def does_ticket_exist(ticket_id):
"""
Checks if the ticket id exists in the database.
:param ticket_id: the id of the ticket to be tested
:returns: True if the ticket id exists in the database
"""
return bn.get_ticket(ticket_id)
def run_around_tests():
if get_user('*****@*****.**') is None:
register_user('*****@*****.**', 'Tester Zero', 'Password123',
'Password123')
if get_ticket('t1') is None:
create_ticket('t1', 50, 70.50, '20771210')
def update_post():
title = request.form.get('upd-name')
try:
quantity = int(request.form.get('upd-quantity'))
price = int(request.form.get('upd-price'))
expDate = int(request.form.get('upd-exp'))
except:
return redirect('/?uMessage=Field Requires Integer')
temp = str(expDate)
expDateLen = len(temp)
ticket = bn.get_ticket(title)
if not ticket:
return redirect('/?uMessage=Ticket Does Not Exist')
elif not re.search(regex_title, title):
return redirect('/?uMessage=Name Format Error')
elif quantity <= 0 or quantity > 100:
return redirect('/?uMessage=Invalid Quantity')
elif price < 10 or price > 100:
return redirect('/?uMessage=Invalid Price')
elif expDateLen != 8:
return redirect('/?uMessage=Invalid Date Format (YYYYMMDD)')
bn.update_ticket(title, quantity, price, expDate)
return render_template('temp.html', message='Updated')
def buy_post():
title = request.form.get('buy-name')
try:
quantity = int(request.form.get('buy-quantity'))
except:
return redirect('/?bMessage=Field Requires Integer')
ticket = bn.get_ticket(title)
if not re.search(regex_title, title):
return redirect('/?bMessage=Name Format Error')
elif not ticket:
return redirect('/?bMessage=Ticket Does Not Exist')
email = session['logged_in']
user = bn.get_user(email)
serviceFee = ticket.price * quantity * 0.35
tax = ticket.price * quantity * 0.05
cost = (ticket.price * quantity + serviceFee + tax)
if quantity <= 0 or quantity > 100:
return redirect('/?bMessage=Invalid Quantity')
elif quantity > ticket.quantity:
return redirect('/?bMessage=Not Enough Tickets Left')
elif user.balance < cost:
return redirect('/?bMessage=Insufficient Funds')
bn.buy_ticket(title, quantity, cost, user)
return render_template('temp.html', message='Bought')
def buy_post():
user_email = session['logged_in']
ticket_name = request.form.get('buy-name')
ticket_quantity = int(request.form.get('buy-quantity'))
error_message = None
tik = bn.get_ticket(ticket_name)
if (ticket_name_check(ticket_name) is None): # no match in regex
error_message = 'Ticket name is incorrect'
elif quantity_check(ticket_quantity):
error_message = "Invalid quantity in ticket buy form"
elif not tik:
return "Ticket does not exist"
elif tik.quantity < ticket_quantity:
return "Not enough tickets for sale"
elif bn.get_balance(user_email) < (tik.price * ticket_quantity * 1.40):
return "Insufficient balance"
else:
error_message = bn.buy_ticket(user_email, ticket_name, ticket_quantity)
return error_message
def test_backend_get_ticket_T1():
# Set up valid ticket
bn.sell_ticket(test_ticket.name, test_ticket.quantity, test_ticket.price,
test_ticket.date, test_ticket.user)
# Test #1 (valid ticket id)
result = bn.get_ticket(test_ticket.id)
assert result is not None
assert result.name == test_ticket.name
def test_get_ticket_valid():
# First clear teh database of tickets so that IntegrityError is not encountered
db.session.query(Ticket).delete()
db.session.commit()
# Set up valid ticket
bn.sell_ticket(test_ticket.id, test_ticket.name, test_ticket.quantity,
test_ticket.price, test_ticket.date, test_ticket.email)
# Test if the ticket posted for sale is in the database
result = bn.get_ticket(test_ticket.name)
assert result is not None
assert result.name == test_ticket.name
def update_post():
name = request.form.get('tname')
quantity = request.form.get('tquantity')
price = request.form.get('price')
expiration = request.form.get('expiration')
email = session['logged_in']
user = bn.get_user(email)
ticket = bn.get_ticket(name)
error_message = None
#checks if the expiration date is in the correct format, assigns checkDate
#to None if it is not
try:
checkDate = datetime.datetime.strptime(expiration, '%Y%m%d')
except:
checkDate = None
#verifies that checkDate is not equal to None
if checkDate == None:
error_message = "Incorrect expiration date format"
#redirects for any errors
# elif error_message:
#return render_template('/', message=error_message)
#error_message = None
#Validating information submitted in update form
#Name of ticket has to be alphanumeric only
elif not all(chr.isalnum() or chr.isspace() for chr in name):
error_message = "name not alphanumeric"
#Name must have no spaces at the beginning or end
elif name.startswith(" ") or name.endswith(" "):
error_message = "The ticket name can't begin or end with a space."
