def update_event_tickets(event_id): # get the tickets already present and expose them to be updated/edited event = Event.query.get_or_404(event_id) if event.manager != current_user: abort(403) # forbidden route form = UpdateEventTicketsForm() if request.method == 'GET': for ticket in event.tickets: ticketForm = TicketForm() ticketForm.ticket_type = ticket.ticket_type ticketForm.num_tickets = ticket.num_tickets ticketForm.price = ticket.price form.tickets.append_entry(ticketForm) if form.validate_on_submit(): for ticket in event.tickets: db.session.delete(ticket) db.session.commit() for ticket in form.tickets.data: new_ticket = Ticket(event_id=event.id, ticket_type=ticket['ticket_type'], num_tickets=ticket['num_tickets'], price=ticket['price']) event.tickets.append(new_ticket) db.session.commit() flash(gettext('Your event tickets have been updated'), 'success') return redirect(url_for('events.event', event_id=event.id)) return render_template('update_event_tickets.html', title='Updated event tickets', form=form, legend='Update event tickets', event=event)
def delete_event_tickets(event_id): # get the tickets already present and expose them to be updated/edited event = Event.query.get_or_404(event_id) if event.manager != current_user: abort(403) # forbidden route form = UpdateEventTicketsForm() if request.method == 'GET': for ticket in event.tickets: ticketForm = TicketForm() ticketForm.ticket_type = ticket.ticket_type ticketForm.num_tickets = ticket.num_tickets ticketForm.price = ticket.price form.tickets.append_entry(ticketForm) if form.validate_on_submit(): form_ticket_keys = request.form.getlist("ticket_keys") for ticket_id in form_ticket_keys: ticket_to_delete = Ticket.query.get_or_404(int(ticket_id)) db.session.delete(ticket_to_delete) db.session.commit() flash(gettext('Your event tickets have been deleted'), 'success') return redirect(url_for('events.event', event_id=event.id)) return render_template('delete_event_tickets.html', title='Delete event tickets', legend='Delete event tickets', event=event, form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('main.home')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): # log in the user # if the remember me box is checked login_user(user, remember=form.remember.data) # args is a dictionary, don't access using key would give error, use get next_page = request.args.get('next') # print("next page is: ",next_page) if next_page == '/start-payment-flow': return redirect(url_for('main.home')) if next_page == '/generate-booking/': return redirect(url_for('main.home')) return redirect(next_page) if next_page else redirect( url_for('main.home')) else: flash(gettext('login failed, check email and password'), 'danger') return redirect(url_for('main.home')) return render_template('login.html', title='Login', form=form)
def register_manager(): if current_user.is_authenticated: return redirect(url_for('main.home')) form = ManagerRegistrationForm() # we see that the post actually worked, we use a flash message to confirm it if form.validate_on_submit(): # success is a bootstrap argument # we hash the password inserted hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user = User(username=form.username.data, email=form.email.data, password=hashed_password) user.roles.append(Role(name='Manager')) db.session.add(user) db.session.commit() flash(gettext('Your account has been created, you can now log in'), 'success') return redirect(url_for('users.login')) # name of the function return render_template('register_manager.html', title='Register', form=form)
def delete_event(event_id): event = Event.query.get_or_404(event_id) if event.manager != current_user: abort(403) # forbidden route all_bokings = UserBookings.query.all() for booking in all_bokings: if booking.event_id == event_id: db.session.delete(booking) db.session.delete(event) db.session.commit() flash(gettext('Your event has been deleted'), 'success') return redirect(url_for('main.home'))
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('main.home')) user = User.verify_reset_token(token) if user is None: flash(gettext('That is an invalid or exiperd token'), 'warning') return redirect(url_for('users.reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): # success is a bootstrap argument # we hash the password inserted hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user.password = hashed_password db.session.commit() flash(gettext('Your password has been updated, you can now log in'), 'success') return redirect(url_for('users.login')) # name of the function return render_template('reset_token.html', title='Reset Password', form=form)
