def post(self, request, *args, **kwargs): pk = kwargs['pk'] product = get_object_or_404(Product, pk=pk) parent = request.user.parent student_event_ids = request.POST.getlist('student_event_id', '') for student_event in student_event_ids: try: event_id, student_id = student_event.split(",") except: error_message('Invalid request data', request) return redirect(reverse('product_detail', args=(pk,))) student = get_object_or_404(Student, pk=student_id) if student.parent.get(pk=parent.pk) is None: error_message('No Access to student {}'.format(student), request) return redirect(reverse('product_detail', args=(pk,))) event = get_object_or_404(Event, pk=event_id) Cart.objects.get_or_create(parent=parent, student=student, event=event, product=product, defaults={'quantity': 1, 'price': product.price}) return redirect(reverse('cart'))
def post(self, request, *args, **kwargs): pk = kwargs['pk'] cart = get_object_or_404(Cart, pk=pk) cart_id = cart.id if cart.parent != request.user.parent: error_message('No Access to cart {}'.format(cart), request) return JsonResponse({'status': False, 'cart_id': cart.pk}) cart.delete() return JsonResponse({'status': True, 'cart_id': cart_id})
def dispatch(self, request, *args, **kwargs): try: parent = getattr(request.user, 'parent', None) except Parent.DoesNotExist: parent = None if not request.user.is_authenticated(): return self.handle_no_permission() if not parent: error_message('Admin does not grant permission for shopping', request) return self.handle_no_permission() return super(ParentRequiredMixin, self).dispatch(request, *args, **kwargs)
def post(self, request, *args, **kwargs): pk = kwargs['pk'] cart = get_object_or_404(Cart, pk=pk) if cart.parent != request.user.parent: error_message('No Access to cart {}'.format(cart), request) return JsonResponse({'status': False, 'cart_id': cart.pk}) try: quantity = int(request.POST.get('quantity', 1)) except: quantity = 1 quantity = max(1, quantity) cart.quantity = quantity cart.save() return JsonResponse({'status': True, 'cart_id': cart.id, 'quantity': quantity})
def post(self, request, *args, **kwargs): form = AuthenticationForm(data=request.POST) if form.is_valid(): user = form.get_user() success = True next_url = request.GET.get('next') or self.get_success_url() try: user.parent except Parent.DoesNotExist: if not user.is_superuser: error_message( 'Only parent and admin users can login here!', request) success = False else: next_url = reverse('admin:index') if success: auth_login(request, user) return redirect(next_url) else: send_form_errors(form, request) ctx = {"form": form} return render(request, "registration/login.html", ctx)