#Name of the ticket can't be longer than 60 characters
elif len(name) > 60:
error_message = "The ticket name can't be longer than 60 characters."
#Quantity has to be more than zero, and less than or equal to 100
elif int(quantity) <= 0 or int(quantity) > 100:
error_message = "The ticket quantity must be between 1 and 100 (inclusive)."
#Price has to be in the range 10-100
elif int(price) < 10 or int(price) > 100:
error_message = "The ticket price must be between 10 and 100 (inclusive)."
elif ticket == None:
error_message = "Sorry, this ticket is not available."
if error_message:
tickets = bn.get_all_tickets()
return render_template('index.html', message=error_message, user=user, tickets=tickets)
else:
bn.update_ticket(name,quantity,price,int(expiration))
return redirect('/')
def test_post_duplicate_ticket():
"""
Check that a ticket cannot be posted with a duplicate name
"""
email = '*****@*****.**'
ticket_name = 'testTicket'
price = 20
quantity = 15
today = date.today()
future_day = today + timedelta(days=10)
future_date = future_day.strftime("%Y\t%m%d")
if bn.get_ticket(ticket_name) is None:
bn.post_tickets(ticket_name, quantity, price, future_date, email)
assert bn.post_tickets(ticket_name, quantity, price, future_date,
email) is False
def buy_post():
name = request.form.get('tname')
quantity = request.form.get('tquantity')
price = request.form.get('tprice')
error_message = None
#returning a user object of the current session to get the current users email.
email = session['logged_in']
#storing the returned user in a variable
user = bn.get_user(email)
#finalprice = (price*quantity) + 0.35*(price*quantity) + 0.05*(price*quantity)
ticket = bn.get_ticket(name)
#each character of the ticketname has to be alphanumeric or a space
if not all(chr.isalnum() or chr.isspace() for chr in name):
error_message = "name not alphanumeric"
#ticketname cannot have spaces at start or end
elif name.startswith(" ") or name.endswith(" "):
error_message = "space at start/end"
#verifies that the ticketname is between 6 and 60 characters
elif len(name) < 6 or len(name) > 60:
error_message = "username too short or too long"
#verifies that the quantity is more than 0 and less than/equal to 100.
elif int(quantity) <= 0 or int(quantity) > 100:
error_message = "quantity not between 1 and 100 (inclusive)"
#verifies that the ticket exists
elif ticket == None:
error_message = "Sorry, this ticket is not available."
elif ticket.quantity < int(quantity) :
error_message = "There are not enough tickets"
#checks if the user balance is more than the price of the ticket
elif user.balance < ((ticket.price*int(quantity)) + 0.35*(ticket.price*int(quantity)) + 0.05*(ticket.price*int(quantity))):
error_message = "The user does not have enough balance"
if error_message:
#return render_template('/', message=error_message)
tickets = bn.get_all_tickets()
return render_template('index.html', message=error_message, user=user, tickets=tickets)
else:
#bn.ticket_bought(name)
user.balance = user.balance - ((ticket.price*int(quantity)) + 0.35*(ticket.price*int(quantity)) + 0.05*(ticket.price*int(quantity)))
if ticket.quantity == 1:
bn.remove_ticket(name)
else:
bn.update_quantity(name,quantity)
return redirect('/')
def buyticket():
ticket_id = int(request.form['ticket_id'])
buyer_email = request.form['user']
buyer = bn.get_user(buyer_email)
message = ""
user_balance = buyer.balance
ticket_price = bn.get_ticket(ticket_id).price
# check for sufficient funds
if not does_user_have_sufficient_balance(user_balance, ticket_price):
message = "User balance does not have sufficient funds."
