def list(self,id=None,page=1):
if "repoze.who.identity" in request.environ:
user = request.environ.get('repoze.who.identity')['user']
wholesale_tag = Session.query(UserTag).filter_by(tag='wholesale').one()
if wholesale_tag in user.tags:
c.wholesale=True
c.tags = Session.query(ProductTag).all()
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
if session.has_key('product_querystr'):
if session.has_key('paliasedtags'):
for item in session['paliasedtags']:
exec(item)
products = eval(session['product_querystr']+".filter(Product.deleted==False)")
c.paginator = paginate.Page(products,
page=int(request.params.get('page', page)),
items_per_page = 10)
html = render('/derived/product/list.html')
return htmlfill.render(html,defaults=session['product_search_values'])
else:
products = Session.query(Product).filter_by(deleted=False)
c.paginator = paginate.Page(products,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/product/list.html')
def admin(self,id=None,page=1):
def asort(sort,querystr):
feilds ={'1':'Invoice.id',
'2':'Invoice.customer_id',
'3':'Invoice.date_time',
'4':'Invoice.total_price',
'5':'Invoice.Description',}
if sort != '':
if session['invoice_sort_togle'][sort]:
session['invoice_sort_togle'][sort] = False
direction = '.desc()'
else:
session['invoice_sort_togle'][sort] = True
direction = '.asc()'
querystr += ".order_by(%s%s)"%(feilds[sort],direction)
session['invoice_sort'] = sort
session['invoice_sort_direction']=direction
session.save()
elif 'invoice_sort' in session:
sort = session['invoice_sort']
direction = session['invoice_sort_direction']
querystr += ".order_by(%s%s)"%(feilds[sort],direction)
return querystr
came_from = str(request.GET.get('came_from', ''))
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
if came_from == 'removeproduct':
h.flash('To delete a product find it in the table and press on the Delete link')
elif came_from == 'editproduct':
h.flash('To Edit a product details find it in the table below and press on the Edit link')
sort = str(request.GET.get('sort',''))
if 'invoice_sort_togle' not in session:
session['invoice_sort_togle']={'1':True,
'2':True,
'3':True,
'4':True,
'5':True,}
session.save()
querystr=''
if is_met(has_permission('view_invoice')):
Uc = aliased(User)
Us = aliased(User)
if 'invoice_querystr' in session:
querystr = asort(sort,querystr)
invoices = eval(session['invoice_querystr']+querystr)
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page', page)),
items_per_page = 10)
html = render('/derived/invoice/staff/index.html')
return htmlfill.render(html, defaults=session['invoice_search_values'], errors={})
else:
querystr = "Session.query(Invoice).filter(Invoice.deleted==False)"
querystr = asort(sort,querystr)
invoices = eval(querystr)
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/invoice/staff/index.html')
def forgotaction(self):
values = dict(request.params)
del values["action"]
msg = ""
settingsf = file(config["settings_file"], "rb")
session["site_settings"] = pickle.load(settingsf)
settingsf.close()
session.save()
captchres = h.captcha.submit(
values["recaptcha_challenge_field"],
values["recaptcha_response_field"],
"6LepGccSAAAAAMfzDtmvyRjJ7-A1FWuJa5qUTxX2",
session["site_settings"]["ip_address"],
)
if not captchres.is_valid:
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
html = render("/derived/user/forgot.html")
return htmlfill.render(html, values, errors={"captcha": _("Invalid Captcha try again")})
user = Session.query(User).join(User.emails).filter(Email.email_address == values["email"]).one()
confcode = str(uuid.uuid1())
uconf = UserConfirm(user, confcode)
Session.add(uconf)
Session.commit()
message = Message(
session["site_settings"]["forgotpass"],
user.emails[0].email_address,
_("Kazhal trading Reset password"),
encoding="utf-8",
)
msg += _("If you requested a password reset click the below link\n")
##msg += "%s%s"%(request.application_url,h.url(controller='user',action='resetpassEmail',id=user.id,confcode=confcode))
msg += "%s%s" % (
request.application_url,
url(controller="user", action="resetpassEmail", id=user.id, confcode=confcode),
)
c.contents = msg
msgHtml = render(_("/derived/emails/forgotpass.html"))
message.rich = msgHtml
message.plain = msg
message.send()
h.flash(
_(
"An email has been sent to your address.To reset your password check your email and click on the confirm link."