def add_staff(event_id): found = False already_staffer = False # get the event to which i need to add staff # to add as user as staff, i add to his role the one of staff # to add a user as staff i add them by email # i add to the event database table a new column called staff # this column will contain the ids of the users which are staff form = StaffForm() if form.validate_on_submit(): if User.query.filter_by(email=form.staffer_email.data).first(): user_to_add_as_staff = User.query.filter_by( email=form.staffer_email.data).first() for role in user_to_add_as_staff.roles: if 'Staff' in role.name: found = True if found == False: user_to_add_as_staff.roles.append(Role(name='Staff')) # need to check if staffer is already in staff list event_to_staff = Event.query.get_or_404(event_id) for staffer in event_to_staff.staffers: if staffer.id == user_to_add_as_staff.id: already_staffer = True if already_staffer == False: event_to_staff.staffers.append(user_to_add_as_staff) else: flash(gettext('User already in staff'), 'error') return redirect(url_for('events.event', event_id=event_id)) db.session.commit() flash(gettext('Your staff has been added'), 'success') return redirect(url_for('events.event', event_id=event_id)) else: flash(gettext('User not found'), 'error') return render_template('add_staff.html', form=form, title='Add Staff')
def reset_request(): if current_user.is_authenticated: return redirect(url_for('main.home')) form = RequestResetForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() send_reset_email(user) flash( gettext( 'An email has been sent with instructions to reset your password' ), 'info') return redirect(url_for('users.login')) return render_template('reset_request.html', title='Reset Password', form=form)
def add_tickets(event_id): # get the tickets already present and expose them to be updated/edited event = Event.query.get_or_404(event_id) if event.manager != current_user: abort(403) # forbidden route form = AddTicketsForm() if form.validate_on_submit(): for ticket in form.tickets.data: new_ticket = Ticket(event_id=event.id, ticket_type=ticket['ticket_type'], num_tickets=ticket['num_tickets'], price=ticket['price']) # Add to event event.tickets.append(new_ticket) db.session.commit() flash(gettext('Your tickets have been created'), 'success') return redirect(url_for('events.event', event_id=event.id)) return render_template('add_tickets.html', title='Add Tickets', form=form, legend='Add Tickets', event=event)
def new_event(): form = EventForm() if form.validate_on_submit(): event = Event(title=form.title.data, event_type=form.event_type.data, event_date=form.event_date.data, time_from=form.time_from.data, time_to=form.time_to.data, content=form.content.data, content_eng=form.content_eng.data, address=form.address.data, city=form.city.data, location=form.location.data, manager=current_user) for ticket in form.tickets.data: new_ticket = Ticket(event_id=event.id, ticket_type=ticket['ticket_type'], num_tickets=ticket['num_tickets'], price=ticket['price']) # Add to event event.tickets.append(new_ticket) if form.picture.data: picture_file = save_picture(form.picture.data, event.id) event.image_file = picture_file db.session.add(event) db.session.commit() flash(gettext('Your event has been created'), 'success') return redirect(url_for('main.home')) return render_template('create_event.html', title='New Event', form=form, legend='New Event')
def account(): form = UpdateAccountForm() if form.validate_on_submit(): if form.picture.data: picture_file = save_picture(form.picture.data) current_user.image_file = picture_file current_user.username = form.username.data current_user.email = form.email.data db.session.commit() flash(gettext('Your account has been updated'), 'success') return redirect(url_for('main.home')) elif request.method == 'GET': form.username.data = current_user.username form.email.data = current_user.email image_file = url_for('static', filename='profile_pics/' + current_user.image_file) return render_template('account.html', title='Account', image_file=image_file, form=form)
def update_event(event_id): event = Event.query.get_or_404(event_id) if event.manager != current_user: abort(403) # forbidden route form = EventForm() if form.validate_on_submit(): event.title = form.title.data event.event_type = form.event_type.data event.event_date = form.event_date.data event.time_from = form.time_from.data event.time_to = form.time_to.data event.content = form.content.data event.content_eng = form.content_eng.data event.address = form.address.data event.city = form.city.data event.location = form.location.data if form.picture.data: picture_file = save_picture(form.picture.data, event.id) event.image_file = picture_file db.session.commit() flash(gettext('Your event has been updated'), 'success') return redirect(url_for('events.event', event_id=event.id)) elif request.method == 'GET': form.title.data = event.title form.event_type.data = event.event_type form.event_date.data = event.event_date form.time_from.data = event.time_from form.time_to.data = event.time_to form.content.data = event.content form.content_eng.data = event.content_eng form.address.data = event.address form.city.data = event.city form.location.data = event.location return render_template('update_event.html', title='Updated event', form=form, legend='Update event', event=event)