def db_populate_from_seed():
session.query(Category).delete()
category1 = Category(name="Bowling")
category2 = Category(name="Tennis")
session.add(category1)
session.add(category2)
session.flush()
session.refresh(category1)
session.refresh(category2)
item1 = Item(name="HeavyBall",
description="Bowling Ball",
category_id=category1.id)
item2 = Item(name="Racket",
description="Medium Size Racket",
category_id=category2.id)
session.add(item1)
session.add(item2)
try:
session.commit()
except Exception as e:
return "Error trying seed populate db"
return "db re-populated with seed"
def add_item():
# This is done as a workaround for "ProgrammingError: SQLite objects
# created in a thread can only be used in that same thread."
db_session = DBSession()
if request.method == 'POST':
# Create item
# Make sure another item by the same name does not exist in the
# category
category_obj = db_session.query(Category).filter_by(name=request.form.get('category')).one_or_none()
already_exists = db_session.query(exists().where(
and_(Item.name == request.form.get('name'),
Item.category_id == category_obj.id))).scalar()
if (already_exists):
flash("This item already exists")
return redirect(url_for('add_item'))
newitem = Item(name=request.form.get('name'),
description=request.form.get('description', ''),
category=db_session.query(Category).filter_by(
name=request.form.get('category')).one(),
owner_email=login_session['email'])
db_session.add(newitem)
db_session.commit()
return redirect(
url_for('item_index', category=request.form.get('category'),
item=newitem.name))
else:
categories = [c.name for c in db_session.query(Category).all()]
category = request.args.get('category', None)
return render_template('add_item.html', **locals())
def create_item_precat(category_name):
"""Creates an item with only one category option in the creation form.
This happens in case of creating an item inside an empty category. """
if 'name' not in login_session:
flash('You must be logged in to do that!')
return redirect(url_for('login'))
if request.method == 'GET':
predetermined_category = session.query(Category).filter_by(
name=category_name).first()
return render_template('new_item.html',
predetermined_cat=predetermined_category)
else:
if request.form['name'] == '' or request.form['desc'] == '':
flash('Invalid item name or description!')
return redirect(url_for('create_item_precat'))
if helpers.item_exists(request.form['name'].lower()):
flash('Item already exists!')
return redirect(
url_for('show_item', item_name=request.form['name'].lower()))
new_item = Item(name=request.form['name'].lower(),
description=request.form['desc'],
category_id=request.form['cat'],
user_id=login_session['user_id'])
session.add(new_item)
session.commit()
flash('Item successfully created!')
return redirect(url_for('show_item', item_name=new_item.name))
def create_item():
"""Creates a new item.
The GET endpoint displays a form to create the item.
The POST endpoint creates the item and shows it afterwards.
"""
if 'name' not in login_session:
flash('You must be logged in to do that!')
return redirect(url_for('login'))
elif request.method == 'GET':
categories = session.query(Category).all()
return render_template('new_item.html', categories=categories)
else:
if request.form['name'] == '' or request.form['desc'] == '' or \
request.form['cat'] == '':
flash('Invalid item name or description!')
return redirect(url_for('create_item'))
# Check if item already exists
item = session.query(Item).filter_by(
name=request.form['name'].lower()).first()
if item:
flash('Item already exists!')
return redirect(url_for('show_item', item_name=item.name))
new_item = Item(name=request.form['name'].lower(),
category_id=request.form['cat'],
description=request.form['desc'],
user_id=login_session['user_id'])
session.add(new_item)
session.commit()
flash('Item successfully created!')
return redirect(url_for('show_item', item_name=new_item.name))
def newCatalogItem(catalog_id):
if 'username' not in login_session:
return redirect('/login')
catalog = session.query(Catalog).filter_by(id=catalog_id).one()
if catalog.user_id != login_session['user_id']:
return "<script>" \
"function alertFunction() {" \
"alert('You are not authorized to edit this catalog');" \
"}" \
"</script>" \
"<body onload='alertFunction()'>"
if request.method == 'POST':
newItem = Item(name=request.form['name'],
description=request.form['description'],
picture_url=request.form['picture_url'],
homepage_url=request.form['homepage_url'],
catalog_id=catalog_id,
user_id=login_session['user_id'])
session.add(newItem)
session.commit()
flash("New item created!")
