def editItem(name): if "user_id" not in session: return redirect("/login") item = db_session.query(Item).filter_by(name=name).one() if item is None: abort(404) if item.user_id != session["user_id"]: abort(401) form = ItemForm(obj=item) categories = db_session.query(Category.id, Category.name).all() form.category.choices = categories if form.validate_on_submit(): # form.populate_obj(item) item.name = form.name.data item.description = form.description.data item.category_id = form.category.data filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename? filename = secure_filename(form.image.data.filename) form.image.data.save(os.path.join(app.config["UPLOAD_FOLDER"], filename)) item.image = filename db_session.add(item) db_session.commit() flash("Item %s edited." % item.name) return redirect(url_for("item", name=item.name)) return render_template("editItem.html", item=item, form=form)
def catalog(): """ Show catalog home page, with category list and latest items """ categories = db_session.query(Category).all() items = db_session.query(Item).order_by(Item.pub_date.desc()).limit(10) return render_template('catalog.html', categories=categories, latest_items=items)
def item(name): """ View an item """ item = db_session.query(Item).filter_by(name=name).first() if item is None: abort(404) owner = db_session.query(User).filter_by(id=item.user_id).first() return render_template('item.html', item=item, owner=owner)
def category(name): """ View a category of items """ categories = db_session.query(Category).all() category = db_session.query(Category).filter_by(name=name).first() if category is None: abort(404) return render_template('category.html', categories=categories, category=category, items=category.items)
def deleteCategory(name): """ Delete a category """ # user must be authenticated if 'user_id' not in session: return redirect('/login') category = db_session.query(Category).filter_by(name=name).first() if category is None: abort(404) if category.user_id != session['user_id']: abort(401) if request.method == 'POST': # delete the category # related items should be deleted automatically db_session.delete(category) db_session.commit() flash('%s Successfully Deleted' % category.name) return redirect(url_for('catalog')) else: form = CategoryForm() return render_template('delete_category.html', category=category, form=form)
def item(name): item = db_session.query(Item).filter_by(name=name).one() if item is None: abort(404) return render_template("item.html", item=item)
def newItem(): if "user_id" not in session: return redirect("/login") form = ItemForm() categories = db_session.query(Category.id, Category.name).all() form.category.choices = categories if form.validate_on_submit(): filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename? filename = secure_filename(form.image.data.filename) form.image.data.save(os.path.join(app.config["UPLOAD_FOLDER"], filename)) # create new item and commit to database item = Item( name=form.name.data, description=form.description.data, category_id=form.category.data, image=filename, user_id=session["user_id"], pub_date=datetime.utcnow(), ) db_session.add(item) db_session.commit() flash("New item created.") return redirect(url_for("item", name=item.name)) return render_template("newItem.html", form=form)
def editCategory(name): """ Edit a category """ # user must be authenticated if 'user_id' not in session: return redirect('/login') category = db_session.query(Category).filter_by(name=name).first() if category is None: abort(404) if category.user_id != session['user_id']: abort(401) form = CategoryForm(obj=category) if form.validate_on_submit(): form.populate_obj(category) db_session.add(category) try: db_session.commit() except exc.IntegrityError: # category name should be unique db_session.rollback() form.name.errors.append("Category already exists.") return render_template('edit_category.html', category=category, form=form) flash("Category %s edited." % category.name) return redirect(url_for('category', name=category.name)) return render_template('edit_category.html', category=category, form=form)
def getUserID(email): """ Get user by email address """ try: user = db_session.query(User).filter_by(email=email).one() return user.id except: return None
def createUser(session): """ Create new user record """ newUser = User(name=session['username'], email=session[ 'email'], picture=session['picture']) db_session.add(newUser) db_session.commit() user = db_session.query(User).filter_by(email=session['email']).one() return user.id
def category(name): category = db_session.query(Category).filter_by(name=name).one() if category is None: abort(404) # items = db_session.query(Item).filter_by(category_id = category.id) return render_template("category.html", category=category, items=category.items)
