def item_new():
if request.method == 'POST':
# store form data
try:
item = vh.item_from_form(Item(), request.form,
user_id=g.user.id)
except ValueError as e:
# client-side validation should prevent this
current_app.logger.exception(e)
return render_template('err.html',
err_msg="Database validation error")
except SQLAlchemyError as e:
current_app.logger.exception(e)
# todo: reinitialize db connection if necessary
return render_template('err.html',
err_msg="Database error")
# store image file
file_storage_err = vh.store_item_pic(
item, request.files['picture'])
if file_storage_err is not None:
# todo: what if item delete after failed pic storage fails?
# using wtfform in item_add.html would simplify all this
get_db().delete(item)
return render_template(
'err.html', err_msg=file_storage_err), 500
return redirect(url_for('.home'))
else:
categories = get_db().query(Category).all()
return render_template('item_add.html',
categories=categories)
def item_edit(item_title):
categories = session.query(Category).all()
item = session.query(Item).filter_by(
title=item_title).one()
user = session.query(User).filter_by(
id=login_session.get('user_id')).one()
if item.user is not None and item.user.id != user.id:
return redirect(url_for('home'))
if request.method == 'POST':
form = vh.ItemForm(request.form, item)
file_storage_err = vh.store_item_pic(
item, request.files['picture'])
if (not form.validate() or file_storage_err is not None):
return render_template('item_edit.html',
form=form,
file_err=file_storage_err)
form.populate_obj(item)
try:
session.add(item)
session.commit()
except ValueError as e:
return "Database validation error: " + str(e)
except SQLAlchemyError as e:
# todo: log error, but don't display detailed message
# for security reasons
return "Database error: " + str(e)
return redirect(url_for('home'))
else:
form = vh.ItemForm(obj=item)
return render_template('item_edit.html',
form=form,
file_err=None)
def item_edit(item_title):
categories = session.query(Category).all()
item = session.query(Item).filter_by(title=item_title).one()
user = session.query(User).filter_by(id=login_session.get('user_id')).one()
if item.user is not None and item.user.id != user.id:
return redirect(url_for('home'))
if request.method == 'POST':
form = vh.ItemForm(request.form, item)
file_storage_err = vh.store_item_pic(item, request.files['picture'])
if (not form.validate() or file_storage_err is not None):
return render_template('item_edit.html',
form=form,
file_err=file_storage_err)
form.populate_obj(item)
try:
session.add(item)
session.commit()
except ValueError as e:
return "Database validation error: " + str(e)
except SQLAlchemyError as e:
# todo: log error, but don't display detailed message
# for security reasons
return "Database error: " + str(e)
return redirect(url_for('home'))
else:
form = vh.ItemForm(obj=item)
return render_template('item_edit.html', form=form, file_err=None)
def item_edit(item_title):
try:
item = get_db().query(Item).filter_by(
title=item_title).one()
except NoResultFound:
err_msg = "item '" + item_title + "' not found"
return render_template(
'err.html', err_msg=err_msg), 404
if item.user is not None and item.user.id != g.user.id:
err_msg = "user doesn't have edit permissions for this item"
return render_template(
'err.html', err_msg=err_msg), 404
if request.method == 'POST':
form = vh.get_item_form()(request.form, item)
file_storage_err = vh.store_item_pic(
item, request.files['picture'])
if (not form.validate() or file_storage_err is not None):
http_err_code = 500 if file_storage_err is not None else 400
return (render_template('item_edit.html',
form=form,
file_err=file_storage_err),
http_err_code)
form.populate_obj(item)
try:
get_db().add(item)
get_db().commit()
# todo: pic updated w/o updating item record
except ValueError as e:
# client-side validation should prevent this
current_app.logger.exception(e)
return render_template('err.html',
err_msg="Database validation error")
except SQLAlchemyError as e:
current_app.logger.exception(e)
# todo: reinitialize db connection if necessary
return render_template('err.html',
err_msg="Database error")
return redirect(url_for('.home'))
else:
form = vh.get_item_form()(obj=item)
return render_template('item_edit.html',
form=form,
file_err=None)
def item_new():
if request.method == 'POST':
# store form data
try:
item = vh.item_from_form(Item(),
request.form,
user_id=login_session.get('user_id'))
except ValueError as e:
return "Database validation error: " + str(e)
except SQLAlchemyError as e:
# todo: log error, but don't display detailed message
# for security reasons
return "Database error: " + str(e)
# store image file
file_storage_err = vh.store_item_pic(item, request.files['picture'])
if file_storage_err is not None:
return file_storage_err
return redirect(url_for('home'))
else:
categories = session.query(Category).all()
return render_template('item_add.html', categories=categories)
def item_new():
if request.method == 'POST':
# store form data
try:
item = vh.item_from_form(
Item(), request.form,
user_id=login_session.get('user_id'))
except ValueError as e:
return "Database validation error: " + str(e)
except SQLAlchemyError as e:
# todo: log error, but don't display detailed message
# for security reasons
return "Database error: " + str(e)
# store image file
file_storage_err = vh.store_item_pic(
item, request.files['picture'])
if file_storage_err is not None:
return file_storage_err
return redirect(url_for('home'))
else:
categories = session.query(Category).all()
return render_template('item_add.html',
categories=categories)
