def new(self): if is_met(has_permission("add_user")): return render_form(self.menu_items, action="create", add_number_of_emails=1) if is_met(is_anonymous()): c.menu_items = h.top_menu(self.menu_items, _("Customers")) c.came_from = str(request.GET.get("came_from", "")) or url(controller="home", action="index") if request.GET.get("came_from", None): h.flash(_("After filling the from you will be sent back to your shopping cart")) return render("/derived/user/new.html")
def update(self): ftype = request.params.get('type',False) if ftype == 'selected': pass else: if is_met(has_permission(u'edit_invoice')): return self._admin_update(request) elif is_met(in_group('customer')): h.flash(_('You can only delete an unconfirmed invoices. If you want to change anything in a shipping order contact us by phone')) return redirect(controller='invoice',action='index')
def layout(self): if is_met(has_all_permissions("view_datastores", "create_update_datastores")): c.show_datastores_tab = True else: c.show_datastores_tab = False return render("/layout.js")
def search(self,id=None,page=1): identity = request.environ.get('repoze.who.identity') c.menu_items = h.top_menu(self.menu_items,_('Shop online')) action = request.params.getone('action') values = dict(request.params) del values['action'] if is_met(in_group('customer')): schema = InvoiceSearchCustomer() try: result = schema.to_python(dict(request.params), c) except Invalid, e: html = render('/derived/invoice/customer/index.html') return htmlfill.render(html, defaults=values, errors=variabledecode.variable_encode( e.unpack_errors() or {}, add_repetitions=False )) querystr = "Session.query(Invoice).filter_by(deleted=False).join(Invoice.customer).filter(User.user_name == '%s')"%identity['user'].user_name products = result['contains_product'] if products : querystr += ".join(Invoice.invoice_items).join(Invoice_item.product)" if len(products)>1: querystr += ".filter(and_(" for item in products: querystr += "," querystr += "Product.name.like('%%%s%%')"%item querystr += "))" else: querystr += ".filter(Product.name.like('%%%s%%'))"%products[0]
def admin(self,id=None,page=1): def asort(sort,querystr): feilds ={'1':'Invoice.id', '2':'Invoice.customer_id', '3':'Invoice.date_time', '4':'Invoice.total_price', '5':'Invoice.Description',} if sort != '': if session['invoice_sort_togle'][sort]: session['invoice_sort_togle'][sort] = False direction = '.desc()' else: session['invoice_sort_togle'][sort] = True direction = '.asc()' querystr += ".order_by(%s%s)"%(feilds[sort],direction) session['invoice_sort'] = sort session['invoice_sort_direction']=direction session.save() elif 'invoice_sort' in session: sort = session['invoice_sort'] direction = session['invoice_sort_direction'] querystr += ".order_by(%s%s)"%(feilds[sort],direction) return querystr came_from = str(request.GET.get('came_from', '')) identity = request.environ.get('repoze.who.identity') c.menu_items = h.top_menu(self.menu_items,_('Shop online')) if came_from == 'removeproduct': h.flash('To delete a product find it in the table and press on the Delete link') elif came_from == 'editproduct': h.flash('To Edit a product details find it in the table below and press on the Edit link') sort = str(request.GET.get('sort','')) if 'invoice_sort_togle' not in session: session['invoice_sort_togle']={'1':True, '2':True, '3':True, '4':True, '5':True,} session.save() querystr='' if is_met(has_permission('view_invoice')): Uc = aliased(User) Us = aliased(User) if 'invoice_querystr' in session: querystr = asort(sort,querystr) invoices = eval(session['invoice_querystr']+querystr) c.paginator = paginate.Page(invoices, page=int(request.params.get('page', page)), items_per_page = 10) html = render('/derived/invoice/staff/index.html') return htmlfill.render(html, defaults=session['invoice_search_values'], errors={}) else: querystr = "Session.query(Invoice).filter(Invoice.deleted==False)" querystr = asort(sort,querystr) invoices = eval(querystr) c.paginator = paginate.Page(invoices, page=int(request.params.get('page', page)), items_per_page = 10) return render('/derived/invoice/staff/index.html')
def edit(self,id): if is_met(has_permission(u'edit_invoice')): return render_edit_form_admin(self.menu_items,id=id) else: #check to see if the user is the owner of the invoice and invoice is pending the show edit form #check to see if staff is editing the form h.flash(_('You don not have enough permission to edit invoice')) return redirect(url(controller='invoice',action='index'))
def layout(self): if is_met( has_all_permissions('view_datastores', 'create_update_datastores')): c.show_datastores_tab = True else: c.show_datastores_tab = False return render("/layout.js")
def delete(self,id): invoice = Session.query(Invoice).filter_by(id=id).one() if is_met(has_permission('delete_invoice')): return self._delete(invoice) else: if invoice.customer == request.environ.get('repoze.who.identity')['user']: return self._delete(invoice) else: h.flash(_('You don not have enough permission to delete invoice')) return redirect(url(controller='invoice',action='index'))
def view(self, id): if is_met(has_permission("view_user")): try: user = Session.query(User).filter_by(id=id).one() except: h.flash(_("No user with ID:%s to view") % id) return redirect(h.url(controller="user", action="index")) c.menu_items = h.top_menu(self.menu_items, _("Customers")) c.user = user return render("/derived/user/staff/view.html") else: return redirect(url(controller="user", action="index"))
