candifloss/flask_crud_app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Form validation for create.py

Browse Source
This commit is contained in:
Candifloss 2025-02-23 22:57:18 +05:30
parent 3f4c27ee5b
commit 719dc3ce2e
3 changed files with 113 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
functions/validate_values.py
View File

@ -1,83 +1,103 @@
import re
from datetime import datetime
from typing import Dict, Optional
import re
from typing import Dict, Any, Optional
from definitions.attribute import *
from config import item_attributes
from definitions.attribute import textAttribute, intAttribute, floatAttribute, dateAttribute, selectAttribute
def _is_int(value: str) -> bool:
"""Check if a value is a valid integer."""
try:
int(value)
def _is_int(value: Any) -> bool:
"""Check if a value is a valid integer (including string representations)."""
if isinstance(value, int):
return True
except (ValueError, TypeError):
return False
if isinstance(value, str):
try:
int(value)
return True
except ValueError:
return False
return False
def _is_float(value: str) -> bool:
"""Check if a value is a valid float."""
try:
float(value)
def _is_float(value: Any) -> bool:
"""Check if a value is a valid float (including string representations)."""
if isinstance(value, (int, float)):
return True
except (ValueError, TypeError):
return False
if isinstance(value, str):
try:
float(value)
return True
except ValueError:
return False
return False
def _is_date(value: str) -> bool:
def _is_date(value: Any) -> bool:
"""Check if a value is a valid date in YYYY-MM-DD format."""
if not isinstance(value, str):
return False
try:
datetime.strptime(value, "%Y-%m-%d")
return True
except (ValueError, TypeError):
except ValueError:
return False
def validate_values(form_data: Dict[str, str]) -> Optional[str]:
def validate_values(form_data: Dict[str, Any]) -> Optional[str]:
"""
Validate the submitted form values against the item_attributes configuration.
Validate form data against the configuration in item_attributes.
Returns an error message if invalid, otherwise None.
"""
# Check if all required fields are present
for attrib in item_attributes:
value = form_data.get(attrib.attrib_name)
if attrib.required and attrib.attrib_name not in form_data:
return f"Missing required field: {attrib.display_name}."
# Check required fields
if attrib.required and not value:
return f"{attrib.display_name} is required."
# Check for unexpected fields
submitted_fields = set(form_data.keys())
expected_fields = {attrib.attrib_name for attrib in item_attributes}
if unexpected_fields := submitted_fields - expected_fields:
return f"Unexpected fields submitted: {', '.join(unexpected_fields)}."
# Skip validation for empty optional fields
if not value:
continue
# Validate each field
for attrib in item_attributes:
if attrib.attrib_name not in form_data:
continue # Skip optional fields that are not submitted
value = form_data[attrib.attrib_name]
# Validate based on attribute type
if isinstance(attrib, textAttribute):
if attrib.regex and not re.match(attrib.regex, value):
return f"Invalid value for {attrib.display_name}. Must match the pattern: {attrib.regex}."
if attrib.regex is not None and not re.match(attrib.regex, str(value)):
return f"Invalid value for {attrib.display_name}. Must match pattern: {attrib.regex}."
elif isinstance(attrib, intAttribute):
if not _is_int(value):
return f"{attrib.display_name} must be an integer."
value_int = int(value)
return f"Invalid value for {attrib.display_name}. Must be an integer."
value_int = int(value) # Convert to integer for range checks
if attrib.min_val is not None and value_int < attrib.min_val:
return f"{attrib.display_name} must be greater than or equal to {attrib.min_val}."
return f"Invalid value for {attrib.display_name}. Must be at least {attrib.min_val}."
if attrib.max_val is not None and value_int > attrib.max_val:
return f"{attrib.display_name} must be less than or equal to {attrib.max_val}."
return f"Invalid value for {attrib.display_name}. Must be at most {attrib.max_val}."
elif isinstance(attrib, floatAttribute):
if not _is_float(value):
return f"{attrib.display_name} must be a number."
value_float = float(value)
return f"Invalid value for {attrib.display_name}. Must be a number."
value_float = float(value) # Convert to float for range checks
if attrib.min_val is not None and value_float < attrib.min_val:
return f"{attrib.display_name} must be greater than or equal to {attrib.min_val}."
return f"Invalid value for {attrib.display_name}. Must be at least {attrib.min_val}."
if attrib.max_val is not None and value_float > attrib.max_val:
return f"{attrib.display_name} must be less than or equal to {attrib.max_val}."
return f"Invalid value for {attrib.display_name}. Must be at most {attrib.max_val}."
elif isinstance(attrib, dateAttribute):
if not _is_date(value):
return f"{attrib.display_name} must be a valid date in YYYY-MM-DD format."
value_date = datetime.strptime(value, "%Y-%m-%d").date()
if attrib.min_val and value_date < datetime.strptime(attrib.min_val, "%Y-%m-%d").date():
return f"{attrib.display_name} cannot be earlier than {attrib.min_val}."
if attrib.max_val and value_date > datetime.strptime(attrib.max_val, "%Y-%m-%d").date():
return f"{attrib.display_name} cannot be later than {attrib.max_val}."
return f"Invalid value for {attrib.display_name}. Must be a valid date (YYYY-MM-DD)."
if attrib.min_val is not None:
min_date = datetime.strptime(attrib.min_val, "%Y-%m-%d")
if datetime.strptime(value, "%Y-%m-%d") < min_date:
return f"Invalid value for {attrib.display_name}. Must be on or after {attrib.min_val}."
if attrib.max_val is not None:
max_date = datetime.strptime(attrib.max_val, "%Y-%m-%d")
if datetime.strptime(value, "%Y-%m-%d") > max_date:
return f"Invalid value for {attrib.display_name}. Must be on or before {attrib.max_val}."
elif isinstance(attrib, selectAttribute):
if value not in attrib.options:
return f"{attrib.display_name} must be one of: {', '.join(attrib.options)}."
return f"Invalid value for {attrib.display_name}. Must be one of: {', '.join(attrib.options)}."
return None # No errors

