def add_new_book(request):
"""
Tests:
- GETTest
- AddNewBookTest
- SecurityTest
- NotAllowedTest
"""
if not request.method == 'POST':
t = loader.get_template('405.html')
c = RC(request)
return HttpResponseNotAllowed(t.render(c), ['POST'])
# User must be staff or admin to get to this page
if not request.user.is_staff:
t = loader.get_template('403.html')
c = RC(request)
return HttpResponseForbidden(t.render(c))
if request.POST.get("Action", '') == 'Add':
form = NewBookForm(request.POST)
if form.is_valid():
# This came from the add_book view, and we need to
# create a book and a metabook
barcode = form.cleaned_data['barcode']
price = form.cleaned_data['price']
sid = form.cleaned_data['seller']
author = form.cleaned_data['author']
title = form.cleaned_data['title']
ed = form.cleaned_data['edition']
dept = form.cleaned_data['department']
course_num = form.cleaned_data['course_number']
metabook = MetaBook(barcode=barcode, author=author, title=title, edition=ed)
metabook.save()
goc = Course.objects.get_or_create
course, created = goc(department=dept, number=course_num)
metabook.courses.add(course)
metabook.save()
try:
seller = User.objects.get(pk=sid)
except User.DoesNotExist:
seller = import_user(sid)
if seller == None:
message = "Invalid Student ID: %s" % sid
return tidy_error(request, message)
book = Book(seller=seller, price=Decimal(price), metabook=metabook)
book.status = 'F'
book.save()
Log(book=book, who=request.user, action='A').save()
var_dict = {
'title' : metabook.title,
'author' : metabook.author,
'seller_name' : seller.get_full_name(),
'book_id' : book.id,
}
template = 'books/update_book/added.html'
return rtr(template, var_dict, context_instance=RC(request))
var_dict = {'form' : form}
template = 'books/add_new_book.html'
return rtr(template, var_dict, context_instance=RC(request))
def attach_book(request):
"""
Tests:
- GETTest
- SecurityTest
- NotAllowedTest
"""
# User must be staff or admin to get to this page
if not request.user.is_staff:
t = loader.get_template('403.html')
c = RC(request)
return HttpResponseForbidden(t.render(c))
if not request.method == 'POST':
t = loader.get_template('405.html')
c = RC(request)
return HttpResponseNotAllowed(t.render(c), ['POST'])
form = NewBookForm(request.POST)
if not form.is_valid():
# The form has bad data. send the user back
var_dict = {'form' : form}
template = 'books/attach_book.html'
return rtr(template, var_dict, context_instance=RC(request))
# shorten our code line lengths below
goc = Course.objects.get_or_create
cd = form.cleaned_data
# Get the course if it exists, otherwise create it.
tpl = goc(department=cd['department'], number=cd['course_number'])
course = tpl[0]
metabook = MetaBook()
metabook.title = form.cleaned_data['title']
metabook.author = form.cleaned_data['author']
metabook.barcode = form.cleaned_data['barcode']
metabook.edition = form.cleaned_data['edition']
metabook.save()
metabook.courses.add(course)
metabook.save()
book = Book.objects.get(pk=form.cleaned_data['book_id'])
book.metabook = metabook
book.save()
var_dict = {'book' : book}
template = 'books/attached.html'
return rtr(template, var_dict, context_instance=RC(request))
def attach_book(request):
"""
Tests:
- GETTest
- SecurityTest
- NotAllowedTest
"""
# User must be staff or admin to get to this page
if not request.user.is_staff:
t = loader.get_template('403.html')
c = RC(request)
return HttpResponseForbidden(t.render(c))
if not request.method == 'POST':
t = loader.get_template('405.html')
c = RC(request)
return HttpResponseNotAllowed(t.render(c), ['POST'])
form = NewBookForm(request.POST)
if not form.is_valid():
# The form has bad data. send the user back
var_dict = {'form': form}
template = 'books/attach_book.html'
return rtr(template, var_dict, context_instance=RC(request))
# shorten our code line lengths below
goc = Course.objects.get_or_create
cd = form.cleaned_data
# Get the course if it exists, otherwise create it.
tpl = goc(department=cd['department'], number=cd['course_number'])
course = tpl[0]
metabook = MetaBook()
metabook.title = form.cleaned_data['title']
metabook.author = form.cleaned_data['author']
metabook.barcode = form.cleaned_data['barcode']
metabook.edition = form.cleaned_data['edition']
metabook.save()
metabook.courses.add(course)
metabook.save()
book = Book.objects.get(pk=form.cleaned_data['book_id'])
book.metabook = metabook
book.save()
var_dict = {'book': book}
template = 'books/attached.html'
return rtr(template, var_dict, context_instance=RC(request))
def add_book(request):
"""
Tests:
- GETTest
- SecurityTest
"""
# User must be staff or admin to get to this page
if not request.user.is_staff:
t = loader.get_template('403.html')
c = RC(request)
return HttpResponseForbidden(t.render(c))
if request.method == "POST":
form = BookForm(request.POST)
if form.is_valid():
student_id = form.cleaned_data['seller']
price = form.cleaned_data['price']
barcode = form.cleaned_data['barcode']
try:
metabook = MetaBook.objects.get(barcode=barcode)
except MetaBook.DoesNotExist:
initial = {
'barcode': barcode,
'seller': student_id,
'price': price,
'edition': '1',
}
form = NewBookForm(initial=initial)
var_dict = {'form': form}
template = 'books/add_new_book.html'
return rtr(template, var_dict, context_instance=RC(request))
try:
seller = User.objects.get(id=student_id)
except User.DoesNotExist:
seller = import_user(student_id)
if seller == None:
message = "Invalid Student ID: %s" % student_id
return tidy_error(request, message)
book = Book(price=price,
status="F",
metabook=metabook,
seller=seller)
book.save()
Log(book=book, who=request.user, action='A').save()
var_dict = {'title': metabook.title, 'book_id': book.id}
template = 'books/update_book/added.html'
return rtr(template, var_dict, context_instance=RC(request))
