def invoices(self):
""" Get a paginated list of active invoices for current
or given month."""
paid_result = {}
unpaid_result = {}
year = int(self.request.params.get('year',
datetime.now().strftime('%Y')))
month = int(self.request.params.get('month',
datetime.now().strftime('%m')))
categories = Category.all_active(self.request).all()
for c in categories:
paid_invoices = Invoice.with_category_paid(c.id,
year,
month)
if paid_invoices:
total = Invoice.with_category_paid(c.id,
year,
month,
total_only=True)
paid_result[c.title] = [paid_invoices, total]
unpaid_invoices = Invoice.with_category_all_unpaid(c.id)
if unpaid_invoices:
total = Invoice.with_category_all_unpaid(c.id, total_only=True)
unpaid_result[c.title] = [unpaid_invoices, total]
return {'paiditems': paid_result,
'unpaiditems': unpaid_result,
'title': 'Invoices',
'month': month,
'year': year,
'nextmonth': self.month_switcher(year, month, next=True),
'prevmonth': self.month_switcher(year, month)}
def update_flash(self):
""" Since so many methods in this class did the exact same thing,
a function was created. This updated the session invoice counter,
used in many places (eg. sidebar).
"""
shared_unpaid_invoices = 0
shared_categories = Category.all_active(self.request).all()
for c in shared_categories:
unpaid_invoices = Invoice.with_category_all_unpaid(c.id)
if unpaid_invoices:
shared_unpaid_invoices += len(unpaid_invoices)
self.request.session.pop_flash('shared_unpaid_invoices')
self.request.session.flash(shared_unpaid_invoices,
'shared_unpaid_invoices')
private_unpaid_invoices = 0
private_categories = Category.all_private(self.request).all()
for c in private_categories:
unpaid_invoices = Invoice.with_category_all_unpaid(c.id)
if unpaid_invoices:
private_unpaid_invoices += len(unpaid_invoices)
self.request.session.pop_flash('private_unpaid_invoices')
self.request.session.flash(private_unpaid_invoices,
'private_unpaid_invoices')
def login(self):
""" Login view, used for both get and post method.
This view also checks and authenicated the user by request.
"""
form = LoginForm(self.request.POST,
csrf_context=self.request.session)
if self.request.method == 'POST' and form.validate():
user = User.by_email(self.request.POST.get('email'))
if (user
and user.verify_password(self.request.POST.get('password'))
and user.blocked is not True
and user.archived is not True):
headers = remember(self.request, user.id)
shared_unpaid_invoices = 0
shared_categories = Category.all_shared()
for c in shared_categories:
unpaid_invoices = Invoice.with_category_all_unpaid(c.id)
if unpaid_invoices:
shared_unpaid_invoices += len(unpaid_invoices)
self.request.session.pop_flash('shared_unpaid_invoices')
self.request.session.flash(shared_unpaid_invoices,
'shared_unpaid_invoices')
private_unpaid_invoices = 0
private_categories = Category.all_private(self.request,
id=user.id)\
.all()
for c in private_categories:
unpaid_invoices = Invoice.with_category_all_unpaid(c.id)
if unpaid_invoices:
private_unpaid_invoices += len(unpaid_invoices)
self.request.session.pop_flash('private_unpaid_invoices')
self.request.session.flash(private_unpaid_invoices,
'private_unpaid_invoices')
self.request.session.flash('Welcome back %s' %
(user.email), 'success')
return HTTPFound(location=self.request.route_url('index'),
headers=headers)
headers = forget(self.request)
self.request.session.flash('Login failed', 'error')
return {'title': 'Login',
'form': form}
if authenticated_userid(self.request):
self.request.session.flash('You are already logged in', 'status')
return HTTPFound(location=self.request.route_url('index'))
return {'title': 'Login',
'form': form}
def invoices_archived(self):
""" Get a paginated list of archived invoices. """
page = int(self.request.params.get('page', 1))
invoices = Invoice.page(self.request, page, archived=True)
return {'paginator': invoices,
'title': 'Archived invoices',
'searchpage': False,
'total': False}
def invoices_search(self):
""" Get a list of invoices based on search arguments. """
page = int(self.request.params.get('page', 1))
form = InvoiceSearchForm(self.request.GET,
csrf_context=self.request.session)
form.categories.query = Category.all_active(self.request)
form.creditors.query = Creditor.all_active(self.request)
if self.request.method == 'GET' and form.validate():
q = form.query.data
categories = form.categories.data
creditors = form.creditors.data
fromdate = form.fromdate.data
todate = form.todate.data
invoices = Invoice.searchpage(self.request,
page,
qry=q,
categories=categories,
creditors=creditors,
fromdate=fromdate,
todate=todate,
)
total = Invoice.searchpage(self.request,
page,
qry=q,
categories=categories,
creditors=creditors,
fromdate=fromdate,
todate=todate,
total_only=True,
)
else:
invoices = Invoice.searchpage(self.request, page)
total = Invoice.searchpage(self.request, page, total_only=True)
return {'paginator': invoices,
'form': form,
'title': 'Search',
'searchpage': True,
'total': total}
def invoice_restore(self):
""" Restore invoice, returns redirect. """
id = int(self.request.matchdict.get('id'))
i = Invoice.by_id(id)
if not i:
return HTTPNotFound()
""" Authorization check. """
if (i.category.private
and i.category.user_id is not authenticated_userid(self.request)):
return HTTPForbidden()
""" Authorization check. """
if (i.creditor.private
and i.creditor.user_id is not authenticated_userid(self.request)):
return HTTPForbidden()
i.archived = False
DBSession.add(i)
self.request.session.flash('Invoice %s restored' % (i.title), 'status')
return HTTPFound(location=self.request.route_url('invoices_archived'))
def invoice_quickpay(self):
""" Quickpay method for making the 'just pay this invoice',
often used function easier. """
