def editItem(name): if "user_id" not in session: return redirect("/login") item = db_session.query(Item).filter_by(name=name).one() if item is None: abort(404) if item.user_id != session["user_id"]: abort(401) form = ItemForm(obj=item) categories = db_session.query(Category.id, Category.name).all() form.category.choices = categories if form.validate_on_submit(): # form.populate_obj(item) item.name = form.name.data item.description = form.description.data item.category_id = form.category.data filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename? filename = secure_filename(form.image.data.filename) form.image.data.save(os.path.join(app.config["UPLOAD_FOLDER"], filename)) item.image = filename db_session.add(item) db_session.commit() flash("Item %s edited." % item.name) return redirect(url_for("item", name=item.name)) return render_template("editItem.html", item=item, form=form)
def store(user_id): """ Store item to database. params: user_id: foreign key that should exists in table users.id """ form = ItemForm() if not form.validate(): return ItemController.message(False, form.errors) item = Item() item.name = form.name.data.strip() item.description = form.description.data item.category_id = CategoryHash.decode(form.category_id.data) item.user_id = user_id db.session.add(item) if item.commit_changes(): return ItemController.message(True, item) else: return ItemController.message( False, 'Could not save \ the given item.')
def newItem(): if "user_id" not in session: return redirect("/login") form = ItemForm() categories = db_session.query(Category.id, Category.name).all() form.category.choices = categories if form.validate_on_submit(): filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename? filename = secure_filename(form.image.data.filename) form.image.data.save(os.path.join(app.config["UPLOAD_FOLDER"], filename)) # create new item and commit to database item = Item( name=form.name.data, description=form.description.data, category_id=form.category.data, image=filename, user_id=session["user_id"], pub_date=datetime.utcnow(), ) db_session.add(item) db_session.commit() flash("New item created.") return redirect(url_for("item", name=item.name)) return render_template("newItem.html", form=form)
def post(self, request, pk): item = get_object_or_404(Book, pk=pk) form = ItemForm(request.POST, request.FILES, instance=item) if form.is_valid(): saved_item = form.save() return redirect('item_detail', pk=saved_item.pk) else: return render(request, 'catalog/edit_item.html', {'form': form})
def post(self, request): form = ItemForm(request.POST, request.FILES) if form.is_valid(): saved_item = form.save(commit=False) saved_item.user = request.user saved_item.save() # Redirects to the item details return redirect('item_detail', pk=saved_item.pk) else: return render(request, 'catalog/edit_item.html', {'form': form})
def newItem(): """ Create a new item """ # user must be authenticated if 'user_id' not in session: return redirect('/login') form = ItemForm() categories = db_session.query(Category.id, Category.name).all() form.category_id.choices = categories if form.validate_on_submit(): # check that name != 'new', which is used for routing if form.name.data.lower() == 'new': form.name.errors.append("'new' is a reserved word, and cannot" " be used as an item name.") return render_template('new_item.html', form=form) filename = None # check if user uploaded file and sanitize filename if form.image.has_file(): # get the filename, ensuring that it is safe filename = secure_filename(form.image.data.filename) form.image.data.save( os.path.join(app.config['UPLOAD_FOLDER'], filename)) # create new item and commit to database item = Item( name=form.name.data, description=form.description.data, category_id=form.category_id.data, image=filename, user_id=session['user_id'], pub_date=datetime.utcnow() ) db_session.add(item) try: db_session.commit() except exc.IntegrityError: # item name should be unique db_session.rollback() form.name.errors.append("Item already exists.") return render_template('new_item.html', form=form) flash("Created new item %s." % item.name) return redirect(url_for('item', name=item.name)) return render_template('new_item.html', form=form)
def editItem(name): """ Edit an item """ # user must be authenticated if 'user_id' not in session: return redirect('/login') item = db_session.query(Item).filter_by(name=name).first() if item is None: abort(404) if item.user_id != session['user_id']: abort(401) form = ItemForm(obj=item) categories = db_session.query(Category.id, Category.name).all() form.category_id.choices = categories if form.validate_on_submit(): filename = item.image # check if user uploaded file and sanitize filename if form.image.has_file(): # gets the filename, ensuring that it is safe filename = secure_filename(form.image.data.filename) form.image.data.save( os.path.join(app.config['UPLOAD_FOLDER'], filename)) form.populate_obj(item) item.image = filename db_session.add(item) try: db_session.commit() except exc.IntegrityError: # item name should be unique db_session.rollback() form.name.errors.append("Item already exists.") return render_template('edit_item.html', item=item, form=form) flash("Item %s edited." % item.name) return redirect(url_for('item', name=item.name)) return render_template('edit_item.html', item=item, form=form)
def update(item): """ Update item details. """ form = ItemForm(id=item.id) if not form.validate(): return ItemController.message(False, form.errors) item.name = form.name.data.strip() item.description = form.description.data item.category_id = CategoryHash.decode(form.category_id.data) db.session.add(item) if item.commit_changes(): return ItemController.message(True, item) else: return ItemController.message( False, 'Could not save \ the given item.')
def deleteItem(name): """ Delete an item """ # user must be authenticated if 'user_id' not in session: return redirect('/login') item = db_session.query(Item).filter_by(name=name).first() if item is None: abort(404) if item.user_id != session['user_id']: abort(401) if request.method == 'POST': db_session.delete(item) db_session.commit() flash('%s Successfully Deleted' % item.name) return redirect(url_for('catalog')) else: form = ItemForm() return render_template('delete_item.html', item=item, form=form)
def get(self, request): form = ItemForm() return render(request, 'catalog/edit_item.html', {'form': form})
def get(self, request, pk): item = get_object_or_404(Book, pk=pk) form = ItemForm(instance=item) return render(request, 'catalog/edit_item.html', {'form': form})