def item_create(cid = None):
if request.method == 'POST':
print 'To process item creation.'
item = Item()
item.category_id = request.form['item-category_id']
item.name = request.form['item-name']
item.longtext = request.form["item-longtext"]
file = request.files["item-image"]
print type(file)
item.image = file.read()
item.user_id = get_user_id_from_session()
result = item.add()
if result[1] == 'error':
flash(result[2], result[1])
else:
item.commit()
return redirect(url_for('item.item_display', item_id = item.id))
else:
if cid == None:
flash('Please select a category.', 'error')
return redirect_common(url_for('category.home'))
return render_template('item.html', title = 'Create item',\
item = Item(category_id = cid),\
display = False
)
def update_item(item_id):
"""Handle request to update an item."""
# validate ownership
item = item_dao.get_item(item_id)
if "user_id" not in login_session:
return redirect(url_for("showLogin"))
elif item.user_id != login_session["user_id"]:
flash("Unauthorized operation")
return redirect(url_for("view_items_html"))
# update item
item = Item()
item.id = item_id
item.name = request.form["name"]
item.category_id = request.form["category_id"]
if request.form["description"] != "":
item.description = request.form["description"]
item = item_dao.edit_item(item)
return jsonify(item.serialize)
def newItem(category_id):
''' This allows the user to create a new item from the category page'''
# First we check to see if the user is actaully logged in
# if 'username' not in login_session:
# return redirect('/login')
print 'open'
form = newItemForm()
cat = session.query(Category).filter_by(id=category_id).one()
if form.validate_on_submit():
newItem = Item(name=request.form['name'],
description=request.form['description'],
picture=request.form['picture'])
session.add(newItem)
newItem.user_id = login_session['user_id']
newItem.category_id = category_id
session.add(newItem)
flash('Item has been created!')
return redirect(url_for('itemList', category_id=cat.id))
if form_errors(form) == False:
return redirect(url_for('itemList', category_id=cat.id))
# if form.errors:
# for error in form.errors:
# flash(error)
# flash('There was an error in your input')
# return redirect(url_for('itemList', category_id=cat.id))
return render_template('newItem.html', category_id=category_id, form=form)
def newItem(category_id=''):
if 'username' not in login_session:
return redirect('/login')
item = Item()
item.category_id = category_id
categories = session.query(Category).order_by(asc(Category.name))
if request.method == 'POST':
errors = []
# check blank
if request.form['name'] == "" or request.form['category_id'] == "" or request.form['description'] == "" or request.form['price'] == "":
errors.append('Name, Category, Description, and Price are required.')
# check duplicate
if session.query(Item).filter(Item.name == request.form['name'], Item.category_id == request.form['category_id']).count()>0:
errors.append('That item already exists in that category.')
# too long - not pretty
if len(request.form['name'])>36:
errors.append('Please limit item name to 32 characters or less.')
# set these values so we can show them what they tried to enter without passing as separate params
item.name = request.form['name']
item.category_id = request.form['category_id']
item.description = request.form['description']
item.price = request.form['price']
item.picture = request.form['picture']
item.user_id = login_session['user_id']
if len(errors)>0:
return render_template('newItem.html', category_id = category_id, categories = categories, item = item, errors = errors)
else:
session.add(item)
session.commit()
flash('Item %s has been added to the catalog.' % item.name)
return redirect(url_for('showCategory', category_id = item.category.id))
else:
return render_template('newItem.html', category_id = category_id, categories = categories, item = item)
def create_item():
"""Handle request to create a new item."""
item = Item()
item.name = request.form["name"]
item.category_id = request.form["category_id"]
item.user_id = login_session["user_id"]
if request.form["description"] != "":
item.description = request.form["description"]
item = item_dao.create_item(item)
return jsonify(item.serialize)
def add_item():
categories = session.query(Category).all()
if request.method == 'POST':
item = Item()
if not request.form['title'] or not \
request.form['description'] or \
request.form['category_select'] == '0':
return redirect('/catalog/item/new')
else:
item.name = request.form['title']
item.description = request.form['description']
item.category_id = request.form['category_select']
item.user_id = login_session['username']
session.add(item)
session.commit()
flash('Item {} added'.format(item.name))
return redirect(url_for('show_catalog'))
else:
return render_template('add_item.html', categories=categories)
def addItem():
"""Displays the add item page."""
