def category_info(category_id):
"""
Function to return a page to view items for specified category.
Args:
category_id: ID value of the category to view.
"""
set_redirect_url()
# Retrieve Category object for template rendering.
# If not found, render error template.
category = db_session.query(Category)\
.filter_by(id=category_id)\
.first()
if not category:
return render_template(
'error.html',
headline_text='Category Not Found',
error_text='The specified category was not found.')
login_session['last_category_id'] = category.id
category_items = db_session.query(CategoryItem).filter_by(
category_id=category.id).all()
creator = category.user
user = get_user()
return render_template('category_info.html',
categories=get_all_objects_of_type(Category),
category=category,
category_items=category_items,
creator=creator,
items=get_all_items(),
user=user)
def category_info(category_id):
"""
Function to return a page to view items for specified category.
Args:
category_id: ID value of the category to view.
"""
set_redirect_url()
# Retrieve Category object for template rendering.
# If not found, render error template.
category = db_session.query(Category)\
.filter_by(id=category_id)\
.first()
if not category:
return render_template('error.html',
headline_text='Category Not Found',
error_text='The specified category was not found.')
login_session['last_category_id'] = category.id
category_items = db_session.query(CategoryItem).filter_by(category_id=category.id).all()
creator = category.user
user = get_user()
return render_template('category_info.html',
categories=get_all_objects_of_type(Category),
category=category,
category_items=category_items,
creator=creator,
items=get_all_items(),
user=user)
def category_items_info_json(category_id):
"""
Function to return JSON of category items for specified category.
Args:
category_id: ID value of the category for the item.
"""
category = db_session.query(Category).filter_by(id=category_id).first()
if not category:
return jsonify({'error': 'The specified category was not found.'})
items = db_session.query(CategoryItem).filter_by(category_id=category_id).all()
return jsonify(items=[item.serialize for item in items])
def category_items_info_json(category_id):
"""
Function to return JSON of category items for specified category.
Args:
category_id: ID value of the category for the item.
"""
category = db_session.query(Category).filter_by(id=category_id).first()
if not category:
return jsonify({'error': 'The specified category was not found.'})
items = db_session.query(CategoryItem).filter_by(
category_id=category_id).all()
return jsonify(items=[item.serialize for item in items])
def new_category_item():
"""
Function to return a page to create a new category item.
"""
set_redirect_url()
user = get_user()
categories = get_all_objects_of_type(Category)
category = None
if not user:
return redirect(url_for('login'))
if request.method == 'POST':
if request.form.get('name', '') == '' and request.form.get('category', '') != '':
category = db_session.query(Category)\
.filter_by(id=request.form.get('category'))\
.first()
return render_template('new_category_item.html',
user=user,
category=category,
categories=categories,
request=request)
new_item = CategoryItem(name=request.form['name'],
user_id=login_session['user_id'],
description=request.form['description'],
category_id=request.form['category'])
db_session.add(new_item)
db_session.commit()
flash('New Item {} Successfully Created!'.format(new_item.name))
return redirect(url_for('index'))
else:
return render_template('new_category_item.html',
user=user,
category=category,
categories=categories)
def category_item_info_json(category_id, item_id):
"""
Function to return JSON of specified category item.
Args:
category_id: ID value of the category for the item.
item_id: ID value of the category item to view.
"""
category = db_session.query(Category).filter_by(id=category_id).first()
if not category:
return jsonify({'error': 'The specified category was not found.'})
item = db_session.query(CategoryItem).filter_by(id=item_id).first()
if not item:
return jsonify({'error': 'The specified category item was not found.'})
return jsonify(item.serialize)
def category_item_info_json(category_id, item_id):
"""
Function to return JSON of specified category item.
Args:
category_id: ID value of the category for the item.
item_id: ID value of the category item to view.
"""
category = db_session.query(Category).filter_by(id=category_id).first()
if not category:
return jsonify({'error': 'The specified category was not found.'})
item = db_session.query(CategoryItem).filter_by(id=item_id).first()
if not item:
return jsonify({'error': 'The specified category item was not found.'})
return jsonify(item.serialize)
def category_item_info(item_id):
"""
Function to return a page to view a category item.
Args:
item_id: ID value of the category item to view.
"""
set_redirect_url()
# Retrieve CategoryItem object for template rendering.
# If not found, render error template.
category_item = db_session.query(CategoryItem)\
.filter_by(id=item_id)\
.first()
if not category_item:
return render_template('error.html',
headline_text='Item Not Found',
error_text='The specified item was not found.')
creator = category_item.user
user = get_user()
return render_template('category_item_info.html',
categories=get_all_objects_of_type(Category),
category=category_item.category,
item=category_item,
items=get_all_items(),
creator=creator,
user=user)
def category_item_info(item_id):
"""
Function to return a page to view a category item.
Args:
item_id: ID value of the category item to view.
