def edit_password():
password = request.form.get('password')
new_password = request.form.get('new_password')
confirm_password = request.form.get('confirm_password')
code, msgError = check_password(new_password)
if code != 0:
flash('#2' + msgError)
return redirect(url_for('profile.edit'))
if not password or not new_password or not confirm_password:
flash('#2Invalid information provided')
return redirect(url_for('profile.edit'))
if not check_password_hash(current_user.password, password):
flash('#2Invalid information provided')
return redirect(url_for('profile.edit'))
if new_password != confirm_password:
flash('#2Invalid information provided')
return redirect(url_for('profile.edit'))
user = User.query.filter_by(id=current_user.id).first()
user.password = generate_password_hash(new_password)
commit()
return redirect(url_for('profile.index'))
def create():
if request.method == 'GET':
return render_template('room/create.html')
else:
name = request.form.get('name')
secret = request.form.get('secret')
code, msgError = check_room_name(name)
if code != 0:
flash(msgError)
return redirect(url_for('room.create'))
name = name + "#" + str(current_user.id)
if secret:
new_room = Room(name=name, secret=generate_password_hash(secret))
else:
new_room = Room(name=name)
room = db.session.query(Association.room_id).join(
Room).filter((Association.user_id == current_user.id)
& (Room.name == name)).all()
if room:
flash(
'A Room with this name already exists. Please choose another Room\'s name.'
)
return redirect(url_for('room.create'))
assoc = Association(role_id=0)
assoc.room = new_room
current_user.rooms.append(assoc)
commit()
return redirect(url_for('room.index'))
def gift():
isNoneError(request.form.get('room_id'))
isNoneError(request.form.get('item_id'))
room_id = isNotIntegerError(request.form.get('room_id'))
item_id = isNotIntegerError(request.form.get('item_id'))
isNoneError(current_user.isAdmin(
room_id)) # checks that the user is member of the room
isTrueError(current_user.ownItem(
room_id, item_id)) # checks that the user is not the owner
item = Item.query.get(item_id)
if item:
if item.gid is None:
item.gid = current_user.id # becomes the gifter
else:
if current_user.id == item.gid:
item.gid = None
else:
abort(403)
commit()
return redirect(url_for('item.list_', room_id=room_id))
def edit_addpsw():
password = request.form.get('password')
secret = request.form.get('current_secret')
new_secret = request.form.get('new_secret')
confirm_secret = request.form.get('confirm_secret')
isNoneError(request.form.get('room_id'))
room_id = isNotIntegerError(request.form.get('room_id'))
isFalseError(current_user.isAdmin(room_id))
isNoneError(current_user.isAdmin(room_id))
if not new_secret or not confirm_secret:
flash('#2The information provided is incorrect.')
return redirect(url_for('room.edit', room_id=room_id))
#if not check_password_hash(current_user.password, password):
if not check_password_hash(current_user.password, password):
flash('#2The information provided is incorrect.')
return redirect(url_for('room.edit', room_id=room_id))
if not check_password_hash(generate_password_hash(new_secret), confirm_secret)\
or not check_password_hash(generate_password_hash(confirm_secret), new_secret):
flash('#2The information provided is incorrect.')
return redirect(url_for('room.edit', room_id=room_id))
roomQuery = Room.query.join(Association)\
.filter(Association.room_id==room_id)\
.filter(Association.user_id==current_user.id)\
.filter(Association.role_id==0).first()
if roomQuery.secret:
if not secret:
flash('#2The information provided is incorrect.')
return redirect(url_for('room.edit', room_id=room_id))
if not check_password_hash(roomQuery.secret, secret):
flash('#2The information provided is incorrect.')
return redirect(url_for('room.edit', room_id=room_id))
roomQuery.secret = generate_password_hash(new_secret)
commit()
return redirect(url_for('room.index'))
def delete():
if request.method == 'GET':
return render_template('profile/delete.html')
else:
password = request.form.get('password')
confirm_password = request.form.get('confirm_password')
if not check_password_hash(current_user.password, password)\
or not check_password_hash(current_user.password, confirm_password):
flash('Invalid information provided.')