if not message: # if message is empty, indicating no validation errors
bn.buy_ticket(ticket_id, buyer.email)
message = "Ticket purchased successfully."
# redirect user to profile page with result message
return redirect("/?message={}".format(message))
def update_post():
#extract contents of the update form
name = request.form.get('update_name')
price = request.form.get('update_price')
quantity = request.form.get('update_quantity')
date = request.form.get('update_date')
#initialize error message to be empty
error_message = None
#check that the given ticket name exists in the database
ticket = bn.get_ticket(name=name)
if not ticket:
error_message = 'no such ticket exists'
#check that the ticket name is alphanumeric only, space allowed only if not first or last character, and contains less than 60 chars
if is_valid_ticket_name(str(name)) == False:
error_message = 'invalid ticket name'
#check ticket quantity is greater than 0 and less or equal to 100
if is_valid_ticket_quanitity(quantity) == False:
error_message = 'invalid ticket quantity'
#check ticket price is in the range 10 to 100 (including 10 and 100)
if is_valid_ticket_price(price) == False:
error_message = 'invalid ticket price'
#check that date format is YYYYMMDD
#save ticket to database
ticket = bn.store_ticket(name=name,
price=price,
quantity=quantity,
date=date)
#if theres an error message, output that message. Otherwise, post and redirect to user profile page
if error_message:
return render_template('index.html', update_message=error_message)
else:
return redirect('/')
def update():
"""
Route to update a ticket.
This route will validate the ticket form, if valid it will update the ticket on the database
through a backend function
"""
if 'logged_in' not in session:
return redirect('/login')
# Grab necessary information from update form
user = bn.get_user(session['logged_in'])
tickets = bn.get_all_tickets()
name = request.form.get('name')
quantity = request.form.get('quantity')
price = request.form.get('price')
date = request.form.get('date')
error_message = check_ticket_form(name, quantity, price, date)
if error_message:
return render_template('index.html',
update_message=error_message,
user=user,
tickets=tickets)
# Check if ticket exists in database
ticket = bn.get_ticket(name)
if ticket is None:
return render_template('index.html',
update_message='Ticket does not exist',
user=user,
tickets=tickets)
# Update tickets to database
bn.update_ticket(name, quantity, price, date)
return render_template('index.html',
update_message='Successfully updated tickets',
user=user,
tickets=tickets)
def test_get_ticket_valid():
# Create a random test ticket id that is not valid or present in the database
invalid_ticket_id = -1000
result = bn.get_ticket(invalid_ticket_id)
assert result == None
def test_get_ticket_method(): #maybe test addticket
ticket = get_ticket("Correct Ticket")
if not ticket:
add_ticket("Correct Ticket", "11", "11", "20210101")
assert get_ticket(" no") == None #test for incorrect ticket name
def sell_post():
# Get current user's email, with is the ticket owner's email.
email = session['logged_in']
user = bn.get_user(email)
# Get ticket information from post form.
name = request.form.get('sell-name')
quantity = int(request.form.get('sell-quantity'))
price = int(request.form.get('sell-price'))
date = request.form.get('sell-date')
# The name of the ticket has to be alphanumeric-only, and space allowed only if it is not the first or the last character.
