def add_new_book(request): """ Tests: - GETTest - AddNewBookTest - SecurityTest - NotAllowedTest """ if not request.method == 'POST': t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if request.POST.get("Action", '') == 'Add': form = NewBookForm(request.POST) if form.is_valid(): # This came from the add_book view, and we need to # create a book and a metabook barcode = form.cleaned_data['barcode'] price = form.cleaned_data['price'] sid = form.cleaned_data['seller'] author = form.cleaned_data['author'] title = form.cleaned_data['title'] ed = form.cleaned_data['edition'] dept = form.cleaned_data['department'] course_num = form.cleaned_data['course_number'] metabook = MetaBook(barcode=barcode, author=author, title=title, edition=ed) metabook.save() goc = Course.objects.get_or_create course, created = goc(department=dept, number=course_num) metabook.courses.add(course) metabook.save() try: seller = User.objects.get(pk=sid) except User.DoesNotExist: seller = import_user(sid) if seller == None: message = "Invalid Student ID: %s" % sid return tidy_error(request, message) book = Book(seller=seller, price=Decimal(price), metabook=metabook) book.status = 'F' book.save() Log(book=book, who=request.user, action='A').save() var_dict = { 'title' : metabook.title, 'author' : metabook.author, 'seller_name' : seller.get_full_name(), 'book_id' : book.id, } template = 'books/update_book/added.html' return rtr(template, var_dict, context_instance=RC(request)) var_dict = {'form' : form} template = 'books/add_new_book.html' return rtr(template, var_dict, context_instance=RC(request))
def attach_book(request): """ Tests: - GETTest - SecurityTest - NotAllowedTest """ # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if not request.method == 'POST': t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) form = NewBookForm(request.POST) if not form.is_valid(): # The form has bad data. send the user back var_dict = {'form' : form} template = 'books/attach_book.html' return rtr(template, var_dict, context_instance=RC(request)) # shorten our code line lengths below goc = Course.objects.get_or_create cd = form.cleaned_data # Get the course if it exists, otherwise create it. tpl = goc(department=cd['department'], number=cd['course_number']) course = tpl[0] metabook = MetaBook() metabook.title = form.cleaned_data['title'] metabook.author = form.cleaned_data['author'] metabook.barcode = form.cleaned_data['barcode'] metabook.edition = form.cleaned_data['edition'] metabook.save() metabook.courses.add(course) metabook.save() book = Book.objects.get(pk=form.cleaned_data['book_id']) book.metabook = metabook book.save() var_dict = {'book' : book} template = 'books/attached.html' return rtr(template, var_dict, context_instance=RC(request))
def attach_book(request): """ Tests: - GETTest - SecurityTest - NotAllowedTest """ # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if not request.method == 'POST': t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) form = NewBookForm(request.POST) if not form.is_valid(): # The form has bad data. send the user back var_dict = {'form': form} template = 'books/attach_book.html' return rtr(template, var_dict, context_instance=RC(request)) # shorten our code line lengths below goc = Course.objects.get_or_create cd = form.cleaned_data # Get the course if it exists, otherwise create it. tpl = goc(department=cd['department'], number=cd['course_number']) course = tpl[0] metabook = MetaBook() metabook.title = form.cleaned_data['title'] metabook.author = form.cleaned_data['author'] metabook.barcode = form.cleaned_data['barcode'] metabook.edition = form.cleaned_data['edition'] metabook.save() metabook.courses.add(course) metabook.save() book = Book.objects.get(pk=form.cleaned_data['book_id']) book.metabook = metabook book.save() var_dict = {'book': book} template = 'books/attached.html' return rtr(template, var_dict, context_instance=RC(request))
