From e5c3ac00fa68f1180f1f33ba09e9786cf0e9cca5 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Wed, 13 Jul 2022 13:47:31 +0300
Subject: Replace redirect with user confirmation

Rather than using the redirect, that led to exposing the study id as a
get parameter, this commit adds an auxilliary step that allows the
user to choose whether to continue with the new study or go back and
select an existing study.
---
 qc_app/dbinsert.py                               | 16 ++++---
 qc_app/templates/continue_from_create_study.html | 56 ++++++++++++++++++++++++
 2 files changed, 67 insertions(+), 5 deletions(-)
 create mode 100644 qc_app/templates/continue_from_create_study.html

diff --git a/qc_app/dbinsert.py b/qc_app/dbinsert.py
index 523152d..c106366 100644
--- a/qc_app/dbinsert.py
+++ b/qc_app/dbinsert.py
@@ -150,6 +150,9 @@ def create_study():
     "Create a new study (ProbeFreeze)."
     form = request.form
     try:
+        assert form.get("filename"), "filename"
+        assert form.get("filetype"), "filetype"
+        assert form.get("species"), "species"
         assert form.get("genechipid"), "platform"
         assert form.get("studyname"), "study name"
         assert form.get("inbredsetid"), "group"
@@ -170,9 +173,12 @@ def create_study():
                     "INSERT INTO ProbeFreeze() "
                     "VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s)")
                 cursor.execute(query, values)
-                return redirect(
-                    url_for("dbinsert.select_dataset", studyid=new_studyid),
-                    code=307)
+                flash("Study created successfully", "alert-success")
+                return render_template(
+                    "continue_from_create_study.html",
+                    filename=form["filename"], filetype=form["filetype"],
+                    species=form["species"], genechipid=form["genechipid"],
+                    studyid=new_studyid)
     except AssertionError as aserr:
         flash(f"Missing data: {aserr.args[0]}", "alert-error")
         return redirect(url_for("dbinsert.select_study"), code=307)
@@ -197,9 +203,9 @@ def select_dataset():
         assert form.get("filetype"), "filetype"
         assert form.get("species"), "species"
         assert form.get("genechipid"), "platform"
-        assert (form.get("studyid") or request.args.get("studyid")), "study"
+        assert form.get("studyid"), "study"
 
-        studyid=(form.get("studyid") or request.args.get("studyid"))
+        studyid = form["studyid"]
         datasets = datasets_by_study(studyid)
         return render_template(
             "select_dataset.html", filename=form["filename"],
diff --git a/qc_app/templates/continue_from_create_study.html b/qc_app/templates/continue_from_create_study.html
new file mode 100644
index 0000000..fecb19b
--- /dev/null
+++ b/qc_app/templates/continue_from_create_study.html
@@ -0,0 +1,56 @@
+{%extends "base.html"%}
+{%from "dbupdate_hidden_fields.html" import hidden_fields%}
+
+{%block title%}Create Study{%endblock%}
+
+{%block css%}
+<link rel="stylesheet" href="/static/css/two-column-with-separator.css" />
+{%endblock%}
+
+{%block contents%}
+<h2 class="heading">{{filename}}: create study</h2>
+
+{%with messages = get_flashed_messages(with_categories=true)%}
+{%if messages:%}
+<ul>
+  {%for category, message in messages:%}
+  <li class="{{category}}">{{message}}</li>
+  {%endfor%}
+</ul>
+{%endif%}
+{%endwith%}
+
+<div class="two-column-with-separator">
+  <form method="POST" action="{{url_for('dbinsert.select_dataset')}}"
+	id="select-platform-form" data-genechips="{{genechips_data}}"
+	class="two-col-sep-col1">
+    <legend>continue with new study</legend>
+    {{hidden_fields(
+    filename, filetype, species=species, genechipid=genechipid,
+    studyid=studyid)}}
+
+    <fieldset>
+      <input type="submit"
+	     value="continue"
+	     class="btn btn-main form-col-2" />
+    </fieldset>
+  </form>
+
+  <p class="two-col-sep-separator">OR</p>
+
+  <form method="POST" action="{{url_for('dbinsert.select_study')}}"
+	id="select-platform-form" data-genechips="{{genechips_data}}"
+	class="two-col-sep-col2">
+    <legend>Select from existing study</legend>
+    {{hidden_fields(
+    filename, filetype, species=species, genechipid=genechipid,
+    studyid=studyid)}}
+
+    <fieldset>
+      <input type="submit"
+	     value="go back"
+	     class="btn btn-main form-col-2" />
+    </fieldset>
+  </form>
+</div>
+{%endblock%}
-- 
cgit v1.2.3