def new_item(category_id): form = ItemForm(request.form) if request.method == 'POST' and form.validate(): new = Items(name=request.form['name'], description=request.form['description'], category_id=category_id, user_id=login_session['user_id']) db_session.add(new) db_session.commit() flash('New item {} successfully created!'.format(new.name)) return redirect(url_for('category_owner.show_categories', category_id=category_id)) return render_template('newitem.html', category_id=category_id, form=form)
def save_wishlist_item(id_user, wishlist_name): token = request.headers.get('auth-token') data = MultiDict(mapping=request.json) inputs = ItemForm(data, csrf_enabled=False) if not inputs.validate(): return jsonify({'error': 'invalid inputs'}) wishlist = db.session.query(Wishlist).filter(id_user=id_user, name=wishlist_name).first() name = data['name'] description = data['description'] collection = Item(name, description=description) wishlist.items.append(collection) db.session.add(collection) db.session.commit() return jsonify(item.__repr__()) return jsonify(item.__repr__())
def edit_item(category_id, item_id): edit = db_session.query(Items).filter_by(id=item_id).one() category = db_session.query(Categories).filter_by(id=category_id).one() form = ItemForm(request.form) if edit.user_id != login_session['user_id']: flash('Unauthorized to edit this item') return redirect(url_for('category_owner.showCategory', category_id=category_id)) if request.method == 'POST' and form.validate(): if request.form['name']: edit.name = request.form['name'] if request.form['description']: edit.description = request.form['description'] db_session.add(edit) db_session.commit() flash('Item {} edited successfully!'.format(edit.name)) return redirect(url_for('item_owner.show_item', category_id=category_id, item_id=item_id)) else: return render_template('/edititem.html', category=category, item=edit, form=form)