"""
set_redirect_url()
# Retrieve CategoryItem object for template rendering.
# If not found, render error template.
category_item = db_session.query(CategoryItem)\
.filter_by(id=item_id)\
.first()
if not category_item:
return render_template('error.html',
headline_text='Item Not Found',
error_text='The specified item was not found.')
creator = category_item.user
user = get_user()
return render_template('category_item_info.html',
categories=get_all_objects_of_type(Category),
category=category_item.category,
item=category_item,
items=get_all_items(),
creator=creator,
user=user)
def edit_category_item(item_id):
"""
Function to return a page to edit a category item.
Args:
item_id: ID value of the category item to edit.
"""
user = get_user()
categories = get_all_objects_of_type(Category)
edited_item = db_session.query(CategoryItem)\
.filter_by(id=item_id)\
.first()
if not edited_item:
return render_template('error.html',
headline_text='Item Not Found',
error_text='The specified item was not found.')
# Make sure the user is the creator of the item.
if not user or user and user.id != edited_item.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the item "{}". As such, you are not authorized '\
'to make edits to it.'.format(edited_item.name))
if request.method == 'POST':
edited_item.name = request.form['name']
edited_item.description = request.form['description']
edited_item.category_id = request.form['category']
db_session.add(edited_item)
db_session.commit()
flash('Item Successfully Updated!')
category = db_session.query(Category)\
.filter_by(id=edited_item.category_id)\
.first()
return redirect(url_for('category_item_info',
item_id=edited_item.id))
else:
return render_template('edit_category_item.html',
item=edited_item,
user=user,
categories=categories)
def edit_category_item(item_id):
"""
Function to return a page to edit a category item.
Args:
item_id: ID value of the category item to edit.
"""
user = get_user()
categories = get_all_objects_of_type(Category)
edited_item = db_session.query(CategoryItem)\
.filter_by(id=item_id)\
.first()
if not edited_item:
return render_template('error.html',
headline_text='Item Not Found',
error_text='The specified item was not found.')
# Make sure the user is the creator of the item.
if not user or user and user.id != edited_item.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the item "{}". As such, you are not authorized '\
'to make edits to it.'.format(edited_item.name))
if request.method == 'POST':
edited_item.name = request.form['name']
edited_item.description = request.form['description']
edited_item.category_id = request.form['category']
db_session.add(edited_item)
db_session.commit()
flash('Item Successfully Updated!')
category = db_session.query(Category)\
.filter_by(id=edited_item.category_id)\
.first()
return redirect(url_for('category_item_info', item_id=edited_item.id))
else:
return render_template('edit_category_item.html',
item=edited_item,
user=user,
categories=categories)
def catalog_json():
"""
Function to return JSON of all categories and items.
"""
categories = get_all_objects_of_type(Category)
categories_list = []
for cat in categories:
categories_list.append(cat.serialize)
items = db_session.query(CategoryItem).filter_by(category_id=cat.id).all()
categories_list[-1]['items'] = [item.serialize for item in items]
return jsonify(categories=categories_list)
def get_user_id(email):
"""
Function to return user ID for user with specified email address.
Args:
email: Email address for user whose ID will be returned.
"""
try:
user = db_session.query(User).filter_by(email=email).one()
return user.id
except NoResultFound:
return None
def catalog_json():
"""
Function to return JSON of all categories and items.
"""
categories = get_all_objects_of_type(Category)
categories_list = []
for cat in categories:
categories_list.append(cat.serialize)
items = db_session.query(CategoryItem).filter_by(
category_id=cat.id).all()
categories_list[-1]['items'] = [item.serialize for item in items]
return jsonify(categories=categories_list)
def get_user_info(user_id):
"""
Function to return User object for user with specified user ID.
Args:
user_id: User ID for user object to return.
"""
try:
user = db_session.query(User).filter_by(id=user_id).one()
return user
except NoResultFound:
return None
def get_user_info(user_id):
"""
Function to return User object for user with specified user ID.
Args:
user_id: User ID for user object to return.
"""
try:
user = db_session.query(User).filter_by(id=user_id).one()
return user
except NoResultFound:
return None
def get_user_id(email):
"""
Function to return user ID for user with specified email address.
Args:
email: Email address for user whose ID will be returned.
"""
try:
user = db_session.query(User).filter_by(email=email).one()
return user.id
except NoResultFound:
return None
def delete_category(category_id):
"""
Function to return a page to delete a category.
Args:
category_id: ID of the category to delete.
"""
user = get_user()
category = db_session.query(Category)\
.filter_by(id=category_id).first()
if not category:
return redirect(url_for('index'))
# Make sure the user is the creator of the category.
if not user or user and user.id != category.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the category "{}". As such, you are not authorized '\
'to delete it.'.format(category.name))
if request.method == 'POST':
# Get and delete all items associated with this category.
items = db_session.query(CategoryItem)\
.filter_by(category_id=category.id)\
.all()
for item in items:
db_session.delete(item)
# Delete the category itself and commit everything.
db_session.delete(category)
db_session.commit()
flash("Category {} deleted.".format(category.name))
return redirect(url_for('index'))
else:
return render_template('delete_category.html',
category=category)
def create_user():
"""
Function to create a new user with the info from login session.
