def edit_catalog(id):
title = 'Edit catalog'
catalog = Catalog.find_by_id(id)
if not catalog:
message = 'No catalog with id %s' % id
return render_template('common/not-found.html', message=message)
if catalog.user_id != login_session['user_id']:
flash('Not authorized to edit this catalog')
return redirect(url_for('show_catalogs'))
if request.method == 'GET':
return render_template('catalog/catalog-form.html',
title=title,
name=catalog.name,
description=catalog.description)
else:
name = request.form['name'].strip()
description = request.form['description'].strip()
if name and description:
catalog.name = name
catalog.description = description
catalog.save_to_db()
flash('Catalog is successfully updated')
return redirect(url_for('show_catalogs'))
error = 'Name and description are required'
return render_template('catalog/catalog-form.html',
title=title,
error=error)
def delete_catalog(user, id):
if not user:
return jsonify({'message': 'Unauthorized'}), 401
catalog = Catalog.find_by_id(id)
if not catalog:
return jsonify({'message': 'Catalog not found'}), 404
if user.id != catalog.user_id:
return jsonify({'message': 'No permission'}), 403
items = Item.find_by_catalog_id(id)
for item in items:
item.delete_from_db()
catalog.delete_from_db()
return jsonify({'message': 'Catalog deleted'}), 200
def delete_catalog(id):
catalog = Catalog.find_by_id(id)
if not catalog:
message = 'No catalog with id %s' % id
return render_template('common/not-found.html', message=message)
if catalog.user_id != login_session['user_id']:
flash('Not authorized to delete this catalog')
return redirect(url_for('show_catalogs'))
if request.method == 'GET':
return render_template('catalog/catalog-delete.html', catalog=catalog)
else:
items = Item.find_by_catalog_id(id)
for item in items:
item.delete_from_db()
catalog.delete_from_db()
flash('Catalog is successfully deleted')
return redirect(url_for('show_catalogs'))
def create_item(user, catalog_id):
if not user:
return jsonify({'message': 'Unauthorized'}), 401
catalog = Catalog.find_by_id(catalog_id)
if not catalog:
return jsonify({'message': 'Catalog not found'}), 404
data = request.json
if 'name' not in data or not data['name']:
return jsonify({'message': 'No item name'}), 400
if 'description' not in data or not data['description']:
data['description'] = ''
name = data['name'].strip()
description = data['description'].strip()
if not name or len(name) > MAX_NAME_LENGTH or len(
description) > MAX_DESCRIPTION_LENGTH:
return jsonify({'message': 'Bad request'}), 400
item = Item(name, description, catalog_id, user.id)
item.save_to_db()
return jsonify({'message': 'Item created', 'item': item.serializer}), 200
def edit_catalog(user, id):
if not user:
return jsonify({'message': 'Unauthorized'}), 401
catalog = Catalog.find_by_id(id)
if not catalog:
return jsonify({'message': 'Catalog not found'}), 404
if user.id != catalog.user_id:
return jsonify({'message': 'No permission'}), 403
data = request.json
if 'name' in data and data['name']:
name = data['name'].strip()
if not name or len(name) > MAX_NAME_LENGTH:
return jsonify({'message': 'Bad request'}), 400
catalog.name = name
if 'description' in data and data['description']:
description = data['description'].strip()
if len(description) > MAX_DESCRIPTION_LENGTH:
return jsonify({'message': 'Bad request'}), 400
catalog.description = description
catalog.save_to_db()
return jsonify({
'message': 'Catalog edited',
'catalog': catalog.serializer
}), 200
def get_catalog(id):
catalog = Catalog.find_by_id(id)
if not catalog:
return jsonify({'message': 'Catalog not found'}), 404
return jsonify({'catalog': catalog.serializer}), 200
def get_items(catalog_id):
catalog = Catalog.find_by_id(catalog_id)
if not catalog:
return jsonify({'message': 'Catalog not found'}), 404
items = Item.find_by_catalog_id(catalog_id)
return jsonify({'items': [item.serializer for item in items]}), 200
