def post(self):
# One can only delete themselves, if they are logged in and post with a
# vaild state
if not self.request.form.get("csrf") == session.get('state'):
return self.flash_out(
"The state does not match the session, please try again", 401, url_for("myaccount_view"))
# Get the user id from session
uid = session.get('uid')
if not uid:
self.auth.logout()
return self.flash_out(
"No valid login detected", 401, url_for("login_view"))
# Revoke the access token for the provider
provider = session.get('provider')
if provider == "google":
self.google.disconnect()
elif provider == 'facebook':
self.facebook.disconnect()
# Delete all the items that belong to the user
Items.delete_by_user(dbs, uid)
# Delete the user's image
Images.delete_by_id(dbs, self.user.picture)
# Delete the user
User.delete_user(dbs, uid)
self.auth.logout()
return self.flash_out("The account has been deleted", 200, "/")
def store_image(self, im, img_format, image_name, fit_size=(128, 128)):
""" Takes in: im : PIL image object,
img_format: the image format,
image_name: the name under which the image will be stored in the DB """
image_name = image_name + "." + img_format
# Make the image fit in a 128 by 128 square
im = ImageOps.fit(im, fit_size, Image.ANTIALIAS)
# Create a String IO file
f = StringIO()
# Save the image to f
im.save(f, img_format)
# Store the StringIO in a blob in Images
my_img = Images.store_img(dbs, image_name, f.getvalue())
return my_img
def store_image(self, im, img_format, image_name, fit_size=(128, 128)):
''' Takes in: im : PIL image object,
img_format: the image format,
image_name: the name under which the image will be stored in the DB '''
image_name = image_name + "." + img_format
# Make the image fit in a 128 by 128 square
im = ImageOps.fit(im, fit_size, Image.ANTIALIAS)
# Create a String IO file
f = StringIO()
# Save the image to f
im.save(f, img_format)
# Store the StringIO in a blob in Images
my_img = Images.store_img(dbs, image_name, f.getvalue())
return my_img
def post(self, category, item_id):
# Check CSRF state
state = self.request.form.get("csrf")
if state != session['state']:
return self.flash_out(
"The CSRF state is not valid, try again", 401, "/")
# Check if item is in the db
item = Items.get_by_id(dbs, item_id)
if not item or item.user_id != self.user_info['uid']:
return self.flash_out(
"The item you are trying to update does not belong to you.", 401, "/")
# List of fileds allowed to be updated
update_fields = ["name", "description", "category", "link"]
new_vals = {}
for field in update_fields:
new_val = self.request.form.get(field)
# if the user is choosing to update this field and it's not the
# same value as before
if new_val and not getattr(item, field) == new_val:
new_vals[field] = new_val
setattr(item, field, new_val)
# if there are updates and they are valid properties
if new_vals:
new_vals_valid, new_vals_test_error = utils.test_item_prop(
new_vals)
if not new_vals_valid:
return self.flash_out(new_vals_test_error, 401, "/")
prev_img_id = None
upload_file = self.request.files["picture"]
if upload_file:
if item.picture:
# Changing the image name in order to prevent atomicity
# problems (deleting and immediately writing to the same id)
image_name = item.picture.split(".")[0]
image_number = (
(int(image_name[-1]) + 1) if image_name[-1].isdigit() else 1)
image_name = image_name + str(image_number)
else:
image_name = utils.remove_special_characters(
item.name + item.category) + "_img"
img = self.upload_image_file(upload_file, image_name)
if img:
prev_img_id = item.picture
item.picture = img.id
# if there are no new values and no new image
elif not new_vals:
return self.flash_out(" No new updates submitted", 200, url_for(
"item_view", category=item.category, item_id=item.id))
# persist the changes
Items.update_item(dbs, item)
# Erase the previous picture from the db
if prev_img_id:
Images.delete_by_id(dbs, prev_img_id)
return self.flash_out("Item has been updated", 200, url_for(
"item_view", category=item.category, item_id=item.id))
from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker
from database_setup import Base, Images
engine = create_engine('sqlite:///paissatge.db')
Base.metadata.bind = engine
DBSession = sessionmaker(bind=engine)
session = DBSession()
images_names = [
'montserrat.jpg', 'girona.jpg', 'lamolina01.jpg', 'montserrat11.jpg',
'montserrat04.jpg', 'parc_tibidabo11.jpg', 'parc_tibidabo09.jpg',
'girona04.jpg'
]
inputs = []
for name in images_names:
inputs.append(
Images(name=name,
description='No description avaliable yet.',
matches=0,
wins=0,
loses=0))
for input in inputs:
session.add(input)
session.commit()