
private=private, on_wishlist=on_wishlist)
# Take the user to the newly created item. Feedback!
redirect(URL('item', 'index', vars={'id': item_id}))
return dict(form=form)
def edit():
"""
Display a form for a logged-in user to edit their own item.
"""
requested_id = request.vars.get('id')
# Sometimes web2py is an idiot and returns the id as a list of one item.
if type(requested_id) == type([]):
item_id = requested_id[0]
else:
item_id = requested_id
# Check that an ID was passed in, and show a 404 error if not.
try:
item_id = int(item_id)
except ValueError as error:
redirect(URL('error', 'not_found', args='item'))
# Retrieve the item from the database.
item = db_access.get_item(db, item_id)
# Check that the item actually exists.
if item is None:
redirect(URL('error', 'not_found', args='item'))
# Check if the item belongs to the logged in user.
if auth.user_id != item.owner_id:
redirect(URL('error', 'private', args='item', vars={'edit': 'true'}))
# Set the title of the page.
response.title = 'Edit Item'
# Create an item editing form, passing in the ID of the item to set the
# values of the form, and to put the SQLFORM into update mode.
form = item_edit_form(db, auth.user_id, category=item.category, item_id=item.id,
private=item.private, on_wishlist=item.on_wishlist,
submit_button='Save Changes')
# Validate and process the form.
if form.process(onvalidation=validate_item_form_for_edit).accepted:
# Fill in the missing fields in the item, which were not
# set by the SQLFORM because the fields weren't in the list.
category = form.vars.get('category')
# Note that the privacy and wishlist checks here are more complicated
# than in add() - this is because for some reason if you don't click
# any of the buttons, web2py sets its value to an empty string, which
# would make the value wrong when checking against "private" or "wishlist".
form_privacy = form.vars.get('item-privacy')
if form_privacy is not None and form_privacy in ['public', 'private']:
privacy = form_privacy
private = privacy == 'private'
else:
private = item.private
form_list = form.vars.get('item-list')
if form_list is not None and form_list in ['owned', 'wishlist']:
wishlist = form_list
on_wishlist = wishlist == 'wishlist'
else:
on_wishlist = item.on_wishlist
db_access.update_item(db, item.id, category=category,
private=private, on_wishlist=on_wishlist)
# Return to the item's page.
redirect(URL('item', 'index', vars={'id': item.id}))
return dict(form=form)