コード例 #1
0
ファイル: application.py プロジェクト: azalea/item_catalog
def edit_item(category_id, slug, item_id, item_slug=None):
    item = dbo.get_item(category_id, item_id)
    if login_session.get('user_id') != item.user_id:
        flash('Sorry you cannot edit item created by another user.')
        return redirect(url_for(
            'show_item', category_id=item.category_id,
            slug=item.category.slug, item_id=item_id, item_slug=item.slug))
    if request.method == 'POST':
        picture_file = request.files['picture']
        if picture_file and _allowed_file(picture_file.filename):
            filename = str(uuid.uuid4()) + \
                secure_filename(picture_file.filename)
            filepath = os.path.join(app.config['UPLOAD_FOLDER'], filename)
            picture_file.save(filepath)
        else:
            filename = ''
        if filename:
            original_filepath = os.path.join(
                app.config['UPLOAD_FOLDER'], item.picture)
            os.remove(original_filepath)
        category_id = request.form['category_id']
        name = request.form['name']
        description = request.form['description']
        edited_item = dbo.edit_item(
            item_id, category_id, name, description, filename)
        flash('Item %s is successfully edited.' % edited_item.name)
        return redirect(url_for(
            'show_item', category_id=edited_item.category_id,
            slug=edited_item.category.slug, item_id=edited_item.id,
            item_slug=edited_item.slug))
    else:
        return render_template(
            'edit_item.html', category_id=category_id, item=item)
コード例 #2
0
def edit_item(category_id, slug, item_id, item_slug=None):
    item = dbo.get_item(category_id, item_id)
    if login_session.get('user_id') != item.user_id:
        flash('Sorry you cannot edit item created by another user.')
        return redirect(
            url_for('show_item',
                    category_id=item.category_id,
                    slug=item.category.slug,
                    item_id=item_id,
                    item_slug=item.slug))
    if request.method == 'POST':
        picture_file = request.files['picture']
        if picture_file and _allowed_file(picture_file.filename):
            filename = str(uuid.uuid4()) + \
                secure_filename(picture_file.filename)
            filepath = os.path.join(app.config['UPLOAD_FOLDER'], filename)
            picture_file.save(filepath)
        else:
            filename = ''
        if filename:
            original_filepath = os.path.join(app.config['UPLOAD_FOLDER'],
                                             item.picture)
            os.remove(original_filepath)
        category_id = request.form['category_id']
        name = request.form['name']
        description = request.form['description']
        edited_item = dbo.edit_item(item_id, category_id, name, description,
                                    filename)
        flash('Item %s is successfully edited.' % edited_item.name)
        return redirect(
            url_for('show_item',
                    category_id=edited_item.category_id,
                    slug=edited_item.category.slug,
                    item_id=edited_item.id,
                    item_slug=edited_item.slug))
    else:
        return render_template('edit_item.html',
                               category_id=category_id,
                               item=item)
コード例 #3
0
def delete_item(category_id, slug, item_id, item_slug=None):
    item = dbo.get_item(category_id, item_id)
    if login_session.get('user_id') != item.user_id:
        flash('Sorry you cannot delete item created by another user.')
        return redirect(
            url_for('show_item',
                    category_id=item.category_id,
                    slug=item.category.slug,
                    item_id=item_id,
                    item_slug=item.slug))

    if request.method == 'POST':
        # Make sure csrf_token matches,
        # to protect against cross-site request forgery
        if request.form['csrf_token'] != login_session['csrf_token']:
            response = make_response(json.dumps('Invalid csrf token'), 401)
            response.headers['Content-Type'] = 'application/json'
            return response

        if item.picture:
            original_filepath = os.path.join(app.config['UPLOAD_FOLDER'],
                                             item.picture)
            os.remove(original_filepath)
        name = item.name
        slug = item.category.slug
        dbo.delete_item(category_id, item_id)
        flash('Item %s is successfully deleted.' % name)
        return redirect(
            url_for('show_category', category_id=category_id, slug=slug))
    else:
        # Generate csrf_token, and pass it to html form,
        # to protect against cross-site request forgery
        csrf_token = get_csrf_token()
        login_session['csrf_token'] = csrf_token
        return render_template('delete_item.html',
                               category_id=category_id,
                               item=item,
                               csrf_token=csrf_token)
コード例 #4
0
ファイル: application.py プロジェクト: azalea/item_catalog
def delete_item(category_id, slug, item_id, item_slug=None):
    item = dbo.get_item(category_id, item_id)
    if login_session.get('user_id') != item.user_id:
        flash('Sorry you cannot delete item created by another user.')
        return redirect(url_for(
            'show_item', category_id=item.category_id,
            slug=item.category.slug, item_id=item_id,
            item_slug=item.slug))

    if request.method == 'POST':
        # Make sure csrf_token matches,
        # to protect against cross-site request forgery
        if request.form['csrf_token'] != login_session['csrf_token']:
            response = make_response(json.dumps('Invalid csrf token'), 401)
            response.headers['Content-Type'] = 'application/json'
            return response

        if item.picture:
            original_filepath = os.path.join(
                app.config['UPLOAD_FOLDER'], item.picture)
            os.remove(original_filepath)
        name = item.name
        slug = item.category.slug
        dbo.delete_item(category_id, item_id)
        flash('Item %s is successfully deleted.' % name)
        return redirect(url_for(
            'show_category', category_id=category_id, slug=slug))
    else:
        # Generate csrf_token, and pass it to html form,
        # to protect against cross-site request forgery
        csrf_token = get_csrf_token()
        login_session['csrf_token'] = csrf_token
        return render_template('delete_item.html',
                               category_id=category_id,
                               item=item,
                               csrf_token=csrf_token)
コード例 #5
0
def show_item(category_id, slug, item_id, item_slug=None):
    item = dbo.get_item(category_id, item_id)
    return render_template('item.html', item=item)
コード例 #6
0
def show_item_json(category_id, slug, item_id, item_slug=None):
    item = dbo.get_item(category_id, item_id)
    return jsonify(Item=item.serialize)
コード例 #7
0
ファイル: application.py プロジェクト: azalea/item_catalog
def show_item(category_id, slug, item_id, item_slug=None):
    item = dbo.get_item(category_id, item_id)
    return render_template('item.html', item=item)
コード例 #8
0
ファイル: application.py プロジェクト: azalea/item_catalog
def show_item_json(category_id, slug, item_id, item_slug=None):
    item = dbo.get_item(category_id, item_id)
    return jsonify(Item=item.serialize)