def remove_item(item_id): """ Remove item from data base :param item_id: :return string: JSON """ item = get_item_by_id(item_id) or None # check the item exist if not item: return jsonify({'error': 'This record don\'t exist'}) # check the user is the owner if int(item.author) != int(g.user.id): return jsonify( {'error': 'You don\'t have permission to delete this record'}) images = get_images_by_item_id(item_id) # remove images files for image in images: path = ''.join([BASE_DIR, image.url]) if os.path.isfile(path): os.unlink(path) # remove item and images from database delete_item(item_id) remove_images_by_item_id(item_id) return jsonify({'message': 'Record was deleted'})
def edit_item_handler(catalog_id, item_id): """Edits an item in a catalog Parameters: - catalog_id: integer id of catalog to which item belongs - item_id: integer id of item to edit Returns: - HTTP response """ user = models.get_current_user() catalog_id = int(catalog_id) catalog_entity = models.Catalog.get_by_id(catalog_id) item_id = int(item_id) item_entity = models.get_item_by_id(catalog_id, item_id) # Check parameters if not catalog_entity: raise BadRequest('Could not find catalog with id %d' % catalog_id) if not (item_entity): raise BadRequest('Could not find item with id %d!' % item_id) if not catalog_entity.user_can_edit(user): raise Unauthorized if flask.request.method == 'GET': # Render edit item form categories = models.get_categories(catalog_id) return flask.render_template('edititem.html', user=user, catalog=catalog_entity, categories=categories, category_id=item_entity.category.id(), item=item_entity) elif flask.request.method == 'POST': # Handle item edit from form picture_obj = flask.request.files.get('picture') picture_url = uploadfile.save_file(picture_obj) try: price = float(flask.request.form.get('price')) except: price = 0.00 # Update entity item_entity.name = flask.request.form.get('name') item_entity.description = flask.request.form.get('description') item_entity.price = price item_entity.picture = picture_url # Allow possibility of item without category category_id = flask.request.form.get('category_id') if category_id: category_id = int(category_id) category_entity = models.get_category_by_id(catalog_id, category_id) if category_entity: item_entity.category = category_entity.key item_entity.put() models.wait_for(item_entity) return flask.redirect('/catalog/%d' % catalog_entity.key.id())
def item_page(item_id): """ Return item :param item_id: :return string: JSON """ item = get_item_by_id(item_id) return jsonify(item.serialize), 200
def get_user_item(car_id): """ Return items by user id :return string: JSON """ car = get_item_by_id(car_id) return jsonify(car.serialize), 200
def show_car(item_id): """ Show car page :param item_id: int :return: """ car = get_item_by_id(item_id) return render('catalog/car.html', brands=brands, car=car.serialize)
def edit_item(item_id): """ Edit item by id :param item_id: :return string: JSON """ # get item data _item = dict() _item['title'] = clean(request.json.get('title')) _item['model'] = clean(request.json.get('model')) _item['description'] = clean(request.json.get('description')) _item['brand'] = request.json.get('brand') _item['price'] = request.json.get('price') _item['author'] = int(g.user.id) # get item item = get_item_by_id(item_id) or None # check item exist if not item: return jsonify({'error': 'This record don\'t exist'}) # check the user is the owner if int(item.author) != _item['author']: return jsonify( {'error': 'You don\'t have permission to edit the record'}) # Check data if len(_item['title']) < 5: return jsonify({'error': 'too short title, minimum 5 characters'}), 206 if len(_item['model']) < 2: return jsonify({'error': 'too short model, minimum 2 characters'}), 206 if len(_item['description']) < 5: return jsonify({'error': 'too short description, min 5 symbols'}), 206 # convert data to integer try: _item['brand'] = int(_item['brand']['id']) except TypeError: return jsonify({'error': 'invalid brand type'}), 206 try: _item['price'] = int(_item['price']) except TabError: return jsonify({'error': 'invalid price type'}), 206 # update item and send response item = update_item(_item, item_id) return jsonify(item.serialize), 200
def edit_car(item_id): """ Edit item :param item_id: :return mix: """ # get user user = get_user_by_id(session['uid']) # Get car car = get_item_by_id(item_id) # Check the user is the owner if int(session['uid']) != int(car.author): flash('You don\'t have permission to edit it.', 'error') return redirect('/profile', 302) # Get token token = user.generate_auth_token(3600) if request.method == 'POST' and request.form['csrf_token'] == csrf_token: _car = dict() # cleaning data try: _car['description'] = clean(request.form['description']) _car['title'] = clean(request.form['title']) _car['model'] = clean(request.form['model']) _car['price'] = clean(request.form['price']) _car['brand'] = clean(request.form['brand']) _car['author'] = session['uid'] except TypeError: flash('fields can\'t be empty', 'error') return render('catalog/new_car.html', brands=brands, csrf=csrf_token) # update car, create success message and redirect user item = update_item(_car, item_id) flash('Record "%s" was successfully updated' % item.title, 'success') return redirect('/profile', 302) return render('catalog/edit_car.html', brands=brands, car=car.serialize, token=token, user=user.serialize, csrf_token=csrf_token)
def delete_car(item_id): """ Remove car and all images :param item_id: :return: """ # Get car car = get_item_by_id(item_id) # check if the user is the owner if int(car.author) != int(session['uid']): # crate a error message and redirect user flash('You don\'t have permission to remove this object', 'error') return redirect('/profile', 302) if request.method == 'POST': # get images images = get_images_by_item_id(item_id) # get title title = car.title # remove images files for image in images: # get absolute path to image path = ''.join([BASE_DIR, image.url]) # if file exist remove the image file if os.path.isfile(path): os.unlink(path) # remove images from from database remove_images_by_item_id(item_id) # remove data of car from database delete_item(item_id) # crate a success message and redirect user flash('Car: "%s" was removed' % title, 'success') return redirect('/profile', 302) return render('catalog/delete_car.html', brands=brands, car=car.serialize, csrf_token=csrf_token)
def delete_item_handler(catalog_id, item_id): """Deletes an item in a catalog Parameters: - catalog_id: integer id of catalog to which item belongs - item_id: integer id of item to delete Returns: - HTTP response redirecting to catalog page """ catalog_id = int(catalog_id) catalog_entity = models.get_catalog_by_id(catalog_id) item_id = int(item_id) item_entity = models.get_item_by_id(catalog_id, item_id) # Check parameters if not catalog_entity: raise BadRequest('Could not find catalog with id %d' % catalog_id) if not (item_entity): raise BadRequest('Could not find item with id %d!' % item_id) if not catalog_entity.user_can_edit(models.get_current_user()): raise Unauthorized models.delete_item(catalog_id, item_id) return flask.redirect('/catalog/%d' % catalog_entity.key.id())