def showusers():
if request.method == "GET":
# on page enter, no id will be available so display table
user_id = request.args.get("user_id")
if not user_id:
users = User.query.all()
return render_template('users.html', users=users)
else:
con = db_connect()
cur = con.cursor()
cur.execute("SELECT id, first_name, surname, access_level, approved FROM users WHERE id = :user_id", {'user_id': user_id})
result = cur.fetchall()
return jsonify(serialize(cur, result))
# update user
if request.method == "POST":
id = request.form.get('id')
first_name = request.form.get('first_name')
surname = request.form.get('surname')
access_level = request.form.get('access_level')
approved = request.form.get('approved')
con = db_connect('update')
cur = con.cursor()
sql = """UPDATE users SET first_name=?, surname=?, access_level=?, approved=? WHERE id=?"""
cur.execute(sql, (first_name, surname, access_level, approved, id))
con.commit()
con.close()
flash('User updated')
return redirect(url_for('users.showusers'))
def editcustomer():
if request.method == "GET":
# on page enter, no id will be available so display table
customer_id = request.args.get("customer_id")
if not customer_id:
customers = Customer.query.all()
return render_template('customer.html', customers=customers)
else:
con = db_connect()
cur = con.cursor()
cur.execute(
"SELECT id, cname, cnumber, fname, sname, email FROM customers WHERE id = :customer_id",
{'customer_id': customer_id})
result = cur.fetchall()
return jsonify(serialize(cur, result))
if request.method == "POST":
cid = request.form.get('cid')
customer = Customer.query.filter_by(id=cid).first()
customer.cname = request.form.get('cname')
customer.cnumber = request.form.get('cnumber')
customer.fname = request.form.get('fname')
customer.sname = request.form.get('sname')
customer.email = request.form.get('email')
db.session.commit()
flash('Edits successful')
return redirect(url_for('customers.customer'))
def edit():
""" Update Product """
if request.method == "POST":
# get id and name for product
pid = request.form.get('id')
product_sku = request.form.get('editProductSku')
product_name = request.form.get('editProductName')
customer_id = request.form.get('editCustomerId')
recipe_id = request.form.get('editRecipeId')
run_rate = request.form.get('editRunRate')
# update product
product = Product.query.filter_by(id=pid).first()
product.product_sku = product_sku
product.product_name = product_name
product.customer_id = customer_id
product.recipe_id = recipe_id
product.run_rate = run_rate
db.session.commit()
flash('Successful. Product updated.')
return redirect(url_for('products.viewproducts'))
# returns JSON data to display the correct ingredient that user wants to edit on modal
elif request.method == "GET":
id = request.args.get("id")
con = db_connect()
cur = con.cursor()
cur.execute("SELECT * FROM products WHERE id = :id", {'id': id})
result = cur.fetchall()
return jsonify(serialize(cur, result))
def editrecipes():
""" Edit recipe ingredient details """
if request.method == "POST":
rname = request.form.get('rname')
ingredient_id = request.form.get('ingredient_id')
ingredient_amount = request.form.get('editAmount')
version_number = request.form.get('version_number')
# connect and update database
con = db_connect()
cur = con.cursor()
sql = """UPDATE recipes SET ingredient_amount=?/100.0 WHERE rname=? AND ingredient_id=? AND version_number=?"""
cur.execute(sql, (ingredient_amount, rname, ingredient_id, version_number))
con.commit()
con.close()
return redirect(url_for('recipes.recipesoverview', rname=rname, version_number=version_number))
elif request.method == "GET":
ingredient_id = request.args.get("product_code")
rname = request.args.get("rname")
version_number = request.args.get('version_number')
is_approved = request.args.get('is_approved')
# for recipe approval
if is_approved:
if is_approved == '0':
approved = 1
elif is_approved == '1':
approved = 0
# connect and update database
con = db_connect()
cur = con.cursor()
# update approval on current version
sql = """UPDATE recipes SET approved=? WHERE rname=? AND version_number=?"""
cur.execute(sql, (approved, rname, version_number))
# remove approval from all other recipes (ensures users can only have one version approved)
sql = """UPDATE recipes SET approved=? WHERE rname=? AND NOT version_number=?"""
