def create_user(self):
user = """INSERT INTO
users (store_id, role, email, password,added_at)
VALUES ('{}','{}','{}','{}','{}')""" \
.format(self.store_id, self.role, self.email, self.password, self.added_at)
cur.execute(user)
conn.commit()
def put(self):
"""
Edit password
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
json_data = request.get_json(force=True)
password = "".join(json_data['old_password'].split())
email = get_jwt_identity()
if password == '':
msg = 'The password field can not be empty'
return {"status": "Failed!", "message": msg}, 400
user = get_user_by_email(email)
if not check_password_hash(user[4], password):
return {"status": "Failed!", "message": "Invalid password."}, 400
new_password = "".join(json_data['new_password'].split())
hashed_pass = generate_password_hash(new_password)
cur.execute(
"UPDATE users SET password='******' WHERE email ='{1}';".format(
hashed_pass, email))
conn.commit()
return {
"status": "success!",
"message": "Password Updated successifully"
}, 200
def put(self, id):
"""
Update a category
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
json_data = request.get_json(force=True)
category_validator(json_data)
cur.execute("SELECT * FROM categories WHERE id={};".format(id))
category = cur.fetchone()
store_id = get_store_id(get_jwt_identity())
if not category or category[1] != store_id:
msg = {"message": 'Category does not exist'}, 404
return msg
name = category[2]
if 'name' in json_data:
c_name = json_data['name'].lower()
name = "".join(c_name.split())
cur.execute("SELECT * FROM categories WHERE name='{}';".format(name))
category_check = cur.fetchone()
if category_check:
msg = 'That category already exists'
return {"status": "Failed", "message": msg}, 406
cur.execute("UPDATE categories SET name='{}' WHERE id ={}".format(
name, id))
conn.commit()
cur.execute("SELECT * FROM categories WHERE id={};".format(id))
new_c = cur.fetchone()
format_new_c = {"category_name": new_c[2]}
return {"status": "Updated!", "category": format_new_c}, 200
def delete(self):
"""
Delete an entire cart
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
cart = cart_helper(get_jwt_identity())
if not cart:
return {
"status": "Failed!",
"message": "You don\'t have any cart at the moment"
}, 404
seller = get_user_by_email(get_jwt_identity())
seller_id = seller[0]
for c in cart:
inventory = c[3]
name = c[2]
cur.execute(
"UPDATE products SET inventory= inventory + {} WHERE name ='{}'"
.format(inventory, name))
conn.commit()
cur.execute("DELETE FROM carts WHERE seller_id={};".format(seller_id))
conn.commit()
return {"status": "Cart Deleted!"}, 200
def delete(self, id):
"""
Remove a product from cart
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
cur.execute("SELECT * FROM carts WHERE id={};".format(id))
product = cur.fetchone()
seller = get_user_by_email(get_jwt_identity())
seller_id = seller[0]
if not product or product[1] != seller_id:
return {
"status": "Failed!",
"message": "That product is not in the cart"
}, 400
new_p_inv = product[3]
cur.execute(
"UPDATE products SET inventory= inventory + {} WHERE name ='{}'".
format(new_p_inv, product[2]))
conn.commit()
cur.execute("DELETE FROM carts WHERE id='{}';".format(id))
conn.commit()
format_c = {
"product": product[2],
"number": product[3],
"amount": product[4]
}
return {"status": "Deleted!", "product": format_c}, 200
def create_store(self):
store = """INSERT INTO
stores (name, category,created_at)
VALUES ('%s','%s','%s')""" % (self.name, self.category,
self.created_at)
cur.execute(store)
conn.commit()
def post(self, c_id, p_id):
"""
Add a category to a product
c_id : the category id
p_id : the product id
"""
store_id = get_store_id(get_jwt_identity())
cur.execute("SELECT * FROM categories WHERE id='{}';".format(c_id))
category = cur.fetchone()
if not category or category[1] != store_id:
msg = 'Category does not exist'
return {"status": "Failed!", "message": msg}, 404
cur.execute("SELECT * FROM products WHERE id={};".format(p_id))
product = cur.fetchone()
if not product or product[1] != store_id:
msg = 'Product does not exist'
return {"message": msg}, 404
category_name = category[2]
cur.execute("UPDATE products SET category='{}' WHERE id ='{}'".format(
category_name, p_id))
conn.commit()
cur.execute("SELECT * FROM products WHERE id={};".format(p_id))
new_p = cur.fetchone()
format_new_p = {
"product_name": new_p[2],
"inventory": new_p[3],
"price": new_p[4],
'category': new_p[5],
'added_at': new_p[6]
}
return {"status": "Updated!", "product": format_new_p}, 200
def add_to_cart(self):
item = """INSERT INTO
carts (seller_id,product, number,amount,created_at)
VALUES
('%s','%s','%s','%s','%s')"""\
% (self.seller_id, self.product, self.number, self.amount, self.created_at)
