From 2eaab16e4edde1e00fd91cd9cb1f5a108f1ea807 Mon Sep 17 00:00:00 2001
From: SirGankalot <73303677+SirGankalot@users.noreply.github.com>
Date: Wed, 1 May 2024 20:34:41 +0200
Subject: [PATCH] Changed it so Groups are accessable for authorized users only
---
.../website/templates/group_page.html | 23 +++++++++++++++++++
.../website/templates/groups.html | 7 +-----
service/src/FlaskWebsite/website/views.py | 19 ++++++++++++---
3 files changed, 40 insertions(+), 9 deletions(-)
create mode 100644 service/src/FlaskWebsite/website/templates/group_page.html
diff --git a/service/src/FlaskWebsite/website/templates/group_page.html b/service/src/FlaskWebsite/website/templates/group_page.html
new file mode 100644
index 0000000..b7ab410
--- /dev/null
+++ b/service/src/FlaskWebsite/website/templates/group_page.html
@@ -0,0 +1,23 @@
+{% extends "base.html" %} {% block title %}Home{% endblock %} {% block content
+ %}
+ Note Groups
+
+ {% for note in notes %}
+ -
+ {{ note.data }}
+ {% if note.owner_id == user.id %}
+
+ {% endif %}
+
+ {% endfor %}
+
+
+ {% endblock %}
\ No newline at end of file
diff --git a/service/src/FlaskWebsite/website/templates/groups.html b/service/src/FlaskWebsite/website/templates/groups.html
index 7b0354a..8a27f95 100644
--- a/service/src/FlaskWebsite/website/templates/groups.html
+++ b/service/src/FlaskWebsite/website/templates/groups.html
@@ -4,12 +4,7 @@ Groups
diff --git a/service/src/FlaskWebsite/website/views.py b/service/src/FlaskWebsite/website/views.py
index 548482d..651b714 100644
--- a/service/src/FlaskWebsite/website/views.py
+++ b/service/src/FlaskWebsite/website/views.py
@@ -1,4 +1,4 @@
-from flask import Blueprint, render_template, request, flash, jsonify
+from flask import Blueprint, render_template, request, flash, jsonify, redirect, url_for
from flask_login import login_required, current_user
from .models import Note
from .models import NoteGroup
@@ -6,6 +6,7 @@
import json
+
views = Blueprint('views', __name__)
@@ -42,12 +43,24 @@ def creategroup():
print("here")
# Retrieve all rows from the NoteGroup table
note_groups = db.session.query(NoteGroup).all()
- print(note_groups)
# Prepare a list of dictionaries where each dictionary represents a row with column names as keys and values as values
groups = [{column.name: getattr(note_group, column.name) for column in NoteGroup.columns} for note_group in note_groups]
- print(groups)
return render_template("groups.html", user=current_user, groups=groups)
+@views.route('/creategroup/', methods=['GET', 'POST'])
+@login_required
+def group_page(group_id):
+ group_allusers = db.session.query(NoteGroup).filter_by(id=group_id).all()
+ if group_allusers:
+ if any(one_user.UserId == current_user.id for one_user in group_allusers):
+ # Retrieve all notes associated with the group
+ notes = db.session.query(Note).filter_by(owner_id=current_user.id).all()
+ return render_template("group_page.html", user=current_user, group=group_allusers, notes=notes)
+ else:
+ flash('You are not authorized to access this group.', category='error')
+ else:
+ flash('Group not found.', category='error')
+ return redirect(url_for('views.home'))
@views.route('/delete-note', methods=['POST'])
def delete_note():