def showItem(item_id):
"""
Show an item and its description.
URLs:
'/catalog/item/<int:item_id>/'
Args:
item_id: The id of the item to show
"""
item = readItem(item_id)
if item == None:
return showError("There is no item with id=%s" % item_id)
creator = readUserInfo(item.user_id)
category = readCategory(item.category_id)
if 'username' not in login_session or creator.id != login_session[
'user_id']:
return render_template('public_show_item.html',
item=item,
category=category,
creator=creator)
else:
return render_template('show_item.html',
item=item,
category=category,
creator=creator)
def showItemJSON(item_id):
"""
Get a single item in JSON format.
URLs:
'/catalog/item/<int:item_id>/JSON/'
Args:
item_id: The id of the item to get
"""
item = readItem(item_id)
if item == None:
return showError("There is no item with id=%s" % item_id)
return jsonify(item=item.serialize)
def showItemJSON(item_id):
"""
Get a single item in JSON format.
URLs:
'/catalog/item/<int:item_id>/JSON/'
Args:
item_id: The id of the item to get
"""
item = readItem(item_id)
if item == None:
return showError("There is no item with id=%s" % item_id)
return jsonify(item=item.serialize)
def removeItem(item_id):
"""
Delete an item from the catalog.
URLs:
'/catalog/item/<int:item_id>/delete/'
Args:
item_id: The id of the item to delete
"""
if 'username' not in login_session:
return redirect('/login')
item = readItem(item_id)
if login_session['user_id'] != item.user_id:
return "<script>function myFunction() {alert('You are not authorized to delete this item.');}</script><body onload='myFunction()''>"
if request.method == 'POST':
deleteItem(item_id)
return redirect(url_for('showCategory', category_id=item.category_id))
else:
return render_template('delete_item.html', item=item)
def removeItem(item_id):
"""
Delete an item from the catalog.
URLs:
'/catalog/item/<int:item_id>/delete/'
Args:
item_id: The id of the item to delete
"""
if 'username' not in login_session:
return redirect('/login')
item = readItem(item_id)
if login_session['user_id'] != item.user_id:
return "<script>function myFunction() {alert('You are not authorized to delete this item.');}</script><body onload='myFunction()''>"
if request.method == 'POST':
deleteItem(item_id)
return redirect(url_for('showCategory', category_id=item.category_id))
else:
return render_template('delete_item.html', item=item)
def editItem(item_id):
"""
Edit an item in the catalog.
URLs:
'/catalog/item/<int:item_id>/edit/'
Args:
item_id: The id of the item to edit
"""
if 'username' not in login_session:
return redirect('/login')
item = readItem(item_id)
if login_session['user_id'] != item.user_id:
return "<script>function myFunction() {alert('You are not authorized to edit this item.');}</script><body onload='myFunction()''>"
category = readCategory(item.category_id)
if request.method == 'POST':
updateItem(item_id, request.form['name'], request.form['description'])
return redirect(url_for('showItem', item_id=item_id))
else:
return render_template('edit_item.html', item=item, category=category)
def editItem(item_id):
"""
Edit an item in the catalog.
URLs:
'/catalog/item/<int:item_id>/edit/'
Args:
item_id: The id of the item to edit
"""
if 'username' not in login_session:
return redirect('/login')
item = readItem(item_id)
if login_session['user_id'] != item.user_id:
return "<script>function myFunction() {alert('You are not authorized to edit this item.');}</script><body onload='myFunction()''>"
category = readCategory(item.category_id)
if request.method == 'POST':
updateItem(item_id, request.form['name'], request.form['description'])
return redirect(url_for('showItem', item_id=item_id))
else:
return render_template('edit_item.html', item=item, category=category)
def showItem(item_id):
"""
Show an item and its description.
URLs:
'/catalog/item/<int:item_id>/'
Args:
item_id: The id of the item to show
"""
item = readItem(item_id)
if item == None:
return showError("There is no item with id=%s" % item_id)
creator = readUserInfo(item.user_id)
category = readCategory(item.category_id)
if 'username' not in login_session or creator.id != login_session['user_id']:
return render_template('public_show_item.html', item=item,
category=category, creator=creator)
else:
return render_template('show_item.html', item=item, category=category,
creator=creator)
