def admin_orders_action(req, id): check_login(req) check_token(req, req.form.get('token')) check_right(req, module_right) if req.uri.endswith('/storno'): ostate = STATE_STORNED elif req.uri.endswith('/process'): ostate = STATE_PROCESS elif req.uri.endswith('/sent'): ostate = STATE_SENT elif req.uri.endswith('/close'): ostate = STATE_CLOSED elif req.uri.endswith('/wait_for_paid'): ostate = STATE_WAIT_FOR_PAID elif req.uri.endswith('/wait_for_pick_up'): ostate = STATE_WAIT_FOR_PICK_UP else: raise SERVER_RETURN(state.HTTP_BAD_REQUEST) note = req.form.getfirst('note', '', uni) order = Order(id) if order.set_state(req, ostate, note) is None: raise SERVER_RETURN(state.HTTP_NOT_FOUND) if ostate != STATE_CLOSED: send_order_status(req, order) redirect(req, '/admin/eshop/orders/%d' % id)
def user_orders_storno(req, id): check_login(req) # TODO: check_token check_referer(req, '/eshop/orders/%d' % id) message = req.form.getfirst('message', '', uni) order = Order(id) if order.get(req) is None: raise SERVER_RETURN(state.HTTP_NOT_FOUND) if order.client_id != req.login.id: raise SERVER_RETURN(state.HTTP_FORBIDDEN) if order.set_state(req, STATE_STORNED, usernote=message) is None: raise SERVER_RETURN(state.HTTP_NOT_FOUND) send_order_status(req, order) redirect(req, '/eshop/orders/%d' % id)