# The auth.user below forces login.
@action('index')
@action.uses(auth.user, url_signer, session, db, 'index.html')
def index():
return dict(
# This is an example of a signed URL for the callback.
# See the index.html template for how this is passed to the javascript.
posts_url=URL('posts', signer=url_signer),
delete_url=URL('delete_post', signer=url_signer),
user_email=auth.current_user.get('email'),
author_name=auth.current_user.get('first_name') + " " +
auth.current_user.get('last_name'))
@action('posts', method="GET")
@action.uses(db, auth.user, session, url_signer.verify())
def get_posts():
# You can use this shortcut for testing at the very beginning.
# TODO: complete.
posts = [] # Just to keep code from breaking.
posts = db(db.post).select(db.post.ALL,
orderby=~db.post.post_date).as_list()
posts_ = []
for p in posts:
# print(p)
if p["is_reply"] == None:
posts_.append(p)
q = p["id"]
for p in posts:
if (p["is_reply"] == q):
@action.uses(db)
def get_recipe_ingredients(recipe_id):
"""
Returns a list of all the ingredients for a recipe and their quantities.
"""
rows = db((db.recipe_ingredients.recipe == recipe_id) &
(db.recipe_ingredients.ingredient == db.ingredients.id)).select(
db.recipe_ingredients.id, db.ingredients.name,
db.recipe_ingredients.quantity).as_list()
return dict(rows=rows)
@action('set_recipe_ingredient', method=["POST"])
@action.uses(url_signer.verify(), db)
def set_recipe_ingredient():
"""
Sets a recipe-ingredient's recipe, ingredient and quantity, for one of a
user's existing recipes. Can only be used by the creator of the recipe.
Reuses existing ingredient rows if they are in the database to avoid
ingredient duplication.
"""
recipe_id = request.json.get('recipe_id')
recipe_ingredient_id = request.json.get('recipe_ingredient_id')
ingredient_name = request.json.get('ingredient_name')
quantity = request.json.get('quantity')
if get_user_email() != db.recipes[recipe_id].m_email:
return "Access denied"
],
record=dict(first_name=row[0].get('first_name'),
last_name=row[0].get('last_name')),
deletable=False,
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
db.person.update_or_insert(((db.person.id == person_id)),
first_name=form.vars.get('first_name'),
last_name=form.vars.get('last_name'))
redirect(URL('index'))
return dict(form=form)
@action('delete_contact/<person_id>', method='GET')
@action.uses('index.html', session, db, url_signer.verify())
def delete_contact(person_id=None):
p = db.person[person_id]
if p is None:
redirect(URL('index'))
# else delete person if has access
if (p.user_email == auth.current_user.get('email')):
db(db.person.id == person_id).delete()
redirect(URL('index'))
# after pressing Edit button in index - table with phone numbers
@action('edit_phones/<person_id>', method='GET')
@action.uses(db, session, auth.user, 'phone.html')
def edit_phones(person_id=None):
p = db.person[person_id]
communicative=db.profiles.communicative.default,
)
profile_info = db(db.profiles.user == user_info.id).select().first()
return dict(
user_info=user_info,
profile_info=profile_info,
change_profile_url=URL('change_profile', signer=url_signer),
add_game_url=URL('add_game', signer=url_signer),
load_games_url=URL('load_games', signer=url_signer),
)
@action('change_profile', method="POST")
@action.uses(auth.user, url_signer.verify(), db)
def change_profile():
print("changing the profile apparently")
user_info = db(db.auth_user.email == get_user_email()).select().first()
profile_info = db(db.profiles.user == user_info.id).select().first()
auth_user_id = db.auth_user.update_or_insert(
db.auth_user.email == get_user_email(),
first_name=request.json.get('first_name')
if request.json.get('first_name') != "" else user_info.first_name,
last_name=request.json.get('last_name')
if request.json.get('last_name') != "" else user_info.last_name,
)
profile_id = db.profiles.update_or_insert(
db.profiles.user == user_info.id,
region=request.json.get('region')
if request.json.get('region') != "" else profile_info.region,
# No matter that the field did not originally exist in the database.
row['phone_numbers'] = s
# So at the end, we can return "nice" rows, each one with our nice string.
# A row r will have fields r["first_name"], r["last_name"], r["phone_numbers"], ...
# You can pass these rows to the view, so you can display the table.
# for row in rows:
# print(row["first_name"] + row["last_name"])
# print(row["phone_numbers"])
return dict(
rows = rows,
url_signer=url_signer,
)
@action('edit_contact/<contact_id:int>', method=["GET", "POST"])
@action.uses(db, session, auth.user, url_signer.verify(), 'edit_contact.html')
def edit(contact_id=None):
assert contact_id is not None
p = db.contact[contact_id]
print('hi edit contact')
if p is None:
# nothing found to be edited
redirect(URL('index'))
form = Form(db.contact, record=p, deletable=False, csrf_session=session, formstyle=FormStyleBulma)
if form.accepted:
redirect(URL('index'))
return dict(
form = form
)
profile_owner = user
else:
profile_owner = db(
db.auth_user.username == profile_username).select().first()
assert profile_owner is not None
profile = db(db.profile.user_id == profile_owner["id"]).select().first()
profile.username = profile_username
comments = db(db.comment.user_id == profile_owner["id"]).select()
return dict(username=user["username"],
profile=profile,
comments=comments,
signer=url_signer)
@action("edit_profile", method=["GET", "POST"])
@action.uses(db, session, auth.user, url_signer.verify(), "profile_form.html")
def edit_profile():
user = auth.get_user()
db.profile.update_or_insert(user_id=user["id"])
profile = db.profile[user["id"]]
form = Form([Field('avatar', type='upload'),
Field('bio', type='text')],
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
db(db.profile.user_id == user["id"]).validate_and_update(
avatar=form.vars['avatar'], bio=form.vars['bio'])
redirect(URL('profile'))
return dict(profile=profile, form=form)