cur.execute(sql, (0, rname, version_number))
con.commit()
con.close()
# for ingredient amount
con = db_connect()
cur = con.cursor()
cur.execute(""" SELECT name, rname, ingredient_id, round(ingredient_amount*100, 2) AS ingredient_amount
FROM recipes JOIN ingredients ON ingredients.product_code = recipes.ingredient_id
WHERE rname = :rname AND ingredient_id =:ingredient_id AND version_number =:version_number""", {'rname':rname, 'ingredient_id':ingredient_id, 'version_number':version_number})
ingredient = cur.fetchall()
return jsonify(serialize(cur, ingredient))
def generate_queue():
if not current_user.is_owner():
flash("You are not the owner of the group")
return redirect(url_for("index"))
queue = utils.generate_queue_from_application(
current_user.get_application())
current_user.get_application().application_list = utils.serialize(queue)
db.session.commit()
flash("Application is now open for Review")
return redirect(url_for('index'))
def edit():
""" Update Ingredients """
if request.method == "POST":
# get id and name for ingredient
pid = request.form.get('id')
name = request.form.get('product_name')
protein = request.form.get('editProtein')
carbs = request.form.get('editCarbs')
sugars = request.form.get('editSugars')
fat = request.form.get('editFats')
saturates = request.form.get('editSaturates')
fibre = request.form.get('editFibre')
salt = request.form.get('editSalt')
sodium = request.form.get('editSodium')
# update ingredient
con = db_connect()
cur = con.cursor()
sql = """UPDATE ingredients SET name=?, protein=?, carbohydrates=?, sugars=?, fats=?, saturates=?, fibre=?, salt=?, sodium=? WHERE id=?"""
cur.execute(sql, (name, protein, carbs, sugars, fat, saturates, fibre,
salt, sodium, pid))
con.commit()
con.close()
return redirect(url_for('ingredients.showIngredients'))
# returns JSON data to display the correct ingredient that user wants to edit on modal
elif request.method == "GET":
product_code = request.args.get("product_code")
con = db_connect()
cur = con.cursor()
cur.execute(
"SELECT * FROM ingredients WHERE product_code = :product_code",
{'product_code': product_code})
result = cur.fetchall()
return jsonify(serialize(cur, result))
def addOrders():
if request.method == "POST":
# store order data from form
cid = request.form.get('customer_id')
order_date = datetime.strptime(request.form.get('order_date'),
'%Y-%m-%d')
rname = request.form.get('recipe')
units = request.form.get('units')
batch_code = request.form.get('batch_code')
con = db_connect()
cur = con.cursor()
cur.execute(
'SELECT bar_weight, version_number FROM recipes WHERE rname =:rname AND approved=1',
{'rname': rname})
row = cur.fetchall()
results = serialize(cur, row)
# calculate batch size
unitWeight = results[0]['bar_weight']
batchSize = unitWeight * int(units)
# get recipe version number
version_number = results[0]['version_number']
# add into database
order = Orders(customer_id=cid,
order_date=order_date,
rname=rname,
recipe_version_number=version_number,
units=units,
batch_size=batchSize,
batch_code=batch_code)
db.session.add(order)
db.session.commit()
return redirect(url_for('orders.viewOrders'))
def get(self):
parser = reqparse.RequestParser()
parser.add_argument('limit', type=int)
limit = parser.parse_args().limit
l = Ag.query.order_by(Ag.id.desc()).limit(limit or 20).all()
return [serialize(i) for i in l]
def editOrders():
""" Edit order details """
if request.method == "POST":
order_id = request.form.get('order_id')
rname = request.form.get('recipe')
units = request.form.get('units')
status = request.form.get('status')
# get recipe details
con = db_connect()
cur = con.cursor()
cur.execute(
'SELECT bar_weight, version_number FROM recipes WHERE rname =:rname AND approved=1',
{'rname': rname})
row = cur.fetchall()
results = serialize(cur, row)
# re-calculate batch size
unitWeight = results[0]['bar_weight']
batchSize = unitWeight * int(units)
# update the version number
version_number = results[0]['version_number']
"""
Stop edit maybe required, currently unknown.
Editing allowed for the timebeing to allow user
to change status to In Progress - useful if job is
auto-completed and further production is required
# stop edit if the job has started or completed
cur.execute("SELECT status FROM orders WHERE order_id = :order_id", {'order_id':order_id})
results = cur.fetchall()
status = results[0]['status']
if status == 'In Progress':
flash('Cannot edit once the job has started')
return redirect(url_for('orders.orderinfo',order_id=order_id))
elif status == 'Completed':
flash('Cannot edit once the job has completed')
return redirect(url_for('orders.orderinfo',order_id=order_id))
"""
sql = """UPDATE orders SET rname=?, recipe_version_number=?, units=?, status=?, batch_size=? WHERE order_id=?"""
cur.execute(
sql, (rname, version_number, units, status, batchSize, order_id))
con.commit()
con.close()
return redirect(url_for('orders.orderinfo', order_id=order_id))
elif request.method == "GET":
order_id = request.args.get("order_id")
con = db_connect()
cur = con.cursor()
cur.execute("SELECT * FROM orders WHERE order_id = :order_id",
{'order_id': order_id})
row = cur.fetchall()
result = serialize(cur, row)
return jsonify(result)
else:
return redirect(url_for('orders.viewOrders'))