From d6f7b3e549db0b4868b3fc7bb22ebdad799b9471 Mon Sep 17 00:00:00 2001
From: Luke Else <mail@luke-else.co.uk>
Date: Wed, 14 Feb 2024 16:46:30 +0000
Subject: [PATCH] #10 Added Product section to admin page

---
 controllers/web/admin.py   |  2 ++
 controllers/web/product.py | 16 ++++++---
 controllers/web/stats.py   |  2 +-
 static/css/alerts.css      |  1 +
 templates/admin.html       | 73 +++++++++++++++++++++++++++++++++++++-
 templates/header.html      |  2 +-
 templates/product.html     |  2 +-
 7 files changed, 90 insertions(+), 8 deletions(-)

diff --git a/controllers/web/admin.py b/controllers/web/admin.py
index b2097e7..8a41765 100644
--- a/controllers/web/admin.py
+++ b/controllers/web/admin.py
@@ -46,6 +46,8 @@ def products():
     db = ProductController()
     products = db.read_all()
 
+    print(len(products))
+
     return render_template(
         "index.html",
         content="admin.html",
diff --git a/controllers/web/product.py b/controllers/web/product.py
index 097262c..144bc15 100644
--- a/controllers/web/product.py
+++ b/controllers/web/product.py
@@ -50,6 +50,13 @@ def get_filter():
     return FILTERS['Relevance']
 
 
+def redirect_on_complete():
+    """ Redirects to an appropriate location depending on the role """
+    if is_role("Admin"):
+        return redirect(url_for('main.admin.products'))
+    return redirect(url_for('main.seller.display_own'))
+
+
 @product_blueprint.context_processor
 @seller_blueprint.context_processor
 def category_list():
@@ -168,9 +175,10 @@ def update(id: int):
     db = ProductController()
     product = db.read_id(id)
 
-    if product.sellerID != user_id:
+    # Only admins and the owner can change the product
+    if product.sellerID != user_id and not is_role("Admin"):
         flash("This product does not belong to you!", "error")
-        return redirect(url_for('main.seller.own'))
+        return redirect(url_for('main.seller.display_own'))
 
     # Save new image file
     file = request.files.get('image')
@@ -201,13 +209,13 @@ def delete(id: int):
     db = ProductController()
     product = db.read_id(id)
 
-    if product.sellerID != user_id:
+    if product.sellerID != user_id and not is_role("Admin"):
         flash("This product does not belong to you!", "error")
         return redirect(url_for('main.seller.display_own'))
 
     db.delete(id)
     flash("Product Removed!", "success")
-    return redirect(url_for('main.seller.display_own'))
+    return redirect_on_complete()
 
 
 @seller_blueprint.route('/ownproducts')
diff --git a/controllers/web/stats.py b/controllers/web/stats.py
index 96d04bf..2d49f82 100644
--- a/controllers/web/stats.py
+++ b/controllers/web/stats.py
@@ -31,7 +31,7 @@ def view_product_stats(id: int):
     # Check user is seller
     if not is_role("Seller"):
         flash("You must be logged in as a seller to view this page!", "error")
-        return redirect(url_for('main.index'))
+        return redirect(url_for('main.products.product', id=id))
 
     db = ProductController()
     product = db.read_id(id)
diff --git a/static/css/alerts.css b/static/css/alerts.css
index 3677ff7..376567a 100644
--- a/static/css/alerts.css
+++ b/static/css/alerts.css
@@ -74,6 +74,7 @@
 
 .modal {
     opacity: 0;
+    z-index: 1;
     visibility: hidden;
     position: fixed;
     top: 0;
diff --git a/templates/admin.html b/templates/admin.html
index 154bce0..d4cbc3f 100644
--- a/templates/admin.html
+++ b/templates/admin.html
@@ -2,7 +2,8 @@
 <link rel="stylesheet" href="{{ url_for('static', filename='css/loginform.css') }}" />
 <link rel="stylesheet" href="{{ url_for('static', filename='css/modal.css') }}">
 
