def file_create(self):
""" New file view. Method for both post and get requests. """
form = FileCreateForm(self.request.POST,
csrf_context=self.request.session)
if self.request.method == 'POST' and form.validate():
f = File()
form.populate_obj(f)
""" If file. Yes this method works without a file. """
upload = self.request.POST.get('file')
try:
f.filename = f.make_filename(upload.filename)
f.filemime = f.guess_mime(upload.filename)
f.write_file(upload.file)
except Exception:
self.request\
.session.flash('File %s created but no file added' %
(f.title), 'status')
f.user_id = authenticated_userid(self.request)
DBSession.add(f)
self.request.session.flash('File %s created' %
(f.title), 'success')
return HTTPFound(location=self.request.route_url('files'))
return {'title': 'New file',
'form': form,
'action': 'file_new'}
def files(self):
""" Get a paginated result of active files. """
page = int(self.request.params.get('page', 1))
files = File.page(self.request, page)
return {'paginator': files,
'title': 'Files'}
def files_archived(self):
""" Get a paginated result of archived files. """
page = int(self.request.params.get('page', 1))
files = File.page(self.request, page, archived=True)
return {'paginator': files,
'title': 'Archived files',
'archived': True}
def file_download(self):
""" Download file method. This is needed because the file lay outside
the webservers reach."""
id = int(self.request.matchdict.get('id'))
f = File.by_id(id)
if not f:
return HTTPNotFound()
if f.private and f.user_id is not authenticated_userid(self.request):
""" Authorization check. """
return HTTPForbidden()
if f.filename:
response = FileResponse(
'pyrtos/uploads/'+f.filename,
request=self.request,
content_type=f.filemime
)
return response
return HTTPNotFound()
def invoice_edit(self):
""" Edit invoice view. This method handles both post,
and get requests. """
id = int(self.request.matchdict.get('id'))
i = Invoice.by_id(id)
if not i:
return HTTPNotFound()
""" Authorization check. """
if (i.category.private
and i.category.user_id is not authenticated_userid(self.request)):
return HTTPForbidden()
""" Authorization check. """
if (i.creditor.private
and i.creditor.user_id is not authenticated_userid(self.request)):
return HTTPForbidden()
form = InvoiceEditForm(self.request.POST, i,
csrf_context=self.request.session)
if not i.files:
del form.files
else:
form.files.query = i.files
private = self.request.params.get('private')
if private:
""" Check if the necessary object exists. """
if not Category.first_private(self.request):
self.request.session.flash(self.missing_priv_cat, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
if not Creditor.first_private(self.request):
self.request.session.flash(self.missing_priv_cred, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.query = Category.all_private(self.request)
form.creditor_id.query = Creditor.all_private(self.request)
else:
""" Check if the necessary object exists. """
if not Category.first_active():
self.request.session.flash(self.missing_shared_cat, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
if not Creditor.first_active():
self.request.session.flash(self.missing_shared_cred, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.query = Category.all_shared()
form.creditor_id.query = Creditor.all_shared()
if self.request.method == 'POST' and form.validate():
form.populate_obj(i)
i.category_id = form.category_id.data.id
i.creditor_id = form.creditor_id.data.id
if form.files:
i.files = form.files.data
""" If file, make file object and save/create file. """
upload = self.request.POST.get('attachment')
try:
f = File()
f.filename = f.make_filename(upload.filename)
f.filemime = f.guess_mime(upload.filename)
f.write_file(upload.file)
f.title = 'Invoice.' +\
form.title.data + '.' +\
self.randomstr(6) + '.' +\
form.category_id.data.title + '.' +\
form.creditor_id.data.title + '.' +\
str(i.due)
if private:
f.private = True
f.user_id = authenticated_userid(self.request)
DBSession.add(f)
i.files.append(f)
except Exception:
self.request.session.flash('No file added.',
'status')
self.request.session.flash('Invoice %s updated' %
(i.title), 'status')
self.update_flash()
if private:
return HTTPFound(location=
self.request
.route_url('invoices',
_query={'private': 1}))
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.data = i.category
form.creditor_id.data = i.creditor
return {'title': 'Edit private invoice' if private else 'Edit invoice',
'form': form,
'id': id,
'action': 'invoice_edit',
'private': private,
'invoice': i}
def invoice_create(self):
""" New invoice view. This method handles both post,
and get requests.
"""
form = InvoiceCreateForm(self.request.POST,
csrf_context=self.request.session)
private = self.request.params.get('private')
if private:
""" Check if the necessary object exists. """
if not Category.first_private(self.request):
self.request.session.flash(self.missing_priv_cat)
return HTTPFound(location=self.request.route_url('invoices'))
if not Creditor.first_private(self.request):
self.request.session.flash(self.missing_priv_cred)
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.query = Category.all_private(self.request)
form.creditor_id.query = Creditor.all_private(self.request)
else:
""" Check if the necessary object exists. """
if not Category.first_active():
self.request.session.flash(self.missing_shared_cat, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
if not Creditor.first_active():
self.request.session.flash(self.missing_shared_cred, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.query = Category.all_shared()
form.creditor_id.query = Creditor.all_shared()
if self.request.method == 'POST' and form.validate():
i = Invoice()
form.populate_obj(i)
i.user_id = authenticated_userid(self.request)
i.category_id = form.category_id.data.id
i.creditor_id = form.creditor_id.data.id
""" If file, make file object and save/create file. """
upload = self.request.POST.get('attachment')
try:
f = File()
f.filename = f.make_filename(upload.filename)
f.filemime = f.guess_mime(upload.filename)
f.write_file(upload.file)
f.title = 'Invoice.' +\
form.title.data + '.' +\
self.randomstr(6) + '.' +\
form.category_id.data.title + '.' +\
form.creditor_id.data.title + '.' +\
str(i.due)
if private:
f.private = True
f.user_id = authenticated_userid(self.request)
DBSession.add(f)
i.files = [f]
except Exception:
self.request.session.flash('No file added.',
'status')
DBSession.add(i)
self.request.session.flash('Invoice %s created' %
(i.title), 'success')
self.update_flash()
if private:
return HTTPFound(location=
self.request
.route_url('invoices',
_query={'private': 1}))
return HTTPFound(location=self.request.route_url('invoices'))
return {'title': 'New private invoice' if private else 'New invoice',
'form': form,
'action': 'invoice_new',
'private': private,
'invoice': False}
