gru/lista_zakupowa_live
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity

poprawki

Browse Source
This commit is contained in:
Mateusz Gruszczyński
2025-09-14 21:51:47 +02:00
parent 070c89b582
commit e992717c45
2 changed files with 87 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

178
app.py
View File

@@ -1742,10 +1742,14 @@ def edit_my_list(list_id):
next_page = request.args.get("next") or request.referrer
if request.method == "POST":
grant_username = (request.form.get("grant_username") or "").strip().lower()
revoke_user_id = request.form.get("revoke_user_id")
action = request.form.get("action")
if action == "grant":
grant_username = (request.form.get("grant_username") or "").strip().lower()
if not grant_username:
flash("Podaj nazwę użytkownika do nadania dostępu.", "danger")
return redirect(next_page or request.url)
if grant_username:
u = User.query.filter(func.lower(User.username) == grant_username).first()
if not u:
flash("Użytkownik nie istnieje.", "danger")
@@ -1770,71 +1774,74 @@ def edit_my_list(list_id):
flash("Ten użytkownik już ma dostęp.", "info")
return redirect(next_page or request.url)
if revoke_user_id:
try:
uid = int(revoke_user_id)
except ValueError:
flash("Błędny identyfikator użytkownika.", "danger")
return redirect(next_page or request.url)
ListPermission.query.filter_by(list_id=l.id, user_id=uid).delete()
db.session.commit()
flash("Odebrano dostęp użytkownikowi.", "success")
return redirect(next_page or request.url)
if "unarchive" in request.form:
l.is_archived = False
db.session.commit()
flash(f"Lista „{l.title}” została przywrócona.", "success")
return redirect(next_page or request.url)
move_to_month = request.form.get("move_to_month")
if move_to_month:
try:
year, month = map(int, move_to_month.split("-"))
new_created_at = datetime(year, month, 1, tzinfo=timezone.utc)
l.created_at = new_created_at
db.session.commit()
flash(
f"Zmieniono datę utworzenia listy na {new_created_at.strftime('%Y-%m-%d')}",
"success",
)
return redirect(next_page or request.url)
except ValueError:
flash("Nieprawidłowy format miesiąca", "danger")
return redirect(next_page or request.url)
new_title = (request.form.get("title") or "").strip()
is_public = "is_public" in request.form
is_temporary = "is_temporary" in request.form
is_archived = "is_archived" in request.form
expires_date = request.form.get("expires_date")
expires_time = request.form.get("expires_time")
if not new_title:
flash("Podaj poprawny tytuł", "danger")
return redirect(next_page or request.url)
l.title = new_title
l.is_public = is_public
l.is_temporary = is_temporary
l.is_archived = is_archived
if expires_date and expires_time:
try:
combined = f"{expires_date} {expires_time}"
expires_dt = datetime.strptime(combined, "%Y-%m-%d %H:%M")
l.expires_at = expires_dt.replace(tzinfo=timezone.utc)
except ValueError:
flash("Błędna data lub godzina wygasania", "danger")
return redirect(next_page or request.url)
else:
l.expires_at = None
revoke_user_id = request.form.get("revoke_user_id")
update_list_categories_from_form(l, request.form)
db.session.commit()
flash("Zaktualizowano dane listy", "success")
return redirect(next_page or request.url)
if revoke_user_id:
try:
uid = int(revoke_user_id)
except ValueError:
flash("Błędny identyfikator użytkownika.", "danger")
return redirect(next_page or request.url)
ListPermission.query.filter_by(list_id=l.id, user_id=uid).delete()
db.session.commit()
flash("Odebrano dostęp użytkownikowi.", "success")
return redirect(next_page or request.url)
if "unarchive" in request.form:
l.is_archived = False
db.session.commit()
flash(f"Lista „{l.title}” została przywrócona.", "success")
return redirect(next_page or request.url)
move_to_month = request.form.get("move_to_month")
if move_to_month:
try:
year, month = map(int, move_to_month.split("-"))
new_created_at = datetime(year, month, 1, tzinfo=timezone.utc)
l.created_at = new_created_at
db.session.commit()
flash(
f"Zmieniono datę utworzenia listy na {new_created_at.strftime('%Y-%m-%d')}",
"success",
)
return redirect(next_page or request.url)
except ValueError:
flash("Nieprawidłowy format miesiąca", "danger")
return redirect(next_page or request.url)
