def delete_document(request, company):
try:
c = Company.objects.get(url_name=company)
except Company.DoesNotExist:
return JsonError(_("Company does not exist."))
if not has_permission(request.user, c, 'document', 'edit'):
return JsonError(_("You have no permission to edit document"))
if not has_permission(request.user, c, 'stock', 'edit'):
return JsonError(_("You have no permission to edit stock"))
data = JsonParse(request.POST.get('data'))
try:
document = Document.objects.get(id=data['document_id'], company=c)
except Document.DoesNotExist:
print "document does not exist"
return JsonError('document_does_not_exist')
try:
Stock.objects.filter(document=document, company=c).delete()
except Exception as e:
print "error deleting stock"
print e
return JsonError('could_not_delete_stock')
document.delete()
return JsonOk()
def products(request, company):
c = get_object_or_404(Company, url_name=company)
# needs to be at least guest to view products
if not has_permission(request.user, c, 'product', 'view'):
return no_permission_view(request, c, _("You have no permission to view products."))
# if there are no taxes defined, don't show anything
if Tax.objects.filter(company=c).count() == 0:
return error(request, c, _("There are no taxes defined. Please go to tax management and define them."))
# if there are no categories defined, throw an error
if Category.objects.filter(company=c).count() == 0:
return error(request, c, _("There are no categories defined, please go to category management to define them."))
# fields that need to be limited in length:
lengths = {
'code': max_field_length(Product, 'code'),
'price': g.DECIMAL['currency_digits'] + 1,
'purchase_price': g.DECIMAL['currency_digits'] + 1,
'shortcut': max_field_length(Product, 'shortcut'),
'stock': g.DECIMAL['quantity_digits'],
'name': max_field_length(Product, 'name'),
'tax': g.DECIMAL['percentage_decimal_places'] + 4, # up to '100.' + 'decimal_digits'
}
context = {
'company': c,
'title': _("Products"),
'site_title': g.MISC['site_title'],
# lists
'taxes': JsonStringify(get_all_taxes(request.user, c)),
'categories': JsonStringify(get_all_categories(c, json=True)),
'units': JsonStringify(g.UNITS),
'discounts': JsonStringify(get_all_discounts(request.user, c)),
# urls for ajax calls
'add_url': reverse('pos:create_product', args=[c.url_name]),
# config variables
'can_edit': has_permission(request.user, c, 'product', 'edit'),
'currency': get_company_value(request.user, c, 'pos_currency'),
# images
'image_dimensions': g.IMAGE_DIMENSIONS['product'],
'image_upload_formats': g.MISC['image_upload_formats'], # what can be uploaded
'max_upload_size': round(g.MISC['max_upload_image_size']/2**20, 2), # show in megabytes
'max_upload_size_bytes': g.MISC['max_upload_image_size'], # bytes for javascript
# html fields
'field_lengths': lengths,
'separator': get_company_value(request.user, c, 'pos_decimal_separator'),
# numbers etc
'default_tax_id': get_default_tax(request.user, c)['id'],
'decimal_places': get_company_value(request.user, c, 'pos_decimal_places')*2, # ACHTUNG: rounding comes at the end
}
return render(request, 'pos/manage/products.html', context)
def check_bill_status_(request, c, android=False):
# there should be bill_id in request.POST
try:
bill_id = int(JsonParse(request.POST.get("data")).get("bill_id"))
bill = Bill.objects.get(company=c, id=bill_id)
except (Bill.DoesNotExist, ValueError, TypeError):
return JsonError(_("Bill does not exist or data is invalid"))
if not has_permission(request.user, c, "bill", "edit"):
return JsonResponse({"status": "no_permission", "message": "no_permission"})
