def admin_add_product_category(): form = AddCategoryForm() # GET if request.method == "GET": try: data = categories_data_provider.get_add_data(form=form) return render_template("admin/products/add_category.html", data=data) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: try: if not form.validate_on_submit(): data = categories_data_provider.get_add_data(form=form) return render_template("admin/products/add_category.html", data=data) category = Category(name=form.category.data) db_manager.add(category) db_manager.commit() flash( "Categoria \"%s\" foi adicionada com sucesso." % form.category.data, "success") return redirect(url_for("admin_add_product_category")) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def admin_update_stock(product_id): update_stock_form = StockOperationForm() try: product = db_manager.get_product(product_id=product_id) if not product: return "", 404 if not update_stock_form.validate_on_submit(): return "", 422 product.stock = int(update_stock_form.amount.data) db_manager.add(product) db_manager.commit() response = { "new_stock": product.stock, } return json.dumps(response), 200 except Exception as e: db_manager.rollback() log_unrecognized_exception(e) return "", 500
def admin_edit_product_subcategory(subcategory_id): form = EditSubcategoryForm() # Getting optional parameters url_args = request.args.get('url_args') # Setting default value to optional parameters # Converting optional parameters from string type to its corresponded python type if not url_args: url_args = {} else: url_args = ast.literal_eval(url_args) # GET if request.method == "GET": try: subcategory = db_manager.get_subcategory(subcategory_id) if not subcategory: raise InvalidUrlArgError() form.add_category_choices() data = subcategories_data_provider.get_edit_data( form, subcategory_id=subcategory_id, url_args=url_args) return render_template("admin/products/edit_subcategory.html", data=data) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: try: subcategory = db_manager.get_subcategory(subcategory_id) if not subcategory: raise InvalidUrlArgError() form.add_category_choices() if not form.validate_on_submit(): data = subcategories_data_provider.get_edit_data( form, subcategory_id=subcategory_id, url_args=url_args) return render_template("admin/products/edit_subcategory.html", data=data) subcategory.name = form.subcategory.data subcategory.category_id = form.category_id.data db_manager.add(subcategory) db_manager.commit() flash("Subcategoria #%s foi editada com sucesso." % subcategory_id, "success") return redirect(url_for("admin_product_subcategories", **url_args)) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def login(): form = LoginForm() # GET if request.method == "GET": try: data = login_data_provider.get_data(form=form) return render_template('customer/user_management/login.html', data=data) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: try: if not form.validate_on_submit(): data = login_data_provider.get_data(form=form) return render_template('customer/user_management/login.html', data=data) user = db_manager.get_user(form.email.data) user.authenticated = True db_manager.add(user) db_manager.commit() login_user(user) if user.email == app.config["ADMIN_MAIL"]: return redirect(url_for('admin_dashboard')) else: return redirect(url_for('my_account')) except DatabaseAccessError: db_manager.rollback() flash(DatabaseAccessError.msg, "danger") data = login_data_provider.get_data(form=form) return render_template('customer/user_management/login.html', data=data) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def admin_activate_product(product_id): reactivate_form = SimpleSubmitForm() try: if not reactivate_form.validate_on_submit(): raise InsecurePostException() product = db_manager.get_product(product_id=product_id) if not product: raise InvalidUrlArgError("Product not found") product.active = True db_manager.add(product) db_manager.commit() return "", 204 except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def email_confirmed(token): try: email = ts.loads(token, salt="email-confirm-key") user = db_manager.get_user(email=email) if not user: abort(404) user.email_confirmed = True db_manager.add(user) db_manager.commit() flash("Email confirmado com sucesso.", "success") return redirect(url_for('login')) except BadSignature: db_manager.rollback() log_exception(name="BadSignature") abort(404) except DatabaseAccessError: db_manager.rollback() current_url = url_for('email_confirmed', token=token) flash(DatabaseAccessError.msg, "danger") data = failed_to_get_data_provider.get_data(current_url=current_url) return render_template('customer/shared/failed-to-get.html', data=data) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def admin_activate_product_subcategory(subcategory_id): simple_submit_form = SimpleSubmitForm() try: if not simple_submit_form.validate_on_submit(): raise InsecurePostException() subcategory = db_manager.get_subcategory(subcategory_id=subcategory_id) if not subcategory: raise InvalidUrlArgError("Subcategory not found") subcategory.active = True db_manager.add(subcategory) db_manager.commit() return "", 204 except Exception as e: db_manager.rollback() log_unrecognized_exception(e) return "", 500
