def read_all_notifications(request, id): data = {} lastnotemp = execute_query( f"SELECT id FROM NotiEmployee WHERE employee = '{request.session['user']['emp_key']}';", 'one') if lastnotemp == None: notemp = execute_query( f"SELECT id FROM NotiEmployee ORDER BY id DESC LIMIT 1;", 'one') if notemp == None: notemp = 1 else: notemp = notemp[1][0] notemp = int(notemp) + 1 lastnotemp = call_stored_procedure( f"SELECT addNotiEmployee({notemp}, '{id}', '{request.session['user']['emp_key']}', '{request.session['user']['area']}');", 'one') if lastnotemp[1]: data['status'] = 200 print('primera vez') return JsonResponse(data) else: data['status'] = 400 return JsonResponse(data) else: resp = call_stored_procedure( f"SELECT updateNotiEmployee({id}, '{request.session['user']['emp_key']}');", 'one') if resp[1]: data['status'] = 200 print('update') return JsonResponse(data) else: data['status'] = 400 return JsonResponse(data)
def post_product(request): data = {} categorias = [ 'BOMBON', 'CHOCOLATE', 'CARAMELO', 'GALLETA', 'GOMITA', 'PALETA', 'PAPA' ] proveedores = [ 'DLAROSA', 'RIKOLINO', 'WONKA', 'JOLLYRAN', 'GABI', 'MARINELA', 'GAMESA', 'CORONADO', 'SABRITAS', 'COYOTES' ] if request.method == 'POST': nombre = request.POST['nombre'] descripcion = request.POST['descripcion'] precio = request.POST['precio'] categoria = request.POST['categoria'] proveedor = request.POST['proveedor'] cantidad = request.POST['cantidad'] accion = request.POST['accion'] if 'id' in request.POST: idProduct = request.POST['id'] regex_precio = r'[0-9.]{,10}' regex_cantitdad = r'[0-9]{,10}' if not categoria in categorias or not proveedor in proveedores: data['status'] = 400 data['error_desc'] = 'Categoria o Proveedor incorrectos' return JsonResponse(data) elif not re.match(regex_precio, precio) or not re.match( regex_cantitdad, cantidad): data['status'] = 400 data['error_desc'] = 'Cantidad o Precio invalido' return JsonResponse(data) else: if accion == 'NEW': resp = call_stored_procedure( f'SELECT addProduct(\'{nombre}\', \'{descripcion}\', {float(precio)}, \'{categoria}\', \'{proveedor}\', {int(cantidad)})', 'one') if resp[1]: data['status'] = 200 ConcreteObserver().update( transmitter=request.session['user']['emp_key'], receiver='ALL', description=f"Se agrego {nombre} al inventario!", area=request.session['user']['area']) return JsonResponse(data) else: data['status'] = 400 return JsonResponse(data) elif accion == 'EDIT': resp = call_stored_procedure( f'SELECT editProduct(\'{idProduct}\',\'{nombre}\', \'{descripcion}\', {float(precio)}, \'{categoria}\', \'{proveedor}\', {int(cantidad)})', 'one') if resp[1]: data['status'] = 200 return JsonResponse(data) else: data['status'] = 400 return JsonResponse(data)
def buy_product(request): data = {} if request.method == 'POST': product = request.POST['product'] amount = request.POST['amount'] total = request.POST['total'] provider = request.POST['provider'] employee = request.POST['employee'] regex_precio = r'[0-9.]{,10}' regex_cantitdad = r'[0-9]{,10}' if not re.match(regex_precio, total) or not re.match( regex_cantitdad, amount): data['status'] = 400 data['error_desc'] = 'Cantidad o Precio invalido' return JsonResponse(data) else: resp = call_stored_procedure( f'SELECT purchaseProduct(\'{product}\', {int(amount)}, \'{provider}\', {float(total)}, \'{employee}\');', 'one') if resp[1]: data['status'] = 200 return JsonResponse(data) else: data['status'] = 400 return JsonResponse(data)
def update(self, **kwargs): notid = execute_query(f"SELECT notification_key FROM Notification ORDER BY notification_key DESC LIMIT 1;", 'one') if notid == None: notid = 1 else: notid = notid[1][0] notid = int(notid)+1 resp = call_stored_procedure(f"SELECT insertNotif({notid}, '{kwargs['transmitter']}', '{kwargs['receiver']}', '{kwargs['description']}', '{kwargs['area']}');", 'one')
def delete_staff(request, id): data = {} resp = call_stored_procedure(f'SELECT deleteUser(\'{id}\')', 'one') if resp[1]: data['status'] = 200 return JsonResponse(data) else: data['status'] = 400 return JsonResponse(data)
