def edit_catalog_item(category_name, item_id):
"""Allows the edition of a catalog item.
Shows an edit form if is a GET request, and changes the information of
the item if is a POST request. You can only edit an item if you were
the one that created it or if the item has no owner (gplus_id is None).
Args:
category_name: Name of the current category.
item_id: Id of the item that will be edited.
Returns:
An html form if its a GET request, or redirects to the item if is a
POST request.
"""
if 'credentials' in flask.session:
if not flask.session['credentials']:
flask.abort(403)
else:
flask.abort(403)
db_session = database.get_session()
prepare_login()
item = db_session.query(database.Item).get(item_id)
if item is None:
flask.abort(404)
if flask.request.method == 'GET':
try:
if (flask.session['gplus_id'] == item.gplus_id):
categories = db_session.query(database.Category).all()
return flask.render_template('edit_item.html',
category_name=category_name,
categories=categories,
item=item)
else:
flask.abort(404)
except KeyError:
flask.abort(401)
elif flask.request.method == 'POST':
try:
if (flask.session['gplus_id'] == item.gplus_id):
item.name = flask.request.form['name']
item.description = flask.request.form['description']
filename = file_upload.save_upload()
if filename:
if item.image:
file_upload.delete_upload(item.image)
item.image = filename
else:
flask.abort(403)
except KeyError:
flask.abort(401)
db_session.commit()
return flask.redirect(
flask.url_for('show_catalog_item',
category_name=category_name,
item_id=item_id))
def edit_catalog_item(category_name, item_id):
"""Allows the edition of a catalog item.
Shows an edit form if is a GET request, and changes the information of
the item if is a POST request. You can only edit an item if you were
the one that created it or if the item has no owner (gplus_id is None).
Args:
category_name: Name of the current category.
item_id: Id of the item that will be edited.
Returns:
An html form if its a GET request, or redirects to the item if is a
POST request.
"""
if 'credentials' in flask.session:
if not flask.session['credentials']:
flask.abort(403)
else:
flask.abort(403)
db_session = database.get_session()
prepare_login()
item = db_session.query(database.Item).get(item_id)
if item is None:
flask.abort(404)
if flask.request.method == 'GET':
try:
if (flask.session['gplus_id'] == item.gplus_id):
categories = db_session.query(database.Category).all()
return flask.render_template('edit_item.html',
category_name=category_name,
categories=categories,
item=item)
else:
flask.abort(404)
except KeyError:
flask.abort(401)
elif flask.request.method == 'POST':
try:
if (flask.session['gplus_id'] == item.gplus_id):
item.name = flask.request.form['name']
item.description = flask.request.form['description']
filename = file_upload.save_upload()
if filename:
if item.image:
file_upload.delete_upload(item.image)
item.image = filename
else:
flask.abort(403)
except KeyError:
flask.abort(401)
db_session.commit()
return flask.redirect(flask.url_for('show_catalog_item',
category_name=category_name,
item_id=item_id))
def delete_catalog_item(category_name, item_id):
"""Allows the deletion of a catalog item.
Shows a delete confirmation in a GET request, and deletes the item on a
POST request. You can only delete an item if you were the one that
created it or if the item has no owner (gplus_id is None).
Args:
category_name: Name of the current category.
item_id: Id of the item that will be deleted.
Returns:
An html form if its a GET request, or redirects to the item if is a
POST request.
"""
try:
if not flask.session['credentials']:
flask.abort(403)
except KeyError:
flask.abort(403)
db_session = database.get_session()
prepare_login()
item = db_session.query(database.Item).get(item_id)
if item is None:
flask.abort(404)
if flask.request.method == 'GET':
try:
if (flask.session['gplus_id'] == item.gplus_id):
categories = db_session.query(database.Category).all()
return flask.render_template('delete_item.html',
category_name=category_name,
categories=categories,
item=item)
else:
flask.abort(403)
except KeyError:
flask.abort(401)
elif flask.request.method == 'POST':
try:
if (flask.session['gplus_id'] == item.gplus_id):
if item.image:
file_upload.delete_upload(item.image)
db_session.delete(item)
else:
flask.abort(403)
except KeyError:
flask.abort(401)
db_session.commit()
return flask.redirect(
flask.url_for('show_category_items',
category_name=category_name))
def delete_catalog_item(category_name, item_id):
"""Allows the deletion of a catalog item.
Shows a delete confirmation in a GET request, and deletes the item on a
POST request. You can only delete an item if you were the one that
created it or if the item has no owner (gplus_id is None).
Args:
category_name: Name of the current category.
item_id: Id of the item that will be deleted.
Returns:
An html form if its a GET request, or redirects to the item if is a
POST request.
"""
try:
if not flask.session['credentials']:
flask.abort(403)
except KeyError:
flask.abort(403)
db_session = database.get_session()
prepare_login()
item = db_session.query(database.Item).get(item_id)
if item is None:
flask.abort(404)
if flask.request.method == 'GET':
try:
if (flask.session['gplus_id'] == item.gplus_id):
categories = db_session.query(database.Category).all()
return flask.render_template('delete_item.html',
category_name=category_name,
categories=categories,
item=item)
else:
flask.abort(403)
except KeyError:
flask.abort(401)
elif flask.request.method == 'POST':
try:
if (flask.session['gplus_id'] == item.gplus_id):
if item.image:
file_upload.delete_upload(item.image)
db_session.delete(item)
else:
flask.abort(403)
except KeyError:
flask.abort(401)
db_session.commit()
return flask.redirect(flask.url_for('show_category_items',
category_name=category_name))