return redirect(url_for('catalogItem', catalog_id=catalog_id))
else:
return render_template('newCatalogItem.html',
catalog_id=catalog_id,
catalog=catalog)
def addItem():
categories = session.query(Category).all()
if request.method == 'POST':
name = request.form.get('name')
description = request.form.get('description')
category_id = request.form.get('Category')
item = Item(name=name,
description=description,
category_id=category_id,
user_id=session_login['user_id'])
session.add(item)
session.commit()
# upload img
if request.files.get('photo') is not None:
file = request.files['photo']
if allowed_file(file.filename):
filename = secure_filename(file.filename)
extension = filename.rsplit('.', 1)[1].lower()
filename = '%s.%s' % (item.id, extension) # rename file
file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
item.photo = filename # add filename to database
session.add(item)
session.commit()
return redirect(url_for('showCategories'))
return render_template('itemadd.html', categories=categories)
def newItem(category_id):
"""
newItem(category_id): adds a Item to Category
Args:
category_id (data type: int): primary key of Category class
Returns:
redirects to the method that shows the
list of items of category if successful
"""
if 'username' not in login_session:
return redirect('/login')
if request.method == 'POST':
if 'type' not in request.form:
type = 'eItem'
else:
type = request.form['type']
newItem = Item(name=request.form['name'],
description=request.form['description'],
user_id=login_session['user_id'], category_id=category_id)
session.add(newItem)
session.commit()
flash('Item was successfully added to the list')
return redirect(url_for('showItems', category_id=category_id))
else:
return render_template('newItem.html', category_id=category_id)
def newItem(category_name):
category = session.query(Category).filter_by(name=category_name).first()
if (request.method == 'POST'):
# Sanitize user input
name = bleach.clean(request.form['name'], tags=[], strip=True)
description = bleach.clean(request.form['description'],
tags=[],
strip=True)
image = bleach.clean(request.form['image'], tags=[], strip=True)
# Very rudimentary csrf protection
if not csrf_protect():
return "CSRF detected"
item = Item(name=name,
description=description,
category=category,
user_id=login_session['user_id'],
picture=image)
session.add(item)
session.commit()
return (redirect(
url_for('showItem',
category_name=item.category.name,
item_name=item.name)))
else:
return render_template('newitem.html', category=category)
def addItem():
'''
GET Shows a form to add item.
POST adds a new item to the database. As we are using Item.name for routes
we need to check the uniqueness of the item name.
Returns
For a successful POST we return a redirect object to the 'main' route.
For GET or unsuccessful POST we return the additem.html template.
'''
if request.method == 'POST':
addedItem = Item(name=request.form['name'],
user_id=login_session['user_id'],
category_id=request.form['category_select'],
description=request.form['description'])
if session.query(Item).filter_by(
name=addedItem.name).one_or_none() is None:
session.add(addedItem)
session.commit()
return redirect(url_for('main'))
else:
flash("Item with that name already exist!")
categories = session.query(Category).all()
return render_template('additem.html',
categories=categories,
login_session=login_session)
def newItem(subject_id):
"""
Create a new homework item
"""
try:
subject = session.query(Subject).filter_by(id=subject_id).one()
except:
flash('No such subject is found.', 'error')
return redirect(url_for('mod_views.showSubjects'))
if login_session['user_id'] != subject.user_id:
flash('You are not authorized to create a new item for this subject!',
'error')
return redirect(url_for('mod_views.showItems', subject_id=subject_id))
if request.method == 'POST':
if request.form['name'] == "":
flash('Please enter an item name.', 'error')
return redirect(url_for('mod_views.newItem',
subject_id=subject_id))
newItem = Item(name=request.form['name'],
description=request.form['description'],
time_estimate=request.form['time_estimate'],
priority=request.form['priority'],
subject_id=subject_id,
user_id=subject.user_id)
session.add(newItem)
session.commit()
flash('\'%s\' successfully created' % (newItem.name), 'success')
return redirect(url_for('mod_views.showItems', subject_id=subject_id))
else:
picture = login_session['picture']
return render_template('new_item.html',
subject_id=subject_id,
picture=picture)
def newItem(category_name):
category = session.query(Category).filter_by(name=category_name).one()
if (request.method == 'POST'):
# Sanitize user input
name = bleach.clean(request.form['name'], tags=[], strip=True)
description = bleach.clean(request.form['description'],
tags=[],
strip=True)
# Very rudimentary csrf protection
if not csrf_protect():
return "CSRF detected"
