def editItem(category_name, item_name):
editedItem = session.query(Items).filter_by(name=item_name).one()
categories = session.query(Category).all()
# See if the logged in user is the owner of item
creator = getUserInfo(editedItem.user_id)
user = getUserInfo(login_session['user_id'])
# If logged in user != item owner redirect them
if creator.id != login_session['user_id']:
flash ("You cannot edit this item. This item belongs to %s" % creator.name)
return redirect(url_for('showCatalog'))
# POST methods
if request.method == 'POST':
if request.form['name']:
editedItem.name = request.form['name']
if request.form['description']:
editedItem.description = request.form['description']
if request.form['picture']:
editedItem.picture = request.form['picture']
if request.form['category']:
category = session.query(Category).filter_by(name=request.form['category']).one()
editedItem.category = category
time = datetime.datetime.now()
editedItem.date = time
session.add(editedItem)
session.commit()
flash('Category Item Successfully Edited!')
return redirect(url_for('showCategory',
category_name=editedItem.category.name))
else:
return render_template('edititem.html',
item=editedItem,
categories=categories)
def showItem(category_name, item_name):
item = session.query(Items).filter_by(name=item_name).one()
creator = getUserInfo(item.user_id)
categories = session.query(Category).order_by(asc(Category.name))
if 'username' not in login_session or creator.id != login_session['user_id']:
return render_template('public_itemdetail.html',
item = item,
category = category_name,
categories = categories,
creator = creator)
else:
return render_template('itemdetail.html',
item = item,
category = category_name,
categories = categories,
creator = creator)
def addCategory():
if request.method == 'POST':
newCategory = Category(
name=request.form['name'],
user_id=login_session['user_id'])
print (newCategory)
session.add(newCategory)
session.commit()
flash('Category Successfully Added!')
return redirect(url_for('showCatalog'))
else:
return render_template('addcategory.html')
def showCategory(category_name):
categories = session.query(Category).order_by(asc(Category.name))
category = session.query(Category).filter_by(name=category_name).one()
items = session.query(Items).filter_by(category=category).order_by(asc(Items.name)).all()
print (items)
count = session.query(Items).filter_by(category=category).count()
creator = getUserInfo(category.user_id)
if 'username' not in login_session or creator.id != login_session['user_id']:
return render_template('public_items.html',
category = category.name,
categories = categories,
items = items,
count = count)
else:
user = getUserInfo(login_session['user_id'])
return render_template('items.html',
category = category.name,
categories = categories,
items = items,
count = count,
user=user)
def ImageUpload():
if request.method == 'POST':
msg = ''
if request.files:
fileData = request.files['image']
# Certifique um ID de item
# Usamos um numero arbitrario aqui.
id_image = 42
# Passe o ID do item e os dados do arquivo da imagem para a funcao
SaveFileToPG(id_image, fileData)
else:
msg = 'Nenhum arquivo escolhido.'
return render_template('imageUpload.html', msg=t_msg_err)
def addItem():
categories = session.query(Category).all()
if request.method == 'POST':
newItem = Items(
name=request.form['name'],
description=request.form['description'],
picture=request.form['picture'],
category=session.query(Category).filter_by(name=request.form['category']).one(),
date=datetime.datetime.now(),
user_id=login_session['user_id'])
session.add(newItem)
session.commit()
flash('Item Successfully Added!')
return redirect(url_for('showCatalog'))
else:
return render_template('additem.html',
categories=categories)
def deleteCategory(category_name):
categoryToDelete = session.query(Category).filter_by(name=category_name).one()
# See if the logged in user is the owner of item
creator = getUserInfo(categoryToDelete.user_id)
user = getUserInfo(login_session['user_id'])
# If logged in user != item owner redirect them
if creator.id != login_session['user_id']:
flash ("You cannot delete this Category. This Category belongs to %s" % creator.name)
return redirect(url_for('showCatalog'))
if request.method =='POST':
session.delete(categoryToDelete)
session.commit()
flash('Category Successfully Deleted! '+categoryToDelete.name)
return redirect(url_for('showCatalog'))
else:
return render_template('deletecategory.html',
category=categoryToDelete)
def editCategory(category_name):
editedCategory = session.query(Category).filter_by(name=category_name).one()
category = session.query(Category).filter_by(name=category_name).one()
# See if the logged in user is the owner of item
creator = getUserInfo(editedCategory.user_id)
user = getUserInfo(login_session['user_id'])
# If logged in user != item owner redirect them
if creator.id != login_session['user_id']:
flash ("You cannot edit this Category. This Category belongs to %s" % creator.name)
return redirect(url_for('showCatalog'))
# POST methods
if request.method == 'POST':
if request.form['name']:
editedCategory.name = request.form['name']
session.add(editedCategory)
session.commit()
flash('Category Item Successfully Edited!')
return redirect(url_for('showCatalog'))
else:
return render_template('editcategory.html',
categories=editedCategory,
category = category)
def index():
if session['logged_in'] == true:
return render_template('index.html')
else:
return redirect(url_for('login'))
def bad_code_error(e):
return render_template('./response/500.html')
def not_found_error(e):
return render_template('./response/404.html')
def showLogin():
state = ''.join(
random.choice(string.ascii_uppercase + string.digits) for x in range(32))
login_session['state'] = state
# return "The current session state is %s" % login_session['state']
return render_template('login.html', STATE=state)
def showCatalog():
categories = session.query(Category).order_by(asc(Category.name))
items = session.query(Items).order_by(desc(Items.date)).limit(5)
return render_template('catalog.html',
categories = categories,
items = items)
# Certifique um ID de item
# Usamos um numero arbitrario aqui.
id_image = 42
# Passe o ID do item e os dados do arquivo da imagem para a funcao
SaveFileToPG(id_image, fileData)
else:
msg = 'Nenhum arquivo escolhido.'
return render_template('imageUpload.html', msg=t_msg_err)
def SaveFileToPG(id_image, fileData):
s = ""
s += "INSERT INTO tbl_files_images "
s += "("
s += "id_image"
s += ", blob_image_data"
s += ") VALUES ("
s += "(%id_image)"
s += ", '(%filedata)'"
s += ")"
#-------
# Interceptando o erro
#-------
try:
db_cursor: execute(s, [id_image, fileData])
except psycopg2.Error as e:
t_name_err = 'SQL error:' + e + '/n SQL: ' + s
return render_template('imageUploader.html', msg=t_name_err)