# LOL :) - not LOL, rok does not understand - omg, omg, se eno tako..
"""
if settings.DEBUG:
if random.randint(0, 9) > 0:
return JsonOk(extra={'paid': 'true'})
else:
return JsonOk(extra={'paid': 'false'})
"""
if bill.status == g.PAID:
if android:
return JsonOk(
extra={
"paid": "true",
"print": esc_format(request.user, c, bill, bill.register.receipt_format, esc_commands=True),
}
)
else:
return JsonOk(extra={"paid": "true"})
else:
return JsonOk(extra={"paid": "false"})
def delete_unpaid_bill(request, company):
try:
c = Company.objects.get(url_name=company)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# bill_id is required in request.POST
try:
bill_id = int(JsonParse(request.POST.get("data")).get("bill_id"))
bill = Bill.objects.get(company=c, id=bill_id)
except (TypeError, ValueError):
return JsonError(_("Invalid bill id"))
except Bill.DoesNotExist:
return JsonError(_("Bill does not exist"))
# check if this user has permission to edit bills
if not has_permission(request.user, c, "bill", "edit"):
return JsonError(_("You have no permission to edit bills"))
# check if this bill is really unpaid
if bill.status == g.PAID:
return JsonError(_("This bill has already been paid, deleting is not possible"))
# if everything is ok, delete it and send an OK message
bill.delete()
return JsonOk()
def change_payment_type_(request, c):
# there should be bill_id in request.POST
try:
bill_id = int(JsonParse(request.POST.get("data")).get("bill_id"))
bill = Bill.objects.get(company=c, id=bill_id)
except (Bill.DoesNotExist, ValueError, TypeError):
return JsonError(_("Bill does not exist or data is invalid"))
if bill.company == c and has_permission(request.user, c, "bill", "edit"):
type = JsonParse(request.POST.get("data")).get("type")
try:
bill_payment = Payment.objects.get(id=bill.payment.id)
if bill_payment.status == g.PAID:
return JsonResponse({"status": "error", "message": "bill_payment_already_paid"})
if type not in g.PAYMENT_TYPE_VALUES:
return JsonResponse({"status": "error", "message": "invalid_payment_type"})
bill_payment.type = type
bill_payment.save()
except Payment.DoesNotExist:
return JsonResponse({"status": "error", "message": "no_payment_for_bill"})
else:
return JsonResponse({"status": "error", "message": "trying_to_compromise"})
return JsonOk()
def get_payment_btc_info_(request, c):
# there should be bill_id in request.POST
try:
bill_id = int(JsonParse(request.POST.get("data")).get("bill_id"))
bill = Bill.objects.get(company=c, id=bill_id)
except (Bill.DoesNotExist, ValueError, TypeError):
return JsonError(_("Bill does not exist or data is invalid"))
extra = {}
if bill.company == c and has_permission(request.user, c, "bill", "edit"):
if settings.DEBUG and "tomaz" in globals():
btc_address = "17VP9cu7K75MswYrh2Ue5Ua6Up4ZiMLpYw"
btc_amount = 0.01
else:
btc_address = bill.payment.get_btc_address(c.id)
btc_amount = bill.payment.get_btc_amount(request.user, c)
if btc_address == "":
return JsonResponse({"status": "could_not_get_btc_address", "message": "could_not_get_btc_address"})
if not btc_amount:
return JsonResponse({"status": "could_not_get_btc_amount", "message": "could_not_get_btc_amount"})
extra["btc_address"] = btc_address
extra["btc_amount"] = btc_amount
else:
return JsonResponse({"status": "error", "message": "trying_to_compromise"})
return JsonOk(extra=extra)
def validate_company(user, company, data):
def r(status, msg):
return {'status': status,
'data': data,
'message': msg}
if not has_permission(user, company, 'company', 'edit'):
return r(False, _("You have no permission to edit this company"))
if data.get('url_name'):
url_name = data['url_name']
if url_name != company.url_name:
if not check_url_name(url_name):
return r(False, _("Url of the company is invalid or exists already."))