cur.execute(item)
conn.commit()
def add_product(self):
"""
Add product method
"""
product = """INSERT INTO
products (store_id,name, inventory,price,category,created_at)
VALUES ('%s','%s','%s','%s','%s','%s')"""\
% (self.store_id, self.name, self.inventory, self.price, self.category, self.created_at)
cur.execute(product)
conn.commit()
def sell(self):
"""
The sell sql query
"""
sale = """INSERT INTO
sales (store_id,seller_id,product, number,amount,created_at)
VALUES
('%s','%s','%s','%s','%s','%s')""" \
% (self.store_id, self.seller_id, self.product, self.number, self.amount, self.created_at)
cur.execute(sale)
conn.commit()
def put(self, id):
"""
Update a product
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
json_data = request.get_json(force=True)
res = product_update_validator(json_data)
if not res:
cur.execute("SELECT * FROM products WHERE id={};".format(id))
product = cur.fetchone()
store_id = get_store_id(get_jwt_identity())
if not product or product[1] != store_id:
return {
"status": "Failed!",
"message": 'Product does not exist'
}, 404
name = product[2]
inventory = product[3]
price = product[4]
if 'name' in json_data:
name = json_data['name'].lower()
cur.execute(
"SELECT * FROM products WHERE name='{}';".format(name))
product_check = cur.fetchone()
if product_check:
msg = 'That product already exists'
return {"status": "Failed!", "message": msg}, 406
if 'inventory' in json_data:
inventory = json_data['inventory']
if 'price' in json_data:
price = json_data['price']
cur.execute(
"UPDATE products SET name='{}',inventory='{}',price='{}'\
WHERE id ={}".format(name, inventory, price, id))
conn.commit()
cur.execute("SELECT * FROM products WHERE id={};".format(id))
new_p = cur.fetchone()
format_new_p = {
"product_name": new_p[2],
"inventory": new_p[3],
"price": new_p[4],
'category': new_p[5],
'added_at': new_p[6]
}
res = {"status": "Updated!", "product": format_new_p}, 200
return res
def put(self, id):
"""
Update a product on a cart
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
json_data = request.get_json(force=True)
res = sales_validator(json_data)
if not res:
cur.execute("SELECT * FROM carts WHERE id={};".format(id))
product = cur.fetchone()
seller = get_user_by_email(get_jwt_identity())
seller_id = seller[0]
if not product or product[1] != seller_id:
return {
"status": "Failed!",
"message": "That product is not in the cart"
}, 404
cur.execute("SELECT * FROM products WHERE name='{}';".format(
product[2]))
p = cur.fetchone()
number = int(json_data['number'])
total_num = p[3] + product[3]
if number > int(total_num):
msg = 'There are only {0} {1} available'.format(
total_num, p[2])
return {"status": "Failed!", "message": msg}, 400
new_amnt = number * p[4]
cur.execute(
"UPDATE carts SET number={0},amount={1} WHERE id ={2}".format(
number, new_amnt, id))
conn.commit()
new_p_inv = total_num - number
cur.execute(
"UPDATE products SET inventory= '{}' WHERE name ='{}'".format(
new_p_inv, product[2]))
conn.commit()
cur.execute("SELECT * FROM carts WHERE id={};".format(id))
new_c = cur.fetchone()
format_new_c = {
"product": new_c[2],
"number": new_c[3],
"amount": new_c[4]
}
res = {"status": "Cart Updated", "cart": format_new_c}, 200
return res
def post(self):
"""
Logout
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
jti = get_raw_jwt()['jti']
b_token = """INSERT INTO tokens (token) VALUES ('{}')""".format(jti)
cur.execute(b_token)
conn.commit()
return {
"status": "Success!",
"message": "Successfully logged out"
}, 200
def patch(self, id):
''' Down votes '''
user = get_user_by_email(get_jwt_identity())
if user:
username = user[5]
qsn = get_question_by_id(id)
if not qsn or qsn[0] != id:
msg = 'Question with that id does not exist'
return {"Message": msg}, 404
question_id = qsn[0]
votes = qsn[3] - 1
cur.execute("UPDATE questions SET votes = '{}'\
WHERE id={};".format(votes, id))
conn.commit()
votes_count(username, question_id, votes)
msg = 'You have disliked this question'
return {'Status': 201, 'Votes': votes, 'Message': msg}
def post(self):
"""
Add Attendant
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
json_data = request.get_json(force=True)
res = login_validator(json_data)
if not res:
newattendant = get_user_by_email(json_data['email'])
if newattendant and newattendant[2] == 2:
return {
"status": "Failed!",
"message": "User already exists and is an Attendant"
}, 409
if newattendant and newattendant[2] > 0:
cur.execute("DELETE FROM users WHERE email='{}';".format(
json_data['email']))
conn.commit()
email = get_jwt_identity()
user = get_user_by_email(email)
store_id = user[1]
role = 2
user_reg = User(store_id, role, json_data['email'],
json_data['password'])
user_reg.create_user()
cur.execute("SELECT * FROM stores WHERE id='{}';".format(store_id))