)
)
return redirect(url(controller="user", action="forgot"))
def index(self,page=1):
c.menu_items = h.top_menu(self.menu_items,_('Products'))
products = Session.query(Product)
c.paginator = paginate.Page(products,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/product/index.html')
def render_new_form(menu_items,values=None, errors=None, number_of_photos=0):
c.number_of_photos = number_of_photos
c.menu_items = h.top_menu(menu_items,_('Products'))
c.tags = Session.query(ProductTag).all()
#c.roles = ['test1','test2']
html = render('/derived/product/new.html')
return htmlfill.render(html, defaults=values, errors=errors)
def search(self,id=None,page=1):
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
action = request.params.getone('action')
values = dict(request.params)
del values['action']
if is_met(in_group('customer')):
schema = InvoiceSearchCustomer()
try:
result = schema.to_python(dict(request.params), c)
except Invalid, e:
html = render('/derived/invoice/customer/index.html')
return htmlfill.render(html, defaults=values, errors=variabledecode.variable_encode(
e.unpack_errors() or {},
add_repetitions=False
))
querystr = "Session.query(Invoice).filter_by(deleted=False).join(Invoice.customer).filter(User.user_name == '%s')"%identity['user'].user_name
products = result['contains_product']
if products :
querystr += ".join(Invoice.invoice_items).join(Invoice_item.product)"
if len(products)>1:
querystr += ".filter(and_("
for item in products:
querystr += ","
querystr += "Product.name.like('%%%s%%')"%item
querystr += "))"
else:
querystr += ".filter(Product.name.like('%%%s%%'))"%products[0]
def render_edit_form_admin(menu_items,values=None, errors=None, id=None):
if "repoze.who.identity" in request.environ:
user = request.environ.get('repoze.who.identity')['user']
wholesale_tag = Session.query(UserTag).filter_by(tag='wholesale').one()
if wholesale_tag in user.tags:
c.wholesale = True
c.menu_items = h.top_menu(menu_items,_('Shop online'))
invoice = Session.query(Invoice).filter_by(id=int(id)).one()
invoice_items = Session.query(Invoice_item).filter_by(invoice_id=invoice.id).order_by(Invoice_item.product_id).all()
c.invoice_items = invoice_items
c.invoice = invoice
if values is None:
return render('/derived/invoice/staff/edit.html')
else :
html = render('/derived/invoice/staff/edit.html')
return htmlfill.render(html, defaults=values, errors=errors)
def index(self,page=1):
c.menu_items = h.top_menu(self.menu_items,_('Home'))
tags = Session.query(ProductTag)
c.paginator = paginate.Page(tags,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/producttag/staff/index.html')
def render_edit2_form(menu_items,values=None, errors=None, number_of_photos=0, id=None, photos=None):
c.number_of_photos = number_of_photos
c.tags = Session.query(ProductTag).all()
c.menu_items = h.top_menu(menu_items,_('Products'))
c.old_photos = photos
c.product_id = id
html = render('/derived/product/edit2.html')
return htmlfill.render(html, defaults=values, errors=errors)
def render_editbasket(menu_items,values=None, errors=None):
products=[]
for item in session['basket']:
products.append(Session.query(Product).filter_by(id=item).one())
c.products = products
c.menu_items = h.top_menu(menu_items,_('Products'))
html = render('/derived/product/editbasket.html')
return htmlfill.render(html,defaults=values, errors=errors)
def login(self):
"""
This is where the login form should be rendered.
