From e13ceaf351d4b54dd2bc651d9f4385a8188b7418 Mon Sep 17 00:00:00 2001 From: Alexis Metaireau Date: Tue, 13 Sep 2011 18:15:07 +0200 Subject: REST API is now able to list stuff \o/ --- budget/web.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'budget/web.py') diff --git a/budget/web.py b/budget/web.py index f72a686..61d67e5 100644 --- a/budget/web.py +++ b/budget/web.py @@ -2,6 +2,7 @@ from collections import defaultdict from flask import * from flaskext.mail import Mail, Message +import werkzeug # local modules from models import db, Project, Person, Bill @@ -239,7 +240,11 @@ def add_bill(): @main.route("//delete/") def delete_bill(bill_id): - bill = Bill.query.get_or_404(bill_id) + # fixme: everyone is able to delete a bill + bill = Bill.query.get(g.project, bill_id) + if not bill: + raise werkzeug.exceptions.NotFound() + db.session.delete(bill) db.session.commit() flash("The bill has been deleted") @@ -249,7 +254,11 @@ def delete_bill(bill_id): @main.route("//edit/", methods=["GET", "POST"]) def edit_bill(bill_id): - bill = Bill.query.get_or_404(bill_id) + # FIXME: Test this bill belongs to this project ! + bill = Bill.query.get(g.project, bill_id) + if not bill: + raise werkzeug.exceptions.NotFound() + form = get_billform_for(g.project, set_default=False) if request.method == 'POST' and form.validate(): form.save(bill) -- cgit v1.1 From b0d41291afade8aec86502d07d1d29d000ff1bca Mon Sep 17 00:00:00 2001 From: Alexis Metaireau Date: Tue, 13 Sep 2011 22:58:53 +0200 Subject: API: Create and Update support --- budget/web.py | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) (limited to 'budget/web.py') diff --git a/budget/web.py b/budget/web.py index 61d67e5..5667b05 100644 --- a/budget/web.py +++ b/budget/web.py @@ -188,18 +188,11 @@ def add_member(): form = MemberForm(g.project) if request.method == "POST": if form.validate(): - # if the user is already bound to the project, just reactivate him - person = Person.query.filter(Person.name == form.name.data)\ - .filter(Project.id == g.project.id).all() - if person: - person[0].activated = True - db.session.commit() - flash("%s is part of this project again" % person[0].name) - return redirect(url_for(".list_bills")) - - db.session.add(Person(name=form.name.data, project=g.project)) + member = form.save(g.project, Person()) db.session.commit() + flash("%s is had been added" % member.name) return redirect(url_for(".list_bills")) + return render_template("add_member.html", form=form) @main.route("//members//reactivate", methods=["GET",]) -- cgit v1.1 From 34ccb3546d2d1cb15e3bc4f5524a2c7630dc2182 Mon Sep 17 00:00:00 2001 From: Arnaud Bos Date: Wed, 14 Sep 2011 02:07:26 +0200 Subject: Validate authentication form if given identifier is null. Fix #30. --- budget/web.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'budget/web.py') diff --git a/budget/web.py b/budget/web.py index 5667b05..3527a75 100644 --- a/budget/web.py +++ b/budget/web.py @@ -63,7 +63,7 @@ def pull_project(endpoint, values): def authenticate(project_id=None): """Authentication form""" form = AuthenticationForm() - if not form.id.data and request.args['project_id']: + if not form.id.data and request.args.get('project_id'): form.id.data = request.args['project_id'] project_id = form.id.data project = Project.query.get(project_id) @@ -71,7 +71,11 @@ def authenticate(project_id=None): if not project: # But if the user try to connect to an unexisting project, we will # propose him a link to the creation form. - create_project = project_id + if not project_id: + if request.method == "POST": + form.validate() + else: + create_project = project_id else: # if credentials are already in session, redirect -- cgit v1.1 From 6212b643ec97e5708a1dc5af39e3f9eb35c01405 Mon Sep 17 00:00:00 2001 From: Arnaud Bos Date: Wed, 14 Sep 2011 02:19:10 +0200 Subject: Simplified #30 fix. --- budget/web.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'budget/web.py') diff --git a/budget/web.py b/budget/web.py index 3527a75..7376135 100644 --- a/budget/web.py +++ b/budget/web.py @@ -71,9 +71,8 @@ def authenticate(project_id=None): if not project: # But if the user try to connect to an unexisting project, we will # propose him a link to the creation form. - if not project_id: - if request.method == "POST": - form.validate() + if request.method == "POST": + form.validate() else: create_project = project_id -- cgit v1.1 From 20ab40690d74befcd8fc75f24f301759840bf43a Mon Sep 17 00:00:00 2001 From: Alexis Metaireau Date: Wed, 14 Sep 2011 22:03:18 +0200 Subject: Provide a way to edit a project. Fix #17 --- budget/web.py | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'budget/web.py') diff --git a/budget/web.py b/budget/web.py index 7376135..250359d 100644 --- a/budget/web.py +++ b/budget/web.py @@ -7,7 +7,7 @@ import werkzeug # local modules from models import db, Project, Person, Bill from forms import (ProjectForm, AuthenticationForm, BillForm, MemberForm, - InviteForm, CreateArchiveForm) + InviteForm, CreateArchiveForm, EditProjectForm) from utils import get_billform_for, Redirect303 """ @@ -130,6 +130,24 @@ def create_project(): return render_template("create_project.html", form=form) +@main.route("//edit", methods=["GET", "POST"]) +def edit_project(): + form = EditProjectForm() + if request.method == "POST": + if form.validate(): + project = form.update(g.project) + db.session.commit() + session[project.id] = project.password + + return redirect(url_for(".list_bills")) + else: + form.name.data = g.project.name + form.password.data = g.project.password + form.contact_email.data = g.project.contact_email + + return render_template("edit_project.html", form=form) + + @main.route("/exit") def exit(): # delete the session -- cgit v1.1