new_title = (request.form.get("title") or "").strip()
is_public = "is_public" in request.form
is_temporary = "is_temporary" in request.form
is_archived = "is_archived" in request.form
expires_date = request.form.get("expires_date")
expires_time = request.form.get("expires_time")
if not new_title:
flash("Podaj poprawny tytuł", "danger")
return redirect(next_page or request.url)
l.title = new_title
l.is_public = is_public
l.is_temporary = is_temporary
l.is_archived = is_archived
if expires_date and expires_time:
try:
combined = f"{expires_date} {expires_time}"
expires_dt = datetime.strptime(combined, "%Y-%m-%d %H:%M")
l.expires_at = expires_dt.replace(tzinfo=timezone.utc)
except ValueError:
flash("Błędna data lub godzina wygasania", "danger")
return redirect(next_page or request.url)
else:
l.expires_at = None
update_list_categories_from_form(l, request.form)
db.session.commit()
flash("Zaktualizowano dane listy", "success")
return redirect(next_page or request.url)
permitted_users = (
db.session.query(User)
@@ -2856,11 +2863,6 @@ def admin_receipts(list_id=None):
page, per_page = get_page_args(default_per_page=24, max_per_page=200)
if list_id is not None:
target_list = db.session.get(ShoppingList, list_id)
if not target_list:
flash("Lista nie istnieje.", "danger")
return redirect(url_for("admin_receipts"))
all_receipts = (
Receipt.query.options(joinedload(Receipt.uploaded_by_user))
.filter_by(list_id=list_id)
@@ -3559,34 +3561,28 @@ def admin_lists_access(list_id=None):
action = request.form.get("action")
target_list_id = request.form.get("target_list_id", type=int)
if action == "grant":
grant_username = (request.form.get("grant_username") or "").strip().lower()
if not grant_username:
flash("Podaj nazwę użytkownika do nadania dostępu.", "danger")
return redirect(next_page or request.url)
u = User.query.filter(func.lower(User.username) == grant_username).first()
if action == "grant" and target_list_id:
login = (request.form.get("grant_username") or "").strip().lower()
l = db.session.get(ShoppingList, target_list_id)
if not l:
flash("Lista nie istnieje.", "danger")
return redirect(request.url)
u = User.query.filter(func.lower(User.username) == login).first()
if not u:
flash("Użytkownik nie istnieje.", "danger")
return redirect(next_page or request.url)
if u.id == current_user.id:
flash("Jesteś właścicielem tej listy.", "info")
return redirect(next_page or request.url)
return redirect(request.url)
exists = (
db.session.query(ListPermission.id)
.filter(
ListPermission.list_id == shopping_list.id,
ListPermission.user_id == u.id,
)
.filter(ListPermission.list_id == l.id, ListPermission.user_id == u.id)
.first()
)
if not exists:
db.session.add(ListPermission(list_id=shopping_list.id, user_id=u.id))
db.session.add(ListPermission(list_id=l.id, user_id=u.id))
db.session.commit()
flash(f"Nadano dostęp użytkownikowi {u.username}”.", "success")
flash(f"Nadano dostęp „{u.username} do listy #{l.id}.", "success")
else:
flash("Ten użytkownik już ma dostęp.", "info")
return redirect(next_page or request.url)
return redirect(request.url)
if action == "revoke" and target_list_id:
uid = request.form.get("revoke_user_id", type=int)
@@ -3596,7 +3592,7 @@ def admin_lists_access(list_id=None):
).delete()
db.session.commit()
flash("Odebrano dostęp użytkownikowi.", "success")
return redirect(next_page or request.url)
return redirect(request.url)
if action == "save_changes":
ids = request.form.getlist("visible_ids", type=int)
@@ -3609,7 +3605,7 @@ def admin_lists_access(list_id=None):
l.is_archived = posted.get(f"is_archived_{l.id}") is not None
db.session.commit()
flash("Zapisano zmiany statusów.", "success")
return redirect(next_page or request.url)
return redirect(request.url)
perms = (
db.session.query(

2
templates/edit_my_list.html
View File

@@ -129,9 +129,7 @@
<div class="col-md-3">
<button type="submit" class="btn btn-outline-light w-100"> Dodaj</button>
</div>
<!-- opcjonalnie, żeby rozróżnić akcje po stronie serwera -->
<input type="hidden" name="action" value="grant">
<!-- opcjonalnie zachowanie powrotu -->
<input type="hidden" name="next" value="{{ request.path }}">
</div>
</form>