return redirect(url_for('profile.delete'))
current_user.delete()
commit()
logout_user()
session.permanent = False
return redirect(url_for('main.index'))
def edit_settings():
email = request.form.get('email').strip()
name = request.form.get('name')
password = request.form.get('password')
confirm_password = request.form.get('confirm_password')
if name:
code, msgError = check_name(name)
if code != 0:
flash('#1' + msgError)
return redirect(url_for('profile.edit'))
if not check_password_hash(current_user.password, password)\
or not check_password_hash(current_user.password, confirm_password):
flash('#1The information provided is incorrect.')
return redirect(url_for('profile.edit'))
#if email:
# if not "@" in email:
# flash('#1Wrong email format provided.')
# return redirect(url_for('profile.edit'))
if email:
code, msgError = check_email(email)
if code != 0:
flash("#1" + msgError)
return redirect(url_for('profile.edit'))
if User.query.filter_by(email=email).first():
flash('#1This account already exists.')
return redirect(url_for('profile.edit'))
user = User.query.filter_by(id=current_user.id).first()
if email and email != user.email:
user.email = email
if name:
user.name = name
commit()
return redirect(url_for('.index'))
def edit_name():
name = request.form.get('name')
secret = request.form.get('current_secret')
confirm_secret = request.form.get('confirm_secret')
isNoneError(request.form.get('room_id'))
room_id = isNotIntegerError(request.form.get('room_id'))
isFalseError(current_user.isAdmin(room_id))
isNoneError(current_user.isAdmin(room_id))
roomQuery = Room.query.join(Association)\
.filter(Association.room_id==room_id)\
.filter(Association.user_id==current_user.id)\
.filter(Association.role_id==0).first()
isNoneError(roomQuery)
code, msgError = check_room_name(name)
if code != 0:
flash('#1' + msgError)
return redirect(url_for('room.edit', room_id=room_id))
if roomQuery.secret:
if not secret or not confirm_secret:
flash('#1The information provided is incorrect.')
return redirect(url_for('room.edit', room_id=room_id))
if not check_password_hash(generate_password_hash(secret), confirm_secret)\
or not check_password_hash(generate_password_hash(confirm_secret), secret):
flash('#1The information provided is incorrect.')
return redirect(url_for('room.edit', room_id=room_id))
if not check_password_hash(roomQuery.secret, secret):
flash('#1The information provided is incorrect.')
return redirect(url_for('room.edit', room_id=room_id))
roomQuery.name = name + "#" + str(current_user.id)
commit()
return redirect(url_for('room.index'))
def edit():
if request.method == 'GET':
isNoneError(request.args.get('room_id'))
isNoneError(request.args.get('item_id'))
room_id = isNotIntegerError(request.args.get('room_id'))
item_id = isNotIntegerError(request.args.get('item_id'))
isNoneError(current_user.isAdmin(room_id))
isFalseError(current_user.ownItem(room_id, item_id))
return render_template('item/edit.html',\
item=Item.query.get(item_id),\
room=[assoc.room for assoc in current_user.rooms if assoc.room.id == room_id][0])
else:
name = request.form.get('name')
quantity = request.form.get('quantity')
price = request.form.get('price')
url = request.form.get('url')
isNoneError(request.form.get('room_id'))
isNoneError(request.form.get('item_id'))
room_id = isNotIntegerError(request.form.get('room_id'))
item_id = isNotIntegerError(request.form.get('item_id'))
isNoneError(current_user.isAdmin(room_id))
isFalseError(current_user.ownItem(room_id, item_id))
code, msgError = check_item_name(name)
if code != 0:
flash(msgError)
return redirect(
url_for('item.edit', room_id=room_id, item_id=item_id))
if not name and not quantity and not url and not price:
flash(
'At least one value in the fields is required to edit the item.'
)
return redirect(
url_for('item.edit', room_id=room_id, item_id=item_id))
if not checkNumberInput(price) or not checkNumberInput(quantity):
flash('A positive number is required for a quantity and a price.')
return redirect(
url_for('item.edit', room_id=room_id, item_id=item_id))
item = Item.query.get(item_id)
if item:
if name:
item.name = name
if price:
item.price = price
if quantity:
item.quantity = quantity
if url:
item.url = url
else:
flash('The item to edit was not found. Please try later.')
return redirect(
url_for('item.edit', room_id=room_id, item_id=item_id))
commit()
return redirect(url_for('item.list_', room_id=room_id))