def admin_add_product_category():
form = AddCategoryForm()
# GET
if request.method == "GET":
try:
data = categories_data_provider.get_add_data(form=form)
return render_template("admin/products/add_category.html",
data=data)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
try:
if not form.validate_on_submit():
data = categories_data_provider.get_add_data(form=form)
return render_template("admin/products/add_category.html",
data=data)
category = Category(name=form.category.data)
db_manager.add(category)
db_manager.commit()
flash(
"Categoria \"%s\" foi adicionada com sucesso." %
form.category.data, "success")
return redirect(url_for("admin_add_product_category"))
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def admin_update_stock(product_id):
update_stock_form = StockOperationForm()
try:
product = db_manager.get_product(product_id=product_id)
if not product:
return "", 404
if not update_stock_form.validate_on_submit():
return "", 422
product.stock = int(update_stock_form.amount.data)
db_manager.add(product)
db_manager.commit()
response = {
"new_stock": product.stock,
}
return json.dumps(response), 200
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
return "", 500
def admin_edit_product_subcategory(subcategory_id):
form = EditSubcategoryForm()
# Getting optional parameters
url_args = request.args.get('url_args')
# Setting default value to optional parameters
# Converting optional parameters from string type to its corresponded python type
if not url_args:
url_args = {}
else:
url_args = ast.literal_eval(url_args)
# GET
if request.method == "GET":
try:
subcategory = db_manager.get_subcategory(subcategory_id)
if not subcategory:
raise InvalidUrlArgError()
form.add_category_choices()
data = subcategories_data_provider.get_edit_data(
form, subcategory_id=subcategory_id, url_args=url_args)
return render_template("admin/products/edit_subcategory.html",
data=data)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
try:
subcategory = db_manager.get_subcategory(subcategory_id)
if not subcategory:
raise InvalidUrlArgError()
form.add_category_choices()
if not form.validate_on_submit():
data = subcategories_data_provider.get_edit_data(
form, subcategory_id=subcategory_id, url_args=url_args)
return render_template("admin/products/edit_subcategory.html",
data=data)
subcategory.name = form.subcategory.data
subcategory.category_id = form.category_id.data
db_manager.add(subcategory)
db_manager.commit()
flash("Subcategoria #%s foi editada com sucesso." % subcategory_id,
"success")
return redirect(url_for("admin_product_subcategories", **url_args))
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def login():
form = LoginForm()
# GET
if request.method == "GET":
try:
data = login_data_provider.get_data(form=form)
return render_template('customer/user_management/login.html',
data=data)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
try:
if not form.validate_on_submit():
data = login_data_provider.get_data(form=form)
return render_template('customer/user_management/login.html',
data=data)
user = db_manager.get_user(form.email.data)
user.authenticated = True
db_manager.add(user)
db_manager.commit()
login_user(user)
if user.email == app.config["ADMIN_MAIL"]:
return redirect(url_for('admin_dashboard'))
else:
return redirect(url_for('my_account'))
except DatabaseAccessError:
db_manager.rollback()
flash(DatabaseAccessError.msg, "danger")
data = login_data_provider.get_data(form=form)
return render_template('customer/user_management/login.html',
data=data)
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def admin_activate_product(product_id):
reactivate_form = SimpleSubmitForm()
try:
if not reactivate_form.validate_on_submit():
raise InsecurePostException()
product = db_manager.get_product(product_id=product_id)
if not product:
raise InvalidUrlArgError("Product not found")
product.active = True
db_manager.add(product)
db_manager.commit()
return "", 204
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def email_confirmed(token):
try:
email = ts.loads(token, salt="email-confirm-key")
user = db_manager.get_user(email=email)
if not user:
abort(404)
user.email_confirmed = True
db_manager.add(user)
db_manager.commit()
flash("Email confirmado com sucesso.", "success")
return redirect(url_for('login'))
except BadSignature:
db_manager.rollback()
log_exception(name="BadSignature")
abort(404)
except DatabaseAccessError:
db_manager.rollback()
current_url = url_for('email_confirmed', token=token)
flash(DatabaseAccessError.msg, "danger")
data = failed_to_get_data_provider.get_data(current_url=current_url)
return render_template('customer/shared/failed-to-get.html', data=data)
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def admin_activate_product_subcategory(subcategory_id):
simple_submit_form = SimpleSubmitForm()
try:
if not simple_submit_form.validate_on_submit():
raise InsecurePostException()
subcategory = db_manager.get_subcategory(subcategory_id=subcategory_id)
if not subcategory:
raise InvalidUrlArgError("Subcategory not found")
subcategory.active = True
db_manager.add(subcategory)
db_manager.commit()
return "", 204
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
return "", 500
def admin_disable_product_category(category_id):
disable_form = SimpleSubmitForm()
try:
if not disable_form.validate_on_submit():
raise InsecurePostException()
category = db_manager.get_category(category_id=category_id)
