def admin_business_chat(request, business_name): business_name = business_name.lower() try: business = Business.objects.get(name=business_name) except Business.DoesNotExist: raise Http404 # Incase of javascript fetch return HttpResponse(status=403) is_employee, permissions = get_user_permissions(request.user, business) if not is_employee: raise Http404 # Incase of javascript fetch return HttpResponse(status=403) if "creator_access" in permissions: employee_id = "creator" else: employee = Employee.objects.get(business=business, employee=request.user) employee_id = employee.id business = Business.objects.get(name=business_name) context = { "business": business, "page": "chat", "permissions": permissions, "employee_id": employee_id } return render(request, "chat/admin_chat.html", context)
def get_rooms(request, business_id): try: business = Business.objects.get(id=business_id) except Business.DoesNotExist: return HttpResponse(status=403) is_employee, permissions = get_user_permissions(request.user, business) if not is_employee: return HttpResponse(status=403) rooms = Room.objects.filter(business_id=business_id).order_by("-pk") return JsonResponse([room.serialize() for room in rooms], safe=False)
def manage_invoice(request, business_name, invoice_id): business_name = business_name.lower() try: business = Business.objects.get(name=business_name) except Business.DoesNotExist: raise Http404 # Incase of javascript fetch return HttpResponse(status=403) # Check employee permission is_employee, permissions = get_user_permissions(request.user, business) if is_employee: if "creator_access" in permissions or "make_sales" in permissions: invoice = Invoice.objects.get(business__name=business_name, id=invoice_id) if request.method == "POST": invoice.paid = True invoice.sales_agent = Employee.objects.get( business=business, employee=request.user) invoice.save() return HttpResponse(status=200) if request.method == "DELETE": invoice.delete() return HttpResponse(status=200) elif request.method == "GET": extract = False try: print(request.GET["extract_csv"]) if int(request.GET["extract_csv"]) == 1: extract = True except: pass if extract: filename = f"invoice-{invoice.customer_name}.csv" invoice_items = InvoiceItem.objects.filter(invoice=invoice) invoice_items_resource = InvoiceItemsResource() dataset = invoice_items_resource.export(invoice_items) response = HttpResponse(dataset.csv, content_type='text/csv') response[ 'Content-Disposition'] = f'attachment; filename={filename}' return response context = {"invoice": invoice, "business": business} return render(request, 'invoice/manage_invoice.html', context) raise Http404
def get_messages(request, room_name): room = Room.objects.get(room_name=room_name) if room.customer == request.user: room_messages = RoomMessage.objects.filter(room=room).order_by("pk") return JsonResponse([message.serialize() for message in room_messages], safe=False) business = room.business is_employee, permissions = get_user_permissions(request.user, business) if not is_employee: return HttpResponse(status=403) room_messages = RoomMessage.objects.filter(room=room).order_by("-pk") return JsonResponse([message.serialize() for message in room_messages], safe=False)
def create_invoice(request, business_name): business_name = business_name.lower() try: business = Business.objects.get(name=business_name) except Business.DoesNotExist: raise Http404 # Incase of javascript fetch return HttpResponse(status=403) is_employee, permissions = get_user_permissions(request.user, business) if not is_employee: raise Http404 # Incase of javascript fetch return HttpResponse(status=403) if not "creator_access" in permissions and not "make sales" in permissions: raise Http404 # Incase of javascript fetch return HttpResponse(status=403) if request.method == "POST": data = json.loads(request.body) items = data['invoice_items'] customer_username = data['customer_username'] customer_name = data['customer_name'] customer_contact = data['customer_contact'] discount = data['discount'] if data['employee_created']: try: new_invoice = Invoice() new_invoice.business = business new_invoice.employee_created = True try: new_invoice.sales_agent = Employee.objects.get( business=business, employee=request.user) except Exception: if business.creator == request.user: new_employee = Employee() new_employee.business = business new_employee.employee = request.user new_employee.save() new_invoice.sales_agent = new_employee else: raise Exception("Permission not granted") if customer_username: user = User.objects.get(username=customer_username) new_invoice.customer = user else: new_invoice.customer_name = customer_name new_invoice.customer_contact = customer_contact new_invoice.invoice_discount = discount #this should be changed to handle decimals new_invoice.save() for item in items: new_invoice_item = InvoiceItem() new_invoice_item.invoice = new_invoice new_invoice_item.inventory = Inventory.objects.get( id=item['id']) new_invoice_item.quantity = item['quantity'] new_invoice_item.save() return JsonResponse({"invoice_id": new_invoice.id}, safe=False) except Exception as e: print("error", e) else: invoice = Invoice() invoice.business = business invoice.username = customer_username invoice.employee_created = False invoice.save() for item in items: new_invoice_item = InvoiceItem() new_invoice_item.invoice = invoice new_invoice_item.inventory = Inventory.objects.get( id=item['id']) new_invoice_item.quantity = item['units'] new_invoice_item.save() return HttpResponse(status=200) return HttpResponse(status=404) context = { "business": business, "permissions": permissions, "page": "sales" } return render(request, "invoice/create.html", context)