# the form isn't valid. send the user back.
var_dict = {'form': form}
template = 'books/add_book.html'
return rtr(template, var_dict, context_instance=RC(request))
else:
# the user is hitting the page for the first time
form = BookForm()
var_dict = {'form': form}
template = 'books/add_book.html'
return rtr(template, var_dict, context_instance=RC(request))
def add_new_book(request):
"""
Tests:
- GETTest
- AddNewBookTest
- SecurityTest
- NotAllowedTest
"""
if not request.method == 'POST':
t = loader.get_template('405.html')
c = RC(request)
return HttpResponseNotAllowed(t.render(c), ['POST'])
# User must be staff or admin to get to this page
if not request.user.is_staff:
t = loader.get_template('403.html')
c = RC(request)
return HttpResponseForbidden(t.render(c))
if request.POST.get("Action", '') == 'Add':
form = NewBookForm(request.POST)
if form.is_valid():
# This came from the add_book view, and we need to
# create a book and a metabook
barcode = form.cleaned_data['barcode']
price = form.cleaned_data['price']
sid = form.cleaned_data['seller']
author = form.cleaned_data['author']
title = form.cleaned_data['title']
ed = form.cleaned_data['edition']
dept = form.cleaned_data['department']
course_num = form.cleaned_data['course_number']
metabook = MetaBook(barcode=barcode,
author=author,
title=title,
edition=ed)
metabook.save()
goc = Course.objects.get_or_create
course, created = goc(department=dept, number=course_num)
metabook.courses.add(course)
metabook.save()
try:
seller = User.objects.get(pk=sid)
except User.DoesNotExist:
seller = import_user(sid)
if seller == None:
message = "Invalid Student ID: %s" % sid
return tidy_error(request, message)
book = Book(seller=seller, price=Decimal(price), metabook=metabook)
book.status = 'F'
book.save()
Log(book=book, who=request.user, action='A').save()
var_dict = {
'title': metabook.title,
'author': metabook.author,
'seller_name': seller.get_full_name(),
'book_id': book.id,
}
template = 'books/update_book/added.html'
return rtr(template, var_dict, context_instance=RC(request))
var_dict = {'form': form}
template = 'books/add_new_book.html'
return rtr(template, var_dict, context_instance=RC(request))
def update_book_edit(request):
"""
Applies changes to a book made on the edit page
If the barcode doesn't exist,
it makes the user create a MetaBook object as well
Tests:
- GETTest
- SecurityTest
- NotAllowedTest
"""
if not request.method == "POST":
t = loader.get_template('405.html')
c = RC(request)
return HttpResponseNotAllowed(t.render(c), ['POST'])
# User must be staff or admin to get to this page
if not request.user.is_staff:
t = loader.get_template('403.html')
c = RC(request)
return HttpResponseForbidden(t.render(c))
form = BookForm(request.POST)
if form.is_valid():
id_to_edit = request.POST.get('idToEdit')
try:
book = Book.objects.get(id=id_to_edit)
except Book.DoesNotExist:
message = 'Book with ref# "%s" does not exist' % id_to_edit
return tidy_error(request, message)
try:
barcode = form.cleaned_data['barcode']
book.metabook = MetaBook.objects.get(barcode=barcode)
except MetaBook.DoesNotExist:
# barcode doesn't exist in db, we have to create a metabook.
initial = {
'barcode': barcode,
'seller': form.cleaned_data['seller'],
'price': form.cleaned_data['price'],
'book_id': book.id,
'edition': '1',
}
form = NewBookForm(initial=initial)
var_dict = {'form': form}
template = 'books/attach_book.html'
return rtr(template, var_dict, context_instance=RC(request))
try:
seller_id = form.cleaned_data['seller']
book.seller = User.objects.get(id=seller_id)
except User.DoesNotExist:
user = import_user(seller_id)
if user == None:
message = "Invalid Student ID: %s" % id_to_edit
return tidy_error(request, message)
book.seller = user
book.price = form.cleaned_data['price']
book.save()
Log(who=request.user, action='E', book=book).save()
var_dict = {'book': book}
template = 'books/update_book/edited.html'
return rtr(template, var_dict, context_instance=RC(request))
elif request.POST.get('idToEdit'):
# form isn't valid, but we have an id to work with. send user back
id_to_edit = request.POST.get('idToEdit')
var_dict = {
'form': form,
'too_many': False,
'id': id_to_edit,
'logs': Log.objects.filter(book=id_to_edit),
}
template = 'books/update_book/edit.html'
return rtr(template, var_dict, context_instance=RC(request))