# and we can simply assign the nice string to a field of the row!
# No matter that the field did not originally exist in the database.
row["price"] = result
return dict(rows=rows,
url_signer=url_signer,
search_url=URL('search', signer=url_signer),
my_callback_url=URL('my_callback', signer=url_signer),
add_post_url=URL('add_post', signer=url_signer),
delete_post_url=URL('delete_post', signer=url_signer),
get_rating_url=URL('get_rating', signer=url_signer),
set_rating_url=URL('set_rating', signer=url_signer))
@action('my_callback')
@action.uses(url_signer.verify(), db)
def my_callback():
rows = db(db.post).select().as_list()
return dict(rows=rows, user=get_user_email(), the_reviewer=get_user())
@action('add_post', method="POST")
@action.uses(url_signer.verify(), db)
def add_post():
# print(request.json.get('author'))
id = db.post.insert(content=request.json.get('content'),
reviewer=request.json.get('reviewer'))
# print(request.json.get('content'))
return dict(id=id, author=get_user_name())
@action('index')
@action.uses(db, auth, url_signer, 'index.html')
def index():
return dict(
# COMPLETE: return here any signed URLs you need.
# test pycharm connection
load_posts_url=URL('load_posts', signer=url_signer),
add_post_url=URL('add_post', signer=url_signer),
delete_post_url=URL('delete_post', signer=url_signer),
)
# first API function: used to answer requests from JS in browser
@action('load_posts')
@action.uses(db, auth, url_signer.verify())
def load_posts():
rows = db(db.posts).select().as_list()
return dict(rows=rows)
# second API function: used to answer add_post requests from JS in browser
@action('add_post', method="POST")
@action.uses(db, url_signer.verify())
def add_post():
row = db(db.auth_user.email == get_user_email()).select().first()
name = row.first_name + " " + row.last_name if row is not None else "Unknown"
id = db.posts.insert(
post_desc=request.json.get('post_desc'),
get_vote_names_url=URL('get_vote_names', signer=url_signer),
find_posts_url=URL('find_posts', signer=url_signer),
)
@action('view_leaderboard', method="GET")
@action.uses(db, auth, url_signer, 'view_leaderboard.html')
def view_leaderboard():
user = auth.get_user() or redirect(URL('auth/login'))
return dict(
load_view_leaderboard=URL('load_view_leaderboard', signer=url_signer))
@action('load_view_leaderboard', method="GET")
@action.uses(db, url_signer.verify())
def load_view_leaderboard():
user = auth.get_user() or redirect(URL('auth/login'))
newRows = [] #result [{username, avg, rep, profile pic}, ...]
checked = [] #history
thumbsup = 0
thumbslength = 0
rows = db(db.post).select().as_list()
for r in rows: #parse posts
dic = {}
if r['username'] not in checked: #check if we havent validated already
thumbsup = 0
thumbslength = 0
dic['username'] = r['username']
checked.append(r['username'])
rows2 = db(db.post.username == r['username']).select().as_list()
"""Note that in the above declaration, the product_id argument must match
the <product_id> argument of the @action."""
# We read the product.
p = db.product[product_id]
if p is None:
# Nothing to edit. This should happen only if you tamper manually with the URL.
redirect(URL('index'))
form = Form(db.product,
record=p,
deletable=False,
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
# We always want POST requests to be redirected as GETs.
redirect(URL('index'))
return dict(form=form)
@action('delete_product/<product_id>', method=['GET', 'POST'])
@action.uses(session, db, url_signer.verify())
def delete_product(product_id=None):
"""Note that in the above declaration, the product_id argument must match
the <product_id> argument of the @action."""
# We read the product.
p = db.product[product_id]
if p is None:
# Nothing to edit. This should happen only if you tamper manually with the URL.
redirect(URL('index'))
db(db.product.id == product_id).delete()
redirect(URL('index'))
if p is None:
# Nothing to edit. This should happen only if you tamper manually with the URL.
redirect(URL('index'))
email = auth.current_user.get('email')
if db.person[person_id].user_email != email:
redirect(URL('index'))
form = Form(db.person, record=p, deletable=False, csrf_session=session, formstyle=FormStyleBulma)
if form.accepted:
# We always want POST requests to be redirected as GETs.
redirect(URL('index'))
return dict(form=form)
@action('delete_person/<person_id>', method=['GET', 'POST'])
@action.uses('contact_form.html', session, db, url_signer.verify(), auth.user) #
def delete_product(person_id=None):
"""Note that in the above declaration, the product_id argument must match
the <product_id> argument of the @action."""
# We read the product.
p = db.person[person_id]
if p is None:
# Nothing to edit. This should happen only if you tamper manually with the URL.
redirect(URL('index'))
db(db.person.id == person_id).delete()
deleted = db.person[person_id]
if deleted is None:
redirect(URL('index'))
return dict(deleted=deleted)