else:
url_name = company.url_name
if not data.get('name'):
return r(False, _("No name entered"))
elif len(data['name']) > max_field_length(Company, 'name'):
return r(False, _("Name too long"))
if not data.get('email'):
return r(False, _("No email entered"))
return {'status': True, 'data': data}
def delete_invitation(request, company):
try:
c = Company.objects.get(url_name=company)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# permissions
if not has_permission(request.user, c, 'user', 'edit'):
return JsonError(_("You have no permission to edit users"))
# get and check data
try:
action_id = int(JsonParse(request.POST.get('data')).get('action_id'))
if not action_id:
raise TypeError
except (ValueError, KeyError, TypeError):
return JsonError(_("No data in request"))
# get the right action and delete it
try:
action = Action.objects.get(company=c, id=action_id)
except Action.DoesNotExist:
return JsonError(_("Invite does not exist"))
action.delete()
return JsonOk()
def list_users(request, company):
""" show a list of users and their pins """
c = get_object_or_404(Company, url_name=company)
# check permission
if not has_permission(request.user, c, 'user', 'view'):
return no_permission_view(request, c, _("You have no permission to view users' settings."))
# this company's permissions
permissions = Permission.objects.filter(company=c)
# show waiting and canceled invites
actions = Action.objects.filter(company=c, type=g.ACTION_INVITATION)
# do some nice formatting on the actions
for a in actions:
a.sender = str(BlocklogicUser.objects.get(email=a.sender))
context = {
'company': c,
'permissions': permissions,
'permission_groups': g.PERMISSION_GROUPS,
'actions': actions,
'pin_length': g.PIN_LENGTH,
'title': _("Users"),
'site_title': g.MISC['site_title'],
'date_format_django': get_date_format(request.user, c, 'django'),
}
return render(request, 'pos/manage/users.html', context)
def mobile_add_category(request, company_id):
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
if not has_permission(request.user, c, 'category', 'edit'):
return JsonError(_("You have no permission to edit products"))
data = JsonParse(request.POST['data'])
# data['company'] = c
valid = validate_category(request.user, c, data)
if not valid.get('status'):
return JsonError(valid['message'])
form = valid['form']
category = form.save(False)
if 'created_by' not in form.cleaned_data:
category.created_by = request.user
if 'company_id' not in form.cleaned_data:
category.company_id = c.id
category = form.save()
return JsonOk(extra=category_to_dict(category, android=True))
def mobile_add_discount(request, company_id):
# edit an existing contact
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# check permissions: needs to be at least manager
if not has_permission(request.user, c, 'discount', 'edit'):
return JsonError(_("add discounts"))
data = JsonParse(request.POST['data'])
valid = validate_discount(data, request.user, c, android=True)
if not valid.get('status'):
return JsonError(valid['message'])
form = valid['form']
d = Discount(
description=form.cleaned_data.get('description'),
code=form.cleaned_data.get('code'),
type=form.cleaned_data.get('type'),
amount=form.cleaned_data.get('amount'),
start_date=form.cleaned_data.get('start_date'),
end_date=form.cleaned_data.get('end_date'),
enabled=form.cleaned_data.get('enabled'),
created_by=request.user,
company=c
)
d.save()
return JsonOk(extra=discount_to_dict(request.user, c, d, android=True))
def mobile_get_cut(request, company_id):
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
if not has_permission(request.user, c, 'tax', 'view'):
return JsonError(_("You have no permission to view taxes"))
taxes = Tax.objects.filter(company=c)
result = {}
r = []
for t in taxes:
r.append(tax_to_dict(request.user, c, t))
result['taxes'] = r
units = UNITS
result['units'] = units
categories = get_all_categories(c, json=True)
result['categories'] = categories
discounts = get_all_discounts(request.user, c, android=True)
result['discounts'] = discounts
return JsonResponse(result)
def mobile_edit_category(request, company_id):
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
if not has_permission(request.user, c, 'category', 'edit'):
return JsonError(_("You have no permission to edit products"))
data = JsonParse(request.POST['data'])
try:
category = Category.objects.get(id=int(data['id']), company=c)
except Category.DoesNotExist:
return JsonError(_("Category does not exsist"))
# data['company'] = c
valid = validate_category(request.user, c, data, category=category)
if not valid.get('status'):
return JsonError(valid['message'])
form = valid['form']
category = form.save()
return JsonOk(extra=category_to_dict(category, android=True))
def mobile_edit_register(request, company_id):
# add a new register
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# check permissions: needs to be manager
if not has_permission(request.user, c, 'register', 'edit'):
return JsonError(_("You have no permission to edit registers"))
data = JsonParse(request.POST['data'])
try:
register = Register.objects.get(id=int(data['id']), company=c)
except Register.DoesNotExist:
return JsonError(_("Register does not exists"))
valid = validate_register(request.user, c, data, register=register)
if not valid.get('status'):
return JsonError(valid['message'])
form = valid['form']
register = form.save(False)
register.company = c
register.created_by = request.user
register.device_id = data['device_id']
register.save()
return JsonOk(extra=register_to_dict(request.user, c, register))
def manage_documents(request, company, page):
c = get_object_or_404(Company, url_name=company)
# check permissions: needs to be guest
if not has_permission(request.user, c, 'stock', 'view'):
return no_permission_view(request, c, _("You have no permission to view stock."))