# The name of the ticket is no longer than 60 characters
name_valid = False
if name.isalnum() and name[0] != " " and name[-1] != " " and len(
name) >= 6 and len(name) <= 60:
name_valid = True
# The quantity of the tickets has to be more than 0, and less than or equal to 100.
quantity_valid = False
if quantity > 0 and quantity <= 100:
quantity_valid = True
# Price has to be of range [10, 100]
price_valid = False
if price >= 10 and price <= 100:
price_valid = True
# Date must be given in the format YYYYMMDD (e.g. 20200901)
date_valid = False
# If the format is correct, two '-' character will be added at index 4 and 7.
if len(date) == 10 and date[4] == '-' and date[7] == '-':
date_valid = True
# Check if the name of ticket doesn't exist in database.
name_unique = False
ticket = bn.get_ticket(name)
if not ticket:
name_unique = True
# If all elements have valid format, then ticket information is valid, redirect to sell page and show message.
if name_valid and quantity_valid and price_valid and date_valid and name_unique:
ticket = bn.new_ticket_for_sell(name, email, quantity, price, date)
return render_template('sell.html',
message_s="Ticket successfully posted",
ticket_name=name,
ticket_quantity=quantity,
ticket_price=price,
ticket_date=date)
# For any errors, redirect back to / and show an error message.
else:
# Get all tickets' info from backend.
tickets = bn.get_all_tickets()
all_name = []
all_price = []
all_quantity = []
all_email = []
# Add all information to corresponding collumn.
for ticket in tickets:
all_name.append(ticket.name)
all_price.append(ticket.price)
all_quantity.append(ticket.quantity)
all_email.append(ticket.owner_email)
# Pass all information to the HTML page.
return render_template('index.html',
message_s="Ticket format invalid",
user=user,
names=all_name,
prices=all_price,
quantities=all_quantity,
emails=all_email)
def buy_tickets():
"""
This function is responsible for completing the buying action on tickets, so taking
the inputs from the buy section and converting them to bought tickets
:return: If the forms don't adhere to the required formatting, return with error message,
otherwise return with successfull ticket selling
"""
# Retrieve info from forms
ticket_name = request.form.get('buy_ticket_name')
num_tickets = request.form.get('buy_num_tickets')
# Find out info on logged in user and tickets
email = session['logged_in']
user = bn.get_user(email)
error_message = ticket_info_sanitizer(ticket_name, num_tickets)
# Subtract the bought tickets from amount available
if error_message is None:
# Retrieve info on ticket being bought
ticket_info = bn.get_ticket(ticket_name)
if ticket_info is not None:
# Calc cost of ticket
ticket_cost = ticket_info.ticket_price * int(num_tickets)
service_fee = ticket_cost * 0.35
tax = ticket_cost * 0.05
overall_cost = ticket_cost + service_fee + tax
if (ticket_info.num_tickets < int(num_tickets)):
error_message = "Requested more than available tickets"
elif (user.balance - overall_cost < 0):
error_message = "Not enough money in balance"
elif not bn.buy_tickets(ticket_name, num_tickets):
error_message = "Not a concert"
else:
error_message = "Unknown Error"
else:
error_message = "Not a concert"
# get Info on Tickets
tickets = bn.get_all_tickets()
# if there is any error messages when registering new user
# at the backend, go back to the register page.
if error_message:
return render_template('index.html',
user=user,
buy_message=error_message,
tickets=tickets)
# Update the buyer ans sellers balance to reflect the transaction
bn.update_balance(user.email, ticket_info.ticket_owner, ticket_cost,
overall_cost)
#Re-render page with updates
return render_template('index.html',
user=user,
buy_message=error_message,
tickets=tickets)
def buy_post():
#Get into current user's account to proceed buying process
email = session['logged_in']
user = bn.get_user(email)
#Get the name and quantity from the buying form
name = request.form.get('buy-name')
quantity = int(request.form.get('buy-quantity'))
# the name of the ticket has to be alphanumeric-only and space is allowed with requirements
name_valid = False
if name.isalnum() and name[0] != " " and name[-1] != " ":
name_valid = True
# the name of the ticket is no longer than 60 characters
name_len = False
if len(name) <= 60 and len(name) >= 6:
name_len = True
# quantity of ticket is within the range 0(disclusive) to 100(inclusive)
quantity_valid = False
if quantity > 0 and quantity <= 100:
quantity_valid = True
# ticket name does not exsit in the database
ticket_exist = False
#check the ticket name from the backend
ticket = bn.get_ticket(name)
if ticket:
ticket_exist = True
# ticket has more quantaties than required to buy
quantity_require = False
if quantity <= ticket.quantity:
quantity_require = True
# user has more balance than the ticket price * quantity + service fee (35%) + tax(5%)
required_price = int(ticket.price) * int(
ticket.quantity) * (1 + 0.35 + 0.05)
balance_valid = False
if user.balance >= required_price:
balance_valid = True
# if there is no error in the buying form
if name_valid and name_len and quantity_valid and ticket_exist and quantity_require and balance_valid:
return render_template('buy.html',
message_b="Transaction successful",
ticket_name=name,
ticket_quantity=quantity)
#there is error(s) in the buying form
else:
