def query(): """Displays all results for the query in category category_id, which can be 'all' if no category is selected.""" if not is_caltech_user(): return login_redirect() category_id = flask.request.args.get('cat') if category_id is None: flask.abort(404) query = flask.request.args.get('q', '') # Create a dict of the passed-in attributes which are filterable attrs = { attr: value for attr, value in flask.request.args.items() if attr in SEARCH_ATTRS } attrs['item_active'] = True if category_id != helpers.ALL_CATEGORY: try: attrs['cat_id'] = int(category_id) except ValueError: flask.abort(404) # Pass in the cat_id to generate_search_table() if it's not 'all' items = helpers.generate_search_table(attrs, query) return helpers.render_with_top_marketplace_bar( 'search.html', items=items, cat_id=category_id)
def manage(): if 'username' not in flask.session: # They're not logged in, kick them out return login_redirect() return helpers.render_with_top_marketplace_bar( 'manage_items.html', items=helpers.get_my_items())
def calendar_delete(): if 'username' not in flask.session: return auth_utils.login_redirect() return flask.jsonify({ 'deleted': helpers.delete(flask.request.form['id'], flask.request.form['tag']) })
def get_all_events(): if not auth_utils.is_caltech_user(): return auth_utils.login_redirect() res = helpers.sync_data(all_data=True) error_message = helpers.check_if_error(res) if error_message: return flask.jsonify({'err': error_message}) return flask.jsonify({'events': res})
def get_events(): if not auth_utils.is_caltech_user(): return auth_utils.login_redirect() res = helpers.sync_data(1, flask.request.form['year'], 12, flask.request.form['year']) error_message = helpers.check_if_error(res) if error_message: return flask.jsonify({'err': error_message}) return flask.jsonify({'events': res})
def directory_search(): if not is_caltech_user(): return login_redirect() return flask.render_template( 'directory_search.html', manage_members_houses=helpers.get_manage_members_houses(), houses=helpers.get_houses(), options=helpers.get_options(), residences=helpers.get_residences(), grad_years=helpers.get_grad_years())
def feedback(group): if not auth_utils.is_caltech_user(): return auth_utils.login_redirect() if group not in Groups: return flask.abort(404) summary = False if auth_utils.check_login(): perms = auth_utils.get_permissions(flask.session['username']) if default_permissions.ADMIN in perms or permissions[group].SUMMARY in perms: summary = True return flask.render_template( 'feedback.html', summary=summary, group=group, msg=Groups[group])
def sync(): if not auth_utils.is_caltech_user(): return auth_utils.login_redirect() res = helpers.sync_data(all_data=True) error_message = helpers.check_if_error(res) if error_message: flask.flash(error_message) global last_update_time last_update_time = datetime.datetime.now() return flask.render_template( 'calendar.html', permissions=helpers.get_permission())
def feedback_submit(group): if not auth_utils.is_caltech_user(): return auth_utils.login_redirect() if group not in Groups: return flask.abort(404) fields = ['name', 'email', 'subject', 'msg', 'ombuds'] data = {} for field in fields: data[field] = flask.request.form.get(field) complaint_id = helpers.register_complaint(group, data) flask.flash( Markup('Success (you may want to save this link): <a href="' + helpers.get_link(group, complaint_id) + '">View Complaint</a>')) return flask.redirect(flask.url_for('feedback.feedback', group=group))
def view_user(user_id): if not is_caltech_user(): return login_redirect() user = helpers.get_user(user_id) is_me = 'username' in flask.session and get_user_id( flask.session['username']) == user_id hidden_fields = helpers.get_hidden_fields(flask.session.get('username'), user_id) return flask.render_template('view_user.html', user=user, is_me=is_me, user_id=user_id, hidden_fields=hidden_fields)
def get_events_backup(): if not auth_utils.is_caltech_user(): return auth_utils.login_redirect() res = helpers.get_events_backup(1, flask.request.form['year'], 12, flask.request.form['year']) error_message = helpers.check_if_error(res) if error_message: return flask.jsonify({'err': error_message}) return flask.jsonify({ 'events': res, 'last_update_time': last_update_time.strftime("%Y-%m-%dT%H:%M:%SZ") })