-{% if users != None %}
+<!-- USER MANAGEMENT-->
+{% if users is defined and users != None %}
     <p>Showing {{users|count}} users</p>
     <div class="user-container">
         <table class="table table-style">
@@ -63,6 +64,76 @@
             </tbody>
         </table>
     </div>
+
+
+<!-- PRODUCT MANAGEMENT-->
+{% elif products is defined and products != None %}
+    <p>Showing {{products|count}} products</p>
+    <div class="user-container">
+        <table class="table table-style">
+            <thead>
+              <tr>
+                <th scope="col">#</th>
+                <th scope="col">Name</th>
+                <th scope="col">SellerID</th>
+                <th scope="col">Price</th>
+                <th scope="col">Category</th>
+                <th scope="col">Quantity</th>
+                <th>Actions</th>
+              </tr>
+            </thead>
+            <tbody>
+                {% for product in products %}
+                    <tr>
+                        <td>{{product.id}}</td>
+                        <td>{{product.name}}</td>
+                        <td>{{product.sellerID}}</td>
+                        <td>{{product.cost}}</td>
+                        <td>{{product.category}}</td>
+                        <td>{{product.quantityAvailable}}</td>
+                        <td>
+                            <div class="input-form-row">
+                                <a href="{{url_for('main.products.product', id=product.id)}}">
+                                    <div class="button neutral">
+                                        <p class="btnText">Edit Product</p>
+                                        <div class="btnTwo">
+                                          <p class="btnText2">{{product.id}}</p>
+                                        </div>
+                                    </div>
+                                </a>
+                                <label for="deleteModal{{product.id}}">
+                                    <div class="button error">
+                                        <p class="btnText">DELETE PRODUCT</p>
+                                        <div class="btnTwo">
+                                          <p class="btnText2">X</p>
+                                        </div>
+                                    </div>
+                                </label>
+                            </div>
+                        </td>
+                    </tr>
+
+                    <!-- Modal -->
+                    <input class="modal-state" id="deleteModal{{product.id}}" type="checkbox" />
+                    <div class="modal">
+                        <label class="modal__bg" for="deleteModal{{product.id}}"></label>
+                        <div class="modal__inner">
+                            <label class="modal__close" for="deleteModal{{product.id}}"></label>
+                            <h2>Confirm Delete</h2>
+                            <p>Are you sure you want to <b>delete</b> <b>{{product.name}}</b></p>
+                            <form method="POST" action="{{ url_for('main.seller.delete', id=product.id) }}">
+                                <div class="input-form-row">
+                                    <input type="submit" class="modal-btn error" for="deleteModal{{product.id}}" value="Delete" />
+                                </div>
+                            </form>
+                        </div>
+                    </div>
+                {% endfor %}
+            </tbody>
+        </table>
+    </div>
+
+
 {% else %}
     <p>Sorry... We have nothing to show here!</p>
 {% endif %}
diff --git a/templates/header.html b/templates/header.html
index 8906f32..bd778ec 100644
--- a/templates/header.html
+++ b/templates/header.html
@@ -27,7 +27,7 @@
             <div class="categories">
                 {# List all available Admin tools #}
                 <a href="{{ url_for('main.admin.users') }}" class="category">Manage Users</a>
-                <a href="{{ url_for('main.admin.main') }}" class="category">Manage Products</a>
+                <a href="{{ url_for('main.admin.products') }}" class="category">Manage Products</a>
             </div>
         {% endif %}
     {% endif %}
diff --git a/templates/product.html b/templates/product.html
index b4969cf..6b193cf 100644
--- a/templates/product.html
+++ b/templates/product.html
@@ -2,7 +2,7 @@
 <link rel="stylesheet" href="{{ url_for('static', filename='css/loginform.css') }}">
 
 {% if product != None %}
-    {% if user.id == product.sellerID %}
+    {% if user.id == product.sellerID or user.role == "Admin" %}
         <!-- Form -->
         <form class="product-fs" method="POST" action="{{ url_for('main.seller.update', id=product.id) }}" enctype="multipart/form-data">
             <img class="product-image" src="{{ url_for('static', filename='assets/img/products/' + product.image) }}" alt="Brake Disks"/>