documents = Document.objects.filter(company=c).order_by('-number')
paginator = Paginator(documents, g.MISC['documents_per_page'])
if page:
documents = paginator.page(page)
else:
documents = paginator.page(1)
context = {
'managing': 'documents',
'company': c,
'documents': documents,
# 'searched': searched,
# 'filter_form': form,
'title': _("Stock"),
'next_url': reverse('pos:manage_documents', args=[c.url_name, int(page)+1]),
'prev_url': reverse('pos:manage_documents', args=[c.url_name, int(page)-1]),
'site_title': g.MISC['site_title'],
'date_format_django': get_date_format(request.user, c, 'django'),
'date_format_js': get_date_format(request.user, c, 'js'),
}
return render(request, 'pos/manage/manage_documents.html', context)
def mobile_get_register(request, company_id):
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
user = request.user
# check permissions: needs to be guest
if not has_permission(request.user, c, 'register', 'view'):
return JsonError(_("You have no permission to view registers"))
data = JsonParse(request.POST['data'])
device_id = data['device_id']
try:
register = Register.objects.get(company=c, device_id=device_id)
r = {
'register': register_to_dict(request.user, c, register)
}
except Register.DoesNotExist:
r = {
'register': None
}
return JsonOk(extra=r, safe=False)
def add_register(request, company):
# add a new register
c = get_object_or_404(Company, url_name=company)
# check permissions: needs to be manager
if not has_permission(request.user, c, 'register', 'edit'):
return no_permission_view(request, c, _("You have no permission to add printers."))
context = {
'add': True,
'company': c,
'title': _("Add printer"),
'site_title': g.MISC['site_title'],
'date_format_js': get_date_format(request.user, c, 'js')
}
if request.method == 'POST':
# submit data
form = RegisterForm(request.POST)
if form.is_valid():
register = form.save(False)
register.company = c
register.created_by = request.user
register.save()
return redirect('pos:list_registers', company=c.url_name)
else:
form = RegisterForm()
form.user = request.user
form.company = c
context['form'] = form
return render(request, 'pos/manage/register.html', context)
def add_contact(request, company):
# add a new contact
c = get_object_or_404(Company, url_name=company)
# check permissions: needs to be manager
if not has_permission(request.user, c, 'contact', 'edit'):
return no_permission_view(request, c, _("You have no permission to add contacts."))
