def add_item(user_id):
user = db.session.query(User).filter_by(id=user_id).first()
tokens = map(lambda x: x.token, user.tokens)
check = check_auth_header(request.headers)
if not check[0]:
return check[1]
if not authenticate_user(tokens, request.headers['AuthToken']):
return unauthorized_message()
data = MultiDict(mapping=request.json)
inputs = ItemForm(data, csrf_enabled=False)
if not inputs.validate():
return bad_request_error(inputs.errors)
data = request.get_json()
name = data['name']
description = data['description']
thumbnail_url = data['thumbnail_url']
item_url = data['item_url']
item = Item(name, description, thumbnail_url, user_id, item_url)
db.session.add(item)
db.session.commit()
response = jsonify({
'name': item.name,
'description': item.description,
'thumbnail_url': item.thumbnail_url
})
response.status_code = 201
return response
def UpdateItem(message):
Before_request()
list_id = message["list_id"]
item_id = message["item_id"]
# Before checking for validation, we assume the item will not be
# added and that the list is not valid.
sendMessage = {"errors": "This is not a valid list."}
customMessage = 'update item fail'
room = None
query_list = g.user.lists.filter_by(id = list_id).first()
query_list_shared = g.user.shared_lists.filter_by(id = list_id).first()
if query_list is not None or query_list_shared is not None:
item = Item.query.filter_by(id = item_id).first()
form = ItemForm(item_name = message["item_name"], csrf_token = message["csrf_token"])
# We don't need the items checked state to validate the form
del form.check
if item is not None and form.validate():
item.item_name = form.item_name.data
db.session.commit()
sendMessage = {"itemName": item.item_name, "itemID": item.id}
customMessage = 'update item success'
room = list_id
else:
sendMessage = {"errors": form.item_name.errors}
emit(customMessage, sendMessage, room = room)
def update_item(id):
"""Updates the requested item."""
if needs_login():
return redirect(url_for('oauth2callback'))
form = ItemForm(request.form)
item = models.Item.query.filter_by(id=id).first()
if not form.validate():
return render_template('edit_item.html', form=form, item=item)
# retain the old image path before populate_obj overwrites it with form
# data
old_image = item.image
form.populate_obj(item)
item.image = old_image
if form.image is not None:
image_data = request.files['image'].read()
if len(image_data) > 0:
# generate a random file name and save it to the image folder
filename = ''.join(random.choice(
string.ascii_uppercase + string.digits) for x in xrange(16))
ext = os.path.splitext(request.files['image'].filename)[1]
open(app.config['IMAGE_DIR'] +
filename + ext, 'w').write(image_data)
item.image = filename + ext
# if the user updates the image, delete the old one
if os.path.isfile(app.config['IMAGE_DIR'] + old_image):
os.remove(app.config['IMAGE_DIR'] + old_image)
db.session.add(item)
db.session.commit()
return render_template('generic.html',
title="Update Completed",
description="%s has been updated." % item.name,
redirect_to_index=True)
def item_new():
form = ItemForm(request.form)
form.category_id.choices = [(cat.id, cat.name) for cat in categories]
if request.method == 'POST' and form.validate():
return item_new_post(form)
else:
return item_new_get(form)
def add_item():
"""Saves the new item and redirects to confirmation page."""
if needs_login():
return redirect(url_for('oauth2callback'))
form = ItemForm(request.form)
if not form.validate():
return render_template('new_item.html', form=form)
image = ""
if form.image.data is not None:
image_data = request.files['image'].read()
if len(image_data) > 0:
# generate a random file name and save it to the image folder
filename = ''.join(random.choice(
string.ascii_uppercase + string.digits) for x in xrange(16))
ext = os.path.splitext(request.files['image'].filename)[1]
open(app.config['IMAGE_DIR'] +
filename + ext, 'w').write(image_data)
image = filename + ext
item = models.Item(name=form.name.data,
user=get_current_user(),
description=form.description.data,
category=form.category.data,
image=image)
db.session.add(item)
db.session.commit()
return render_template('generic.html',
title="Item Added",
description="%s has been added." % item.name,
redirect_to_index=True)
def additem():
"""
this allow users to add items
"""
form = ItemForm(request.form)
categories = Category.query.all()
form.category.choices = [(c.id, c.name) for c in categories]
if request.method == 'POST' and form.validate():
print('\n\n\n\ninside post')
name = form.name.data
price = form.price.data
brand = form.brand.data
description = form.description.data
category = form.category.data
image = form.image.data
print(name, price, description, image, brand, category)
item = Item(name=name,
price=price,
description=description,
image=image,
brand=brand,
