def comment():
try:
content = profanity.censor(
unquote(request.args.get('content', type=str)))
id = request.args.get('id', type=str)
if id == '':
return jsonify(error='Invalid id')
if len(content) > app.config['MAX_COMMENT_LENGTH']:
return jsonify(error='Comment exceeds 512 characters')
if content == '':
return jsonify(error='Comment must contain text')
if Dish.query.filter_by(id=id).first() is None:
return jsonify(error='Dish {} does not exist'.format(id))
if h.post_interval_exists():
time_remaining = app.config['MIN_POST_INTERVAL'] - (
int(time()) - g.user.last_activity)
return jsonify(error='Please wait {} seconds before posting again'.
format(time_remaining))
new_comment = Comment(g.user.id, id, content)
db.session.add(new_comment)
h.update_score(app.config['ADD_COMMENT_SCORE'])
db.session.commit()
date = new_comment.date.strftime("%B %d, %Y")
return jsonify(date=date)
except (KeyError, TypeError):
return jsonify(error='Invalid content or id')
def edit_restaurant(id):
form = AddRestaurantForm()
if request.method == 'POST':
if form.validate_on_submit():
if h.post_interval_exists():
return render_template('restaurant_form.html',
form=form,
id=id)
restaurant = Restaurant.query.filter_by(id=id)
for entry in form:
if entry.id != "csrf_token":
restaurant.update({entry.id: form[entry.id].data})
restaurant.update({'last_edited': int(time())})
restaurant.update({'last_editor': session['user_id']})
r = Restaurant.query.get(id)
r.editors.append(User.query.get(session['user_id']))
h.update_score(app.config['EDIT_RESTAURANT_SCORE'])
db.session.commit()
flash('Thank you for your update!')
return redirect(url_for('restaurant_profile', id=id))
return render_template('restaurant_form.html', form=form, id=id)
if request.method == 'GET':
restaurant = Restaurant.query.filter_by(id=id).first()
if restaurant is None:
abort(404)
restaurant = h.rowtodict(restaurant)
for entry in form:
if entry.id != "csrf_token":
form[entry.id].data = str(restaurant[entry.id])
return render_template('restaurant_form.html', form=form, id=id)
def add_dish(id):
form = AddDishForm()
if request.method == 'POST':
if form.validate_on_submit():
new_dish = Dish(form.name.data, form.price.data,
h.stb(form.beef.data), h.stb(form.dairy.data),
h.stb(form.egg.data), h.stb(form.fish.data),
h.stb(form.gluten.data), h.stb(form.meat.data),
h.stb(form.nut.data), h.stb(form.non_organic.data),
h.stb(form.pork.data), h.stb(form.poultry.data),
h.stb(form.shellfish.data), h.stb(form.soy.data),
h.stb(form.wheat.data), id, session['user_id'])
if h.post_interval_exists():
return render_template('dish_form.html', form=form, id=id)
new_dish.last_editor = session['user_id']
db.session.add(new_dish)
h.update_score(app.config['ADD_DISH_SCORE'])
db.session.commit()
flash('Thank you for your addition!')
return redirect(url_for('restaurant_profile', id=id))
restaurant = Restaurant.query.filter_by(id=id).first()
return render_template('dish_form.html',
form=form,
restaurant=restaurant,
id=id)
def edit_dish(restaurant_id, dish_id):
form = AddDishForm()
if request.method == 'POST':
if form.validate_on_submit():
if h.post_interval_exists():
return render_template('dish_form.html',
form=form,
id=restaurant_id,
dish_id=dish_id)
dish = Dish.query.filter_by(id=dish_id)
for entry in form:
if entry.id in app.config['CONTENTS']:
dish.update({entry.id: h.stb(form[entry.id].data)})
elif entry.id == 'price' and form[entry.id].data:
dish.update({
entry.id:
currency(float(form[entry.id].data), grouping=True)
})
elif entry.id != 'csrf_token':
dish.update({entry.id: form[entry.id].data})
dish.update({'last_edited': int(time())})
dish.update({'last_editor': session['user_id']})
d = Dish.query.get(dish_id)
d.editors.append(User.query.get(session['user_id']))
h.update_score(app.config['EDIT_DISH_SCORE'])
db.session.commit()
flash('Thank you for your update!')
return redirect(url_for('restaurant_profile', id=restaurant_id))
return render_template('dish_form.html',
form=form,
id=restaurant_id,
dish_id=dish_id)
if request.method == 'GET':
dish = Dish.query.filter_by(id=dish_id).first()
restaurant = Restaurant.query.filter_by(id=restaurant_id).first()
if dish is None:
abort(404)
dish = h.rowtodict(dish)
for entry in form:
if entry.id == 'price':
form[entry.id].data = str(dish[entry.id]).replace('$', '').\
replace(',', '')
elif entry.id != "csrf_token":
form[entry.id].data = str(dish[entry.id])
return render_template('dish_form.html',
form=form,
id=restaurant_id,
dish_id=dish_id,
restaurant=restaurant)
def add_restaurant():
form = AddRestaurantForm()
if request.method == 'POST':
if form.validate_on_submit():
new_restaurant = Restaurant(form.name.data, form.category.data,
form.tags.data, session['user_id'])
if h.post_interval_exists():
return render_template('restaurant_form.html', form=form)
new_restaurant.last_editor = session['user_id']
db.session.add(new_restaurant)
h.update_score(app.config['ADD_RESTAURANT_SCORE'])
db.session.commit()
flash('Thank you for your addition!')
return redirect(url_for('restaurant_profile',
id=new_restaurant.id))
return render_template('restaurant_form.html', form=form)
def edit_user(id):
user = User.query.filter_by(id=id).first()
if user is None or id != str(g.user.id):
abort(404)
month_day_year = User.query.filter_by(id=id).first().\
date.strftime("%B %d, %Y")
form = EditUserForm()
if request.method == 'POST':
if form.validate_on_submit():
if h.post_interval_exists():
return render_template('edit_user.html',
form=form,
month_day_year=month_day_year,
user=user)
user = User.query.filter_by(id=id)
for entry in form:
if entry.id in app.config['CONTENTS']:
user.update({entry.id: h.stb(form[entry.id].data)})
elif entry.id != 'csrf_token':
user.update({entry.id: form[entry.id].data})
user.update({'last_edited': int(time())})
user.update({'last_activity': int(time())})
user.update({'about': profanity.censor(form['about'].data)})
db.session.commit()
flash('Thank you for your update!')
return redirect(url_for('user_profile', id=id))
if request.method == 'GET':
user_dict = h.rowtodict(user)
for entry in form:
if entry.id == "username":
if user.username:
form.username.data = user.username
else:
form.username.data = user.name
elif entry.id == "about":
form.about.data = user.about
elif entry.id != "csrf_token":
form[entry.id].data = str(user_dict[entry.id])
return render_template('edit_user.html',
form=form,
month_day_year=month_day_year,
user=user)