t = request.GET.get('type')
if not t:
t = 'Individual' # the default
context = {
'add': True,
'type': t,
'company': c,
'title': _("Add contact"),
'site_title': g.MISC['site_title'],
'date_format_js': get_date_format(request.user, c, 'js')
}
if request.method == 'POST':
# submit data
form = ContactForm(request.POST)
form.user = request.user
form.company = c
if form.is_valid():
# create a new Contact
contact = Contact(
type=form.cleaned_data.get('type'),
company_name=form.cleaned_data.get('company_name'),
first_name=form.cleaned_data.get('first_name'),
last_name=form.cleaned_data.get('last_name'),
sex=form.cleaned_data.get('sex'),
street_address=form.cleaned_data.get('street_address'),
postcode=form.cleaned_data.get('postcode'),
city=form.cleaned_data.get('city'),
state=form.cleaned_data.get('state'),
country=form.cleaned_data.get('country'),
email=form.cleaned_data.get('email'),
phone=form.cleaned_data.get('phone'),
vat=form.cleaned_data.get('vat'),
date_of_birth=form.cleaned_data.get('date_of_birth'),
created_by=request.user,
company=c
)
contact.save()
return redirect('pos:list_contacts', company=c.url_name)
else:
form = ContactForm(initial={'type': t, 'country': c.country})
form.user = request.user
form.company = c
context['form'] = form
return render(request, 'pos/manage/contact.html', context)
def edit_product_(request, c, android=False):
# sellers can edit product
if not has_permission(request.user, c, 'product', 'edit'):
return JsonError(_("You have no permission to edit products"))
data = JsonParse(request.POST['data'])
# see if product exists in database
product_id = data['id']
try:
product = Product.objects.get(company=c, id=product_id)
except:
return JsonError(_("Product does not exist"))
# validate data
valid = validate_product(request.user, c, data)
if not valid['status']:
return JsonError(valid['message'])
data = valid['data']
# update product:
product.name = data.get('name')
product.category = data.get('category')
product.unit_type = data.get('unit_type')
product.code = data.get('code')
product.shortcut = data.get('shortcut')
product.description = data.get('description')
product.private_notes = data.get('private_notes')
# product.stock = data.get('stock')
product.tax = data.get('tax')
# update discounts
product.update_discounts(request.user, data['discount_ids'])
# image
if data['change_image'] == True:
if data.get('image'): # new image is uploaded
# create a file from the base64 data and save it to product.image
if product.image:
product.image.delete()
# save a new image (conversion is done in validate_product)
f = create_file_from_image(data['image'])
product.image = f['file']
else: # delete the old image
product.image.delete()
# category
if data['category']:
product.category = data['category']
# price has to be updated separately
product.price = product.update_price(Price, request.user, data['price'])
# if data.get('purchase_price'):
# product.price = product.update_price(PurchasePrice, request.user, data['purchase_price'])
product.updated_by = request.user
product.save()
return JsonOk(extra=product_to_dict(request.user, c, product, android))
def list_contacts(request, company):
c = get_object_or_404(Company, url_name=company)
# check permissions: needs to be guest
if not has_permission(request.user, c, 'contact', 'view'):
return no_permission_view(request, c, _("You have no permission to view contacts."))
l = request.GET.get('letter')
results_display = False # true if there was something in the search form
# show the filter form
if request.method == 'POST':
contacts = Contact.objects.all()
form = ContactFilterForm(request.POST)
results_display = True
if form.is_valid():
# filter by whatever is in the form
if form.cleaned_data['type'] == 'Individual':
contacts = contacts.filter(type='Individual')
if 'name' in form.cleaned_data: # search by first and last name
first_names = contacts.filter(first_name__icontains=form.cleaned_data['name'])
last_names = contacts.filter(last_name__icontains=form.cleaned_data['name'])
contacts = (first_names | last_names).distinct()
else:
contacts = contacts.filter(type='Company')
if 'name' in form.cleaned_data: # search by company name
contacts = contacts.filter(company_name__icontains=form.cleaned_data['name'])
else:
form = ContactFilterForm()
if l:
if l == '*':
# get all contacts that don't begin with any letter of the alphabet
contacts = Contact.objects.filter(company=c,
company_name__iregex=r'^[^' + g.ALPHABETS[get_language()] + '].*') | \
Contact.objects.filter(company=c,
first_name__iregex=r'^[^' + g.ALPHABETS[get_language()] + '].*')
else:
# get contacts beginning with the selected letter
contacts = Contact.objects.filter(company=c, company_name__istartswith=l) | \
Contact.objects.filter(company=c, first_name__istartswith=l)
else:
contacts = Contact.objects.none()
context = {
'company': c,
'letter': l,
'contacts': contacts,
'filter_form': form,
'results_display': results_display,
'title': _("Contacts"),
'site_title': g.MISC['site_title'],
'date_format_django': get_date_format(request.user, c, 'django'),
'alphabet': g.ALPHABETS[get_language()],
}
return render(request, 'pos/manage/contacts.html', context)
def edit_contact(request, company, contact_id):
# edit an existing contact
c = get_object_or_404(Company, url_name=company)
# check permissions: needs to be guest
if not has_permission(request.user, c, 'contact', 'edit'):
return no_permission_view(request, c, _("You have no permission to edit contacts."))
