def showHome():
"""This will show all categories with the latest items"""
categories = session.query(Category).all()
items = session.query(Item).order_by(desc(Item.id)).limit(9)
return render_template('home.html',
categories=categories,
items=items,
login_session=login_session)
def editItem(item_id):
categories = session.query(Category).all()
item = session.query(Item).filter_by(id=item_id).one_or_none()
if item is None:
flash("Item does not exist")
return redirect(url_for('site.showHome'))
# Checks if the current user is not the owner of the item
if login_session['user_id'] != item.user_id:
flash("You're not authorized to edit this item")
return redirect(url_for('site.showHome'))
# This loads the ItemForm into a local variable
form = ItemForm(request.form)
if request.method == 'GET':
# This will render a form to edit an item
form.name.data = item.name
form.description.data = item.description
return render_template('edititem.html',
categories=categories,
item=item,
form=form)
if request.method == 'POST':
# This checks whether the form passes validation
if form.validate():
# This will commit the item edit to the database
item.category = item.category
if request.form['name']:
item.name = request.form['name']
if request.form['description']:
item.description = request.form['description']
if request.form['category']:
item.category = session.query(Category).filter_by(
name=request.form['category']).one_or_none()
if item.category is None:
flash("Get out of dev tools, hacker!")
return redirect(url_for('site.showHome'))
session.add(item)
session.commit()
return redirect(
url_for('site.showItem',
category_name=item.category.name,
item_id=item.id))
else:
# This will run if the form fails validation
return render_template('edititem.html',
categories=categories,
item=item,
form=form)
def catalogAPI():
"""Returns a catalog data object"""
output = []
categories = session.query(Category).all()
for category in categories:
items = session.query(Item).filter_by(category_id=category.id)
category_output = {}
category_output["id"] = category.id
category_output["name"] = category.name
category_output["Item"] = [i.serialize for i in items]
output.append(category_output)
return formatData(output, "Category")
def showItem(category_name, item_id):
"""This will show an item"""
category = session.query(Category).filter_by(
name=category_name).one_or_none()
if category is None:
flash("Category does not exist")
return redirect(url_for('site.showHome'))
item = session.query(Item).filter_by(id=item_id,
category=category).one_or_none()
if item is None:
flash("Item does not exist")
return redirect(url_for('site.showHome'))
return render_template('item.html', category=category, item=item)
def showCategory(category_name):
"""This will show all items in a category"""
categories = session.query(Category).all()
category = session.query(Category).filter_by(
name=category_name).one_or_none()
if category is None:
flash("Category does not exist")
return redirect(url_for('site.showHome'))
items = session.query(Item).filter_by(category=category).all()
return render_template('category.html',
categories=categories,
category=category,
items=items)
def itemAPI(category_name, item_id):
"""Returns an item data object"""
output = []
# Check to see if the item exists
try:
category = session.query(Category).filter_by(name=category_name).one()
item = session.query(Item).filter_by(id=item_id,
category=category).one()
output = [item.serialize]
return formatData(output, "Item")
except:
return formatData(output, "Item")
def createUser(login_session):
newUser = User(name=login_session['username'],
email=login_session['email'])
session.add(newUser)
session.commit()
user = session.query(User).filter_by(email=login_session['email']).one()
return user.id
def categoryAPI(category_name):
"""Returns a category and its items as data objects"""
output = []
# Check to see if category and category items exist
try:
category = session.query(Category).filter_by(name=category_name).one()
items = session.query(Item).filter_by(category_id=category.id)
category_output = {}
category_output["id"] = category.id
category_output["name"] = category.name
category_output["Item"] = [item.serialize for item in items]
output.append(category_output)
return formatData(output, "Category")
except:
return formatData(output, "Category")
def newItem():
categories = session.query(Category).all()
# This loads the ItemForm into a local variable
form = ItemForm(request.form)
if request.method == 'GET':
# This will render a form to add a new item
return render_template('newitem.html',
categories=categories,
form=form)
if request.method == 'POST':
# This checks whether the form passes validation
if form.validate():
# This will add a new item to the database
category = session.query(Category).filter_by(
name=request.form['category']).one_or_none()
if category is None:
flash("Get out of dev tools, hacker!")
return redirect(url_for('site.showHome'))
item = Item(name=request.form['name'],
description=request.form['description'],
category=category,
user_id=login_session['user_id'])
session.add(item)
session.commit()
return redirect(
url_for('site.showItem',
category_name=item.category.name,
item_id=item.id))
else:
# This will run if the form fails validation
return render_template('newitem.html',
categories=categories,
form=form)
def deleteItem(item_id):
item = session.query(Item).filter_by(id=item_id).one_or_none()
if item is None:
flash("Item does not exist")
return redirect(url_for('site.showHome'))
# Checks if the current user is not the owner of the item
if login_session['user_id'] != item.user_id:
flash("You're not authorized to delete this item")
return redirect(url_for('site.showHome'))
if request.method == 'GET':
# This will render a form to delete an item
return render_template('deleteitem.html', item=item)
if request.method == 'POST':
# This will delete an item from the database
session.delete(item)
session.commit()
return redirect(url_for('site.showHome'))
def getUserID(email):
try:
user = session.query(User).filter_by(email=email).one()
return user.id
except:
return None
def getUserInfo(user_id):
user = session.query(User).filter_by(id=user.id).one()
return user