category_id=category,
user_id=login_session['gplus_id'])
db.session.add(item)
db.session.commit()
flash('item saved successfully', 'success')
return redirect('/')
elif form.errors:
flash(form.errors, 'danger')
return redirect('/')
else:
print('\n\n\n\ninside get')
return render_template('additem.html', form=form)
def items_edit(item_id):
form = ItemForm(request.form)
if request.method == 'POST' and form.validate():
if Item.query.filter(Item.name == form.name.data, Item.id != form.id.data).first():
data = {
'nav_urls': get_urls(),
'active_url': url_for('items_new')
}
duplicate = True
return render_template('items_edit.html', form=form, data=data, duplicate=duplicate)
else:
item = Item.query.filter(Item.id == item_id).first()
item.name = form.name.data
item.price = form.price.data
item.active = form.active.data
dbs.add(item)
dbs.commit()
return redirect(url_for('items'))
else:
data = {
'nav_urls': get_urls(),
'active_url': url_for('items_edit', item_id=item_id)
}
item = Item.query.filter(Item.id == item_id).first()
form.id.data = item.id
form.name.data = item.name
form.price.data = item.price
form.active.data = item.active
return render_template('items_edit.html', data=data, form=form)
def add_item(user_id):
user = db.session.query(User).filter_by(id=user_id).first()
tokens = map(lambda x: x.token , user.tokens)
check = check_auth_header(request.headers)
if not check[0]:
return check[1]
if not authenticate_user(tokens , request.headers['AuthToken']):
return unauthorized_message()
data = MultiDict(mapping=request.json)
inputs = ItemForm(data , csrf_enabled=False)
if not inputs.validate():
return bad_request_error(inputs.errors)
data = request.get_json()
name = data['name']
description = data['description']
thumbnail_url = data['thumbnail_url']
item_url = data['item_url']
item = Item(name, description, thumbnail_url, user_id, item_url)
db.session.add(item)
db.session.commit()
response = jsonify({'name':item.name , 'description':item.description, 'thumbnail_url':item.thumbnail_url})
response.status_code = 201
return response
def items_edit(item_id):
form = ItemForm(request.form)
if request.method == 'POST' and form.validate():
if Item.query.filter(Item.name == form.name.data,
Item.id != form.id.data).first():
data = {'nav_urls': get_urls(), 'active_url': url_for('items_new')}
duplicate = True
return render_template('items_edit.html',
form=form,
data=data,
duplicate=duplicate)
else:
item = Item.query.filter(Item.id == item_id).first()
item.name = form.name.data
item.price = form.price.data
item.active = form.active.data
dbs.add(item)
dbs.commit()
return redirect(url_for('items'))
else:
data = {
'nav_urls': get_urls(),
'active_url': url_for('items_edit', item_id=item_id)
}
item = Item.query.filter(Item.id == item_id).first()
form.id.data = item.id
form.name.data = item.name
form.price.data = item.price
form.active.data = item.active
return render_template('items_edit.html', data=data, form=form)
def item_edit(item_id):
item = session.query(Item).filter_by(id=item_id).one()
form = ItemForm(request.form, item)
form.category_id.choices = [(cat.id, cat.name) for cat in categories]
if request.method == 'POST' and form.validate():
return item_edit_post(form, item)
else:
return item_edit_get(form, item)
def add_item():
form = ItemForm(request.form)
if request.method == "POST" and form.validate():
item = Items(name=form.name.data,
quantity=form.quantity.data,
description=form.description.data,
date_added=datetime.datetime.now())
db_session.add(item)
db_session.commit()
return redirect(url_for('success'))
return render_template('index.html', form=form)
def editItem(item_id):
categories = session.query(Category).all()
item = session.query(Item).filter_by(id=item_id).one_or_none()
if item is None:
flash("Item does not exist")
return redirect(url_for('site.showHome'))
# Checks if the current user is not the owner of the item
if login_session['user_id'] != item.user_id:
flash("You're not authorized to edit this item")
return redirect(url_for('site.showHome'))
# This loads the ItemForm into a local variable
form = ItemForm(request.form)
if request.method == 'GET':
# This will render a form to edit an item
form.name.data = item.name
form.description.data = item.description
return render_template('edititem.html',
categories=categories,
item=item,
form=form)
if request.method == 'POST':
# This checks whether the form passes validation
if form.validate():
# This will commit the item edit to the database
item.category = item.category
if request.form['name']:
item.name = request.form['name']
if request.form['description']:
item.description = request.form['description']
if request.form['category']:
item.category = session.query(Category).filter_by(
name=request.form['category']).one_or_none()
if item.category is None:
flash("Get out of dev tools, hacker!")