# If an image is attached, upload it to the server.
if request.files['image']:
file = request.files['image']
image = upload_image(file, name)
else:
image = None
item = Item(name=name,
description=description,
category=category,
user_id=login_session['user_id'],
filename=image)
session.add(item)
session.commit()
return (redirect(
url_for('showItem',
category_name=item.category.name,
item_name=item.name)))
else:
return render_template('newitem.html', category=category)
def newItem(category_name):
mycatalog = session.query(Category).filter_by(name=category_name).one()
if request.method == 'POST':
newItem = Item(title=request.form['title'], description=request.form[
'description'], date_added=request.form['date_added'], category_name=category_name)
session.add(newItem)
session.commit()
flash('New Item %s Successfully Created' % (newItem.name))
return redirect(url_for('showItems', category_name=category_name))
else:
return render_template('newitem.html', category_name=category_name)
def addItem(catalog_id):
if 'username' not in login_session:
return redirect('/login')
catalog_id = session.query(Catalog).filter_by(id=catalog_id).one()
if request.method == 'POST':
new_item = Item(name=request.form['name'], description=request.form['description'], catalog_id=catalog_id.id) # noqa
session.add(new_item)
session.commit()
flash('New %s Item Successfully Created' % (new_item.name))
return redirect(url_for('item', catalog_id=catalog_id.id))
else:
return render_template('additem.html', catalog_id=catalog_id)
def newItem(category_id):
if 'username' not in login_session:
return redirect('/login')
if request.method == 'POST':
newItem = Item(name=request.form['name'],
description=request.form['description'],
category_id=category_id)
session.add(newItem)
session.commit()
return redirect(url_for('category', category_id=category_id))
else:
return render_template('item_new.html', category_id=category_id)
def newItem(category_id):
if 'username' not in login_session:
return redirect('/login')
if request.method == 'POST':
if request.form['name'] and request.form['description']:
newItem = Item(name=request.form['name'],
description=request.form['description'],
category_id=category_id,
user_id=login_session['user_id'])
session.add(newItem)
session.commit()
return redirect(url_for('showItems', category_id=category_id))
name = session.query(Category).filter_by(id=category_id).one().name
return render_template('newItem.html', catName=name)
def newItem(category_id):
if 'username' not in login_session:
return redirect('/login')
if request.method == 'POST':
newItem = Item(name=request.form['name'],
description=request.form['description'],
category_id=category_id,
user_id=login_session['user_id'])
session.add(newItem)
session.commit()
flash('New item created!')
return redirect(url_for('showCategory', category_id=category_id))
else:
return render_template('newItem.html', category_id=category_id)
def item_new_post(form):
'''item_new POST handler'''
params = {}
params['name'] = form.name.data
params['description'] = form.description.data
params['price'] = form.price.data
params['category_id'] = form.category_id.data
params['user_id'] = get_user_id(login_session)
item = Item(**params)
session.add(item)
session.commit()
flash('New Item <strong>%s</strong> Successfully Created!' % (item.name), 'success')
return redirect(url_for('item_view', item_id=item.id))
def addItem():
# only add item if user has submitted the item details
if request.method == 'POST':
newItem = Item(name=request.form['name'],
description=request.form['description'],
cat_id=request.form['cat_id'])
session.add(newItem)
flash('New Item %s Successfully Created' % newItem.name)
session.commit()
return redirect(url_for('showCategories'))
# first renders page to add item
else:
categories = session.query(Category)
return render_template('newItem.html', categories=categories)
def newItemPage(category_name):
"""Add a new item for a specific category to the DB
Arguments:
category_name {string} -- variable containing the category name
Returns:
render_template -- renders the html page for new item add
"""
if 'user_email' in login_session:
categories = session.query(Category).all()
for cati in categories:
if cati.t_catName == category_name:
catx = cati.t_id
if request.method == 'POST':
item_name = request.form['item_name']
item_desc = request.form['i_description']
if session.query(Item).filter_by(t_itemName=item_name).first():
return "item already exists"
else:
new_item = Item(t_itemName=bleach.clean(item_name,
tags=[],
attributes={},
styles=[],
strip=True),
t_itemDescription=bleach.clean(item_desc,
tags=[],
attributes={},
styles=[],
strip=True),
t_userId=login_session['user_id'],
t_catId=catx)
session.add(new_item)
session.commit()
flash('new item added to the database')
return redirect(url_for('mainPage'))
else:
# the method used in this call is GET
print('this is a get call')
return render_template('newItem.html',
current_cat=category_name,
current_user=login_session['user_email'],
session_type=login_session['type'])
else:
return redirect(url_for('login'))
def create_item(category_id):
category = session.query(Category).filter_by(id=category_id).one()
if request.method == 'POST':
item = Item(name=request.form['name'],
description=request.form['description'],
price=request.form['price'],
date_added=datetime.datetime.now(),
category_id=category.id,
user_id=login_session['user_id'])
session.add(item)
session.commit()
flash("New item successfully created")
return redirect(url_for('show_category', category_id=category_id))
if request.method == 'GET':
return render_template('new_item.html', category=category)
def newItem(category_id):
""" create new item """
catquery = SESSION.query(Category).get(category_id)
if request.method == 'POST':
req = request.form
itemNew = Item(name=req['name'],
description=req['description'],
user_id=login_session['user_id'],
category_id=category_id)
SESSION.add(itemNew)
SESSION.commit()
flash("New Record Added !!!!!")