if not category:
raise InvalidUrlArgError("Category not found")
category.active = False
db_manager.add(category)
db_manager.commit()
return "", 204
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def redefine_password(token):
form = RedefinePasswordForm()
# GET
if request.method == "GET":
try:
email = ts.loads(token, salt="recover-key")
data = redefine_password_data_provider.get_data(form=form,
email=email,
token=token)
return render_template(
'customer/user_management/redefine-password.html', data=data)
except BadSignature:
log_exception(name="BadSignature")
abort(404)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
email = None
try:
email = ts.loads(token, salt="recover-key")
if not form.validate_on_submit():
data = redefine_password_data_provider.get_data(form=form,
email=email,
token=token)
return render_template(
'customer/user_management/redefine-password.html',
data=data)
user = db_manager.get_user(email)
user.password = form.password.data
db_manager.add(user)
db_manager.commit()
flash("Senha redefinida com sucesso.", "success")
return redirect(url_for('login'))
except BadSignature:
db_manager.rollback()
log_exception(name="BadSignature")
abort(404)
except DatabaseAccessError:
db_manager.rollback()
flash(DatabaseAccessError.msg, "danger")
data = redefine_password_data_provider.get_data(form=form,
email=email,
token=token)
return render_template(
'customer/user_management/redefine-password.html', data=data)
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def create_account():
form = CreateAccountForm()
# GET
if request.method == "GET":
try:
data = create_account_data_provider.get_data(form)
return render_template(
'customer/user_management/create-account.html', data=data)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
try:
if not form.validate_on_submit():
data = create_account_data_provider.get_data(form)
return render_template(
'customer/user_management/create-account.html', data=data)
user = User(email=form.email.data, password=form.password.data)
db_manager.add(user)
email_manager.send_create_account_confirmation_email(
form.email.data)
db_manager.commit()
return redirect(
url_for("sent_confirmation_email",
email=request.form["email"]))
except DatabaseAccessError:
db_manager.rollback()
flash(DatabaseAccessError.msg, "danger")
data = create_account_data_provider.get_data(form=form)
return render_template(
'customer/user_management/create-account.html', data=data)
except EmailSendingError:
db_manager.rollback()
flash(EmailSendingError.msg, "danger")
data = create_account_data_provider.get_data(form=form)
return render_template(
'customer/user_management/create-account.html', data=data)
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def resend_confirmation_email():
form = ResendConfirmationEmailForm()
# GET
if request.method == 'GET':
try:
data = resend_confirmation_email_data_provider.get_data(form)
return render_template(
'customer/user_management/resend-confirmation-email.html',
data=data)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
try:
if not form.validate_on_submit():
data = resend_confirmation_email_data_provider.get_data(
form=form)
return render_template(
'customer/user_management/resend-confirmation-email.html',
data=data)
# TODO: Wait one hour to resend for the same email
email_manager.send_create_account_confirmation_email(
form.email.data)
return redirect(
url_for("sent_confirmation_email", email=form.email.data))
except DatabaseAccessError:
db_manager.rollback()
flash(DatabaseAccessError.msg, "danger")
data = resend_confirmation_email_data_provider.get_data(form=form)
return render_template(
'customer/user_management/resend-confirmation-email.html',
data=data)
except EmailSendingError:
db_manager.rollback()
flash(EmailSendingError.msg, "danger")
data = resend_confirmation_email_data_provider.get_data(form=form)
return render_template(
'customer/user_management/resend-confirmation-email.html',
data=data)
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def recover_password():
form = RecoverPasswordForm()
# GET
if request.method == "GET":
try:
data = recover_password_data_provider.get_data(form=form)
return render_template(
'customer/user_management/recover-password.html', data=data)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
try:
if not form.validate_on_submit():
data = recover_password_data_provider.get_data(form=form)
return render_template(
'customer/user_management/recover-password.html',
data=data)
email_manager.send_redefine_password_email(form.email.data)
return redirect(
url_for("sent_recover_password_email", email=form.email.data))
except DatabaseAccessError:
db_manager.rollback()
flash(DatabaseAccessError.msg, "danger")
data = recover_password_data_provider.get_data(form=form)
return render_template(
'customer/user_management/recover-password.html', data=data)
except EmailSendingError:
db_manager.rollback()
flash(EmailSendingError.msg, "danger")
data = recover_password_data_provider.get_data(form=form)
return render_template(
'customer/user_management/recover-password.html', data=data)
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def admin_add_product():
form = AddProductForm()
# GET
if request.method == "GET":
try:
form.add_choices()
data = products_data_provider.get_add_data(form=form)
return render_template("admin/products/add_product.html",
data=data)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
