def add_new_book(request): """ Tests: - GETTest - AddNewBookTest - SecurityTest - NotAllowedTest """ if not request.method == 'POST': t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if request.POST.get("Action", '') == 'Add': form = NewBookForm(request.POST) if form.is_valid(): # This came from the add_book view, and we need to # create a book and a metabook barcode = form.cleaned_data['barcode'] price = form.cleaned_data['price'] sid = form.cleaned_data['seller'] author = form.cleaned_data['author'] title = form.cleaned_data['title'] ed = form.cleaned_data['edition'] dept = form.cleaned_data['department'] course_num = form.cleaned_data['course_number'] metabook = MetaBook(barcode=barcode, author=author, title=title, edition=ed) metabook.save() goc = Course.objects.get_or_create course, created = goc(department=dept, number=course_num) metabook.courses.add(course) metabook.save() try: seller = User.objects.get(pk=sid) except User.DoesNotExist: seller = import_user(sid) if seller == None: message = "Invalid Student ID: %s" % sid return tidy_error(request, message) book = Book(seller=seller, price=Decimal(price), metabook=metabook) book.status = 'F' book.save() Log(book=book, who=request.user, action='A').save() var_dict = { 'title' : metabook.title, 'author' : metabook.author, 'seller_name' : seller.get_full_name(), 'book_id' : book.id, } template = 'books/update_book/added.html' return rtr(template, var_dict, context_instance=RC(request)) var_dict = {'form' : form} template = 'books/add_new_book.html' return rtr(template, var_dict, context_instance=RC(request))
def attach_book(request): """ Tests: - GETTest - SecurityTest - NotAllowedTest """ # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if not request.method == 'POST': t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) form = NewBookForm(request.POST) if not form.is_valid(): # The form has bad data. send the user back var_dict = {'form' : form} template = 'books/attach_book.html' return rtr(template, var_dict, context_instance=RC(request)) # shorten our code line lengths below goc = Course.objects.get_or_create cd = form.cleaned_data # Get the course if it exists, otherwise create it. tpl = goc(department=cd['department'], number=cd['course_number']) course = tpl[0] metabook = MetaBook() metabook.title = form.cleaned_data['title'] metabook.author = form.cleaned_data['author'] metabook.barcode = form.cleaned_data['barcode'] metabook.edition = form.cleaned_data['edition'] metabook.save() metabook.courses.add(course) metabook.save() book = Book.objects.get(pk=form.cleaned_data['book_id']) book.metabook = metabook book.save() var_dict = {'book' : book} template = 'books/attached.html' return rtr(template, var_dict, context_instance=RC(request))
def attach_book(request): """ Tests: - GETTest - SecurityTest - NotAllowedTest """ # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if not request.method == 'POST': t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) form = NewBookForm(request.POST) if not form.is_valid(): # The form has bad data. send the user back var_dict = {'form': form} template = 'books/attach_book.html' return rtr(template, var_dict, context_instance=RC(request)) # shorten our code line lengths below goc = Course.objects.get_or_create cd = form.cleaned_data # Get the course if it exists, otherwise create it. tpl = goc(department=cd['department'], number=cd['course_number']) course = tpl[0] metabook = MetaBook() metabook.title = form.cleaned_data['title'] metabook.author = form.cleaned_data['author'] metabook.barcode = form.cleaned_data['barcode'] metabook.edition = form.cleaned_data['edition'] metabook.save() metabook.courses.add(course) metabook.save() book = Book.objects.get(pk=form.cleaned_data['book_id']) book.metabook = metabook book.save() var_dict = {'book': book} template = 'books/attached.html' return rtr(template, var_dict, context_instance=RC(request))
def add_new_book(request): """ Tests: - GETTest - AddNewBookTest - SecurityTest - NotAllowedTest """ if not request.method == 'POST': t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if request.POST.get("Action", '') == 'Add': form = NewBookForm(request.POST) if form.is_valid(): # This came from the add_book view, and we need to # create a book and a metabook barcode = form.cleaned_data['barcode'] price = form.cleaned_data['price'] sid = form.cleaned_data['seller'] author = form.cleaned_data['author'] title = form.cleaned_data['title'] ed = form.cleaned_data['edition'] dept = form.cleaned_data['department'] course_num = form.cleaned_data['course_number'] metabook = MetaBook(barcode=barcode, author=author, title=title, edition=ed) metabook.save() goc = Course.objects.get_or_create course, created = goc(department=dept, number=course_num) metabook.courses.add(course) metabook.save() try: seller = User.objects.get(pk=sid) except User.DoesNotExist: seller = import_user(sid) if seller == None: message = "Invalid Student ID: %s" % sid return tidy_error(request, message) book = Book(seller=seller, price=Decimal(price), metabook=metabook) book.status = 'F' book.save() Log(book=book, who=request.user, action='A').save() var_dict = { 'title': metabook.title, 'author': metabook.author, 'seller_name': seller.get_full_name(), 'book_id': book.id, } template = 'books/update_book/added.html' return rtr(template, var_dict, context_instance=RC(request)) var_dict = {'form': form} template = 'books/add_new_book.html' return rtr(template, var_dict, context_instance=RC(request))