# Get all tickets' info from backend.
tickets = bn.get_all_tickets()
all_name = []
all_price = []
all_quantity = []
all_email = []
# Add all information to corresponding collumn.
for ticket in tickets:
all_name.append(ticket.name)
all_price.append(ticket.price)
all_quantity.append(ticket.quantity)
all_email.append(ticket.owner_email)
# Pass all information to the HTML page.
return render_template('index.html',
message_b="Ticket format invalid",
user=user,
names=all_name,
prices=all_price,
quantities=all_quantity,
emails=all_email)
def update_post():
# Get current user's email, with is the ticket owner's email.
email = session['logged_in']
user = bn.get_user(email)
# Get ticket information from post form.
name = request.form.get('update-name')
quantity = int(request.form.get('update-quantity'))
price = int(request.form.get('update-price'))
date = request.form.get('update-date')
# The name of the ticket has to be alphanumeric-only, and space allowed only if it is not the first or the last character
# name of the ticket is no longer than 60 characters
name_valid = name.isalnum() and name[0] != " " and name[-1] != " " and len(
name) >= 6 and len(name) <= 60
# The quantity of the tickets has to be more than 0, and less than or equal to 100
quantity_valid = quantity > 0 and quantity <= 100
# Price has to be of range [10, 100]
price_valid = price >= 10 and price <= 100
# Date must be given in the format YYYYMMDD
date_valid = len(date) == 10 and date[4] == '-' and date[7] == '-'
# The ticket of the given name must exist
name_exist = False
ticket = bn.get_ticket(name)
if ticket:
name_exist = True
# If all elements have valid format, then ticket information is valid, redirect to sell page and show message.
if name_valid and quantity_valid and price_valid and date_valid and name_exist:
# Call backend update ticket method.
bn.update_ticket(name, email, quantity, price, date)
# Get all tickets' info from backend.
tickets = bn.get_all_tickets()
all_name = []
all_price = []
all_quantity = []
all_email = []
# Add all information to corresponding collumn.
for ticket in tickets:
all_name.append(ticket.name)
all_price.append(ticket.price)
all_quantity.append(ticket.quantity)
all_email.append(ticket.owner_email)
# Pass all information to the HTML page.
return render_template('index.html',
message_u="Ticket information updated",
user=user,
names=all_name,
prices=all_price,
quantities=all_quantity,
emails=all_email)
# For any errors, redirect back to / and show an error message.
else:
# Get all tickets' info from backend.
tickets = bn.get_all_tickets()
all_name = []
all_price = []
all_quantity = []
all_email = []
# Add all information to corresponding collumn.
for ticket in tickets:
all_name.append(ticket.name)
all_price.append(ticket.price)
all_quantity.append(ticket.quantity)
all_email.append(ticket.owner_email)
