def query():
"""Displays all results for the query in category category_id, which can be
'all' if no category is selected."""
if not is_caltech_user():
return login_redirect()
category_id = flask.request.args.get('cat')
if category_id is None:
flask.abort(404)
query = flask.request.args.get('q', '')
# Create a dict of the passed-in attributes which are filterable
attrs = {
attr: value
for attr, value in flask.request.args.items() if attr in SEARCH_ATTRS
}
attrs['item_active'] = True
if category_id != helpers.ALL_CATEGORY:
try:
attrs['cat_id'] = int(category_id)
except ValueError:
flask.abort(404)
# Pass in the cat_id to generate_search_table() if it's not 'all'
items = helpers.generate_search_table(attrs, query)
return helpers.render_with_top_marketplace_bar(
'search.html', items=items, cat_id=category_id)
def manage():
if 'username' not in flask.session:
# They're not logged in, kick them out
return login_redirect()
return helpers.render_with_top_marketplace_bar(
'manage_items.html', items=helpers.get_my_items())
def calendar_delete():
if 'username' not in flask.session:
return auth_utils.login_redirect()
return flask.jsonify({
'deleted':
helpers.delete(flask.request.form['id'], flask.request.form['tag'])
})
def get_all_events():
if not auth_utils.is_caltech_user():
return auth_utils.login_redirect()
res = helpers.sync_data(all_data=True)
error_message = helpers.check_if_error(res)
if error_message:
return flask.jsonify({'err': error_message})
return flask.jsonify({'events': res})
def get_events():
if not auth_utils.is_caltech_user():
return auth_utils.login_redirect()
res = helpers.sync_data(1, flask.request.form['year'], 12,
flask.request.form['year'])
error_message = helpers.check_if_error(res)
if error_message:
return flask.jsonify({'err': error_message})
return flask.jsonify({'events': res})
def directory_search():
if not is_caltech_user():
return login_redirect()
return flask.render_template(
'directory_search.html',
manage_members_houses=helpers.get_manage_members_houses(),
houses=helpers.get_houses(),
options=helpers.get_options(),
residences=helpers.get_residences(),
grad_years=helpers.get_grad_years())
def feedback(group):
if not auth_utils.is_caltech_user():
return auth_utils.login_redirect()
if group not in Groups:
return flask.abort(404)
summary = False
if auth_utils.check_login():
perms = auth_utils.get_permissions(flask.session['username'])
if default_permissions.ADMIN in perms or permissions[group].SUMMARY in perms:
summary = True
return flask.render_template(
'feedback.html', summary=summary, group=group, msg=Groups[group])
def sync():
if not auth_utils.is_caltech_user():
return auth_utils.login_redirect()
res = helpers.sync_data(all_data=True)
error_message = helpers.check_if_error(res)
if error_message:
flask.flash(error_message)
global last_update_time
last_update_time = datetime.datetime.now()
return flask.render_template(
'calendar.html', permissions=helpers.get_permission())
def feedback_submit(group):
if not auth_utils.is_caltech_user():
return auth_utils.login_redirect()
if group not in Groups:
return flask.abort(404)
fields = ['name', 'email', 'subject', 'msg', 'ombuds']
data = {}
for field in fields:
data[field] = flask.request.form.get(field)
complaint_id = helpers.register_complaint(group, data)
flask.flash(
Markup('Success (you may want to save this link): <a href="' +
helpers.get_link(group, complaint_id) + '">View Complaint</a>'))
return flask.redirect(flask.url_for('feedback.feedback', group=group))
def view_user(user_id):
if not is_caltech_user():
return login_redirect()
user = helpers.get_user(user_id)
is_me = 'username' in flask.session and get_user_id(
flask.session['username']) == user_id
hidden_fields = helpers.get_hidden_fields(flask.session.get('username'),
user_id)
return flask.render_template('view_user.html',
user=user,
is_me=is_me,
user_id=user_id,
hidden_fields=hidden_fields)
def get_events_backup():
if not auth_utils.is_caltech_user():
return auth_utils.login_redirect()
res = helpers.get_events_backup(1, flask.request.form['year'], 12,
flask.request.form['year'])
error_message = helpers.check_if_error(res)
if error_message:
return flask.jsonify({'err': error_message})
return flask.jsonify({
'events':
res,
'last_update_time':
last_update_time.strftime("%Y-%m-%dT%H:%M:%SZ")
})
def get_all_events_backup():
if not auth_utils.is_caltech_user():
return auth_utils.login_redirect()
res = helpers.get_events_backup(all_data=True)
error_message = helpers.check_if_error(res)
if error_message:
return flask.jsonify({'err': error_message})
return flask.jsonify({
'events':
res,
'permissions':
helpers.get_permission(),
'last_update_time':
last_update_time.strftime("%Y-%m-%dT%H:%M:%SZ")
})
def view_user(user_id):
if not is_caltech_user():
return login_redirect()
username = flask.session.get('username')
user = helpers.get_user(user_id)
if user is not None:
hidden_fields = helpers.get_hidden_fields(username, user_id)
user = {
key: value
for key, value in user.items() if key not in hidden_fields
}
is_me = username is not None and get_user_id(username) == user_id
return flask.render_template('view_user.html',
user=user,
is_me=is_me,
user_id=user_id)
def calendar_add_events(update=0):
if 'username' not in flask.session:
return auth_utils.login_redirect()
fields = [
'name', 'description', 'start_date', 'start_hour', 'start_minute',
'end_hour', 'end_minute', 'end_date', 'tag'
]
for field in fields:
if None == flask.request.form.get(field):
flask.flash('Please fill in all required fields (marked with *)',
'error')
return flask.redirect(flask.url_for('calendar.calendar'))
start_date = flask.request.form.get('start_date')
start_hour = flask.request.form.get('start_hour')
start_time = flask.request.form.get('start_minute')
end_date = flask.request.form.get('end_date')
end_hour = flask.request.form.get('end_hour')
end_time = flask.request.form.get('end_minute')
start_year, start_month, start_day = map(int, start_date.split('-'))
end_year, end_month, end_day = map(int, end_date.split('-'))
begin_datetime = datetime.datetime(start_year, start_month, start_day,
int(start_hour), int(start_time))
end_datetime = datetime.datetime(end_year, end_month, end_day,
int(end_hour), int(end_time))
if begin_datetime > end_datetime:
flask.flash('Invalid times', 'error')
return flask.redirect(flask.url_for('calendar.calendar'))
start_time = start_date + 'T' + start_hour + ":" + start_time + ":00"
end_time = end_date + 'T' + end_hour + ":" + end_time + ":00"
e = helpers.add_event(
flask.request.form.get('name'),
flask.request.form.get('description'),
flask.request.form.getlist('tag'), start_time, end_time, update,
flask.request.form.get('location'), flask.request.form.get('eventId'))
if e:
flask.flash('Error when adding events: ' + str(e) +
' ; If this error persists, contact devteam', 'error')
return flask.redirect(flask.url_for('calendar.calendar'))
def calendar_share_cal():
if 'username' not in flask.session:
return auth_utils.login_redirect()
fields = ['email', 'tag', 'access_level']
for field in fields:
if None == flask.request.form.get(field):
flask.flash('Please fill in all required fields (marked with *)',
'error')
return flask.redirect(flask.url_for('calendar.calendar'))
e = helpers.share_calendar(
flask.request.form.getlist('tag'),
flask.request.form.get('email'),
flask.request.form.get('access_level'))
if e:
flask.flash('Error when sharing calendars:' + e +
" ; if the error persists, contact dev team", 'error')
else:
flask.flash('Success! Please check your gmail')
return flask.redirect(flask.url_for('calendar.calendar'))
def view_item(item_id):
"""View additional details about item <item_id>"""
if not is_caltech_user():
return login_redirect()
item = helpers.table_fetch(
"""
marketplace_items NATURAL LEFT JOIN
marketplace_textbooks NATURAL JOIN
marketplace_categories
""",
one=True,
fields=VIEW_FIELDS,
attrs={'item_id': item_id})
# Make sure the item_id is a valid item, i.e. data is nonempty
if item is None:
flask.abort(404)
# Display textbook edition
edition = item['textbook_edition']
if edition:
item['textbook_edition'] = helpers.process_edition(edition)
# Grab the stored image links
image_links = helpers.get_image_links(item_id)
# Notify if the item is inactive
if not item['item_active']:
flask.flash('This item has been archived!')