return redirect(url_for('site.showHome'))
session.add(item)
session.commit()
return redirect(
url_for('site.showItem',
category_name=item.category.name,
item_id=item.id))
else:
# This will run if the form fails validation
return render_template('edititem.html',
categories=categories,
item=item,
form=form)
def sell():
item_form = ItemForm(request.form)
if request.method == 'POST' and item_form.validate():
product_name = item_form.data['product']
product = db_session.query(Product).filter(
Product.name == product_name.lower()).first()
seller_name = item_form.data['seller']
seller = db_session.query(User).\
filter(User.name==seller_name.lower()).\
filter(User.user_type=='Seller').first()
if product and seller:
item = Item()
save_item(item, item_form, new=True)
# Add child to Product parent models
product.items.append(item)
seller.items.append(item)
db_session.commit()
else:
if not product:
flash('No products match "{}"'.format(product_name))
if not seller:
flash('No sellers match "{}"'.format(seller_name))
return redirect('/sell')
flash('Item created successfully!')
return redirect('/sell')
product_results = db_session.query(Product).all()
# product_table = ProductResults(product_results)
# product_table.border = True
item_results = join_item_seller(db_session).all()
# item_table = ItemResults(item_results)
# item_table.border = True
return render_template('sell.html',
product_results=product_results,
item_results=item_results,
item_form=item_form)
def add():
global db
form = ItemForm(request.form)
if request.method == 'POST' and form.validate():
document = {}
for field, value in request.form.items():
document[field] = value
if 'title' in document and 'media_type' in document:
slug = common.slugify(document['title'])
document['slug'] = slug
db.save(document)
print "Document saved."
flash('Changes saved.')
return redirect(url_for('edit', slug=slug))
types = [item[0] for item in MEDIA_TYPES]
return render_template('form.html', title="Add item", form=form, types=types, document={})
def edit_item(id):
item = db_session.query(Items).filter_by(id=id).first()
if item:
form = ItemForm(request.form, obj=item)
if request.method == "POST":
if request.form['submit'] == 'Delete':
db_session.delete(item)
db_session.commit()
return redirect(url_for('success'))
elif request.form['submit'] == 'Save' and form.validate():
item.name = form.name.data,
item.quantity = form.quantity.data,
item.description = form.description.data,
item.date_added = datetime.datetime.now()
db_session.commit()
return redirect(url_for('success'))
return render_template("item.html", form=form, id=id)
else:
return ("Cannot find item ID%d" % (id, ))
def newItem():
categories = session.query(Category).all()
# This loads the ItemForm into a local variable
form = ItemForm(request.form)
if request.method == 'GET':
# This will render a form to add a new item
return render_template('newitem.html',
categories=categories,
form=form)
if request.method == 'POST':
# This checks whether the form passes validation
if form.validate():
# This will add a new item to the database
category = session.query(Category).filter_by(
name=request.form['category']).one_or_none()
if category is None:
flash("Get out of dev tools, hacker!")
return redirect(url_for('site.showHome'))
item = Item(name=request.form['name'],
description=request.form['description'],
category=category,
user_id=login_session['user_id'])
session.add(item)
session.commit()
return redirect(
url_for('site.showItem',
category_name=item.category.name,
item_id=item.id))
else:
# This will run if the form fails validation
return render_template('newitem.html',
categories=categories,
form=form)
def AddItem(message):
Before_request()
# Before checking for validation, we assume the item will not be
# added and that the list is not valid.
sendMessage = {"errors": "This is not a valid list."}
customMessage = 'add item fail'
room = None
list_id = message["list_id"]
query_list = g.user.lists.filter_by(id = list_id).first()
query_list_shared = g.user.shared_lists.filter_by(id = list_id).first()
if query_list is not None or query_list_shared is not None:
form = ItemForm(item_name = message["item_name"], csrf_token = message["csrf_token"])
# We don't need the items checked state to validate the form
del form.check
if form.validate():
item_name = form.item_name.data
item = Item(item_name = item_name, list_id = list_id)
# add item entry
db.session.add(item)
db.session.commit()
# Set everything to a success state.
sendMessage = { "itemID": item.id, "itemName": item.item_name }
customMessage = 'add item success'
room = list_id
else:
sendMessage = { "errors": [form.item_name.errors, form.csrf_token.errors]}
emit(customMessage, sendMessage, room = room)
def CheckItem(message):
Before_request()
list_id = message["list_id"]
item_id = message["item_id"]
query_list = g.user.lists.filter_by(id = list_id).first()
query_list_shared = g.user.shared_lists.filter_by(id = list_id).first()
# Before checking for validation, we assume the item will not be
# added and that the list is not valid.
sendMessage = {"errors": "This is not a valid list."}
customMessage = 'check item fail'
room = None
if query_list is not None or query_list_shared:
item = Item.query.filter_by(id = item_id).first();
check = True if message["check"] else False
form = ItemForm(check = check, csrf_token = message["csrf_token"])
# We don't need the item name to validate this request.
del form.item_name
if item is not None and form.validate():
item.check = form.check.data
db.session.commit()
sendMessage = { "itemID": item.id }
customMessage = 'check item success'
room = list_id
else:
sendMessage = { "errors" : item.check.errors }
emit(customMessage, sendMessage, room = room)
