def add_item(user_id): user = db.session.query(User).filter_by(id=user_id).first() tokens = map(lambda x: x.token, user.tokens) check = check_auth_header(request.headers) if not check[0]: return check[1] if not authenticate_user(tokens, request.headers['AuthToken']): return unauthorized_message() data = MultiDict(mapping=request.json) inputs = ItemForm(data, csrf_enabled=False) if not inputs.validate(): return bad_request_error(inputs.errors) data = request.get_json() name = data['name'] description = data['description'] thumbnail_url = data['thumbnail_url'] item_url = data['item_url'] item = Item(name, description, thumbnail_url, user_id, item_url) db.session.add(item) db.session.commit() response = jsonify({ 'name': item.name, 'description': item.description, 'thumbnail_url': item.thumbnail_url }) response.status_code = 201 return response
def UpdateItem(message): Before_request() list_id = message["list_id"] item_id = message["item_id"] # Before checking for validation, we assume the item will not be # added and that the list is not valid. sendMessage = {"errors": "This is not a valid list."} customMessage = 'update item fail' room = None query_list = g.user.lists.filter_by(id = list_id).first() query_list_shared = g.user.shared_lists.filter_by(id = list_id).first() if query_list is not None or query_list_shared is not None: item = Item.query.filter_by(id = item_id).first() form = ItemForm(item_name = message["item_name"], csrf_token = message["csrf_token"]) # We don't need the items checked state to validate the form del form.check if item is not None and form.validate(): item.item_name = form.item_name.data db.session.commit() sendMessage = {"itemName": item.item_name, "itemID": item.id} customMessage = 'update item success' room = list_id else: sendMessage = {"errors": form.item_name.errors} emit(customMessage, sendMessage, room = room)
def update_item(id): """Updates the requested item.""" if needs_login(): return redirect(url_for('oauth2callback')) form = ItemForm(request.form) item = models.Item.query.filter_by(id=id).first() if not form.validate(): return render_template('edit_item.html', form=form, item=item) # retain the old image path before populate_obj overwrites it with form # data old_image = item.image form.populate_obj(item) item.image = old_image if form.image is not None: image_data = request.files['image'].read() if len(image_data) > 0: # generate a random file name and save it to the image folder filename = ''.join(random.choice( string.ascii_uppercase + string.digits) for x in xrange(16)) ext = os.path.splitext(request.files['image'].filename)[1] open(app.config['IMAGE_DIR'] + filename + ext, 'w').write(image_data) item.image = filename + ext # if the user updates the image, delete the old one if os.path.isfile(app.config['IMAGE_DIR'] + old_image): os.remove(app.config['IMAGE_DIR'] + old_image) db.session.add(item) db.session.commit() return render_template('generic.html', title="Update Completed", description="%s has been updated." % item.name, redirect_to_index=True)
def item_new(): form = ItemForm(request.form) form.category_id.choices = [(cat.id, cat.name) for cat in categories] if request.method == 'POST' and form.validate(): return item_new_post(form) else: return item_new_get(form)
def add_item(): """Saves the new item and redirects to confirmation page.""" if needs_login(): return redirect(url_for('oauth2callback')) form = ItemForm(request.form) if not form.validate(): return render_template('new_item.html', form=form) image = "" if form.image.data is not None: image_data = request.files['image'].read() if len(image_data) > 0: # generate a random file name and save it to the image folder filename = ''.join(random.choice( string.ascii_uppercase + string.digits) for x in xrange(16)) ext = os.path.splitext(request.files['image'].filename)[1] open(app.config['IMAGE_DIR'] + filename + ext, 'w').write(image_data) image = filename + ext item = models.Item(name=form.name.data, user=get_current_user(), description=form.description.data, category=form.category.data, image=image) db.session.add(item) db.session.commit() return render_template('generic.html', title="Item Added", description="%s has been added." % item.name, redirect_to_index=True)
def additem(): """ this allow users to add items """ form = ItemForm(request.form) categories = Category.query.all() form.category.choices = [(c.id, c.name) for c in categories] if request.method == 'POST' and form.validate(): print('\n\n\n\ninside post') name = form.name.data price = form.price.data brand = form.brand.data description = form.description.data category = form.category.data image = form.image.data print(name, price, description, image, brand, category) item = Item(name=name, price=price, description=description, image=image, brand=brand, category_id=category, user_id=login_session['gplus_id']) db.session.add(item) db.session.commit() flash('item saved successfully', 'success') return redirect('/') elif form.errors: flash(form.errors, 'danger') return redirect('/') else: print('\n\n\n\ninside get') return render_template('additem.html', form=form)
