Commit 5185b44df4afa40c07338b62985bf393fd6ab53a

arvind
Fri Apr 04 22:42:18 IST 2014

Tree SHA1: a0c1f9f
Parent SHA1: c4714ff (Small change in the /sweets/q API)
raw diff | raw patch

Fix: A user who owns a sweet can edit the sweet, after logging in to
sweet store.  Admin can edit sweets of others.
Adding new bootstrap and changing icons to glyphicons, re-styled
login.html to adapt to the changes in bootstrap.
/login now allows users to login too.

FIXME: macro of jinja templates is an alternative to underscore
templates. Refactor show_posts.html to use macros.

Comments:

Diff rendering mode:
inline
side by side


53	53
54	54	def validateSweet(payload):
55	55	for i in payload:
	56	print i
56	57	try:
57	58	if len(i['who']) and len(i['what']) and len(i['where']) and\
58	59	len(i['how']) and len(i['created']):
…	…
97	97	def show_entries():
98	98	print 'request:'
99	99	print request.method
100		res = g.collection.find().sort('_id',direction=-1)
	100	print session
	101	res = g.collection.find().sort('_id', direction=-1)
101	102	entries = make_list(res)
102	103	return render_template('show_entries.html', entries=entries)
103	104
…	…
131	131	try:
132	132	payload = [{'who': request.form['who'], 'what': request.form['what'],
133	133	'where': request.form['where'], 'how': request.form['how']}]
	134	print payload
134	135	except:
135	136	try:
136	137	payload = request.json
137	138	except:
138	139	payload = json.loads(request.data)
139	140
	141	if type(payload) is dict:
	142	payload = [payload]
140	143
141	144	valid = validateSweet(payload)
142	145	if not valid:
…	…
166	166	def login():
167	167	error = None
168	168	if request.method == 'POST':
	169	db = g.connection[app.config['DATABASE']]
	170	collection = db['sweet_users']
	171	for i in collection.find():
	172	if i['user'] == request.form['username'] and i['key'] == request.form['password']:
	173	session['logged_in'] = True
	174	session['username'] = request.form['username']
	175	flash('You were logged in')
	176	res = g.collection.find({'who': request.form['username']})
	177
	178	if res.count() < 1:
	179	return render_template('show_entries.html', entries=[])
	180	swt_list = []
	181	for swt in res:
	182	_id = swt['_id']
	183	del(swt['_id'])
	184	swt['id'] = str(_id)
	185	swt_list.append(swt)
	186	return render_template('show_entries.html', entries=swt_list)
	187	else:
	188	pass
	189
169	190	if request.form['username'] != app.config['USERNAME']:
170	191	error = 'Invalid username'
171	192	elif request.form['password'] != app.config['PASSWORD']:
172	193	error = 'Invalid password'
173	194	else:
174	195	session['logged_in'] = True
	196	session['isAdmin'] = True
175	197	flash('You were logged in')
176	198	return redirect(url_for('show_entries'))
177	199	return render_template('login.html', error=error)
…	…
261	261
262	262
263	263
264		@app.route('/posts/<post_id>',methods=['GET'])
	264	@app.route('/posts/<post_id>', methods=['GET', 'POST'])
265	265	def show_specific_entry(post_id):
266		try:
267		res = g.collection.find({'_id':ObjectId(post_id)})
268		if(res.count() > 0):
269		#entries = make_list(res)
270		entries = []
271		for i in res:
272		_id = i['_id']
273		del(i['_id'])
274		i['id'] = _id
275		entries.append(i)
276		return render_template('show_posts.html', entries=entries, str=str)
277		else:
	266	if request.method == 'GET':
	267	try:
	268	res = g.collection.find({'_id': ObjectId(post_id)})
	269	if(res.count() > 0):
	270	#entries = make_list(res)
	271	entries = []
	272	for i in res:
	273	_id = i['_id']
	274	del(i['_id'])
	275	i['id'] = _id
	276	entries.append(i)
	277	return render_template('show_posts.html', entries=entries, str=str)
	278	else:
	279	abort(404)
	280	except InvalidId:
278	281	abort(404)
279		except InvalidId:
280		abort(404)
	282	else:
	283	how = {}
	284	for item in request.form:
	285	how[item] = request.form[item]
	286	try:
	287	g.collection.update({'_id': ObjectId(post_id)}, {"$set":{'how':how}})
	288	response = make_response()
	289	return response
	290	except:
	291	abort(404)
281	292
282
283	293	@app.route('/posts/delete/', methods=['POST'])
284	294	def delete_post():
285	295	try:
286		g.collection.remove({'_id':ObjectId(request.form['post_id'])})
	296	g.collection.remove({'_id': ObjectId(request.form['post_id'])})
287	297	return jsonify(status='ok')
288	298	except:
289	299	abort(500)
…	…
301	301	@app.route('/logout')
302	302	def logout():
303	303	session.pop('logged_in', None)
	304	session.pop('username', None)
	305	session.pop('isAdmin', None)
304	306	flash('You were logged out')
305	307	return redirect(url_for('show_entries'))
306	308
…	…
351	351	return render_template("users.html", users=users)
352	352
353	353
354		@app.route('/authenticate', methods=['POST','GET'])
	354	@app.route('/authenticate', methods=['POST', 'GET'])
355	355	def authenticate():
356	356	if request.method == "POST":
357	357	response = make_response()


