Exemplo n.º 1
0
def remove_item(item_id):
    """
    Remove item from data base

    :param item_id:
    :return string: JSON
    """
    item = get_item_by_id(item_id) or None

    # check the item exist
    if not item:
        return jsonify({'error': 'This record don\'t exist'})

    # check the user is the owner
    if int(item.author) != int(g.user.id):
        return jsonify(
            {'error': 'You don\'t have permission to delete this record'})

    images = get_images_by_item_id(item_id)

    # remove images files
    for image in images:
        path = ''.join([BASE_DIR, image.url])

        if os.path.isfile(path):
            os.unlink(path)

    # remove item and images from database
    delete_item(item_id)
    remove_images_by_item_id(item_id)
    return jsonify({'message': 'Record was deleted'})
Exemplo n.º 2
0
def edit_item_handler(catalog_id, item_id):
    """Edits an item in a catalog
    Parameters:
    - catalog_id: integer id of catalog to which item belongs
    - item_id: integer id of item to edit
    
    Returns:
    - HTTP response
    """
    user = models.get_current_user()
    catalog_id = int(catalog_id)
    catalog_entity = models.Catalog.get_by_id(catalog_id)
    item_id = int(item_id)
    item_entity = models.get_item_by_id(catalog_id, item_id)

    # Check parameters
    if not catalog_entity:
        raise BadRequest('Could not find catalog with id %d' % catalog_id)
    if not (item_entity):
        raise BadRequest('Could not find item with id %d!' % item_id)
    if not catalog_entity.user_can_edit(user):
        raise Unauthorized

    if flask.request.method == 'GET':
        # Render edit item form
        categories = models.get_categories(catalog_id)
        return flask.render_template('edititem.html',
                                     user=user,
                                     catalog=catalog_entity,
                                     categories=categories,
                                     category_id=item_entity.category.id(),
                                     item=item_entity)

    elif flask.request.method == 'POST':
        # Handle item edit from form
        picture_obj = flask.request.files.get('picture')
        picture_url = uploadfile.save_file(picture_obj)

        try:
            price = float(flask.request.form.get('price'))
        except:
            price = 0.00

        # Update entity
        item_entity.name = flask.request.form.get('name')
        item_entity.description = flask.request.form.get('description')
        item_entity.price = price
        item_entity.picture = picture_url

        # Allow possibility of item without category
        category_id = flask.request.form.get('category_id')
        if category_id:
            category_id = int(category_id)
        category_entity = models.get_category_by_id(catalog_id, category_id)
        if category_entity:
            item_entity.category = category_entity.key

        item_entity.put()
        models.wait_for(item_entity)
        return flask.redirect('/catalog/%d' % catalog_entity.key.id())
Exemplo n.º 3
0
def item_page(item_id):
    """
    Return item
    :param item_id:
    :return string: JSON
    """
    item = get_item_by_id(item_id)
    return jsonify(item.serialize), 200
Exemplo n.º 4
0
def get_user_item(car_id):
    """
    Return items by user id

    :return string: JSON
    """
    car = get_item_by_id(car_id)
    return jsonify(car.serialize), 200
Exemplo n.º 5
0
def show_car(item_id):
    """
    Show car page
    :param item_id: int
    :return:
    """
    car = get_item_by_id(item_id)
    return render('catalog/car.html', brands=brands, car=car.serialize)
Exemplo n.º 6
0
def edit_item(item_id):
    """
    Edit item by id

    :param item_id:
    :return string: JSON
    """

    # get item data
    _item = dict()
    _item['title'] = clean(request.json.get('title'))
    _item['model'] = clean(request.json.get('model'))
    _item['description'] = clean(request.json.get('description'))
    _item['brand'] = request.json.get('brand')
    _item['price'] = request.json.get('price')
    _item['author'] = int(g.user.id)

    # get item
    item = get_item_by_id(item_id) or None

    # check item exist
    if not item:
        return jsonify({'error': 'This record don\'t exist'})

    # check the user is the owner
    if int(item.author) != _item['author']:
        return jsonify(
            {'error': 'You don\'t have permission to edit the record'})