def items_edit(item_id): form = ItemForm(request.form) if request.method == 'POST' and form.validate(): if Item.query.filter(Item.name == form.name.data, Item.id != form.id.data).first(): data = { 'nav_urls': get_urls(), 'active_url': url_for('items_new') } duplicate = True return render_template('items_edit.html', form=form, data=data, duplicate=duplicate) else: item = Item.query.filter(Item.id == item_id).first() item.name = form.name.data item.price = form.price.data item.active = form.active.data dbs.add(item) dbs.commit() return redirect(url_for('items')) else: data = { 'nav_urls': get_urls(), 'active_url': url_for('items_edit', item_id=item_id) } item = Item.query.filter(Item.id == item_id).first() form.id.data = item.id form.name.data = item.name form.price.data = item.price form.active.data = item.active return render_template('items_edit.html', data=data, form=form)
def add_item(user_id): user = db.session.query(User).filter_by(id=user_id).first() tokens = map(lambda x: x.token , user.tokens) check = check_auth_header(request.headers) if not check[0]: return check[1] if not authenticate_user(tokens , request.headers['AuthToken']): return unauthorized_message() data = MultiDict(mapping=request.json) inputs = ItemForm(data , csrf_enabled=False) if not inputs.validate(): return bad_request_error(inputs.errors) data = request.get_json() name = data['name'] description = data['description'] thumbnail_url = data['thumbnail_url'] item_url = data['item_url'] item = Item(name, description, thumbnail_url, user_id, item_url) db.session.add(item) db.session.commit() response = jsonify({'name':item.name , 'description':item.description, 'thumbnail_url':item.thumbnail_url}) response.status_code = 201 return response
def items_edit(item_id): form = ItemForm(request.form) if request.method == 'POST' and form.validate(): if Item.query.filter(Item.name == form.name.data, Item.id != form.id.data).first(): data = {'nav_urls': get_urls(), 'active_url': url_for('items_new')} duplicate = True return render_template('items_edit.html', form=form, data=data, duplicate=duplicate) else: item = Item.query.filter(Item.id == item_id).first() item.name = form.name.data item.price = form.price.data item.active = form.active.data dbs.add(item) dbs.commit() return redirect(url_for('items')) else: data = { 'nav_urls': get_urls(), 'active_url': url_for('items_edit', item_id=item_id) } item = Item.query.filter(Item.id == item_id).first() form.id.data = item.id form.name.data = item.name form.price.data = item.price form.active.data = item.active return render_template('items_edit.html', data=data, form=form)
def item_edit(item_id): item = session.query(Item).filter_by(id=item_id).one() form = ItemForm(request.form, item) form.category_id.choices = [(cat.id, cat.name) for cat in categories] if request.method == 'POST' and form.validate(): return item_edit_post(form, item) else: return item_edit_get(form, item)
def add_item(): form = ItemForm(request.form) if request.method == "POST" and form.validate(): item = Items(name=form.name.data, quantity=form.quantity.data, description=form.description.data, date_added=datetime.datetime.now()) db_session.add(item) db_session.commit() return redirect(url_for('success')) return render_template('index.html', form=form)
def editItem(item_id): categories = session.query(Category).all() item = session.query(Item).filter_by(id=item_id).one_or_none() if item is None: flash("Item does not exist") return redirect(url_for('site.showHome')) # Checks if the current user is not the owner of the item if login_session['user_id'] != item.user_id: flash("You're not authorized to edit this item") return redirect(url_for('site.showHome')) # This loads the ItemForm into a local variable form = ItemForm(request.form) if request.method == 'GET': # This will render a form to edit an item form.name.data = item.name form.description.data = item.description return render_template('edititem.html', categories=categories, item=item, form=form) if request.method == 'POST': # This checks whether the form passes validation if form.validate(): # This will commit the item edit to the database item.category = item.category if request.form['name']: item.name = request.form['name'] if request.form['description']: item.description = request.form['description'] if request.form['category']: item.category = session.query(Category).filter_by( name=request.form['category']).one_or_none() if item.category is None: flash("Get out of dev tools, hacker!") return redirect(url_for('site.showHome')) session.add(item) session.commit() return redirect( url_for('site.showItem', category_name=item.category.name, item_id=item.id)) else: # This will run if the form fails validation return render_template('edititem.html', categories=categories, item=item, form=form)