try:
form.add_choices()
if not form.validate_on_submit():
data = products_data_provider.get_add_data(form=form)
return render_template("admin/products/add_product.html",
data=data)
category_id = int(form.category_subcategory.data.split('/')[0])
if category_id == 0:
category_id = None
subcategory_id = int(form.category_subcategory.data.split('/')[1])
if subcategory_id == 0:
subcategory_id = None
product = Product(
title=form.title.data,
category_id=category_id,
subcategory_id=subcategory_id,
price=Decimal(form.price.data.replace(',', '.')),
stock_quantity=int(form.stock_quantity.data),
stop_sell_stock_quantity=int(
form.stop_sell_stock_quantity.data),
summary=form.summary.data,
image_1=form.image_1.data,
image_2=form.image_2.data,
image_3=form.image_3.data,
image_4=form.image_4.data,
image_5=form.image_5.data,
image_6=form.image_6.data,
image_7=form.image_7.data,
image_8=form.image_8.data,
image_9=form.image_9.data,
image_10=form.image_10.data,
tab_1_title=form.tab_1_title.data,
tab_1_content=form.tab_1_content.data,
tab_2_title=form.tab_2_title.data,
tab_2_content=form.tab_2_content.data,
tab_3_title=form.tab_3_title.data,
tab_3_content=form.tab_3_content.data,
tab_4_title=form.tab_4_title.data,
tab_4_content=form.tab_4_content.data,
tab_5_title=form.tab_5_title.data,
tab_5_content=form.tab_5_content.data,
tab_6_title=form.tab_6_title.data,
tab_6_content=form.tab_6_content.data,
tab_7_title=form.tab_7_title.data,
tab_7_content=form.tab_7_content.data,
tab_8_title=form.tab_8_title.data,
tab_8_content=form.tab_8_content.data,
tab_9_title=form.tab_9_title.data,
tab_9_content=form.tab_9_content.data,
tab_10_title=form.tab_10_title.data,
tab_10_content=form.tab_10_content.data,
)
db_manager.add(product)
db_manager.commit()
db_manager.refresh(product)
flash(
"Produto \"%s\" foi adicionado com sucesso. Clique <a target='_blank' href=%s>aqui</a> para ver o produto."
% (form.title.data, url_for("product", product_id=product.id)),
"success")
return redirect(url_for("admin_add_product"))
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
def admin_edit_product(product_id):
form = EditProductForm()
# Getting optional parameters
url_args = request.args.get('url_args')
# Setting default value to optional parameters
# Converting optional parameters from string type to its corresponded python type
if not url_args:
url_args = {}
else:
url_args = ast.literal_eval(url_args)
# GET
if request.method == "GET":
try:
product = db_manager.get_product(product_id)
if not product:
raise InvalidUrlArgError()
form.add_choices()
data = products_data_provider.get_edit_data(form=form,
product_id=product_id,
url_args=url_args)
return render_template("admin/products/edit_product.html",
data=data)
except Exception as e:
log_unrecognized_exception(e)
abort(500)
# POST
else:
try:
product = db_manager.get_product(product_id)
if not product:
raise InvalidUrlArgError()
form.add_choices()
if not form.validate_on_submit():
data = products_data_provider.get_edit_data(
form=form, product_id=product_id, url_args=url_args)
return render_template("admin/products/edit_product.html",
data=data)
category_id = int(form.category_subcategory.data.split('/')[0])
if category_id == 0:
category_id = None
subcategory_id = int(form.category_subcategory.data.split('/')[1])
if subcategory_id == 0:
subcategory_id = None
product.title = form.title.data,
product.category_id = category_id,
product.subcategory_id = subcategory_id,
product.price = Decimal(form.price.data.replace(',', '.')),
product.stock_quantity = int(form.stock_quantity.data),
product.stop_sell_stock_quantity = int(
form.stop_sell_stock_quantity.data)
product.summary = form.summary.data,
product.image_1 = form.image_1.data,
product.image_2 = form.image_2.data,
product.image_3 = form.image_3.data,
product.image_4 = form.image_4.data,
product.image_5 = form.image_5.data,
product.image_6 = form.image_6.data,
product.image_7 = form.image_7.data,
product.image_8 = form.image_8.data,
product.image_9 = form.image_9.data,
product.image_10 = form.image_10.data,
product.tab_1_title = form.tab_1_title.data,
product.tab_1_content = form.tab_1_content.data,
product.tab_2_title = form.tab_2_title.data,
product.tab_2_content = form.tab_2_content.data,
product.tab_3_title = form.tab_3_title.data,
product.tab_3_content = form.tab_3_content.data,
product.tab_4_title = form.tab_4_title.data,
product.tab_4_content = form.tab_4_content.data,
product.tab_5_title = form.tab_5_title.data,
product.tab_5_content = form.tab_5_content.data,
product.tab_6_title = form.tab_6_title.data,
product.tab_6_content = form.tab_6_content.data,
product.tab_7_title = form.tab_7_title.data,
product.tab_7_content = form.tab_7_content.data,
product.tab_8_title = form.tab_8_title.data,
product.tab_8_content = form.tab_8_content.data,
product.tab_9_title = form.tab_9_title.data,
product.tab_9_content = form.tab_9_content.data,
product.tab_10_title = form.tab_10_title.data,
product.tab_10_content = form.tab_10_content.data,
db_manager.add(product)
db_manager.commit()
flash(
"Produto #%s \"%s\" foi editado com sucesso. Clique <a target='_blank' href=%s>aqui</a> para ver o produto."
% (product.id, product.title,
url_for("product", product_id=product.id)), "success")
return redirect(url_for("admin_products", **url_args))
except Exception as e:
db_manager.rollback()
log_unrecognized_exception(e)
abort(500)