    # Check data
    if len(_item['title']) < 5:
        return jsonify({'error': 'too short title, minimum 5 characters'}), 206
    if len(_item['model']) < 2:
        return jsonify({'error': 'too short model, minimum 2 characters'}), 206
    if len(_item['description']) < 5:
        return jsonify({'error': 'too short description, min 5 symbols'}), 206

    # convert data to integer
    try:
        _item['brand'] = int(_item['brand']['id'])
    except TypeError:
        return jsonify({'error': 'invalid brand type'}), 206
    try:
        _item['price'] = int(_item['price'])
    except TabError:
        return jsonify({'error': 'invalid price type'}), 206

    # update item and send response
    item = update_item(_item, item_id)
    return jsonify(item.serialize), 200
Exemplo n.º 7
0
def edit_car(item_id):
    """
    Edit item

    :param item_id:
    :return mix:
    """

    # get user
    user = get_user_by_id(session['uid'])

    # Get car
    car = get_item_by_id(item_id)

    # Check the user is the owner
    if int(session['uid']) != int(car.author):
        flash('You don\'t have permission to edit it.', 'error')
        return redirect('/profile', 302)

    # Get token
    token = user.generate_auth_token(3600)

    if request.method == 'POST' and request.form['csrf_token'] == csrf_token:
        _car = dict()

        # cleaning data
        try:
            _car['description'] = clean(request.form['description'])
            _car['title'] = clean(request.form['title'])
            _car['model'] = clean(request.form['model'])
            _car['price'] = clean(request.form['price'])
            _car['brand'] = clean(request.form['brand'])
            _car['author'] = session['uid']
        except TypeError:
            flash('fields can\'t be empty', 'error')
            return render('catalog/new_car.html',
                          brands=brands,
                          csrf=csrf_token)

        # update car, create success message and redirect user
        item = update_item(_car, item_id)
        flash('Record "%s" was successfully updated' % item.title, 'success')
        return redirect('/profile', 302)

    return render('catalog/edit_car.html',
                  brands=brands,
                  car=car.serialize,
                  token=token,
                  user=user.serialize,
                  csrf_token=csrf_token)
Exemplo n.º 8
0
def delete_car(item_id):
    """
    Remove car and all images

    :param item_id:
    :return:
    """

    # Get car
    car = get_item_by_id(item_id)

    # check if the user is the owner
    if int(car.author) != int(session['uid']):
        # crate a error message and redirect user
        flash('You don\'t have permission to remove this object', 'error')
        return redirect('/profile', 302)

    if request.method == 'POST':

        # get images
        images = get_images_by_item_id(item_id)

        # get title
        title = car.title

        # remove images files
        for image in images:
            # get absolute path to image
            path = ''.join([BASE_DIR, image.url])
            # if file exist remove the image file
            if os.path.isfile(path):
                os.unlink(path)

        # remove images from from database
        remove_images_by_item_id(item_id)

        # remove data of car from database
        delete_item(item_id)

        # crate a success message and redirect user
        flash('Car: "%s" was removed' % title, 'success')
        return redirect('/profile', 302)

    return render('catalog/delete_car.html',
                  brands=brands,
                  car=car.serialize,
                  csrf_token=csrf_token)
Exemplo n.º 9
0
def delete_item_handler(catalog_id, item_id):
    """Deletes an item in a catalog
    Parameters:
    - catalog_id: integer id of catalog to which item belongs
    - item_id: integer id of item to delete
    
    Returns:
    - HTTP response redirecting to catalog page
    """
    catalog_id = int(catalog_id)
    catalog_entity = models.get_catalog_by_id(catalog_id)
    item_id = int(item_id)
    item_entity = models.get_item_by_id(catalog_id, item_id)

    # Check parameters
    if not catalog_entity:
        raise BadRequest('Could not find catalog with id %d' % catalog_id)
    if not (item_entity):
        raise BadRequest('Could not find item with id %d!' % item_id)
    if not catalog_entity.user_can_edit(models.get_current_user()):
        raise Unauthorized

    models.delete_item(catalog_id, item_id)
    return flask.redirect('/catalog/%d' % catalog_entity.key.id())