def admin_disable_product_category(category_id): disable_form = SimpleSubmitForm() try: if not disable_form.validate_on_submit(): raise InsecurePostException() category = db_manager.get_category(category_id=category_id) if not category: raise InvalidUrlArgError("Category not found") category.active = False db_manager.add(category) db_manager.commit() return "", 204 except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def redefine_password(token): form = RedefinePasswordForm() # GET if request.method == "GET": try: email = ts.loads(token, salt="recover-key") data = redefine_password_data_provider.get_data(form=form, email=email, token=token) return render_template( 'customer/user_management/redefine-password.html', data=data) except BadSignature: log_exception(name="BadSignature") abort(404) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: email = None try: email = ts.loads(token, salt="recover-key") if not form.validate_on_submit(): data = redefine_password_data_provider.get_data(form=form, email=email, token=token) return render_template( 'customer/user_management/redefine-password.html', data=data) user = db_manager.get_user(email) user.password = form.password.data db_manager.add(user) db_manager.commit() flash("Senha redefinida com sucesso.", "success") return redirect(url_for('login')) except BadSignature: db_manager.rollback() log_exception(name="BadSignature") abort(404) except DatabaseAccessError: db_manager.rollback() flash(DatabaseAccessError.msg, "danger") data = redefine_password_data_provider.get_data(form=form, email=email, token=token) return render_template( 'customer/user_management/redefine-password.html', data=data) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def create_account(): form = CreateAccountForm() # GET if request.method == "GET": try: data = create_account_data_provider.get_data(form) return render_template( 'customer/user_management/create-account.html', data=data) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: try: if not form.validate_on_submit(): data = create_account_data_provider.get_data(form) return render_template( 'customer/user_management/create-account.html', data=data) user = User(email=form.email.data, password=form.password.data) db_manager.add(user) email_manager.send_create_account_confirmation_email( form.email.data) db_manager.commit() return redirect( url_for("sent_confirmation_email", email=request.form["email"])) except DatabaseAccessError: db_manager.rollback() flash(DatabaseAccessError.msg, "danger") data = create_account_data_provider.get_data(form=form) return render_template( 'customer/user_management/create-account.html', data=data) except EmailSendingError: db_manager.rollback() flash(EmailSendingError.msg, "danger") data = create_account_data_provider.get_data(form=form) return render_template( 'customer/user_management/create-account.html', data=data) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def resend_confirmation_email(): form = ResendConfirmationEmailForm() # GET if request.method == 'GET': try: data = resend_confirmation_email_data_provider.get_data(form) return render_template( 'customer/user_management/resend-confirmation-email.html', data=data) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: try: if not form.validate_on_submit(): data = resend_confirmation_email_data_provider.get_data( form=form) return render_template( 'customer/user_management/resend-confirmation-email.html', data=data) # TODO: Wait one hour to resend for the same email email_manager.send_create_account_confirmation_email( form.email.data) return redirect( url_for("sent_confirmation_email", email=form.email.data)) except DatabaseAccessError: db_manager.rollback() flash(DatabaseAccessError.msg, "danger") data = resend_confirmation_email_data_provider.get_data(form=form) return render_template( 'customer/user_management/resend-confirmation-email.html', data=data) except EmailSendingError: db_manager.rollback() flash(EmailSendingError.msg, "danger") data = resend_confirmation_email_data_provider.get_data(form=form) return render_template( 'customer/user_management/resend-confirmation-email.html', data=data) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def recover_password(): form = RecoverPasswordForm() # GET if request.method == "GET": try: data = recover_password_data_provider.get_data(form=form) return render_template( 'customer/user_management/recover-password.html', data=data) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: try: if not form.validate_on_submit(): data = recover_password_data_provider.get_data(form=form) return render_template( 'customer/user_management/recover-password.html', data=data) email_manager.send_redefine_password_email(form.email.data) return redirect( url_for("sent_recover_password_email", email=form.email.data)) except DatabaseAccessError: db_manager.rollback() flash(DatabaseAccessError.msg, "danger") data = recover_password_data_provider.get_data(form=form) return render_template( 'customer/user_management/recover-password.html', data=data) except EmailSendingError: db_manager.rollback() flash(EmailSendingError.msg, "danger") data = recover_password_data_provider.get_data(form=form) return render_template( 'customer/user_management/recover-password.html', data=data) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def admin_add_product(): form = AddProductForm() # GET if request.method == "GET": try: form.add_choices() data = products_data_provider.get_add_data(form=form) return render_template("admin/products/add_product.html", data=data) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: