def admin_orders_mod(req, id):
check_login(req)
check_right(req, module_right)
order = Order(id)
if order.get(req) is None:
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
cfg = Object()
cfg.addresses_country = req.cfg.addresses_country
cfg.addresses_region = req.cfg.addresses_region
cfg.eshop_currency = req.cfg.eshop_currency
order.calculate()
return generate_page(req, "admin/eshop/orders_mod.html",
token=create_token(req),
order=order, cfg=cfg)
def user_orders_storno(req, id):
check_login(req)
# TODO: check_token
check_referer(req, '/eshop/orders/%d' % id)
message = req.form.getfirst('message', '', uni)
order = Order(id)
if order.get(req) is None:
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
if order.client_id != req.login.id:
raise SERVER_RETURN(state.HTTP_FORBIDDEN)
if order.set_state(req, STATE_STORNED, usernote=message) is None:
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
send_order_status(req, order)
redirect(req, '/eshop/orders/%d' % id)
def user_orders_detail(req, id):
sha = req.args.getfirst('sha', '', str)
if not sha and not req.login:
raise SERVER_RETURN(state.HTTP_FORBIDDEN)
order = Order(id)
if order.get(req) is None:
raise SERVER_RETURN(state.HTTP_NOT_FOUND)
order.sha = sha1(str(order.create_date)).hexdigest()
if (sha and sha != order.sha):
raise SERVER_RETURN(state.HTTP_FORBIDDEN)
# if sha is set, you can see to order
if (not sha and req.login and order.client_id != req.login.id):
raise SERVER_RETURN(state.HTTP_FORBIDDEN)
cfg = Object()
cfg.addresses_country = req.cfg.addresses_country
cfg.addresses_region = req.cfg.addresses_region
cfg.eshop_currency = req.cfg.eshop_currency
order.calculate()
return generate_page(req, "eshop/orders_detail.html",
order=order, sha=sha, cfg=cfg)