def editItem(name): """ Edit an item """ # user must be authenticated if 'user_id' not in session: return redirect('/login') item = db_session.query(Item).filter_by(name=name).first() if item is None: abort(404) if item.user_id != session['user_id']: abort(401) form = ItemForm(obj=item) categories = db_session.query(Category.id, Category.name).all() form.category_id.choices = categories if form.validate_on_submit(): filename = item.image # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename, ensuring that it is safe filename = secure_filename(form.image.data.filename) form.image.data.save( os.path.join(app.config['UPLOAD_FOLDER'], filename)) form.populate_obj(item) item.image = filename db_session.add(item) try: db_session.commit() except exc.IntegrityError: # item name should be unique db_session.rollback() form.name.errors.append("Item already exists.") return render_template('edit_item.html', item=item, form=form) flash("Item %s edited." % item.name) return redirect(url_for('item', name=item.name)) return render_template('edit_item.html', item=item, form=form)
def catalogRecentAtom(): """ Return latest items in Atom format """ items = db_session.query(Item).order_by(Item.pub_date.desc()).limit(10) feed = AtomFeed('Recent Items', feed_url=request.url, url=request.url_root) for item in items: feed.add(item.name, unicode(item.description), content_type='html', author=item.user.name, url=url_for('item', name=item.name), updated=item.pub_date, published=item.pub_date) return feed.get_response()
def newItem(): """ Create a new item """ # user must be authenticated if 'user_id' not in session: return redirect('/login') form = ItemForm() categories = db_session.query(Category.id, Category.name).all() form.category_id.choices = categories if form.validate_on_submit(): # check that name != 'new', which is used for routing if form.name.data.lower() == 'new': form.name.errors.append("'new' is a reserved word, and cannot" " be used as an item name.") return render_template('new_item.html', form=form) filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # get the filename, ensuring that it is safe filename = secure_filename(form.image.data.filename) form.image.data.save( os.path.join(app.config['UPLOAD_FOLDER'], filename)) # create new item and commit to database item = Item( name=form.name.data, description=form.description.data, category_id=form.category_id.data, image=filename, user_id=session['user_id'], pub_date=datetime.utcnow() ) db_session.add(item) try: db_session.commit() except exc.IntegrityError: # item name should be unique db_session.rollback() form.name.errors.append("Item already exists.") return render_template('new_item.html', form=form) flash("Created new item %s." % item.name) return redirect(url_for('item', name=item.name)) return render_template('new_item.html', form=form)
def deleteItem(name): if "user_id" not in session: return redirect("/login") item = db_session.query(Item).filter_by(name=name).one() if item is None: abort(404) if item.user_id != session["user_id"]: abort(401) if request.method == "POST": db_session.delete(item) db_session.commit() flash("%s Successfully Deleted" % item.name) return redirect(url_for("catalog")) else: return render_template("deleteItem.html", item=item)
def deleteCategory(name): if "user_id" not in session: return redirect("/login") category = db_session.query(Category).filter_by(name=name).one() if category is None: abort(404) if category.user_id != session["user_id"]: abort(401) if request.method == "POST": # delete the category, and related items should be deleted automatically db_session.delete(category) db_session.commit() flash("%s Successfully Deleted" % category.name) return redirect(url_for("catalog")) else: return render_template("deleteCategory.html", category=category)
def editCategory(name): if "user_id" not in session: return redirect("/login") category = db_session.query(Category).filter_by(name=name).one() if category is None: abort(404) if category.user_id != session["user_id"]: abort(401) form = CategoryForm(obj=category) if form.validate_on_submit(): form.populate_obj(category) db_session.add(category) db_session.commit() flash("Category %s edited." % category.name) return redirect(url_for("category", name=category.name)) return render_template("editCategory.html", category=category, form=form)
def deleteItem(name): """ Delete an item """ # user must be authenticated if 'user_id' not in session: return redirect('/login') item = db_session.query(Item).filter_by(name=name).first() if item is None: abort(404) if item.user_id != session['user_id']: abort(401) if request.method == 'POST': db_session.delete(item) db_session.commit() flash('%s Successfully Deleted' % item.name) return redirect(url_for('catalog')) else: form = ItemForm() return render_template('delete_item.html', item=item, form=form)
def catalogJSON(): """ Return all catalog items in JSON format """ categories = db_session.query(Category).all() return jsonify(categories=[category.serialize for category in categories])
def getUserID(email): try: user = db_session.query(User).filter_by(email=email).one() return user.id except: return None
def createUser(session): newUser = User(name=session["username"], email=session["email"], picture=session["picture"]) db_session.add(newUser) db_session.commit() user = db_session.query(User).filter_by(email=session["email"]).one() return user.id
def catalog(): categories = db_session.query(Category).all() return render_template("catalog.html", categories=categories)
def getUserInfo(user_id): user = db_session.query(User).filter_by(id=user_id).one() return user