"""
new_user = User(name=login_session['username'],
email=login_session['email'],
picture=login_session['picture'])
db_session.add(new_user)
db_session.commit()
user = db_session.query(User)\
.filter_by(email=login_session['email'])\
.one()
return user.id
def create_user():
"""
Function to create a new user with the info from login session.
"""
new_user = User(name=login_session['username'],
email=login_session['email'],
picture=login_session['picture'])
db_session.add(new_user)
db_session.commit()
user = db_session.query(User)\
.filter_by(email=login_session['email'])\
.one()
return user.id
def delete_category(category_id):
"""
Function to return a page to delete a category.
Args:
category_id: ID of the category to delete.
"""
user = get_user()
category = db_session.query(Category)\
.filter_by(id=category_id).first()
if not category:
return redirect(url_for('index'))
# Make sure the user is the creator of the category.
if not user or user and user.id != category.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the category "{}". As such, you are not authorized '\
'to delete it.'.format(category.name))
if request.method == 'POST':
# Get and delete all items associated with this category.
items = db_session.query(CategoryItem)\
.filter_by(category_id=category.id)\
.all()
for item in items:
db_session.delete(item)
# Delete the category itself and commit everything.
db_session.delete(category)
db_session.commit()
flash("Category {} deleted.".format(category.name))
return redirect(url_for('index'))
else:
return render_template('delete_category.html', category=category)
def delete_category_item(item_id):
"""
Function to return a page to delete a category item.
Args:
item_id: ID of the category item to delete.
"""
user = get_user()
item = db_session.query(CategoryItem)\
.filter_by(id=item_id)\
.first()
category_id = ''
if not item:
if login_session.get('last_category_id', '') == '':
return redirect(url_for('index'))
else:
category_id = login_session.get('last_category_id')
else:
category_id = item.category.id
# Make sure the user is the creator of the item.
if not user or user and user.id != item.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the item "{}". As such, you are not authorized '\
'to delete it.'.format(item.name))
if request.method == 'POST':
db_session.delete(item)
db_session.commit()
flash("Item {} deleted.".format(item.name))
return redirect(url_for('category_info',
category_id=category_id))
else:
return render_template('delete_category_item.html',
item=item)
def new_category_item():
"""
Function to return a page to create a new category item.
"""
set_redirect_url()
user = get_user()
categories = get_all_objects_of_type(Category)
category = None
if not user:
return redirect(url_for('login'))
if request.method == 'POST':
if request.form.get(
'name', '') == '' and request.form.get('category', '') != '':
category = db_session.query(Category)\
.filter_by(id=request.form.get('category'))\
.first()
return render_template('new_category_item.html',
user=user,
category=category,
categories=categories,
request=request)
new_item = CategoryItem(name=request.form['name'],
user_id=login_session['user_id'],
description=request.form['description'],
category_id=request.form['category'])
db_session.add(new_item)
db_session.commit()
flash('New Item {} Successfully Created!'.format(new_item.name))
return redirect(url_for('index'))
else:
return render_template('new_category_item.html',
user=user,
category=category,
categories=categories)
def delete_category_item(item_id):
"""
Function to return a page to delete a category item.
Args:
item_id: ID of the category item to delete.
"""
user = get_user()
item = db_session.query(CategoryItem)\
.filter_by(id=item_id)\
.first()
category_id = ''
if not item:
if login_session.get('last_category_id', '') == '':
return redirect(url_for('index'))
else:
category_id = login_session.get('last_category_id')
else:
category_id = item.category.id
# Make sure the user is the creator of the item.
if not user or user and user.id != item.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the item "{}". As such, you are not authorized '\
'to delete it.'.format(item.name))
if request.method == 'POST':
db_session.delete(item)
db_session.commit()
flash("Item {} deleted.".format(item.name))
return redirect(url_for('category_info', category_id=category_id))
else:
return render_template('delete_category_item.html', item=item)
if __name__ == "__main__":
if len(sys.argv) < 3:
print "Insufficient arguments"
exit()
command = sys.argv[1].lower()
email_address = sys.argv[2]
if command not in ("grant", "revoke"):
print "command not recognised"
exit()
print "Looking for a user with email address: %s" % email_address
users = db_session.query(User).filter_by(email=email_address).all()
if not len(users):
print "No users found with that email address."
print "Goodbye."
exit()
print "Found the following users:"
print
for user in users:
print user
print
confirmation = "%s admin privileges? (y/n): " % command.capitalize()
decision = raw_input(confirmation).lower()
if not decision.startswith("y"):
if __name__ == "__main__":
if len(sys.argv) < 3:
print "Insufficient arguments"
exit()
command = sys.argv[1].lower()
email_address = sys.argv[2]
if command not in ("grant", "revoke"):
print "command not recognised"
exit()
print "Looking for a user with email address: %s" % email_address
users = db_session.query(User).filter_by(email=email_address).all()
if not len(users):
print "No users found with that email address."
print "Goodbye."
exit()
print "Found the following users:"
print
for user in users:
print user
print
confirmation = "%s admin privileges? (y/n): " % command.capitalize()
decision = raw_input(confirmation).lower()
if not decision.startswith("y"):