3	3	<head>
4	4	<title>SWeeT Store</title>
5	5	<link rel=stylesheet type=text/css href="{{ url_for('static', filename='css/style.css') }}">
6		<link rel=stylesheet type=text/css href="{{ url_for('static', filename='css/bootstrap.min.css') }}">
	6	<link rel=stylesheet type=text/css href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css">
	7	<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
	8	<script src="//netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js"></script>
	9	<script type="text/javascript" src="//underscorejs.org/underscore-min.js"></script>
7	10	{% block head %}{% endblock %}
8	11	</head>
9	12	<body>
…	…
29	29	{% block body %}{% endblock %}
30	30	</div>
31	31	</div>
32		<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
	32	<!-- <script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script> -->
33	33	<!--script>window.jQuery \|\| document.write('<script src="{{ url_for('static', filename='js/jquery-1.9.1.min.js')}}"><\/script>')</script-->
34	34	</body>
35	35	</html>


2	2	{% block body %}
3	3	<h2>Login</h2>
4	4	{% if error %}<p class=error><strong>Error:</strong> {{ error }}{% endif %}
5		<form action="{{ url_for('login') }}" method=post>
6		<dl>
7		<dt>Username:
8		<dd><input type=text name=username>
9		<dt>Password:
10		<dd><input type=password name=password>
11		<dd><input type=submit value=Login>
12		</dl>
	5	<form class="form-horizontal" role="form" action="{{ url_for('login') }}" method=post>
	6	<div class="form-group">
	7	<label for="username" class="col-sm-2 control-label">Username</label>
	8	<div class="col-sm-10">
	9	<input type="text" class="form-control" name="username" id="username" placeholder="murugan">
	10	</div>
	11	</div>
	12	<div class="form-group">
	13	<label for="password" class="col-sm-2 control-label">Password</label>
	14	<div class="col-sm-10">
	15	<input type="password" class="form-control" id="password" name="password" placeholder="Password">
	16	</div>
	17	</div>
	18	<div class="form-group">
	19	<div class="col-sm-offset-2 col-sm-10">
	20	<button type="submit" class="btn btn-default">Sign in</button>
	21	</div>
	22	</div>
13	23	</form>
14	24	{% endblock %}


18	18	<small>created: {{entry.created }} UTC</small>
19	19	{% endif %}
20	20	<a class="pull-right" href={{ "/posts/" + entry.id }}>
21		<i class="icon-share-alt"></i>
	21	<i class="glyphicon glyphicon-share-alt"></i>
22	22	</a>
23	23	</li>
24	24	{% endif %}


13	13	}
14	14	return false;
15	15	}
	16	function editPost(entry) {
	17	t = _.template($("#editTemplate").html());
	18	$(".modal-body").append(t(items=entry));
	19	$("input").each(function(item) {
	20	$(this).val(entry[$(this).attr('for')]);
	21
	22	}, this);
	23	$("#editModal").modal();
	24	}
16	25	</script>
17	26	<ul class="entries">
18	27	{% for entry in entries %}
…	…
29	29	@<b>{{ entry.who }}</b>
30	30	<b>#{{ entry.what }}</b> /{{ entry.where }} {{ entry.how\|safe }}
31	31	{% if session.logged_in %}
	32	{% if session.isAdmin or session.username == entry.who %}
	33	<button class="right btn btn-sm btn-default" onclick='editPost({{entry.how\|tojson\|safe}})'>
	34	<i class="glyphicon glyphicon-edit"></i>
	35	</button>
32	36	<a class="pull-right" href="#" onclick='deletePost({{entry.id\|string\|tojson\|safe}})'>
33		<i class="icon-trash"></i>
	37	<i class="glyphicon glyphicon-trash"></i>
34	38	</a>
35	39	{% endif %}
	40	{% endif %}
36	41	</li>
37	42	{% endfor %}
38	43	</ul>
	44
	45	<div class="modal fade" id="editModal" tabindex="-1" role="dialog" aria-labelledby="ModalLabel" aria-hidden="true">
	46	<div class="modal-dialog modal-lg">
	47	<div class="modal-content">
	48	<div class="modal-header">
	49	<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
	50	<h4 class="modal-title">Edit SWeeT</h4>
	51	</div>
	52	<div class="modal-body row">
	53
	54	</div>
	55	<div class="modal-footer">
	56	<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
	57	</div>
	58	</div><!-- /.modal-content -->
	59	</div><!-- /.modal-dialog -->
	60	</div><!-- /.modal -->
	61
	62	<script type="text/template" id="editTemplate">
	63	<form action="" method="post">
	64	<% _.each(items, function(item, key) { %>
	65	<div class="input-group col-md-12">
	66	<label> <%= key %> </label>
	67	<input name=<%= key %> for=<%= key %> class="form-control" type="text"> </input>
	68	</div>
	69	</br>
	70	<% }) %>
	71	<button class="btn btn-default" type="submit">Save</button>
	72	</form>
	73	</script>
39	74	{% endblock %}

Commit 5185b44df4afa40c07338b62985bf393fd6ab53a

Gitorious