id = int(self.request.matchdict.get('id'))
i = Invoice.by_id(id)
if not i:
return HTTPNotFound()
""" Authorization check. """
if (i.category.private
and i.category.user_id is not authenticated_userid(self.request)):
return HTTPForbidden()
""" Authorization check. """
if (i.creditor.private
and i.creditor.user_id is not authenticated_userid(self.request)):
return HTTPForbidden()
i.paid = datetime.now()
self.request.session.flash('Invoice %s is now paid' %
(i.title), 'success')
self.update_flash()
return HTTPFound(location=self.request.route_url('invoices'))
def invoice_edit(self):
""" Edit invoice view. This method handles both post,
and get requests. """
id = int(self.request.matchdict.get('id'))
i = Invoice.by_id(id)
if not i:
return HTTPNotFound()
""" Authorization check. """
if (i.category.private
and i.category.user_id is not authenticated_userid(self.request)):
return HTTPForbidden()
""" Authorization check. """
if (i.creditor.private
and i.creditor.user_id is not authenticated_userid(self.request)):
return HTTPForbidden()
form = InvoiceEditForm(self.request.POST, i,
csrf_context=self.request.session)
if not i.files:
del form.files
else:
form.files.query = i.files
private = self.request.params.get('private')
if private:
""" Check if the necessary object exists. """
if not Category.first_private(self.request):
self.request.session.flash(self.missing_priv_cat, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
if not Creditor.first_private(self.request):
self.request.session.flash(self.missing_priv_cred, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.query = Category.all_private(self.request)
form.creditor_id.query = Creditor.all_private(self.request)
else:
""" Check if the necessary object exists. """
if not Category.first_active():
self.request.session.flash(self.missing_shared_cat, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
if not Creditor.first_active():
self.request.session.flash(self.missing_shared_cred, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.query = Category.all_shared()
form.creditor_id.query = Creditor.all_shared()
if self.request.method == 'POST' and form.validate():
form.populate_obj(i)
i.category_id = form.category_id.data.id
i.creditor_id = form.creditor_id.data.id
if form.files:
i.files = form.files.data
""" If file, make file object and save/create file. """
upload = self.request.POST.get('attachment')
try:
f = File()
f.filename = f.make_filename(upload.filename)
f.filemime = f.guess_mime(upload.filename)
f.write_file(upload.file)
f.title = 'Invoice.' +\
form.title.data + '.' +\
self.randomstr(6) + '.' +\
form.category_id.data.title + '.' +\
form.creditor_id.data.title + '.' +\
str(i.due)
if private:
f.private = True
f.user_id = authenticated_userid(self.request)
DBSession.add(f)
i.files.append(f)
except Exception:
self.request.session.flash('No file added.',
'status')
self.request.session.flash('Invoice %s updated' %
(i.title), 'status')
self.update_flash()
if private:
return HTTPFound(location=
self.request
.route_url('invoices',
_query={'private': 1}))
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.data = i.category
form.creditor_id.data = i.creditor
return {'title': 'Edit private invoice' if private else 'Edit invoice',
'form': form,
'id': id,
'action': 'invoice_edit',
'private': private,
'invoice': i}
def invoice_create(self):
""" New invoice view. This method handles both post,
and get requests.
"""
form = InvoiceCreateForm(self.request.POST,
csrf_context=self.request.session)
private = self.request.params.get('private')
if private:
""" Check if the necessary object exists. """
if not Category.first_private(self.request):
self.request.session.flash(self.missing_priv_cat)
return HTTPFound(location=self.request.route_url('invoices'))
if not Creditor.first_private(self.request):
self.request.session.flash(self.missing_priv_cred)
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.query = Category.all_private(self.request)
form.creditor_id.query = Creditor.all_private(self.request)
else:
""" Check if the necessary object exists. """
if not Category.first_active():
self.request.session.flash(self.missing_shared_cat, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
if not Creditor.first_active():
self.request.session.flash(self.missing_shared_cred, 'error')
return HTTPFound(location=self.request.route_url('invoices'))
form.category_id.query = Category.all_shared()
form.creditor_id.query = Creditor.all_shared()
if self.request.method == 'POST' and form.validate():
i = Invoice()
form.populate_obj(i)
i.user_id = authenticated_userid(self.request)
i.category_id = form.category_id.data.id
i.creditor_id = form.creditor_id.data.id
""" If file, make file object and save/create file. """
upload = self.request.POST.get('attachment')
try:
f = File()
f.filename = f.make_filename(upload.filename)
f.filemime = f.guess_mime(upload.filename)
f.write_file(upload.file)
f.title = 'Invoice.' +\
form.title.data + '.' +\
self.randomstr(6) + '.' +\
form.category_id.data.title + '.' +\
form.creditor_id.data.title + '.' +\
str(i.due)
if private:
f.private = True
f.user_id = authenticated_userid(self.request)
DBSession.add(f)
i.files = [f]
except Exception:
self.request.session.flash('No file added.',
'status')
DBSession.add(i)
self.request.session.flash('Invoice %s created' %
(i.title), 'success')
self.update_flash()
if private:
return HTTPFound(location=
self.request
.route_url('invoices',
_query={'private': 1}))
return HTTPFound(location=self.request.route_url('invoices'))
return {'title': 'New private invoice' if private else 'New invoice',
'form': form,
'action': 'invoice_new',
'private': private,
'invoice': False}