Without the login counter, we won't be able to tell if the user has
tried to log in with wrong credentials
"""
came_from = request.params.get('came_from', None)
identity = request.environ.get('repoze.who.identity')
if identity:
return render(path.join(get_lang()[0],'derived/account/login.mako'))
else:
c.login_counter = request.environ['repoze.who.logins'] + 1
if came_from:
session['came_from'] = came_from
session.save()
return render(path.join(get_lang()[0],'derived/account/logindialog.mako'))
return render(path.join(get_lang()[0],'derived/account/login.mako'))
def new(self):
if is_met(has_permission("add_user")):
return render_form(self.menu_items, action="create", add_number_of_emails=1)
if is_met(is_anonymous()):
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
c.came_from = str(request.GET.get("came_from", "")) or url(controller="home", action="index")
if request.GET.get("came_from", None):
h.flash(_("After filling the from you will be sent back to your shopping cart"))
return render("/derived/user/new.html")
def render_customer_form(
menu_items, id, values=None, action=None, errors=None, add_number_of_addresses=0, add_number_of_phones=0
):
c.number_of_addresses = number_of_addresses(values) + add_number_of_addresses
c.number_of_phones = number_of_phones(values) + add_number_of_phones
c.menu_items = h.top_menu(menu_items, _("Customers"))
c.id = id
html = render(path.join(get_lang()[0], "derived/user/customer/edit.mako"))
return htmlfill.render(html, defaults=values, errors=errors)
def edit(self,id):
c.menu_items = h.top_menu(self.menu_items,_('Home'))
c.action = "update"
producttag = Session.query(ProductTag).filter_by(id=id).one()
c.id=producttag.id
values={}
values['producttag'] = producttag.tag
html = render('/derived/producttag/staff/new.html')
return htmlfill.render(html,defaults=values)
def getpage(self):
page = int(request.params.get("page"))
photos = Session.query(Photo)
itemspp = 30
if "itemspp" in request.params:
itemspp = int(request.params.get("itemspp"))
c.paginator = paginate.Page(photos, page=int(page), items_per_page=itemspp)
return render("/derived/photo/photopage.html")
def view(self, id):
if is_met(has_permission("view_user")):
try:
user = Session.query(User).filter_by(id=id).one()
except:
h.flash(_("No user with ID:%s to view") % id)
return redirect(h.url(controller="user", action="index"))
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
c.user = user
return render("/derived/user/staff/view.html")
else:
return redirect(url(controller="user", action="index"))
def index(self,id=None,page=1):
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
if is_met(in_group('customer')):
if session.has_key('invoice_querystr'):
invoices2 = eval(session['invoice_querystr']+".order_by(desc(Invoice.date_time))")
#invoices = Session.query(Invoice).filter_by(customer=identity['user']).filter_by(deleted=False).order_by(Invoice.date_time)
c.paginator = paginate.Page(invoices2,
page=int(request.params.get('page',page)),
items_per_page=10)
html = render('/derived/invoice/customer/index.html')
return htmlfill.render(html, defaults=session['invoice_search_values'], errors={})
else:
invoices = Session.query(Invoice).filter_by(customer=identity['user']).filter_by(deleted=False).order_by(desc(Invoice.date_time))
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page',page)),
items_per_page=10)
return render('/derived/invoice/customer/index.html')
else:
h.flash(_('Please take a few moments to %s\n')%(h.link_to(_("register"),url(controller="user", action="new"))))
return redirect(url(controller='home',action='index'))
def view(self,id,page=1):
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
invoice = Session.query(Invoice).filter_by(id=id).one()
if is_met(has_permission('view_invoice')):
c.invoice = invoice
c.paginator = paginate.Page(
invoice.invoice_items,
page=int(request.params.get('page', page)),
items_per_page = 10
)
return render('/derived/invoice/view.html')
elif invoice.customer == identity['user']:
c.invoice = invoice
c.paginator = paginate.Page(
invoice.invoice_items,
page=int(request.params.get('page', page)),
items_per_page = 10
)
return render('/derived/invoice/view.html')
else:
h.flash(_('You are not authorized to view this invoice'))
return redirect(url(controller='invoice',action='index'))
def edit(self,id):
values={}
group = Session.query(Group).filter_by(id=id).one()
values['group']= group.group
c.permissions = Session.query(Permission).all()
for i,perm in enumerate(c.permissions):
for permission in group.permissions:
if permission.name == perm.name:
values['permissions-%i.%i'%(i,perm.id)]= 1
c.menu_items = h.top_menu(self.menu_items,_('Customers'))
html = render('/derived/group/edit.html')
return htmlfill.render(html, defaults=values)