# Pass all information to the HTML page.
return render_template('index.html',
message_u="Ticket format invalid",
user=user,
names=all_name,
prices=all_price,
quantities=all_quantity,
emails=all_email)
def test_backend_get_ticket_T2():
# Test input partition #2 (invalid ticket id)
invalid_ticket_id = 2
result = bn.get_ticket(invalid_ticket_id)
assert result == None
def buy_ticket(user):
ticket_name = request.form.get('name')
ticket_quantity = request.form.get('quantity')
error_message = ""
# ticket contains invalid spaces
if not check_spaces(ticket_name):
return render_template('index.html',
user=user,
message="Invalid spaces found in word")
# Check if ticket name is only alphanumeric
if not check_alnum(ticket_name):
return render_template('index.html',
user=user,
message="Name contains invalid characters")
# ticket name is longer than 60 chars
if len(ticket_name) > 60:
return render_template('index.html',
user=user,
message="Ticket name is too long")
# Ticket quantity must be greater than 0 and less than or equal to 100
if not check_quantity(1, 101, int(ticket_quantity)):
return render_template('index.html',
user=user,
message="Invalid quantity of tickets")
ticket = bn.get_ticket(ticket_name) # have a try catch error here?
if not ticket:
return render_template('index.html',
user=user,
message="Ticket does not exist")
# ticket quantity has to be more than quantity requested to buy
if int(ticket_quantity) > ticket.quantity:
return render_template(
'index.html',
user=user,
message="Requested quantity larger than available tickets")
# user has to have more balance than ticket price + xtra fees
if user.balance < (ticket.price * int(ticket_quantity) * 1.35 * 1.05):
return render_template('index.html',
user=user,
message="User balance not enough for purchase")
# redirect and display error message if possible
if error_message != "":
return redirect('/', message=error_message)
else: # add ticket to user's profile
bn.register_ticket(ticket.date, ticket.name, ticket.quantity,
ticket.price, ticket.date)
# Check if this works
user.balance = user.balance - (ticket.price * int(ticket_quantity) *
1.35 * 1.05)
# Now shows updated tickets for user and redirects to sell page
return render_template('index.html',
user=user,
message="Ticket bought successfully")
def update_ticket(user):
# This function will display the update ticket page to the user
# We need the user information and the ticket information
# This will then display the update.html page
ticket_name = request.form.get(
'name') # using name but should id be used instead?
ticket_quantity = int(request.form.get('quantity'))
ticket_price = int(request.form.get('price'))
ticket_date = request.form.get('exp_date')
error_message = ""
# There must not be a space at beginning or end
if not check_spaces(ticket_name):
return render_template('index.html',
user=user,
message="Invalid spaces found in ticket name")
# The name must be alphanumeric
if not check_alnum(ticket_name):
return render_template('index.html',
user=user,
message="Name contains special characters")
# The name of the ticket is no longer than 60 characters
if len(ticket_name) > 60:
return render_template('index.html',
user=user,
message="Ticket name is too long")
# The quantity of the tickets has to be more than 0, and less than or equal to 100
if not check_quantity(1, 101, ticket_quantity):
return render_template('index.html',
user=user,
message="Invalid quantity of tickets"
) # CHANGE REROUTE TO /UPDATE????
ticket = bn.get_ticket(ticket_name)
# The ticket of the given name must exist
if ticket is None:
return render_template('index.html',
user=user,
message="Ticket does not exist")
# Price has to be of range [10, 100]
if not check_quantity(9, 101, ticket_price):
return render_template('index.html',
user=user,
message="Invalid ticket price")
# Date must be given in format YYYYMMDD
try:
int(ticket_date)
except:
return render_template('index.html',
user=user,
message="Invalid ticket date")
if (int(ticket_date[:4]) < 2020 or int(ticket_date[4:6]) < 0
or int(ticket_date[4:6]) > 12 or int(ticket_date[6:]) < 0
or int(ticket_date[4:6]) > 31):
return render_template('index.html',
user=user,
message="Invalid ticket date")
# For any errors, redirect back to / and show an error message
if error_message != "":
return redirect('index.html', user=user, message=error_message)
# If there are no errors?
else:
ticket.quantity = ticket_quantity
ticket.price = ticket_price
ticket.date = ticket_date
# can we change name?? look into that
return render_template('index.html',
user=user,
message="Successfully updated")