def index_invoices(request, business_name, my_page=False): business_name = business_name.lower() try: business = Business.objects.get(name=business_name) except Business.DoesNotExist: raise Http404 is_employee, permissions = get_user_permissions(request.user, business) if not is_employee: raise Http404 if not "creator_access" in permissions and not "manage accounts" in permissions: raise Http404 category = "all" date_from = "" date_to = date.today() try: category = request.GET["category"].lower() except Exception as e: print("error", e) try: print(request.GET["date-from"]) # date_from = date(request.GET["date-from"]) date_from = request.GET["date-from"] except Exception as e: print("error", e) try: date_to = request.GET["date-to"] except Exception as e: print("error", e) if category == "all": if date_from: invoices = Invoice.objects.filter( business=business, timestamp__date__range=(date_from, date_to)) else: invoices = Invoice.objects.filter(business=business, timestamp__date__lte=date_to) elif category == "paid": if date_from: invoices = Invoice.objects.filter( business=business, paid=True, timestamp__date__range=(date_from, date_to)) else: invoices = Invoice.objects.filter(business=business, paid=True, timestamp__date__lte=date_to) elif category == "unpaid": if date_from: invoices = Invoice.objects.filter( business=business, paid=False, timestamp__date__range=(date_from, date_to)) else: invoices = Invoice.objects.filter(business=business, paid=False, timestamp__date__lte=date_to) extract = False try: print(request.GET["extract_csv"]) if int(request.GET["extract_csv"]) == 1: extract = True except: pass if extract: filename = f"invoices-{category}-{date_from}-{date_to}.csv" print(request.GET["extract_csv"]) invoice_resource = InvoiceResource() dataset = invoice_resource.export(invoices) response = HttpResponse(dataset.csv, content_type='text/csv') response['Content-Disposition'] = f'attachment; filename={filename} ' return response paginator = Paginator(invoices, 10) # Show 10 items per page. page_number = request.GET.get('page') page_obj = paginator.get_page(page_number) context = { # "invoices":invoices, "page": "invoices", 'page_obj': page_obj, "business": business, "category": category, "permissions": permissions, "date_to": date_to, "date_from": date_from } return render(request, 'invoice/index_invoices.html', context)
def inventory_management(request, business_name): business_name = business_name.lower() display = "body" error_messages = [] business_name = business_name.lower() try: business = Business.objects.get(name=business_name) except Business.DoesNotExist: raise Http404 # Check if user is an employee and get permissions is_employee, permissions = get_user_permissions(request.user, business) if not is_employee: # message = "You do not have access to this page" # return render(request,"theSP/error.html",context={"message":message}) raise Http404 if not "creator_access" in permissions and not "manage inventory" in permissions: # message = "You do not have access to this page" # return render(request,"theSP/error.html",context={"message":message}) raise Http404 if request.method == "POST": try: inventory_id = request.POST["id"] except: inventory_id = None # If no id was passed then request was from new inventory form if not inventory_id: print("new inventory save") display = "form" form = InventoryForm(request.POST, request.FILES) if form.is_valid(): try: new_inventory = Inventory.objects.create( business=business, type="service", name=form.cleaned_data["name"], description=form.cleaned_data["description"], price=float(form.cleaned_data["price"]), unit=form.cleaned_data["unit"], image=form.cleaned_data["image"], serviced_item=form.cleaned_data["serviced_item"]) new_inventory.save() return HttpResponseRedirect( reverse('inventory:inventory_management', kwargs={'business_name': business_name})) except Exception as e: # print("new inventory save failed", e) error_messages.append(e) else: print("errors in form", form.errors) for fields in form: for error in fields.errors: error_messages.append(error.capitalize()) # If id was passed request was from edit inventory form else: print("alter inventory details") inventory_id = request.POST["id"] new_name = request.POST["name"] new_price = request.POST["price"] new_unit = request.POST["unit"] new_description = request.POST["description"] new_image = request.FILES.get('new_image', False) inventory = Inventory.objects.get(business=business, id=inventory_id) inventory.price = new_price inventory.unit = new_unit inventory.name = new_name inventory.description = new_description if new_image: if inventory.image: # Delete old logo try: os.remove(inventory.image.path) except: print("couldn't remove old image") inventory.image = new_image inventory.save() return HttpResponse(status=200) elif request.method == "DELETE": try: data = json.loads(request.body) id = data['id'] # Delete inventory inventory = Inventory.objects.get(business=business, id=id) inventory.delete() return HttpResponse(status=200) except Exception as e: # print(e) return HttpResponse(status=403) context = { "page": "inventory", "display": display, "business": business, "permissions": permissions, "form": InventoryForm(), "error_messages": error_messages } return render(request, "inventory/inventory_admin.html", context)