def sell(): item_form = ItemForm(request.form) if request.method == 'POST' and item_form.validate(): product_name = item_form.data['product'] product = db_session.query(Product).filter( Product.name == product_name.lower()).first() seller_name = item_form.data['seller'] seller = db_session.query(User).\ filter(User.name==seller_name.lower()).\ filter(User.user_type=='Seller').first() if product and seller: item = Item() save_item(item, item_form, new=True) # Add child to Product parent models product.items.append(item) seller.items.append(item) db_session.commit() else: if not product: flash('No products match "{}"'.format(product_name)) if not seller: flash('No sellers match "{}"'.format(seller_name)) return redirect('/sell') flash('Item created successfully!') return redirect('/sell') product_results = db_session.query(Product).all() # product_table = ProductResults(product_results) # product_table.border = True item_results = join_item_seller(db_session).all() # item_table = ItemResults(item_results) # item_table.border = True return render_template('sell.html', product_results=product_results, item_results=item_results, item_form=item_form)
def add(): global db form = ItemForm(request.form) if request.method == 'POST' and form.validate(): document = {} for field, value in request.form.items(): document[field] = value if 'title' in document and 'media_type' in document: slug = common.slugify(document['title']) document['slug'] = slug db.save(document) print "Document saved." flash('Changes saved.') return redirect(url_for('edit', slug=slug)) types = [item[0] for item in MEDIA_TYPES] return render_template('form.html', title="Add item", form=form, types=types, document={})
def edit_item(id): item = db_session.query(Items).filter_by(id=id).first() if item: form = ItemForm(request.form, obj=item) if request.method == "POST": if request.form['submit'] == 'Delete': db_session.delete(item) db_session.commit() return redirect(url_for('success')) elif request.form['submit'] == 'Save' and form.validate(): item.name = form.name.data, item.quantity = form.quantity.data, item.description = form.description.data, item.date_added = datetime.datetime.now() db_session.commit() return redirect(url_for('success')) return render_template("item.html", form=form, id=id) else: return ("Cannot find item ID%d" % (id, ))
def newItem(): categories = session.query(Category).all() # This loads the ItemForm into a local variable form = ItemForm(request.form) if request.method == 'GET': # This will render a form to add a new item return render_template('newitem.html', categories=categories, form=form) if request.method == 'POST': # This checks whether the form passes validation if form.validate(): # This will add a new item to the database category = session.query(Category).filter_by( name=request.form['category']).one_or_none() if category is None: flash("Get out of dev tools, hacker!") return redirect(url_for('site.showHome')) item = Item(name=request.form['name'], description=request.form['description'], category=category, user_id=login_session['user_id']) session.add(item) session.commit() return redirect( url_for('site.showItem', category_name=item.category.name, item_id=item.id)) else: # This will run if the form fails validation return render_template('newitem.html', categories=categories, form=form)
def AddItem(message): Before_request() # Before checking for validation, we assume the item will not be # added and that the list is not valid. sendMessage = {"errors": "This is not a valid list."} customMessage = 'add item fail' room = None list_id = message["list_id"] query_list = g.user.lists.filter_by(id = list_id).first() query_list_shared = g.user.shared_lists.filter_by(id = list_id).first() if query_list is not None or query_list_shared is not None: form = ItemForm(item_name = message["item_name"], csrf_token = message["csrf_token"]) # We don't need the items checked state to validate the form del form.check if form.validate(): item_name = form.item_name.data item = Item(item_name = item_name, list_id = list_id) # add item entry db.session.add(item) db.session.commit() # Set everything to a success state. sendMessage = { "itemID": item.id, "itemName": item.item_name } customMessage = 'add item success' room = list_id else: sendMessage = { "errors": [form.item_name.errors, form.csrf_token.errors]} emit(customMessage, sendMessage, room = room)
def CheckItem(message): Before_request() list_id = message["list_id"] item_id = message["item_id"] query_list = g.user.lists.filter_by(id = list_id).first() query_list_shared = g.user.shared_lists.filter_by(id = list_id).first() # Before checking for validation, we assume the item will not be # added and that the list is not valid. sendMessage = {"errors": "This is not a valid list."} customMessage = 'check item fail' room = None if query_list is not None or query_list_shared: item = Item.query.filter_by(id = item_id).first(); check = True if message["check"] else False form = ItemForm(check = check, csrf_token = message["csrf_token"]) # We don't need the item name to validate this request. del form.item_name if item is not None and form.validate(): item.check = form.check.data db.session.commit() sendMessage = { "itemID": item.id } customMessage = 'check item success' room = list_id else: sendMessage = { "errors" : item.check.errors } emit(customMessage, sendMessage, room = room)