def showHome(): """This will show all categories with the latest items""" categories = session.query(Category).all() items = session.query(Item).order_by(desc(Item.id)).limit(9) return render_template('home.html', categories=categories, items=items, login_session=login_session)
def editItem(item_id): categories = session.query(Category).all() item = session.query(Item).filter_by(id=item_id).one_or_none() if item is None: flash("Item does not exist") return redirect(url_for('site.showHome')) # Checks if the current user is not the owner of the item if login_session['user_id'] != item.user_id: flash("You're not authorized to edit this item") return redirect(url_for('site.showHome')) # This loads the ItemForm into a local variable form = ItemForm(request.form) if request.method == 'GET': # This will render a form to edit an item form.name.data = item.name form.description.data = item.description return render_template('edititem.html', categories=categories, item=item, form=form) if request.method == 'POST': # This checks whether the form passes validation if form.validate(): # This will commit the item edit to the database item.category = item.category if request.form['name']: item.name = request.form['name'] if request.form['description']: item.description = request.form['description'] if request.form['category']: item.category = session.query(Category).filter_by( name=request.form['category']).one_or_none() if item.category is None: flash("Get out of dev tools, hacker!") return redirect(url_for('site.showHome')) session.add(item) session.commit() return redirect( url_for('site.showItem', category_name=item.category.name, item_id=item.id)) else: # This will run if the form fails validation return render_template('edititem.html', categories=categories, item=item, form=form)
def catalogAPI(): """Returns a catalog data object""" output = [] categories = session.query(Category).all() for category in categories: items = session.query(Item).filter_by(category_id=category.id) category_output = {} category_output["id"] = category.id category_output["name"] = category.name category_output["Item"] = [i.serialize for i in items] output.append(category_output) return formatData(output, "Category")
def showItem(category_name, item_id): """This will show an item""" category = session.query(Category).filter_by( name=category_name).one_or_none() if category is None: flash("Category does not exist") return redirect(url_for('site.showHome')) item = session.query(Item).filter_by(id=item_id, category=category).one_or_none() if item is None: flash("Item does not exist") return redirect(url_for('site.showHome')) return render_template('item.html', category=category, item=item)
def showCategory(category_name): """This will show all items in a category""" categories = session.query(Category).all() category = session.query(Category).filter_by( name=category_name).one_or_none() if category is None: flash("Category does not exist") return redirect(url_for('site.showHome')) items = session.query(Item).filter_by(category=category).all() return render_template('category.html', categories=categories, category=category, items=items)
def itemAPI(category_name, item_id): """Returns an item data object""" output = [] # Check to see if the item exists try: category = session.query(Category).filter_by(name=category_name).one() item = session.query(Item).filter_by(id=item_id, category=category).one() output = [item.serialize] return formatData(output, "Item") except: return formatData(output, "Item")
def createUser(login_session): newUser = User(name=login_session['username'], email=login_session['email']) session.add(newUser) session.commit() user = session.query(User).filter_by(email=login_session['email']).one() return user.id
def categoryAPI(category_name): """Returns a category and its items as data objects""" output = [] # Check to see if category and category items exist try: category = session.query(Category).filter_by(name=category_name).one() items = session.query(Item).filter_by(category_id=category.id) category_output = {} category_output["id"] = category.id category_output["name"] = category.name category_output["Item"] = [item.serialize for item in items] output.append(category_output) return formatData(output, "Category") except: return formatData(output, "Category")
def newItem(): categories = session.query(Category).all() # This loads the ItemForm into a local variable form = ItemForm(request.form) if request.method == 'GET': # This will render a form to add a new item return render_template('newitem.html', categories=categories, form=form) if request.method == 'POST': # This checks whether the form passes validation if form.validate(): # This will add a new item to the database category = session.query(Category).filter_by( name=request.form['category']).one_or_none() if category is None: flash("Get out of dev tools, hacker!") return redirect(url_for('site.showHome')) item = Item(name=request.form['name'], description=request.form['description'], category=category, user_id=login_session['user_id']) session.add(item) session.commit() return redirect( url_for('site.showItem', category_name=item.category.name, item_id=item.id)) else: # This will run if the form fails validation return render_template('newitem.html', categories=categories, form=form)
def deleteItem(item_id): item = session.query(Item).filter_by(id=item_id).one_or_none() if item is None: flash("Item does not exist") return redirect(url_for('site.showHome')) # Checks if the current user is not the owner of the item if login_session['user_id'] != item.user_id: flash("You're not authorized to delete this item") return redirect(url_for('site.showHome')) if request.method == 'GET': # This will render a form to delete an item return render_template('deleteitem.html', item=item) if request.method == 'POST': # This will delete an item from the database session.delete(item) session.commit() return redirect(url_for('site.showHome'))
def getUserID(email): try: user = session.query(User).filter_by(email=email).one() return user.id except: return None
def getUserInfo(user_id): user = session.query(User).filter_by(id=user.id).one() return user