Exemple #1
0
def add():
    """
    Display a form for a logged-in user to add a new item to their collection
    or wishlist.
    """
    # If the form has previously been submitted, a value will be set for the
    # privacy setting and wishlist setting. In order to display the correct
    # buttons as selected, read these values and use them to determine which
    # buttons should be active.
    privacy_setting = request.vars.get('item-privacy')
    private = privacy_setting != 'public'

    wishlist_setting = request.vars.get('item-list')
    on_wishlist = wishlist_setting == 'wishlist'

    # Create a blank box editing form.
    form = item_edit_form(db, auth.user_id, private=private,
                          on_wishlist=on_wishlist, submit_button='Add Item')

    # Automatically fill in the owner ID based on the logged in user.
    form.vars.owner_id = auth.user_id

    # Set the title of the page.
    response.title = 'Add Item'

    # Validate and process the form.
    if form.process(onvalidation=validate_item_form).accepted:
        # Fill in the missing fields in the newly created item, which were not
        # set by the SQLFORM because the fields weren't in the list.
        item_id = form.vars.id

        category = form.vars.get('category')

        privacy = form.vars.get('item-privacy')
        private = privacy != 'public'

        wishlist = form.vars.get('item-list')
        on_wishlist = wishlist == 'wishlist'

        db_access.update_item(db, item_id, category=category,
                              private=private, on_wishlist=on_wishlist)

        # Take the user to the newly created item. Feedback!
        redirect(URL('item', 'index', vars={'id': item_id}))

    return dict(form=form)
Exemple #2
0
def edit():
    """
    Display a form for a logged-in user to edit their own item.
    """
    requested_id = request.vars.get('id')

    # Sometimes web2py is an idiot and returns the id as a list of one item.
    if type(requested_id) == type([]):
        item_id = requested_id[0]
    else:
        item_id = requested_id

    # Check that an ID was passed in, and show a 404 error if not.
    try:
        item_id = int(item_id)
    except ValueError as error:
        redirect(URL('error', 'not_found', args='item'))

    # Retrieve the item from the database.
    item = db_access.get_item(db, item_id)

    # Check that the item actually exists.
    if item is None:
        redirect(URL('error', 'not_found', args='item'))

    # Check if the item belongs to the logged in user.
    if auth.user_id != item.owner_id:
        redirect(URL('error', 'private', args='item', vars={'edit': 'true'}))

    # Set the title of the page.
    response.title = 'Edit Item'

    # Create an item editing form, passing in the ID of the item to set the
    # values of the form, and to put the SQLFORM into update mode.
    form = item_edit_form(db, auth.user_id, category=item.category, item_id=item.id,
                          private=item.private, on_wishlist=item.on_wishlist,
                          submit_button='Save Changes')

    # Validate and process the form.
    if form.process(onvalidation=validate_item_form_for_edit).accepted:
        # Fill in the missing fields in the item, which were not
        # set by the SQLFORM because the fields weren't in the list.
        category = form.vars.get('category')

        # Note that the privacy and wishlist checks here are more complicated
        # than in add() - this is because for some reason if you don't click
        # any of the buttons, web2py sets its value to an empty string, which
        # would make the value wrong when checking against "private" or "wishlist".

        form_privacy = form.vars.get('item-privacy')
        if form_privacy is not None and form_privacy in ['public', 'private']:
            privacy = form_privacy
            private = privacy == 'private'
        else:
            private = item.private

        form_list = form.vars.get('item-list')
        if form_list is not None and form_list in ['owned', 'wishlist']:
            wishlist = form_list
            on_wishlist = wishlist == 'wishlist'
        else:
            on_wishlist = item.on_wishlist

        db_access.update_item(db, item.id, category=category,
                              private=private, on_wishlist=on_wishlist)

        # Return to the item's page.
        redirect(URL('item', 'index', vars={'id': item.id}))

    return dict(form=form)