53
routes/create.py
View File

@ -1,8 +1,8 @@
from flask import Blueprint, request, render_template, redirect
from flask import Blueprint, request, render_template, redirect, flash
from definitions.models import Asset, db
from config import item_attributes
from sqlalchemy import exc # Import exc for database exceptions
from definitions.attribute import selectAttribute, intAttribute # Import attribute classes
from functions.validate_values import validate_values # Form validation
addasset_bp = Blueprint('addasset', __name__)
@ -10,33 +10,17 @@ addasset_bp = Blueprint('addasset', __name__)
def create():
if request.method == 'GET':
# Render the "add item" form
return render_template(
'create.html',
item_attributes=item_attributes,
isinstance=isinstance, # Pass isinstance to the template
hasattr=hasattr, # Pass hasattr to the template
selectAttribute=selectAttribute, # Pass selectAttribute to the template
intAttribute=intAttribute # Pass intAttribute to the template
)
return render_template('create.html', item_attributes=item_attributes)
# Process submitted form
if request.method == 'POST':
# Get data from form
form_data = {attrib.attrib_name: request.form[attrib.attrib_name] for attrib in item_attributes}
form_data = {attrib.attrib_name: request.form.get(attrib.attrib_name) for attrib in item_attributes}
# Validate status (if it's an option field)
status_attrib = next((attrib for attrib in item_attributes if attrib.attrib_name == 'status'), None)
if status_attrib and isinstance(status_attrib, selectAttribute):
if form_data['status'] not in status_attrib.options:
return render_template('create.html', item_attributes=item_attributes, exc='status')
# Convert staffnum to int (if it's a number field)
staffnum_attrib = next((attrib for attrib in item_attributes if attrib.attrib_name == 'staffnum'), None)
if staffnum_attrib and isinstance(staffnum_attrib, intAttribute):
try:
form_data['staffnum'] = int(form_data['staffnum'])
except ValueError:
return render_template('create.html', item_attributes=item_attributes, exc='staffnum')
# Form validation
error = validate_values(form_data)
if error:
return render_template('create.html', item_attributes=item_attributes, error=error)
# Create the Asset object
item = Asset(**form_data)
@ -44,9 +28,22 @@ def create():
try:
db.session.add(item)
db.session.commit()
except exc.IntegrityError:
return render_template('create.html', item_attributes=item_attributes, exc='integrity')
except exc.StatementError:
return render_template('create.html', item_attributes=item_attributes, exc='status')
except exc.IntegrityError as e:
# Handle duplicate primary key or unique constraint errors
primary_attrib = next((attrib for attrib in item_attributes if attrib.primary), None)
if primary_attrib:
error = f"An entry with {primary_attrib.display_name} '{form_data[primary_attrib.attrib_name]}' already exists."
else:
error = "An entry with the same primary key already exists."
return render_template('create.html', item_attributes=item_attributes, error=error)
except exc.StatementError as e:
# Handle other database errors
error = f"Database error: {str(e)}"
return render_template('create.html', item_attributes=item_attributes, error=error)
except Exception as e:
# Handle unexpected errors
error = f"An unexpected error occurred: {str(e)}"
return render_template('create.html', item_attributes=item_attributes, error=error)
# Redirect to /viewall on success
return redirect('/viewall')

