def edit_item(item):
"""
This function provides the item editing HTML page on a get request, if the
user is logged in otherwise they are redirected to the login page.
If the user is authorized they will not be able to edit the item.
On a post request only the changed fields in the form will be updated.
Args:
item (string): item name
"""
editedItem = session.query(CatalogItem).filter_by(name=item).one()
if 'username' not in login_session:
return redirect('/login')
if editedItem.user_id != login_session['user_id']:
return "<script>function myFunction() {alert('You are not " \
"authorized to edit this item. Please create your own item " \
"in order to edit.');}</script><body onload='myFunction()'>"
if request.method == 'POST':
if request.form['name']:
editedItem.name = request.form['name']
if request.form['description']:
editedItem.description = request.form['description']
if request.form['catalog-id']:
editedItem.catalog_id = request.form['catalog-id']
session.add(editedItem)
session.commit()
flash('Item Successfully Edited')
catalog = session.query(Catalog).filter_by(
id=request.form['catalog-id']).one()
return redirect(url_for('catalog_item', name=catalog.name,
item=editedItem.name))
else:
catalog = session.query(Catalog)
return render_template('edititem.html', item=editedItem,
catalog=catalog)
def catalog_home():
"""
This function provides the catalog and item information for the home page
"""
catalog = session.query(Catalog)
items = session.query(CatalogItem).order_by(
CatalogItem.created_date.desc()).limit(10)
return render_template('home.html', catalog=catalog, items=items)
def catalog_items(name):
"""
This function provides the catalog items information
Args:
name (string): catalog name
"""
catalogs = session.query(Catalog)
catalog = session.query(Catalog).filter(Catalog.name == name).one()
items = session.query(CatalogItem).join(Catalog).filter(
Catalog.name == name)
return render_template('catalog.html', catalogs=catalogs, catalog=catalog,
items=items, num=items.count())
def catalog_item_json(name, item):
"""
This function provides a JSON endpoint for the application that will return
a JSON object containing the catalog item information
Args:
name (string): catalog name
item (string): item name
Return:
:rtype: JSON object
"""
catalog = session.query(Catalog).filter(Catalog.name == name).one()
items = session.query(CatalogItem).filter(CatalogItem.name == item).one()
category = catalog.serialize
category.update({'item': items.serialize})
return jsonify(Category=category)
def create_user(login_session):
newUser = User(name=login_session['username'],
email=login_session['email'],
picture=login_session['picture'])
session.add(newUser)
session.commit()
user = session.query(User).filter_by(email=login_session['email']).one()
return user.id
def catalog_item(name, item):
"""
This function provides the item information from a specific catalog.
Currently name is unused.
Args:
name (string): catalog name
item (string): item name
"""
items = session.query(CatalogItem).filter(CatalogItem.name == item).one()
return render_template('item.html', items=items)
def catalog_json():
"""
This function provides a JSON endpoint for the application that will return
a JSON object containing the all catalogs amd their item information
Return:
:rtype: JSON object
"""
catalog = session.query(Catalog)
catalogitem = session.query(CatalogItem)
category = [i.serialize for i in catalog]
for i in category:
for j in catalogitem:
if i['id'] == j.catalog_id:
if 'Item' in i:
i['Item'].append(j.serialize)
else:
i.update({'Item': []})
i['Item'].append(j.serialize)
return jsonify(Category=category)
def new_item():
"""
This function provides the item creation HTML page on a get request, if the
user is logged in otherwise they are redirected to the login page.
On a post request the information is taken from the and the item is created
"""
if 'username' not in login_session:
return redirect('/login')
if request.method == 'POST':
newItem = CatalogItem(name=request.form['name'],
description=request.form['description'],
catalog_id=request.form['catalog-id'],
user_id=login_session['user_id'])
session.add(newItem)
session.commit()
flash('New %s Item Successfully Created' % newItem.name)
return redirect(url_for('catalog_home'))
else:
catalog = session.query(Catalog)
return render_template('newitem.html', catalog=catalog)
def delete_item(item):
"""
This function provides the item deletion HTML page on a get request, if the
user is logged in otherwise they are redirected to the login page.
If the user is authorized they will not be able to delete the item.
On a post request the item is deleted.
Args:
item (string): item name
"""
itemToDelete = session.query(CatalogItem).filter_by(name=item).one()
if 'username' not in login_session:
return redirect('/login')
if itemToDelete.user_id != login_session['user_id']:
return "<script>function myFunction() {alert('You are not " \
"authorized to delete this item. Please create your own item " \
"in order to delete.');}</script><body onload='myFunction()'>"
if request.method == 'POST':
session.delete(itemToDelete)
session.commit()
flash('Item Successfully Deleted')
return redirect(url_for('catalog_home'))
else:
return render_template('deleteitem.html', item=itemToDelete)
def get_user_id(email):
try:
user = session.query(User).filter_by(email=email).one()
return user.id
except:
return None
def get_user_info(user_id):
user = session.query(User).filter_by(id=user_id).one()
return user