def add_book(request): """ Tests: - GETTest - SecurityTest """ # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if request.method == "POST": form = BookForm(request.POST) if form.is_valid(): student_id = form.cleaned_data['seller'] price = form.cleaned_data['price'] barcode = form.cleaned_data['barcode'] try: metabook = MetaBook.objects.get(barcode=barcode) except MetaBook.DoesNotExist: initial = { 'barcode': barcode, 'seller': student_id, 'price': price, 'edition': '1', } form = NewBookForm(initial=initial) var_dict = {'form': form} template = 'books/add_new_book.html' return rtr(template, var_dict, context_instance=RC(request)) try: seller = User.objects.get(id=student_id) except User.DoesNotExist: seller = import_user(student_id) if seller == None: message = "Invalid Student ID: %s" % student_id return tidy_error(request, message) book = Book(price=price, status="F", metabook=metabook, seller=seller) book.save() Log(book=book, who=request.user, action='A').save() var_dict = {'title': metabook.title, 'book_id': book.id} template = 'books/update_book/added.html' return rtr(template, var_dict, context_instance=RC(request)) # the form isn't valid. send the user back. var_dict = {'form': form} template = 'books/add_book.html' return rtr(template, var_dict, context_instance=RC(request)) else: # the user is hitting the page for the first time form = BookForm() var_dict = {'form': form} template = 'books/add_book.html' return rtr(template, var_dict, context_instance=RC(request))
def add_new_book(request): """ Tests: - GETTest - AddNewBookTest - SecurityTest - NotAllowedTest """ if not request.method == 'POST': t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if request.POST.get("Action", '') == 'Add': form = NewBookForm(request.POST) if form.is_valid(): # This came from the add_book view, and we need to # create a book and a metabook barcode = form.cleaned_data['barcode'] price = form.cleaned_data['price'] sid = form.cleaned_data['seller'] author = form.cleaned_data['author'] title = form.cleaned_data['title'] ed = form.cleaned_data['edition'] dept = form.cleaned_data['department'] course_num = form.cleaned_data['course_number'] metabook = MetaBook(barcode=barcode, author=author, title=title, edition=ed) metabook.save() goc = Course.objects.get_or_create course, created = goc(department=dept, number=course_num) metabook.courses.add(course) metabook.save() try: seller = User.objects.get(pk=sid) except User.DoesNotExist: seller = import_user(sid) if seller == None: message = "Invalid Student ID: %s" % sid return tidy_error(request, message) book = Book(seller=seller, price=Decimal(price), metabook=metabook) book.status = 'F' book.save() Log(book=book, who=request.user, action='A').save() var_dict = { 'title': metabook.title, 'author': metabook.author, 'seller_name': seller.get_full_name(), 'book_id': book.id, } template = 'books/update_book/added.html' return rtr(template, var_dict, context_instance=RC(request)) var_dict = {'form': form} template = 'books/add_new_book.html' return rtr(template, var_dict, context_instance=RC(request))
def update_book_edit(request): """ Applies changes to a book made on the edit page If the barcode doesn't exist, it makes the user create a MetaBook object as well Tests: - GETTest - SecurityTest - NotAllowedTest """ if not request.method == "POST": t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) form = BookForm(request.POST) if form.is_valid(): id_to_edit = request.POST.get('idToEdit') try: book = Book.objects.get(id=id_to_edit) except Book.DoesNotExist: message = 'Book with ref# "%s" does not exist' % id_to_edit return tidy_error(request, message) try: barcode = form.cleaned_data['barcode'] book.metabook = MetaBook.objects.get(barcode=barcode) except MetaBook.DoesNotExist: # barcode doesn't exist in db, we have to create a metabook. initial = { 'barcode': barcode, 'seller': form.cleaned_data['seller'], 'price': form.cleaned_data['price'], 'book_id': book.id, 'edition': '1', } form = NewBookForm(initial=initial) var_dict = {'form': form} template = 'books/attach_book.html' return rtr(template, var_dict, context_instance=RC(request)) try: seller_id = form.cleaned_data['seller'] book.seller = User.objects.get(id=seller_id) except User.DoesNotExist: user = import_user(seller_id) if user == None: message = "Invalid Student ID: %s" % id_to_edit return tidy_error(request, message) book.seller = user book.price = form.cleaned_data['price'] book.save() Log(who=request.user, action='E', book=book).save() var_dict = {'book': book} template = 'books/update_book/edited.html' return rtr(template, var_dict, context_instance=RC(request)) elif request.POST.get('idToEdit'): # form isn't valid, but we have an id to work with. send user back id_to_edit = request.POST.get('idToEdit') var_dict = { 'form': form, 'too_many': False, 'id': id_to_edit, 'logs': Log.objects.filter(book=id_to_edit), } template = 'books/update_book/edit.html' return rtr(template, var_dict, context_instance=RC(request))