def delete_category_by_id(category_id): """ HTML endpoint providing a form to delete a category """ if not UserUtils.is_authenticated(): UserUtils.set_preauthentication_url() flash('sign in to delete categories') return redirect('/login') category = session.query(Category).filter_by(id=category_id).one() if not Permissions.get_user_permissions_for_category(category).delete: flash('you may delete only empty categories you created') return redirect(url_for( 'get_categories')) if request.method == 'POST': session.delete(category) session.commit() flash('category deleted') return redirect(url_for( 'get_categories')) else: return UserUtils.render_user_template( 'category_delete.html', category=category, page_title="%s %s Category" % ("Delete", category.name))
def get_category_by_id(category_id): """ HTML endpoint providing details for a given category """ category = session.query(Category).filter_by(id=category_id).one() items = session.query(Item).filter_by(category_id=category_id).all() return UserUtils.render_user_template( 'category_items.html', category=category, items=items, page_title="%s Category" % category.name, can=Permissions.get_user_permissions_for_category(category))
def update_category_by_id(category_id): """ HTML endpoint providing a form to edit a category """ if not UserUtils.is_authenticated(): UserUtils.set_preauthentication_url() flash('sign in to edit categories') return redirect('/login') category = session.query(Category).filter_by(id=category_id).one() if not Permissions.get_user_permissions_for_category(category).update: flash('you may edit only categories you created') return redirect(url_for( 'get_categories')) if request.method == 'POST': # Extract and validate the form inputs (name, name_error) = \ extract_and_validate_category_name(request.form) if name_error: return UserUtils.render_user_template( 'category_update.html', category=category, page_title="%s %s Category" % ("Edit", category.name), name=name, name_error=name_error) # Create the item in the data store category.name = name session.add(category) session.commit() flash('category updated') return redirect(url_for( 'get_category_by_id', category_id=category_id)) else: return UserUtils.render_user_template( 'category_update.html', category=category, page_title="%s %s Category" % ("Edit", category.name), name=category.name)