return redirect(url_for('showItems', category_id=category_id))
else:
return render_template('newitem.html', category_one=catquery)
def newItem():
'''Adds a new item to the database'''
state = setState()
if request.method == 'POST':
itemToAdd = Item(name=request.form['name'],
category=request.form['categories'],
description=request.form['description'],
user_email=login_session['email'])
session.add(itemToAdd)
session.commit()
flash('Item added')
return redirect(
url_for('categoryItems', category=itemToAdd.category, state=state))
else:
return render_template('newitem.html', state=state)
def saveItem(form, categorie_name):
slug = make_slug(form['name'])
count = 0
while session.query(Item).filter_by(slug=slug).count() > 0:
print("\n=====\n" + slug + " does exist, make it ")
slug += "-" + str(count)
count += 1
print(slug + " and check again \n=====\n")
newItem = Item(name=form['name'],
slug=slug,
description=form['description'],
categorie_id=getCategorieIdFromName(categorie_name),
user_id=getUserIdByName(login_session.get('username')))
session.add(newItem)
session.commit()
def createItem():
if 'credentials' in flask.session:
try:
item = Item(name=request.form['name'],
description=request.form['description'],
category_id=request.form['category'],
user_id=login_session['user_id'])
session.add(item)
session.commit()
flash('Item Created')
except exc.DatabaseError:
flash('Create failed')
return redirect(url_for('routeCatalog'))
def newItem(category_id):
if 'username' not in login_session:
return redirect('/login')
category = session.query(Category).filter_by(id=category_id).one()
if request.method == 'POST':
newItem = Item(name=request.form['name'],
description=request.form['description'],
price=request.form['price'],
category_id=category_id,
user_id=category.user_id)
session.add(newItem)
session.commit()
flash('%s Item Created' % (newItem.name))
return redirect(url_for('showItem', category_id=category_id))
else:
return render_template('newitem.html', category_id=category_id)
def addNEw():
newData = session.query(Category).filter_by(name=Category.name)).one()
if request.method == 'POST':
nameofItem = request.form['name']
descriptionOfItem = request.form['description']
categoryOfItem = session.query(Category).filter_by(name=request.form['category']).one()
imageOfItem = request.form['image']
if nameOfItem != '':
print "item name %s" % nameOfItem
addingItem = Item(name=nameOfItem, description=descriptionOfItem, image=imageOfItem, category=categoryOfItem,
user_id=categoryOfItem.user_id)
session.add(addingItem)
session.commit()
return redirect(url_for('categories_view', user_id=categoryOfItem.user_id ))
else:
return render_template('addNew.html', newData=newData)
def newCatItem(cat_name):
if 'username' not in login_session:
return redirect('/catalog/login')
cat = session.query(Category).filter(Category.name.ilike(cat_name)).one()
if request.method == "POST":
newItem = Item(name=request.form['name'], user_id=login_session
['user_id'], dateadded=datetime.date.today(),
desc=request.form['desc'], cat_id=cat.id)
session.add(newItem)
session.commit()
# Update latest item added to category
categoryList()
flash("A new catalog item (%s) has been created in the %s category" %
(newItem.name, cat_name))
return redirect(url_for('catItemList', cat_name=cat.name))
else:
return render_template("newcatitem.html", cat=cat, cat_id=cat.id)
def newCategoryItem(category_id):
if 'username' not in login_session:
return redirect('/login')
if request.method == 'POST':
newItem = Item(
name=request.form['name'],
price=request.form['price'],
description=request.form['description'],
category_id=category_id,
user_id=login_session['user_id'])
session.add(newItem)
session.commit()
return redirect('/category/' + str(category_id))
else:
return render_template('newitem.html',
is_user=isUser(login_session))
def newItem(category_id):
if 'username' not in login_session:
return redirect('/login')
if request.method == 'GET':
return render_template('new_item.html')
elif request.method == 'POST':
novo_item = Item(name=request.form['name'],
active=request.form['active'],
dy=request.form['dy'],
price=request.form['price'],
description=request.form['description'],
category_id=category_id,
user_id=login_session['user_id'])
session.add(novo_item)
flash('New Active %s Successfully Created' % novo_item.name)
session.commit()
return redirect(url_for('showItem', category_id=category_id))
def add_item():
if request.method == 'POST':
user = getUserInfo(login_session['user_id'])
category_name = request.form['genre']
category = session.query(Category).filter_by(
name=str(category_name)).one()
newItem = Item(title=request.form['title'],
description=request.form['description'],
category=category,
user_id=login_session['user_id'],
user=user)
session.add(newItem)
session.commit()
flash("New item created!")
return redirect(url_for('users.display_all'))
else:
return render_template('add_item.html')