def newCategoryItem(category_id):
'''
function to create a new item category
Args:
category_id: int the id of the category where we want to create
a new item.
We pick from the form POST the title and the description
as well as the picture
'''
# make sure the user is login
if 'username' not in login_session:
return redirect('/login')
# we get the category
category = session.query(Category).filter_by(id=category_id).one()
# make sure the user is the creator of the category
if login_session['user_id'] != category.user_id:
flash("You are not authorized to execute this action")
return redirect(url_for('showCategories'))
# if it is POST we will create
if request.method == 'POST':
# get the title and clean it a bit
title = request.form['title']
title = bleach.clean(title)
title = bleach.linkify(title)
# get the description and clean it a bit
description = request.form['description']
description = bleach.clean(description)
description = bleach.linkify(description)
# validating the request form
if not title:
flash("Please enter a Item title.")
return render_template('newitem.html', category_id=category_id)
newItem = CategoryItem(
title=title,
description=description,
category_id=category_id,
user_id=category.user_id
)
# first we are gonna declare the picture(file name)
# and the picture data binary as none
# validate the data and load them if necesary
picture_data = None
picture = None
# verify that we are getting an image file
# and that it is not too big>5Mb
picture = request.files['image']
if picture:
# only these options are allowed as a image
extensions = {".jpg", ".png", ".jpeg"}
# if not we let the client know
if not any(
str(picture.filename).endswith(ext)
for ext in extensions
):
flash
(
"Please load a Item image; " +
"only jpg, jpeg or png are allowed."
)
return render_template('newitem.html', category_id=category_id)
else:
# verify the size of the image
picture_data = request.files['image'].read()
if len(picture_data) > 5242880:
flash("Please load a Item image with size less than 5Mb.")
return render_template(
'newitem.html',
category_id=category_id
)
else:
newItem.image = picture.filename
newItem.image_data = picture_data
# verify that within the category there isn't another
# item with the same title
existingItem = session.query(CategoryItem).filter_by(
title=request.form['title'],
category_id=category_id).first()
if existingItem:
flash
(
"A Item with the same name already exists in this Category. " +
"Please choose a different name"
)
return render_template('newitem.html', category_id=category_id)
else:
# create item
session.add(newItem)
session.commit()
flash('New Item %s Successfully Created' % (newItem.title))
return redirect(url_for('showItem', category_id=category_id))
else:
# if not login render the public page
return render_template('newitem.html', category_id=category_id)
