def kupljeni_proizvod():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''UPDATE proizvod SET kolicina = kolicina - %s WHERE id=%s'''
cursor.execute(q, (data["kolicina"], data["id"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def add_category():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
cursor.execute('''INSERT INTO categories(category_name)VALUES(%s)''',
(data["category_name"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def movie_rating(idmovie):
cursor = mysql.get_db().cursor()
iduser1 = session.get('user')["iduser"]
cursor.execute("SELECT * FROM user_ratings INNER JOIN movie ON user_ratings.movie_idmovie = movie.idmovie WHERE user_ratings.movie_idmovie=%s AND user_ratings.user_iduser=%s", (idmovie, iduser1))
rows = cursor.fetchall()
return flask.jsonify(rows)
def artikli_kategorije(naziv_kategorije):
cursor = mysql.get_db().cursor()
cursor.execute(
"SELECT * FROM artikli a INNER JOIN kategorije k ON a.kategorije_id=k.id AND k.nazivKategorije=%s",
naziv_kategorije)
rows = cursor.fetchall()
for row in rows:
row["datum"] = row["datum"].isoformat()
return flask.jsonify(rows)
def artikli():
cursor = mysql.get_db().cursor()
cursor.execute(
"SELECT * FROM artikli LEFT JOIN kategorije ON kategorije.id = kategorije_id LEFT JOIN korisnici ON korisnici.id = korisnici_id"
)
rows = cursor.fetchall()
for row in rows:
row["datum"] = row["datum"].isoformat()
return flask.jsonify(rows)
def update_category():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''UPDATE categories SET category_name=%s WHERE id=%s'''
cursor.execute(q, (data["category_name"], data["id"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def update_user():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''UPDATE user SET name=%s, surname=%s, email=%s WHERE id=%s'''
cursor.execute(q, (data["name"], data["surname"], data["email"], data["id"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def dodaj_kategoriju(naziv_kategorije):
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''INSERT INTO kategorija(naziv) VALUES(%s)'''
cursor.execute(q, (naziv_kategorije))
db.commit()
return flask.jsonify({"status": "done"}), 201
def update_sub():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''UPDATE sub SET subname=%s, description=%s WHERE id=%s'''
cursor.execute(q, (data["subname"], data["description"], data["id"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def getMyReservations(user_id):
connection = mysql.get_db()
cursor = connection.cursor()
cursor.execute(
"SELECT reservation.*, reservation_status.status FROM reservation, user_reservation, reservation_status WHERE user_reservation.user_id = %s AND user_reservation.reservation_id = reservation.id AND reservation.reservation_status_id = reservation_status.id",
(user_id))
reservations = cursor.fetchall()
if reservations is not None:
return flask.jsonify(reservations, {"success": True})
return flask.jsonify({"success": False})
def update_item():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''UPDATE items SET name=%s, description=%s, image=%s, price=%s, quantity=%s WHERE id=%s'''
cursor.execute(q, (data["name"], data["description"], data["image"],
data["price"], data["quantity"], data["id"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def add_recipe():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''INSERT INTO
recipe(Users_idUsers,name,description)VALUES(%s, %s, %s)'''
cursor.execute(q,
(data["Users_idUsers"], data["name"], data["description"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def getGuests():
connection = mysql.get_db()
cursor = connection.cursor()
cursor.execute(
'SELECT user.* FROM user, role WHERE user.role_id = role.id AND role.role = "GUEST"'
)
guests = cursor.fetchall()
if guests is not None:
return flask.jsonify(guests, {"success": True})
return flask.jsonify({"success": False})
def authorized():
login_user = request.json
cursor = mysql.get_db().cursor()
cursor.execute(
'SELECT user.id FROM user, role WHERE user.id=%s AND user.role_id = role.id AND role.role = "ADMIN"',
(login_user["id"]))
admin = cursor.fetchone()
if admin is not None:
return flask.jsonify({"success": True})
return flask.jsonify({"success": False})
def remove_from_watchlist(idmovie):
db = mysql.get_db()
cursor = db.cursor()
user_id = session.get("user")["iduser"]
cursor.execute("DELETE FROM watchlist WHERE movie_idmovie=%s AND user_iduser=%s", (idmovie, user_id, ))
db.commit()
return ""
def izmeni_profil():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''UPDATE korisnik SET email=%s, telefon=%s, ime=%s, prezime=%s WHERE id=%s'''
cursor.execute(q, (data["email"], data["telefon"], data["ime"],
data["prezime"], data["id"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def getReservations():