try: form.add_choices() if not form.validate_on_submit(): data = products_data_provider.get_add_data(form=form) return render_template("admin/products/add_product.html", data=data) category_id = int(form.category_subcategory.data.split('/')[0]) if category_id == 0: category_id = None subcategory_id = int(form.category_subcategory.data.split('/')[1]) if subcategory_id == 0: subcategory_id = None product = Product( title=form.title.data, category_id=category_id, subcategory_id=subcategory_id, price=Decimal(form.price.data.replace(',', '.')), stock_quantity=int(form.stock_quantity.data), stop_sell_stock_quantity=int( form.stop_sell_stock_quantity.data), summary=form.summary.data, image_1=form.image_1.data, image_2=form.image_2.data, image_3=form.image_3.data, image_4=form.image_4.data, image_5=form.image_5.data, image_6=form.image_6.data, image_7=form.image_7.data, image_8=form.image_8.data, image_9=form.image_9.data, image_10=form.image_10.data, tab_1_title=form.tab_1_title.data, tab_1_content=form.tab_1_content.data, tab_2_title=form.tab_2_title.data, tab_2_content=form.tab_2_content.data, tab_3_title=form.tab_3_title.data, tab_3_content=form.tab_3_content.data, tab_4_title=form.tab_4_title.data, tab_4_content=form.tab_4_content.data, tab_5_title=form.tab_5_title.data, tab_5_content=form.tab_5_content.data, tab_6_title=form.tab_6_title.data, tab_6_content=form.tab_6_content.data, tab_7_title=form.tab_7_title.data, tab_7_content=form.tab_7_content.data, tab_8_title=form.tab_8_title.data, tab_8_content=form.tab_8_content.data, tab_9_title=form.tab_9_title.data, tab_9_content=form.tab_9_content.data, tab_10_title=form.tab_10_title.data, tab_10_content=form.tab_10_content.data, ) db_manager.add(product) db_manager.commit() db_manager.refresh(product) flash( "Produto \"%s\" foi adicionado com sucesso. Clique <a target='_blank' href=%s>aqui</a> para ver o produto." % (form.title.data, url_for("product", product_id=product.id)), "success") return redirect(url_for("admin_add_product")) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)
def admin_edit_product(product_id): form = EditProductForm() # Getting optional parameters url_args = request.args.get('url_args') # Setting default value to optional parameters # Converting optional parameters from string type to its corresponded python type if not url_args: url_args = {} else: url_args = ast.literal_eval(url_args) # GET if request.method == "GET": try: product = db_manager.get_product(product_id) if not product: raise InvalidUrlArgError() form.add_choices() data = products_data_provider.get_edit_data(form=form, product_id=product_id, url_args=url_args) return render_template("admin/products/edit_product.html", data=data) except Exception as e: log_unrecognized_exception(e) abort(500) # POST else: try: product = db_manager.get_product(product_id) if not product: raise InvalidUrlArgError() form.add_choices() if not form.validate_on_submit(): data = products_data_provider.get_edit_data( form=form, product_id=product_id, url_args=url_args) return render_template("admin/products/edit_product.html", data=data) category_id = int(form.category_subcategory.data.split('/')[0]) if category_id == 0: category_id = None subcategory_id = int(form.category_subcategory.data.split('/')[1]) if subcategory_id == 0: subcategory_id = None product.title = form.title.data, product.category_id = category_id, product.subcategory_id = subcategory_id, product.price = Decimal(form.price.data.replace(',', '.')), product.stock_quantity = int(form.stock_quantity.data), product.stop_sell_stock_quantity = int( form.stop_sell_stock_quantity.data) product.summary = form.summary.data, product.image_1 = form.image_1.data, product.image_2 = form.image_2.data, product.image_3 = form.image_3.data, product.image_4 = form.image_4.data, product.image_5 = form.image_5.data, product.image_6 = form.image_6.data, product.image_7 = form.image_7.data, product.image_8 = form.image_8.data, product.image_9 = form.image_9.data, product.image_10 = form.image_10.data, product.tab_1_title = form.tab_1_title.data, product.tab_1_content = form.tab_1_content.data, product.tab_2_title = form.tab_2_title.data, product.tab_2_content = form.tab_2_content.data, product.tab_3_title = form.tab_3_title.data, product.tab_3_content = form.tab_3_content.data, product.tab_4_title = form.tab_4_title.data, product.tab_4_content = form.tab_4_content.data, product.tab_5_title = form.tab_5_title.data, product.tab_5_content = form.tab_5_content.data, product.tab_6_title = form.tab_6_title.data, product.tab_6_content = form.tab_6_content.data, product.tab_7_title = form.tab_7_title.data, product.tab_7_content = form.tab_7_content.data, product.tab_8_title = form.tab_8_title.data, product.tab_8_content = form.tab_8_content.data, product.tab_9_title = form.tab_9_title.data, product.tab_9_content = form.tab_9_content.data, product.tab_10_title = form.tab_10_title.data, product.tab_10_content = form.tab_10_content.data, db_manager.add(product) db_manager.commit() flash( "Produto #%s \"%s\" foi editado com sucesso. Clique <a target='_blank' href=%s>aqui</a> para ver o produto." % (product.id, product.title, url_for("product", product_id=product.id)), "success") return redirect(url_for("admin_products", **url_args)) except Exception as e: db_manager.rollback() log_unrecognized_exception(e) abort(500)