def get_all_events_backup(): if not auth_utils.is_caltech_user(): return auth_utils.login_redirect() res = helpers.get_events_backup(all_data=True) error_message = helpers.check_if_error(res) if error_message: return flask.jsonify({'err': error_message}) return flask.jsonify({ 'events': res, 'permissions': helpers.get_permission(), 'last_update_time': last_update_time.strftime("%Y-%m-%dT%H:%M:%SZ") })
def view_user(user_id): if not is_caltech_user(): return login_redirect() username = flask.session.get('username') user = helpers.get_user(user_id) if user is not None: hidden_fields = helpers.get_hidden_fields(username, user_id) user = { key: value for key, value in user.items() if key not in hidden_fields } is_me = username is not None and get_user_id(username) == user_id return flask.render_template('view_user.html', user=user, is_me=is_me, user_id=user_id)
def calendar_add_events(update=0): if 'username' not in flask.session: return auth_utils.login_redirect() fields = [ 'name', 'description', 'start_date', 'start_hour', 'start_minute', 'end_hour', 'end_minute', 'end_date', 'tag' ] for field in fields: if None == flask.request.form.get(field): flask.flash('Please fill in all required fields (marked with *)', 'error') return flask.redirect(flask.url_for('calendar.calendar')) start_date = flask.request.form.get('start_date') start_hour = flask.request.form.get('start_hour') start_time = flask.request.form.get('start_minute') end_date = flask.request.form.get('end_date') end_hour = flask.request.form.get('end_hour') end_time = flask.request.form.get('end_minute') start_year, start_month, start_day = map(int, start_date.split('-')) end_year, end_month, end_day = map(int, end_date.split('-')) begin_datetime = datetime.datetime(start_year, start_month, start_day, int(start_hour), int(start_time)) end_datetime = datetime.datetime(end_year, end_month, end_day, int(end_hour), int(end_time)) if begin_datetime > end_datetime: flask.flash('Invalid times', 'error') return flask.redirect(flask.url_for('calendar.calendar')) start_time = start_date + 'T' + start_hour + ":" + start_time + ":00" end_time = end_date + 'T' + end_hour + ":" + end_time + ":00" e = helpers.add_event( flask.request.form.get('name'), flask.request.form.get('description'), flask.request.form.getlist('tag'), start_time, end_time, update, flask.request.form.get('location'), flask.request.form.get('eventId')) if e: flask.flash('Error when adding events: ' + str(e) + ' ; If this error persists, contact devteam', 'error') return flask.redirect(flask.url_for('calendar.calendar'))
def calendar_share_cal(): if 'username' not in flask.session: return auth_utils.login_redirect() fields = ['email', 'tag', 'access_level'] for field in fields: if None == flask.request.form.get(field): flask.flash('Please fill in all required fields (marked with *)', 'error') return flask.redirect(flask.url_for('calendar.calendar')) e = helpers.share_calendar( flask.request.form.getlist('tag'), flask.request.form.get('email'), flask.request.form.get('access_level')) if e: flask.flash('Error when sharing calendars:' + e + " ; if the error persists, contact dev team", 'error') else: flask.flash('Success! Please check your gmail') return flask.redirect(flask.url_for('calendar.calendar'))
def view_item(item_id): """View additional details about item <item_id>""" if not is_caltech_user(): return login_redirect() item = helpers.table_fetch( """ marketplace_items NATURAL LEFT JOIN marketplace_textbooks NATURAL JOIN marketplace_categories """, one=True, fields=VIEW_FIELDS, attrs={'item_id': item_id}) # Make sure the item_id is a valid item, i.e. data is nonempty if item is None: flask.abort(404) # Display textbook edition edition = item['textbook_edition'] if edition: item['textbook_edition'] = helpers.process_edition(edition) # Grab the stored image links image_links = helpers.get_image_links(item_id) # Notify if the item is inactive if not item['item_active']: flask.flash('This item has been archived!') return helpers.render_with_top_marketplace_bar( 'view_item.html', item_id=item_id, item=item, image_links=image_links, user=get_name_and_email(item['user_id']), can_edit=helpers.can_manage(item))