def index(self,id=None,page=1):
selection_type = request.params.get('selection')
if selection_type == 'invoice':
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
alist = session['invoice_selection'].items()
c.paginator = paginate.Page(alist,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/selection/invoice_index.html')
elif selection_type == 'user':
c.menu_items = h.top_menu(self.menu_items,_('Customers'))
alist = session['user_selection'].items()
c.paginator = paginate.Page(alist,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/selection/staff/user/index.html')
elif selection_type == 'product':
c.menu_items = h.top_menu(self.menu_items,_('Products'))
alist = session['product_selection'].items()
c.paginator = paginate.Page(alist,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/selection/staff/product/index.html')
def search(self):
came_from = str(request.GET.get('came_from', 'list'))
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Products'))
c.tags = Session.query(ProductTag).all()
action = request.params.getone('action')
values = dict(request.params)
del values['action']
if not_met(has_permission('edit_product')) or came_from=='list':
schema = ProductSearchCustomer()
else:
schema = ProductSearch()
try:
result = schema.to_python(values)
except Invalid, e:
if came_from == 'admin':
html = render('/derived/product/productadmin.html')
else:
html = render('/derived/product/list.html')
return htmlfill.render(html, defaults=values, errors=variabledecode.variable_encode(
e.unpack_errors() or {},
add_repetitions=False
))
def resetpassEmailaction(self):
values = dict(request.params)
user = Session.query(User).filter_by(id=values["userid"]).one()
schema = ResetpassEmail()
try:
resutl = schema.to_python(values, c)
except Invalid, e:
c.user = user
c.confcode = values["confcode"]
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
html = render("/derived/user/resetpass.html")
return htmlfill.render(
html, values, errors=variabledecode.variable_encode(e.unpack_errors() or {}, add_repetitions=False)
)
def document(self):
"""Render the error document"""
request = self._py_object.request
resp = request.environ.get('pylons.original_response')
code = cgi.escape(request.GET.get('code', ''))
content = cgi.escape(request.GET.get('message', ''))
c.menu_items = h.top_menu(self.menu_items,_('Home'))
if resp:
content = literal(resp.status)
code = code or cgi.escape(str(resp.status_int))
if not code:
raise Exception("No Status code was found")
c.code = code
c.message = content
return render(path.join(get_lang()[0],'derived/error/error.mako'))
def view(self,id):
if "repoze.who.identity" in request.environ:
user = request.environ.get('repoze.who.identity')['user']
wholesale_tag = Session.query(UserTag).filter_by(tag='wholesale').one()
if wholesale_tag in user.tags:
c.wholesale = True
try:
product = Session.query(Product).filter_by(id=id).one()
except:
h.flash(_('No product exist with ID: %s')%id)
redirect(url(controller='product',action='list'))
if request.environ.get("repoze.who.identity") is not None:
c.permissions = request.environ["repoze.what.credentials"]["permissions"]
c.product = product
c.menu_items = h.top_menu(self.menu_items,_('Products'))
return render('/derived/product/view.html')
def search(self):
identity = request.environ.get("repoze.who.identity")
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
c.tags = Session.query(UserTag.tag).all()
action = request.params.getone("action")
values = dict(request.params)
del values["action"]
schema = UserSearch()
try:
result = schema.to_python(values)
except Invalid, e:
html = render(path.join(get_lang()[0], "/derived/user/staff/index.html"))
return htmlfill.render(
html,
defaults=values,
errors=variabledecode.variable_encode(e.unpack_errors() or {}, add_repetitions=False),
)
def editbasket(self):
if "repoze.who.identity" in request.environ:
user = request.environ.get('repoze.who.identity')['user']
wholesale_tag = Session.query(UserTag).filter_by(tag='wholesale').one()
if wholesale_tag in user.tags:
c.wholesale=True
if session.has_key('basket') and session['basket']!={}:
products=[]
for item in session['basket']:
products.append(Session.query(Product).filter_by(id=item).one())
c.products = products
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
return render('/derived/product/editbasket.html')
else:
h.flash(_('No Items in basket'))
return redirect(url(controller='product', action='list'))
def resetpassEmail(self, id):
confcode = request.params.getone("confcode")
try:
user = Session.query(User).filter_by(id=id).one()
userconf = (
Session.query(UserConfirm)
.join(UserConfirm.user)
.filter(User.id == user.id)
.filter(UserConfirm.confirm_code == confcode)
.one()
)
except:
h.flash(_("wrong reset confirmation info."))