return helpers.render_with_top_marketplace_bar(
'view_item.html',
item_id=item_id,
item=item,
image_links=image_links,
user=get_name_and_email(item['user_id']),
can_edit=helpers.can_manage(item))
def sell():
username = flask.session.get('username')
if username is None:
# They're not logged in, kick them out
return login_redirect()
# Extract item id
item_id = helpers.try_int(flask.request.args.get('item_id'))
# STATES
# ------
# new (default): making a new listing
# edit: editing an old listing
state = flask.request.args.get('state', 'new')
if state not in ALLOWED_SELL_STATES:
flask.flash('Invalid state')
return flask.redirect(flask.url_for('.sell'))
saving = flask.request.method == 'POST'
editing = state == 'edit'
if saving:
form = flask.request.form
item = {
'cat_id': helpers.try_int(form.get('cat')),
'textbook_id': helpers.try_int(form.get('textbook_id')),
'textbook_title': form.get('textbook_title'),
'textbook_author': form.get('textbook_author'),
'textbook_edition': form.get('textbook_edition'),
'textbook_isbn': form.get('textbook_isbn'),
'item_title': form.get('item_title'),
'item_condition': form.get('item_condition'),
'item_price': form.get('item_price'),
'item_details': form.get('item_details'),
'images': [image for image in form.getlist('images') if image]
}
elif editing:
item = helpers.table_fetch(
'marketplace_items',
one=True,
fields=SELL_FIELDS,
attrs={'item_id': item_id})
if not item:
# No data? the item_id must be wrong
flask.flash('Invalid item')
return flask.redirect(flask.url_for('.marketplace'))
item['images'] = helpers.get_image_links(item_id)
else:
item = {'images': []}
# Make sure the current user is the one who posted the item
if editing and not helpers.can_manage(item_id):
flask.flash('You do not have permission to edit this item')
return flask.redirect(flask.url_for('.marketplace'))
# This route is used for both GET and POST;
# only try to create/update the item if this is a POST
if saving:
errors = [] # collect all validation errors
cat_title = helpers.get_category_name_from_id(item['cat_id'])
if not cat_title:
errors.append('Invalid category')
is_textbook = cat_title == 'Textbooks'
if is_textbook:
textbook_id = item['textbook_id']
if textbook_id:
textbook = helpers.table_fetch(
'marketplace_textbooks',
one=True,
attrs={'textbook_id': textbook_id})
if not textbook:
errors.append('Invalid textbook')
else:
if not item['textbook_title']:
errors.append('Missing textbook title')
if not item['textbook_author']:
errors.append('Missing textbook author')
edition = item['textbook_edition']
if edition and not helpers.validate_edition(edition):
errors.append('Invalid textbook edition')
isbn = item['textbook_isbn']
if isbn:
if helpers.validate_isbn(isbn):
item['textbook_isbn'] = isbn.replace('-', '')
else:
errors.append('Invalid textbook ISBN')
item['item_title'] = None
else:
if not item['item_title']:
errors.append('Missing item title')
item['textbook_id'] = None
item['textbook_edition'] = None
item['textbook_isbn'] = None
if not item['item_condition']:
errors.append('Missing condition')
price = item['item_price']
if not (price and helpers.validate_price(price)):
errors.append('Invalid price')
images = item['images']
for i, image in enumerate(images):
image = helpers.validate_image(image)
if image:
images[i] = image
else:
errors.append('Invalid image')
if errors:
# Display all errors and don't submit
for error in errors:
flask.flash(error)
else:
if is_textbook and not textbook_id:
item['textbook_id'] = helpers.add_textbook(
item['textbook_title'], item['textbook_author'])
if editing:
helpers.update_current_listing(item_id, item)
flask.flash('Updated!')
else:
item['user_id'] = get_user_id(username)
item_id = helpers.create_new_listing(item)
flask.flash('Posted!')
return flask.redirect(flask.url_for('.view_item', item_id=item_id))
# Otherwise, they have not submitted anything, so render the form
item['images'] += [''] * (MAX_IMAGES - len(item['images']))
categories = helpers.table_fetch('marketplace_categories')
textbooks_cat, = (cat['cat_id'] for cat in categories
if cat['cat_title'] == 'Textbooks')
textbooks = helpers.table_fetch('marketplace_textbooks')
return helpers.render_with_top_marketplace_bar(
'sell.html',
state=state,
item_id=item_id,
item=item,
MAX_IMAGES=MAX_IMAGES,
imgur_id=flask.current_app.config['IMGUR_API']['id'],
categories=categories,
textbooks=textbooks,
textbooks_cat=textbooks_cat,
conditions=CONDITIONS)
def calendar_search():
if not auth_utils.is_caltech_user():
return auth_utils.login_redirect()
return flask.render_template(
'calendar_search.html', permissions=helpers.get_permission())
def share_cal():
if 'username' not in flask.session:
return auth_utils.login_redirect()
return flask.render_template(
'share_cal.html', permissions=helpers.get_permission())
def add_events():
if 'username' not in flask.session:
return auth_utils.login_redirect()
return flask.render_template(
'add_events.html', permissions=helpers.get_permission())