def delete_item(category_name, item_name):
"""Dialog for deleteing an item from the catalog."""
# If the item is not in the category or the category does not exist
# Return 404.
exists, category, item = gen_actions.check_cat_item_exists(
category_name, item_name)
if not exists:
return gen_actions.return_404()
# Redirect if not logged in
if not auth_manager.is_auth():
flash('You must login to access this page.', category="primary")
return redirect(url_for('login_register'))
# Redirect and flash if user is not authorized to alter this item
if not auth_manager.auth_item(item):
flash('You are not authorized to delete this item.', category="alert")
return redirect(
url_for('item_page',
category_name=category_name,
item_name=item_name))
# Handle POST request for delete_item
if request.method == 'POST':
# Check CSRF token
auth_manager.check_csrf_token(request)
# Handle deletion
# TODO(Handle item image deletion)
if request.form['delete'] == 'Delete Item':
if db_actions.delete_item(item_name):
flash('Item deleted from catalog.', category="success")
return redirect(
url_for('category_page', category_name=category_name))
else:
flash('Item deletion failed.', category="alert")
return redirect(
url_for('item_page',
category_name=category_name,
item_name=item_name))
# Handle canceled deletion
if request.form['delete'] == 'Cancel':
flash('Item deletion canceled.', category="primary")
return redirect(
url_for('item_page',
category_name=category_name,
item_name=item_name))
# Handle GET request
else:
categories = db_actions.all_category_infomation()
pagename = ("Delete Item: " + item.name)
return render_template('delete_item.html',
categories=categories,
category=category,
category_info=category,
page_item=item,
pagename=pagename,
logged_in=auth_manager.is_auth(),
item_auth=auth_manager.auth_item(item),
cat_auth=auth_manager.auth_category(category))
def edit_category(category_name):
"""Dialog for adding a new item to the catalog."""
# Check if category exists otherwise return 404
exists, category_info = gen_actions.check_category_exists(category_name)
if not exists:
return gen_actions.return_404()
# Redirect if not logged in
if not auth_manager.is_auth():
flash('You must login to access this page.', category="primary")
return redirect(url_for('login_register'))
if not auth_manager.auth_category(category_info):
flash('You are not authorized to edit this category.',
category="alert")
return redirect(url_for('category_page', category_name=category_name))
# Handle POST for edit_category
if request.method == 'POST':
# Check CSRF token
auth_manager.check_csrf_token(request)
cat_name = request.form['name']
# Check if the proposed category exists
check = gen_actions.check_category_exists(cat_name)
exists, cat = check
if exists and category_name != cat_name:
# This category already exists
flash('Failed to edit category. ' +
'The proposed category name already exists. ' +
'Try a different name.',
category='alert')
return redirect(
url_for('edit_category', category_name=category_name))
# Proposed category does not exist, proceed.
new = db_actions.edit_category(category_info.name, cat_name)
if new:
flash('Category entry edited.', category="success")
return redirect(url_for('category_page', category_name=cat_name))
else:
# Failure reason unknown
flash('Failed to edit category.', category='alert')
return redirect(
url_for('edit_category', category_name=category_name))
# Handle GET request
else:
cat = category_info
categories = db_actions.all_category_infomation()
pagename = ("Update Category: " + category_info.name)
return render_template('edit_category.html',
pagename=pagename,
categories=categories,
category=category_info,
logged_in=auth_manager.is_auth(),
cat_auth=auth_manager.auth_category(cat))
def delete_category(category_name):
"""Dialog for deleteing a category from the catalog."""
# Check if category exists otherwise return 404
exists, category_info = gen_actions.check_category_exists(category_name)
if not exists:
return gen_actions.return_404()
# Redirect if not logged in
if not auth_manager.is_auth():
flash('You must login to access this page.', category="primary")
return redirect(url_for('login_register'))
# Get user id
user_id = auth_manager.get_session_user_id()