context = {
'company': c,
'contact_id': contact_id,
'title': _("Edit contact"),
'site_title': g.MISC['site_title'],
'date_format_js': get_date_format(request.user, c, 'js'),
}
# get contact
contact = get_object_or_404(Contact, id=contact_id)
# check if contact actually belongs to the given company
if contact.company != c:
raise Http404
if request.method == 'POST':
# submit data
form = ContactForm(request.POST)
form.user = request.user
form.company = c
if form.is_valid():
contact.type = form.cleaned_data.get('type')
contact.company_name = form.cleaned_data.get('company_name')
contact.first_name = form.cleaned_data.get('first_name')
contact.last_name = form.cleaned_data.get('last_name')
contact.sex = form.cleaned_data.get('sex')
contact.date_of_birth = form.cleaned_data.get('date_of_birth')
contact.street_address = form.cleaned_data.get('street_address')
contact.postcode = form.cleaned_data.get('postcode')
contact.city = form.cleaned_data.get('city')
contact.state = form.cleaned_data.get('state')
contact.country = form.cleaned_data.get('country')
contact.email = form.cleaned_data.get('email')
contact.phone = form.cleaned_data.get('phone')
contact.vat = form.cleaned_data.get('vat')
contact.save()
return redirect('pos:list_contacts', company=c.url_name)
else:
initial = contact_to_dict(request.user, c, contact)
form = ContactForm(initial=initial)
form.user = request.user
form.company = c
context['form'] = form
context['type'] = contact.type
return render(request, 'pos/manage/contact.html', context)
def json_discounts(request, company):
try:
c = Company.objects.get(url_name=company)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# permissions
if not has_permission(request.user, c, 'discount', 'view'):
return JsonError(_("You have no permission to view discounts"))
return JsonResponse(get_all_discounts(request.user, c))
def get_mobile_config(request, company_id):
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# permissions
if not has_permission(request.user, c, 'config', 'edit'):
return no_permission_view(request, c, _("You have no permission to edit system configuration."))
return JsonOk(extra=company_config_to_dict(request.user, c))
def mobile_JSON_categories_strucutred(request, company_id):
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# permissions
if not has_permission(request.user, c, 'category', 'view'):
return JsonError("no permission")
# return all categories' data in JSON format
return JsonOk(extra=get_all_categories_structured(c, sort='name', android=True), safe=False)
def mobile_list_discounts(request, company_id):
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# check permissions: needs to be guest
if not has_permission(request.user, c, 'discount', 'view'):
return JsonError(_("view discounts"))
discounts = Discount.objects.filter(company__id=c.id)
results_display = False
data = JsonParse(request.POST['data'])
# show the filter form
if request.method == 'POST':
if data.get('search'):
discounts = discounts.filter(description__icontains=data['search']) | \
discounts.filter(code__icontains=data['search'])
# start_date
if data.get('start_date'):
# parse date first
start_date = data.get('start_date')
start = dtm.date(year=start_date[0], month=start_date[1],
day=start_date[2])
discounts = discounts.filter(start_date__gte=start)
# end_date
if data.get('end_date'):
end_date = data.get('end_date')
end = dtm.date(year=end_date[0], month=end_date[1],
day=end_date[2])
discounts = discounts.filter(end_date__lse=end)
# active
if data.get('active') is not None:
discounts = discounts.filter(active=data['active'])
results_display = True # search results are being displayed
r = []
for d in discounts:
r.append(discount_to_dict(request.user, c, d, android=True))
return JsonOk(extra=r)
def create_product_(request, c, android=False):
# sellers can add product
if not has_permission(request.user, c, 'product', 'edit'):
return JsonError(_("You have no permission to add products"))
data = JsonParse(request.POST['data'])