connection = mysql.get_db()
cursor = connection.cursor()
cursor.execute(
"SELECT reservation.* , occupied_room.room_id, reservation_status.status FROM reservation, occupied_room, reservation_status WHERE reservation.id = occupied_room.reservation_id AND reservation.reservation_status_id = reservation_status.id"
)
reservations = cursor.fetchall()
if reservations is not None:
return flask.jsonify(reservations, {"success": True})
return flask.jsonify({"success": False})
def threads():
cursor = mysql.get_db().cursor()
cursor.execute("SELECT * FROM thread LEFT JOIN user ON user.id = user_id LEFT JOIN sub ON sub.id = sub_id")
rows = cursor.fetchall()
for row in rows:
row["published"] = row["published"].isoformat()
return flask.jsonify(rows)
def logged_in_user():
if session.get("user") is not None:
login_user = request.json
cursor = mysql.get_db().cursor()
cursor.execute("SELECT * FROM user INNER JOIN person ON user.person_idperson = person.idperson WHERE iduser=%s", (session.get("user")["iduser"]))
user = cursor.fetchone()
return flask.jsonify(user)
else:
return "Access denied!", 401
def izmeni_proizvod(id_proizvoda):
db = mysql.get_db()
cursor = db.cursor()
data = flask.request.json
data["id"] = id_proizvoda
cursor.execute(
"UPDATE shop SET naziv=%(naziv)s, opis=%(opis)s, cena=%(cena)s, slika=%(slika)s WHERE id=%(id)s",
data)
db.commit()
return "", 200
def dodaj_proizvod():
db = mysql.get_db()
cursor = db.cursor()
cursor.execute(
"INSERT INTO shop(naziv, opis, cena, slika) VALUES(%(naziv)s, %(opis)s, %(cena)s, %(slika)s)",
flask.request.json)
db.commit()
return flask.jsonify(flask.request.json), 201
def izmeni_korpu():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''UPDATE korpa_proizvod SET kolicina=%s WHERE korpa_id=%s AND proizvod_id = %s'''
cursor.execute(q,
(data["kolicina"], data["korpa_id"], data["proizvod_id"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def loggedInAsUser():
if session.get('user') is not None:
login_user = request.json
cursor = mysql.get_db().cursor()
cursor.execute("SELECT * FROM user WHERE id=%s",
(session.get('user')['id']))
user = cursor.fetchone()
return flask.jsonify(user)
else:
return "No active user", 404
def dodajUKorpu(id_proizvoda):
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''INSERT INTO korpa_proizvod(korpa_id, kolicina, proizvod_id)
VALUES(%s, %s, %s)'''
cursor.execute(q, (data["korpa_id"], data["kolicina"], id_proizvoda))
db.commit()
return flask.jsonify({"status": "done"}), 201
def logged_in_user():
if session.get("user") is not None:
login_user = request.json
cursor = mysql.get_db().cursor()
cursor.execute("SELECT * FROM users WHERE idUsers=%s",
(session.get("user")["idUsers"]))
user = cursor.fetchone()
return flask.jsonify(user)
else:
return "No Active User", 404
def articles():
cursor = mysql.get_db().cursor()
cursor.execute(
"SELECT * FROM article LEFT JOIN user ON article.author_id = user.id LEFT JOIN category ON article.category_id = category.id"
)
rows = cursor.fetchall()
for r in rows:
r["published"] = datetime.datetime.isoformat(r["published"])
return flask.jsonify(rows)
def napraviRacun(korisnik_id):
db = mysql.get_db()
cursor = db.cursor()
datum = time.strftime('%Y-%m-%d %H:%M:%S')
cursor.execute("INSERT INTO racun(datum) VALUES(%s)", (datum))
racun_id = cursor.lastrowid
cursor.execute("INSERT INTO korisnik_racun(korisnik_id, racun_id) VALUES(%s, %s)", (korisnik_id, racun_id))
db.commit()
return flask.jsonify({"status": "done"}), 201
def add_to_watchlist():
db = mysql.get_db()
data = request.json
cursor = mysql.get_db().cursor()
try:
if session.get('user')["iduser"] == None:
return flask.jsonify({"status": "logError"})
iduser = session.get('user')["iduser"]
movie_idmovie = data["movie_idmovie"]
query = ''' INSERT INTO watchlist(watchlist.movie_idmovie, watchlist.user_iduser) VALUES(%s, %s) '''
cursor.execute(query, (movie_idmovie, iduser))
db.commit()
return flask.jsonify({"status": "done"}), 201
except IntegrityError:
return flask.jsonify({"status": "error"})
def izmeni_adresu():
data = request.json
db = mysql.get_db()
cursor = db.cursor()
q = '''UPDATE adresa SET postanski_broj=%s, ulica=%s,
broj=%s, grad_id=%s WHERE id=%s'''
cursor.execute(q, (data["postanski_broj"], data["ulica"], data["broj"],
data["grad_id"], data["adresa_id"]))
db.commit()
return flask.jsonify({"status": "done"}), 201
def login():
login_user = request.json
cursor = mysql.get_db().cursor()
cursor.execute("SELECT * FROM user WHERE username=%s AND password=%s", (login_user["username"], login_user["password"]))
user = cursor.fetchone()
if user is not None:
session["user"] = user
return flask.jsonify({"success": True})
return flask.jsonify({"success": False})