# Is the user authorized?
if user_id != category_info.user_id:
flash('You are not authorized to delete this category.',
category="alert")
return redirect(url_for('category_page', category_name=category_name))
# Handle POST request
if request.method == 'POST':
# Check CSRF token
auth_manager.check_csrf_token(request)
# Handle deletion
if request.form['delete'] == 'Delete Category and Items':
if db_actions.delete_category(category_name):
flash('Category deleted from catalog.', category="success")
return redirect(url_for('index_page'))
else:
flash('Category deletion failed.', category="alert")
return redirect(
url_for('category_page', category_name=category_name))
# Handle canceled deletion
if request.form['delete'] == 'Cancel':
flash('Category deletion canceled.', category="primary")
return redirect(
url_for('category_page', category_name=category_name))
# Handle GET request
else:
cat = category_info
categories = db_actions.all_category_infomation()
pagename = ("Delete Category: " + category_name)
return render_template('delete_category.html',
categories=categories,
category=category_info,
pagename=pagename,
logged_in=auth_manager.is_auth(),
cat_auth=auth_manager.auth_category(cat))
def new_category():
"""Dialog for adding a new category to the catalog."""
# Redirect if not logged in
# Check if user is logged in
if not auth_manager.is_auth():
flash('You must login to access this page.', category="primary")
return redirect(url_for('login_register'))
# Get user id
user_id = auth_manager.get_session_user_id()
# Handle POST for new_category
if request.method == 'POST':
# Check CSRF token
auth_manager.check_csrf_token(request)
cat_name = request.form['name']
# Check if the proposed category exists
check = gen_actions.check_category_exists(cat_name)
exists, cat = check
if exists:
# This category already exists
flash('Failed to create new category. ' +
'This category name already exists. ' +
'Try a different name.',
category='alert')
return redirect(url_for('new_category'))
# Proposed category does not exist, proceed.
new = db_actions.create_new_category(cat_name, user_id)
# Did we successfully create the new category?
if new:
flash('Category added to catalog.', category="success")
return redirect(url_for('category_page', category_name=cat_name))
else:
# Failure reason is unknown
flash('Failed to create new category.', category='alert')
return redirect(url_for('new_category'))
# Handle GET method
else:
categories = db_actions.all_category_infomation()
pagename = "Create A New Category"
return render_template('new_category.html',
categories=categories,
pagename=pagename,
logged_in=auth_manager.is_auth())
def setup_page():
"""View for initial catalog setup."""
if db_actions.is_setup() is False:
# Make sure the one user is logged in
if not auth_manager.is_auth():
flash('You must login to access this page.', category="primary")
return redirect(url_for('login_register'))
user_id = auth_manager.get_session_user_id()
# Handle POST request
if request.method == 'POST':
# Check CSRF token
auth_manager.check_csrf_token(request)
# Handle sample data
if request.form['setup'] == 'Load Sample Data':
# Make sure this user becomes admin
db_actions.user_to_admin(user_id)
# Load sample data
db_actions.sample_data(user_id)
# Disable setup page
db_actions.disable_setup()
flash('Setup and sample data install complete.',
category="primary")
return redirect(url_for('index_page'))
# Handle skip sample data
if request.form['setup'] == 'Skip Sample Data':
# Make sure this user becomes admin
db_actions.user_to_admin(user_id)
# Disable setup page
db_actions.disable_setup()
flash('Setup complete.', category="primary")
return redirect(url_for('index_page'))
# Handle GET request
else:
categories = db_actions.all_category_infomation()
pagename = "Item Catalog Setup"
return render_template('setup.html',
categories=categories,
pagename=pagename,
logged_in=auth_manager.is_auth())
else:
return gen_actions.return_404()
def logout():
"""Dialog for logging out."""
# Redirect if not logged in
if not auth_manager.is_auth():
flash('You are not logged in.', category="primary")
return redirect(url_for('login_register'))
pagename = "Logout"
state = auth_manager.set_login_state()
categories = db_actions.all_category_infomation()
if request.method == 'POST':
# Check CSRF token
auth_manager.check_csrf_token(request)
# TODO(Handle item image deletion)
if request.form['logout'] == 'Logout':
result = auth_manager.logout_action()
flash(result, category="primary")
return redirect(url_for('index_page'))
return render_template('logout.html',
categories=categories,
pagename=pagename,
state=urllib.quote(state.encode("utf-8")),
logged_in=auth_manager.is_auth())
def edit_item(category_name, item_name):
"""Dialog for editing an item in the catalog."""