def adminCompras(self, user=None): if ADMINS['AC'] == None: resp = call_stored_procedure( f"SELECT addNewEployee('AAC01', '{user['email']}', '{user['pass']}', '{user['first_name']}', '{user['last_name']}', 'AACOM', FALSE, TRUE, False)", 'one') if resp[1][0] == True: ADMINS['AC'] = user return True else: return False
def adminVentas(self, user=None): if ADMINS['AV'] == None: resp = call_stored_procedure( f"SELECT addNewEployee('AAV01', '{user['email']}', '{user['pass']}', '{user['first_name']}', '{user['last_name']}', 'AAVEN', FALSE, TRUE, FALSE)", 'one') print(resp) if resp[1][0] == True: ADMINS['AV'] = user return True return False else: return False
def edit_stock(request): data = {} if request.method == 'POST': producto = request.POST['producto'] cantidad = request.POST['cantidad'] regex_cantitdad = r'[0-9]{,10}' if not re.match(regex_cantitdad, cantidad): data['status'] = 400 data['error_desc'] = 'Cantidad o Precio invalido' return JsonResponse(data) else: resp = call_stored_procedure( f'SELECT editStock(\'{producto}\', {int(cantidad)})', 'one') if resp[1]: data['status'] = 200 return JsonResponse(data) else: data['status'] = 400 return JsonResponse(data)
def post_staff(request): data = {} areas = ['AA', 'AV', 'AC', 'SADMI'] tipos = ['employee', 'adminarea', 'superuser'] if request.method == 'POST': nombre = request.POST['nombre'] apellidos = request.POST['apellidos'] correo = request.POST['correo'] contraseña = request.POST['contraseña'] ciph_contra = make_password(contraseña) area = request.POST['area'] tipo = request.POST['tipo'] accion = request.POST['accion'] if 'id' in request.POST: idStaff = request.POST['id'] if not area in areas or not tipo in tipos: data['status'] = 403 data['error_desc'] = 'Categoria o Proveedor incorrectos' return JsonResponse(data) else: if accion == 'NEW': user = { 'email': correo, 'pass': ciph_contra, 'first_name': nombre, 'last_name': apellidos, } if tipo == 'adminarea': config() if area == 'AA': resp = AdminArea().adminAlmacen(user) if resp == True: data['status'] = 200 else: data['status'] = 400 elif area == 'AC': resp = AdminArea().adminCompras(user) if resp == True: data['status'] = 200 else: data['status'] = 400 elif area == 'AV': resp = AdminArea().adminVentas(user) if resp == True: data['status'] = 200 else: data['status'] = 400 else: emp_id = make_employee_id(area=area, user_type=tipo) if tipo == 'superuser': resp = call_stored_procedure( f"SELECT addNewEployee('{emp_id}', '{user['email']}', '{user['pass']}', '{user['first_name']}', '{user['last_name']}', 'SADMI', TRUE, FALSE, FALSE)", 'one') if resp[1][0] == True: data['status'] = 200 else: data['status'] = 400 else: resp = call_stored_procedure( f"SELECT addNewEployee('{emp_id}', '{user['email']}', '{user['pass']}', '{user['first_name']}', '{user['last_name']}', '{area}', FALSE, FALSE, TRUE)", 'one') if resp[1][0] == True: data['status'] = 200 else: data['status'] = 400 elif accion == 'EDIT': user = { 'email': correo, 'pass': contraseña, 'first_name': nombre, 'last_name': apellidos, 'area': area, } temo = None resp = execute_query( f"SELECT * FROM Employee WHERE emp_key = '{idStaff}'", 'one') if resp: column_names = resp[0] user_list = resp[1] temp = { column: user_list[i] for i, column in enumerate(column_names) } temp['pass'] = temp['password'] if temp['email'] == user['email'] and temp[ 'first_name'] == user['first_name'] and temp[ 'last_name'] == user['last_name'] and temp[ 'area'] == user['area']: data['status'] = 200 data['info'] = '( ͡° ͜ʖ ͡°)' else: emp_id = make_employee_id(area=user['area'], user_type=tipo) resp = call_stored_procedure( f"SELECT editStaff('{idStaff}', '{emp_id}', '{user['first_name']}', '{user['last_name']}', '{user['email']}', '{area}')", 'one') if resp[1][0] == True: data['status'] = 200 data[ 'info'] = 'Empleado actualizado <br> correctamente' else: data['status'] = 400 return JsonResponse(data)