return redirect(url(controller="home", action="index"))
c.user = user
c.confcode = userconf.confirm_code
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
return render("/derived/user/resetpass.html")
def uploaddialog(self):
photos = Session.query(Photo).all()
session["photos"] = {}
session["photos"]["files"] = []
session.save()
basepath = os.path.join(config["pylons.paths"]["static_files"], "pics")
for photo in photos:
session["photos"]["files"].append(
{
"name": photo.file_path,
"size": os.path.getsize(os.path.join(basepath, photo.file_path))
if os.path.isfile(os.path.join(basepath, photo.file_path))
else 0,
"id": photo.id,
}
)
session.save()
c.action = h.url(controller="photo", action="upload")
return render("/derived/photo/uploaddialog.html")
def render_form(
menu_items,
values=None,
action="submit",
id=-1,
errors=None,
add_number_of_addresses=0,
add_number_of_emails=0,
add_number_of_phones=0,
):
c.number_of_addresses = number_of_addresses(values) + add_number_of_addresses
c.number_of_emails = number_of_emails(values) + add_number_of_emails
c.number_of_phones = number_of_phones(values) + add_number_of_phones
c.menu_items = h.top_menu(menu_items, _("Customers"))
# c.roles = ['test1','test2']
c.roles = Session.query(Group).all()
c.tags = Session.query(UserTag).all()
c.action = action
c.id = id
html = render(path.join(get_lang()[0], "derived/user/staff/new.mako"))
return htmlfill.render(html, defaults=values, errors=errors)
def post_login(self):
identity = request.environ.get('repoze.who.identity')
if not identity:
session['failedlogin'] +=1
session.save()
#h.flash(_("Incorrect User name or Password"))
if session['failedlogin']>3:
session['failedlogin'] = 0
session.save()
#return "To many login atempts!"
return HTTPForbidden(request=request,body="Incorrect User name or Password")
if identity['user'].pending:
session['failedlogin'] = 0
session.save()
h.flash(_('Your account is still pending. Check your email for activation link'))
#return redirect logout
return redirect(url(controller="account",action="logout"))
#return render(path.join(get_lang()[0],'derived/account/login.mako'))
if identity['user'].deleted:
session['failedlogin'] = 0
session.save()
h.flash(_('Your account has been deleted!'))
return redirect(url(controller="account",action="logout"))
#return render(path.join(get_lang()[0],'derived/account/login.mako'))
session['user'] = identity['user'].id
if is_met(not_anonymous()):
session['failedlogin'] = 0
session['user_selection']={}
session['product_selection']={}
session['invoice_selection']={}
session.save()
if 'came_from' in session:
came_from = session['came_from']
del session['came_from']
session.save()
return redirect(came_from)
return render(path.join(get_lang()[0],'derived/account/login.mako'))