# If the item is not in the category or the category does not exist
# Return 404.
exists, category, item = gen_actions.check_cat_item_exists(
category_name, item_name)
if not exists:
return gen_actions.return_404()
# Redirect if not logged in
if not auth_manager.is_auth():
flash('You must login to access this page.', category="primary")
return redirect(url_for('login_register'))
# Is the user authorized?
if not auth_manager.auth_item(item):
flash('You are not authorized to edit this item.', category="alert")
return redirect(
url_for('item_page',
category_name=category_name,
item_name=item_name))
# Handle POST request for edit_item
if request.method == 'POST':
# Check CSRF token
auth_manager.check_csrf_token(request)
new_item_name = request.form['name']
item_description = request.form['description']
item_price = request.form['price']
new_category_name = request.form['category']
# Check if the proposed item name already exists
check = gen_actions.check_item_exists(new_item_name)
exists, new_item = check
if exists and new_item_name != item_name:
# Flash message on failure
flash('Failed to edit item. Another item with the same name ' +
'already exists. Please try another name.',
category='alert')
return redirect(
url_for('edit_item',
category_name=category_name,
item_name=item_name))
# Proposed item name does not exist, proceed
cat = db_actions.category_by_name(new_category_name)
cat_id = cat.id
# Handle photo upload
if 'product-photo' in request.files:
item_image = gen_actions.upload_photo(request)
new = db_actions.edit_item(item_name, new_item_name, item_description,
item_price, cat_id, item_image)
if new is True:
flash('Item entry updated.', category="success")
return redirect(
url_for('item_page',
category_name=category_name,
item_name=new_item_name))
else:
# Unknown failure reason
# Flash message on failure
flash('Failed to edit item.', category='alert')
return redirect(
url_for('edit_item',
category_name=category_name,
item_name=item_name))
# Handle GET request
else:
categories = db_actions.all_category_infomation()
pagename = ("Update Item: " + item.name)
return render_template('edit_item.html',
categories=categories,
category=category,
category_info=category,
item=item,
pagename=pagename,
logged_in=auth_manager.is_auth(),
item_auth=auth_manager.auth_item(item),
cat_auth=auth_manager.auth_category(category))
def new_item():
"""Dialog for adding a new item to a given <category_name>."""
# Redirect if not logged in
if not auth_manager.is_auth():
flash('You must login to access this page.', category="primary")
return redirect(url_for('login_register'))
# Get user id
user_id = auth_manager.get_session_user_id()
# Manage post request for new_item
if request.method == 'POST':
# Check CSRF token
auth_manager.check_csrf_token(request)
item_name = request.form['name']
item_description = request.form['description']
item_price = request.form['price']
category_name = request.form['category']
user_id = auth_manager.get_session_user_id()
# Check if the proposed item name already exists
check = gen_actions.check_item_exists(item_name)
exists, new_item = check
if exists:
# Flash message on failure
flash('Failed to create item. Another item with the same name ' +
'already exists. Please try another name.',
category='alert')
return redirect(url_for('new_item'))
# Proposed item does not exist, proceed.
cat = db_actions.category_by_name(category_name)
cat_id = cat.id
# Check if user owns this category
if user_id != cat.user_id:
flash('You are not authorized add items to this category.',
category="alert")
return redirect(
url_for('category_page', category_name=category_name))
# Handle photo upload
if 'product-photo' in request.files:
item_image = gen_actions.upload_photo(request)
new = db_actions.create_new_item(item_name,
item_description,
item_price,
cat_id,
user_id=user_id,
item_image=item_image)
if new:
flash('New item added to catalog.', category="success")
return redirect(
url_for('item_page',
category_name=category_name,
item_name=item_name))
else:
# Unknown failure reason
# Flash message on failure
flash('Failed to create new item.', category='alert')
return redirect(url_for('new_item'))
# Handle GET request
else:
categories = db_actions.all_category_infomation()
pagename = "Create A New Item"
# If there are no categories?
if len(categories) == 0:
# Flash message on failure
flash('There are no categories, please create a category first.',
category='primary')
return redirect(url_for('new_category'))
return render_template('new_item.html',
categories=categories,
pagename=pagename,
logged_in=auth_manager.is_auth())