52
templates/create.html
View File

@ -7,46 +7,44 @@
<body>
<h2 align="center">Add new Item</h2>
<!-- Display error message if any -->
{% if error %}
<p>{{ error }}</p>
{% endif %}
<!-- Form for adding a new item -->
<form method="POST">
{% for attrib in item_attributes -%}
<p>
<label for="{{ attrib.attrib_name }}">{{ attrib.display_name }}:</label>
{%- if isinstance(attrib, selectAttribute) %}
<select
id="{{ attrib.attrib_name }}"
name="{{ attrib.attrib_name }}"
{%- if attrib.required %} required {% endif -%}
>
{% for option in attrib.options -%}
<option value="{{ option }}">{{ option }}</option>
{% endfor -%}
</select>
{% if attrib.html_input_type == "select" %}
<!-- Render a dropdown for select attributes -->
<select
id="{{ attrib.attrib_name }}"
name="{{ attrib.attrib_name }}"
{% if attrib.required %} required {% endif %}
>
{% for option in attrib.options -%}
<option value="{{ option }}">{{ option }}</option>
{% endfor %}
</select>
{% else %}
<!-- Render an input field for other attributes -->
<input
id="{{ attrib.attrib_name }}"
type="{{ attrib.html_input_type }}"
name="{{ attrib.attrib_name }}"
{%- if attrib.required %} required {% endif -%}
{%- if hasattr(attrib, 'min_val') and attrib.min_val is not none %} min="{{ attrib.min_val }}" {% endif -%}
{%- if hasattr(attrib, 'max_val') and attrib.max_val is not none %} max="{{ attrib.max_val }}" {% endif -%}
{%- if attrib.default_val is not none %} value="{{ attrib.default_val }}" {% endif -%}
{% if attrib.required %} required {% endif %}
{% if attrib.html_input_type == "number" %}
{% if attrib.min_val is not none %} min="{{ attrib.min_val }}" {% endif %}
{% if attrib.max_val is not none %} max="{{ attrib.max_val }}" {% endif %}
{% endif %}
{% if attrib.default_val is not none %} value="{{ attrib.default_val }}" {% endif %}
/>
{% endif -%}
{% endif %}
</p>
{% endfor %}
<p><input type="submit" value="Submit" /></p>
</form>
<p align="center">
{%- if exc == 'integrity' -%}
Item with the same assettag already exists
{%- endif -%}
{%- if exc == 'status' -%}
Data input error. Invalid status value
{%- endif -%}
{%- if exc == 'staffnum' -%}
Data input error. Staff number must be an integer
{%- endif -%}
</p>
</body>
</html>