# validate data
valid = validate_product(request.user, c, data)
if not valid['status']:
return JsonError(valid['message'])
data = valid['data']
# save product:
product = Product(
company=c,
created_by=request.user,
category=data.get('category'),
name=data.get('name'),
code=data.get('code'),
shortcut=data.get('shortcut'),
description=data.get('description'),
private_notes=data.get('private_notes'),
stock=data.get('stock'),
tax=data.get('tax'),
)
product.save()
# update discounts
product.update_discounts(request.user, data['discount_ids'])
# prices have to be updated separately
price = product.update_price(Price, request.user, data['price']) # purchase price
if not price:
product.delete()
return JsonError(_("Error while setting purchase price"))
#if data.get('purchase_price'):
# price = product.update_price(PurchasePrice, request.user, data['purchase_price'])
# if not price:
# product.delete()
# return JsonError(_("Error while setting sell price"))
# add image, if it's there
if data['change_image']:
if 'image' in data:
f = create_file_from_image(data['image'])
product.image = f['file']
product.save()
return JsonOk(extra=product_to_dict(request.user, c, product, android))
def list_taxes(request, company):
c = get_object_or_404(Company, url_name=company)
# permissions
list_permission = has_permission(request.user, c, 'tax', 'view')
edit_permission = has_permission(request.user, c, 'tax', 'edit')
if not list_permission:
return no_permission_view(request, c, _("You have no permission to view taxes."))
context = {
'company': c,
'taxes': JsonStringify(get_all_taxes(request.user, c)),
'edit_permission': edit_permission,
'max_name_length': max_field_length(Tax, 'name'),
'title': _("Manage Tax Rates"),
'site_title': g.MISC['site_title'],
'separator': get_company_value(request.user, c, 'pos_decimal_separator'),
}
return render(request, 'pos/manage/tax.html', context)
def mobile_JSON_categories(request, company_id):
try:
c = Company.objects.get(id=company_id)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# permissions
if not has_permission(request.user, c, 'category', 'view'):
return JsonError(_("You have no permission to view categories"))
data = get_all_categories(c, android=True, no_category=True)
# return all categories' data in JSON format
return JsonOk(extra=data, safe=False)
def get_contact(request, company, contact_id):
try:
c = Company.objects.get(url_name=company)
except Company.DoesNotExist:
return JsonError(_("Company does not exist"))
# permissions: needs to be guest to view contacts
if not has_permission(request.user, c, 'contact', 'view'):
return JsonError(_("You have no permission to view products"))
contact = get_object_or_404(Contact, id=contact_id, company=c)
return JsonResponse(contact_to_dict(request.user, c, contact))
def update_document(request, company):
try:
c = Company.objects.get(url_name=company)
except Company.DoesNotExist:
return JsonError(_("Company does not exist."))
# permissions
if not has_permission(request.user, c, 'document', 'edit'):
return JsonError(_("You have no permission to add contacts"))
data = JsonParse(request.POST.get('data'))
supplier = data['supplier']
supplier = supplier.split(',')
contact = None
if len(supplier) > 0:
vat = supplier[-1].strip()
if not vat.isdigit():
return JsonError("invalid_supplier")
try:
contact = Contact.objects.get(vat=vat)
except Contact.DoesNotExist:
Contact.copy_from_contact_registry(request, c, vat)
try:
contact = Contact.objects.get(vat=vat)
except Contact.DoesNotExist:
return JsonError("contact_does_not_exists")
# TODO: validate with forms
try:
document = Document.objects.get(id=data['document_id'], company=c)
document.number = data['document_number']
document.entry_date = data['entry_date']
document.document_date = data['document_date']
if contact is not None:
document.supplier = contact
document.updated_by = request.user
document.save()
except Exception as e:
print "Error updating document"
print e
return JsonError('could_not_save_document')
return JsonOk()