store = cur.fetchone()
store_name = store[1]
email = json_data['email']
passd = json_data['password']
msg = Message('{} new Attendant'.format(store_name),
recipients=[email])
body = 'You have been made Attendant at {} Store.\nUse the email < {} > and the password < {} > to login at the StoreMangerSite.'.format(
store_name, email, passd)
msg.body = body
mail.send(msg)
res = {
"status": "Success!",
"message": "Attendant added!",
"data": user_reg.json_dump()
}, 201
return res
def delete(self, id):
"""
Delete a category
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
cur.execute("SELECT * FROM categories WHERE id={};".format(id))
category = cur.fetchone()
store_id = get_store_id(get_jwt_identity())
if not category or category[1] != store_id:
msg = {"message": 'Category does not exist'}, 404
return msg
cur.execute("DELETE FROM categories WHERE id={};".format(id))
conn.commit()
format_c = {"category_name": category[2]}
return {"status": "Deleted!", "prpduct": format_c}, 200
def post(self):
"""
Sell a cart
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
cart = cart_helper(get_jwt_identity())
store_id = get_store_id(get_jwt_identity())
if not cart:
return {
"status": "Failed!",
"message": "You don\'t have any cart at the moment"
}, 404
seller = get_user_by_email(get_jwt_identity())
seller_id = seller[0]
sale_order = []
totalamount = 0
for c in cart:
product = c[2]
number = c[3]
amount = c[4]
new_sale_record = Sale(store_id, seller_id, product, number,
amount)
new_sale_record.sell()
format_sale = {
'product': c[2],
'number_of_products': c[3],
'amount': c[4]
}
totalamount += c[4]
sale_order.append(format_sale)
cur.execute("DELETE FROM carts WHERE seller_id={};".format(seller_id))
conn.commit()
return {
"status": "Sold!",
"TotalAmount": totalamount,
"Items": sale_order
}, 201
def delete(self, id):
"""
Delete a product
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
cur.execute("SELECT * FROM products WHERE id={};".format(id))
product = cur.fetchone()
store_id = get_store_id(get_jwt_identity())
if not product or product[1] != store_id:
msg = 'Product does not exist'
return {"status": "Failed!", "message": msg}, 404
cur.execute("DELETE FROM products WHERE id={};".format(id))
conn.commit()
format_p = {
"product_name": product[2],
"inventory": product[3],
"price": product[4]
}
return {"status": "Deleted!", "product": format_p}, 200
def delete(self):
"""
Remove User
"""
current_user = get_jwt_identity()
if current_user is None:
msg = 'Please login to access to access this resource'
return {"status": "Failed!", "message": msg}, 400
json_data = request.get_json(force=True)
email = "".join(json_data['email'].split())
super_admin = get_jwt_identity()
if super_admin == email:
msg = 'The owner can not be deleted'
return {"status": "Failed!", "message": msg}, 406
user = get_user_by_email(super_admin)
store_id = user[1]
del_user = get_user_by_email(email)
if not del_user or del_user[1] != store_id:
msg = 'User does not exist'
return {"status": "Failed!", "message": msg}, 404
cur.execute("DELETE FROM users WHERE email='{}';".format(email))
conn.commit()
return {"status": "User deleted!"}, 200
def add_comment(self):
commen = """ INSERT INTO comments (username, question_id, comment, time_added)
VALUES ('{}','{}','{}','{}') """\
.format(self.username, self.question_id, self.comment, self.time_added)
cur.execute(commen)
conn.commit()
def votes_count(username, question_id, votes):
p_votes = """ INSERT INTO votes (username, question_id, votes)
VALUES ('{}','{}','{}') """\
.format(username, question_id, votes)
cur.execute(p_votes)
conn.commit()
def add_category(self):
cat = """INSERT INTO
categories (store_id,name,created_at)
VALUES ('%s','%s','%s')""" % (self.store_id, self.name, self.created_at)
cur.execute(cat)
conn.commit()
def add_question(self):
question = """ INSERT INTO questions (username, meetup_id, votes, title, body, time_added)
VALUES ('{}','{}','{}','{}','{}', '{}') """\
.format(self.username, self.meetup_id, self.votes, self.title, self.body, self.time_added)
cur.execute(question)
conn.commit()
def add_new_user(self):
user = """ INSERT INTO users (firstname, lastname, email, phoneNumber, username, password, isAdmin, time_created)
VALUES ('{}','{}','{}','{}','{}', '{}' , '{}' , '{}') """\
.format(self.firstname, self.lastname, self.email, self.phoneNumber, self.username, self.password, self.isAdmin, self.time_created)
cur.execute(user)
conn.commit()
def add_new_meetup(self):
meetup = """ INSERT INTO meetups (location, images, title, happeningOn, tags, time_added)
VALUES ('{}','{}','{}','{}','{}', '{}') """\
.format(self.location, self.images, self.title, self.tags, self.happeningOn, self.time_added)
cur.execute(meetup)
conn.commit()