if request.method == 'POST':
# verify the user has logged in
if 'username' not in login_session:
return redirect(url_for('showLogin'))
if request.form.get('add', None) == 'add':
name = bleach.clean(request.form['name'],
strip=True)
# verify that cleaned name is not blank
if not name:
flash("Name field is required")
categories = get_categories()
return render_template('addItem.html',
categories=categories)
#build the new item
item = Item()
item.name = name
item.description = bleach.clean(request.form['description'],
strip=True)
item.image_url = bleach.clean(request.form['imageUrl'],
strip=True)
item.category_id = bleach.clean(request.form['category'],
strip=True)
item.last_update = get_time()
item.owner_id = login_session['user_id']
session.add(item)
session.commit()
return redirect(url_for('showItem', item_id=item.id))
else:
return redirect(url_for('showIndex'))
else:
categories = get_categories()
return render_template('addItem.html', categories=categories)
def ItemAdd():
"""
Add Item - any user can add an item as long as they are logged in
"""
if "username" not in login_session:
loggedIn = False
return redirect("/login")
else:
loggedIn = True
categories = session.query(Category).all()
if request.method == "POST":
itemToAdd = Item()
itemToAdd.item_name = request.form["item_name"]
itemToAdd.item_description = request.form["item_description"]
itemToAdd.category_id = request.form["category"]
itemToAdd.user_id = login_session["user_id"]
session.add(itemToAdd)
session.commit()
flash("Item Added")
return redirect(url_for("HomePage"))
else:
return render_template("item_add.html", categories=categories, loggedIn=loggedIn)
def newItem(category_name):
if 'username' not in login_session:
return redirect('/login')
categories = session.query(Category)
category = session.query(Category).filter_by(name=category_name).one()
creator = getUserInfo(login_session['user_id'])
if request.method == 'POST':
newItem = Item(title=request.form['title'],
description=request.form['description'],
user_id=creator.id)
newItem.category_id = request.form.get('category_id')
session.add(newItem)
session.commit()
print(newItem.user_id)
print(login_session['user_id'])
flash('%s Item added' % newItem.title)
return redirect(
url_for('showItem', category_name=category_name, creator=creator))
else:
return render_template('newItem.html',
category_name=category_name,
categories=categories,
category=category)
def createItem():
'''
Create a new Catalog Item from the main catalog page
and no category is selected
'''
# if user is not logged in, redirect to login page
if 'username' not in login_session:
return redirect('/login')
# get all the categories from database to populate the newitem.html page
categories = session.query(Category).all()
# create an Item instance
item = Item(user_id=login_session['user_id'])
# if this is a POST request
if request.method == 'POST':
# if 'name' field is non-blank, assign it to the Item object
if request.form['name']:
item.name = request.form['name']
# if 'description' field is non-blank, assign it to the Item object
if request.form['description']:
item.description = request.form['description']
# get the selected category id from the list of options and
# query the database for category name and user who created it
if request.form.get('categories'):
category_id = request.form.get('categories')
category_name = session.query(Category).filter_by(
id=category_id).one().name
category_user = session.query(Category).filter_by(
id=category_id).one().user_id
# if user is not the creator of this category, redirect to catalog page
if category_user != login_session['user_id']:
flash(
"You did not create category %s, hence, "
"hence you are not authorized to add this item: '%s'"
% (category_name, item.name))
return redirect(url_for('showCatalog'))
else:
# assign the category id to item
item.category_id = category_id
# add and commit Item to database
session.add(item)
session.commit()
# add flash message
flash("Catalog Item '%s' Successfully Added" % item.name)
# redirect function to show the item details just committed
return redirect(url_for(
'showItem',
category_name=category_name,
item_name=item.name,
item_id=item.id))
# if this is a GET request
else:
# redisplay the newitem.html page to create a new catalog item
return render_template(
'newitem.html',
item=item,
categories=categories,
username=login_session['username']
if 'username' in login_session else "")
def addItemToCategory(category_name, category_id):
'''
Add an Item to a Category based on the selected category
This function is called when a logged-in user already selected a category
to display its items
'''
# if user is not logged in, redirect to login page
if 'username' not in login_session:
return redirect('/login')
# get the category creator
category = session.query(Category).filter_by(id=category_id).one()
# if logged-in user is not the creator of this category,
# redirect to catalog page
if category.user_id != login_session['user_id']:
flash(
'You did not create this category,"\
" hence you are not authorized to add an item to it')
return redirect(url_for('showCatalog'))
# create an Item instance
item = Item(user_id=login_session['user_id'])
# get all the categories from database
categories = session.query(Category).all()
# if this is a POST request
if request.method == 'POST':
# if the 'name' field is non-blank
if request.form['name']:
item.name = request.form['name']
# if the 'description' field is non-blank
if request.form['description']:
item.description = request.form['description']
# get the selected category from the list of options
if request.form.get('categories'):
# assign the category id to the Item object
item.category_id = request.form.get('categories')
# query the database for the creator of this category
category_user = session.query(Category).filter_by(
id=item.category_id).one().user_id
# if user is not the creator of this category, redirect to catalog page
if category_user != login_session['user_id']:
flash(
"You did not create this category, hence,"
" you are not authorized to add this item: '%s'" % item.name)
return redirect(url_for('showCatalog'))
else:
# add and commit Item to the database
session.add(item)
session.commit()
# add a flash message
flash("Catalog Item '%s' Successfully Added" % item.name)
# redirect page to the Item details page
return redirect(url_for(
'showItem',
category_name=category_name,
item_name=item.name,
item_id=item.id))
# if this is a GET request
else:
# redisplay the New Item creation page
return render_template(
'newitem.html',
item=item,
categories=categories,
category_id=category_id,
username=login_session['username']
if 'username' in login_session else "")
Base.metadata.bind = engine
DBSession = sessionmaker(bind=engine)
session = DBSession()
# Empty the tables
session.query(Category).delete()
session.query(Item).delete()
# Add categories
sample_categories = ['guitars', 'pianos', 'drums', 'accessories', 'books']
for category_name in sample_categories:
category = Category()
category.name = category_name
session.add(category)
session.commit()
# First index is for the item
# Second index is for title,category_id respectively
items = [['cort g110 stratocaster', 1], ['Yamaha P155 Contemporary Piano', 2],
['Riot PODRT522BK 5-Piece Drum Set', 3], ['Guitar capo', 4],
['Fingerstyle & Slide guitar in open tunings', 5]]
for i in range(0, 4):
itemm = Item()
itemm.name = items[i][0]
itemm.description = 'description'
itemm.category_id = items[i][1]
session.add(itemm)
session.commit()