def sell(): username = flask.session.get('username') if username is None: # They're not logged in, kick them out return login_redirect() # Extract item id item_id = helpers.try_int(flask.request.args.get('item_id')) # STATES # ------ # new (default): making a new listing # edit: editing an old listing state = flask.request.args.get('state', 'new') if state not in ALLOWED_SELL_STATES: flask.flash('Invalid state') return flask.redirect(flask.url_for('.sell')) saving = flask.request.method == 'POST' editing = state == 'edit' if saving: form = flask.request.form item = { 'cat_id': helpers.try_int(form.get('cat')), 'textbook_id': helpers.try_int(form.get('textbook_id')), 'textbook_title': form.get('textbook_title'), 'textbook_author': form.get('textbook_author'), 'textbook_edition': form.get('textbook_edition'), 'textbook_isbn': form.get('textbook_isbn'), 'item_title': form.get('item_title'), 'item_condition': form.get('item_condition'), 'item_price': form.get('item_price'), 'item_details': form.get('item_details'), 'images': [image for image in form.getlist('images') if image] } elif editing: item = helpers.table_fetch( 'marketplace_items', one=True, fields=SELL_FIELDS, attrs={'item_id': item_id}) if not item: # No data? the item_id must be wrong flask.flash('Invalid item') return flask.redirect(flask.url_for('.marketplace')) item['images'] = helpers.get_image_links(item_id) else: item = {'images': []} # Make sure the current user is the one who posted the item if editing and not helpers.can_manage(item_id): flask.flash('You do not have permission to edit this item') return flask.redirect(flask.url_for('.marketplace')) # This route is used for both GET and POST; # only try to create/update the item if this is a POST if saving: errors = [] # collect all validation errors cat_title = helpers.get_category_name_from_id(item['cat_id']) if not cat_title: errors.append('Invalid category') is_textbook = cat_title == 'Textbooks' if is_textbook: textbook_id = item['textbook_id'] if textbook_id: textbook = helpers.table_fetch( 'marketplace_textbooks', one=True, attrs={'textbook_id': textbook_id}) if not textbook: errors.append('Invalid textbook') else: if not item['textbook_title']: errors.append('Missing textbook title') if not item['textbook_author']: errors.append('Missing textbook author') edition = item['textbook_edition'] if edition and not helpers.validate_edition(edition): errors.append('Invalid textbook edition') isbn = item['textbook_isbn'] if isbn: if helpers.validate_isbn(isbn): item['textbook_isbn'] = isbn.replace('-', '') else: errors.append('Invalid textbook ISBN') item['item_title'] = None else: if not item['item_title']: errors.append('Missing item title') item['textbook_id'] = None item['textbook_edition'] = None item['textbook_isbn'] = None if not item['item_condition']: errors.append('Missing condition') price = item['item_price'] if not (price and helpers.validate_price(price)): errors.append('Invalid price') images = item['images'] for i, image in enumerate(images): image = helpers.validate_image(image) if image: images[i] = image else: errors.append('Invalid image') if errors: # Display all errors and don't submit for error in errors: flask.flash(error) else: if is_textbook and not textbook_id: item['textbook_id'] = helpers.add_textbook( item['textbook_title'], item['textbook_author']) if editing: helpers.update_current_listing(item_id, item) flask.flash('Updated!') else: item['user_id'] = get_user_id(username) item_id = helpers.create_new_listing(item) flask.flash('Posted!') return flask.redirect(flask.url_for('.view_item', item_id=item_id)) # Otherwise, they have not submitted anything, so render the form item['images'] += [''] * (MAX_IMAGES - len(item['images'])) categories = helpers.table_fetch('marketplace_categories') textbooks_cat, = (cat['cat_id'] for cat in categories if cat['cat_title'] == 'Textbooks') textbooks = helpers.table_fetch('marketplace_textbooks') return helpers.render_with_top_marketplace_bar( 'sell.html', state=state, item_id=item_id, item=item, MAX_IMAGES=MAX_IMAGES, imgur_id=flask.current_app.config['IMGUR_API']['id'], categories=categories, textbooks=textbooks, textbooks_cat=textbooks_cat, conditions=CONDITIONS)
def calendar_search(): if not auth_utils.is_caltech_user(): return auth_utils.login_redirect() return flask.render_template( 'calendar_search.html', permissions=helpers.get_permission())
def share_cal(): if 'username' not in flask.session: return auth_utils.login_redirect() return flask.render_template( 'share_cal.html', permissions=helpers.get_permission())
def add_events(): if 'username' not in flask.session: return auth_utils.login_redirect() return flask.render_template( 'add_events.html', permissions=helpers.get_permission())