def clearsearch(self): try: del session['invoice_search_values'] del session['invoice_querystr'] del session['invoice_sort'] del session['invoice_sort_direction'] session.save() except: session.save() if is_met(has_permission('view_invoice')): return redirect(url(controller='invoice',action='admin')) else: return redirect(url(controller='invoice',action='index'))
def edit(self, id): user = Session.query(User).filter_by(id=id).one() identity = request.environ.get("repoze.who.identity") if is_met(has_permission("edit_user")): c.menu_items = h.top_menu(self.menu_items, _("Customers")) values = create_dict(user) return render_form(self.menu_items, values, action="update", id=user.id) elif identity["user"] == user: values = create_dict(user) return render_customer_form(self.menu_items, user.id, values) else: h.flash("You are not authorized to edit this user data!") came_from = str(request.GET.get("came_from", "")) or url(controller="user", action="index") return redirect(h.url(came_from))
def post_login(self): identity = request.environ.get('repoze.who.identity') if not identity: session['failedlogin'] +=1 session.save() #h.flash(_("Incorrect User name or Password")) if session['failedlogin']>3: session['failedlogin'] = 0 session.save() #return "To many login atempts!" return HTTPForbidden(request=request,body="Incorrect User name or Password") if identity['user'].pending: session['failedlogin'] = 0 session.save() h.flash(_('Your account is still pending. Check your email for activation link')) #return redirect logout return redirect(url(controller="account",action="logout")) #return render(path.join(get_lang()[0],'derived/account/login.mako')) if identity['user'].deleted: session['failedlogin'] = 0 session.save() h.flash(_('Your account has been deleted!')) return redirect(url(controller="account",action="logout")) #return render(path.join(get_lang()[0],'derived/account/login.mako')) session['user'] = identity['user'].id if is_met(not_anonymous()): session['failedlogin'] = 0 session['user_selection']={} session['product_selection']={} session['invoice_selection']={} session.save() if 'came_from' in session: came_from = session['came_from'] del session['came_from'] session.save() return redirect(came_from) return render(path.join(get_lang()[0],'derived/account/login.mako'))
def _confirm(self,invoice): customer = invoice.customer if not is_met(has_permission('confirm_invoice')): h.flash(_("You don't have enough permision to confirm ivoice")) return redirect(url(controller='invoice', action='edit',id=invoice.id)) if invoice.total_price > customer.balance + customer.cradit: h.flash(_("Customer balance is low. <a href='%s'>Give him enough cradit or contanct him about the funds</a>")%url(controller='user',action='edit',id=customer.id)) invoice.Description = _("Low balance") Session.add(invoice) Session.commit() return redirect(url(controller='invoice',action='edit',id=invoice.id)) invoice_id = invoice.id invoice_items=[] for invoice_item in invoice.invoice_items: product = invoice_item.product product.quantity -= invoice_item.quantity customer.balance -= invoice_item.total_price Session.add(product) Session.add(customer) invoice.pending = False Session.add(invoice) Session.commit()
def index(self,id=None,page=1): identity = request.environ.get('repoze.who.identity') c.menu_items = h.top_menu(self.menu_items,_('Shop online')) if is_met(in_group('customer')): if session.has_key('invoice_querystr'): invoices2 = eval(session['invoice_querystr']+".order_by(desc(Invoice.date_time))") #invoices = Session.query(Invoice).filter_by(customer=identity['user']).filter_by(deleted=False).order_by(Invoice.date_time) c.paginator = paginate.Page(invoices2, page=int(request.params.get('page',page)), items_per_page=10) html = render('/derived/invoice/customer/index.html') return htmlfill.render(html, defaults=session['invoice_search_values'], errors={}) else: invoices = Session.query(Invoice).filter_by(customer=identity['user']).filter_by(deleted=False).order_by(desc(Invoice.date_time)) c.paginator = paginate.Page(invoices, page=int(request.params.get('page',page)), items_per_page=10) return render('/derived/invoice/customer/index.html') else: h.flash(_('Please take a few moments to %s\n')%(h.link_to(_("register"),url(controller="user", action="new")))) return redirect(url(controller='home',action='index'))
def update(self, id): user = Session.query(User).filter_by(id=int(id)).one() values = dict(request.params) action = values["action"] del values["action"] if is_met(has_permission("edit_user")): res = self._proccess_form(action, values, postto="update", id=user.id, renderer=render_form) if res is not False: return res schema = UserFormEdit() try: result = schema.to_python(values, c) except Invalid, e: return render_form( self.menu_items, values, action="update", errors=variabledecode.variable_encode(e.unpack_errors() or {}, add_repetitions=False), id=user.id, ) self._save(result, user) h.flash(_("User %s data updated") % result["user_name"]) return redirect(url(controller="user", action="admin"))
def view(self,id,page=1): identity = request.environ.get('repoze.who.identity') c.menu_items = h.top_menu(self.menu_items,_('Shop online')) invoice = Session.query(Invoice).filter_by(id=id).one() if is_met(has_permission('view_invoice')): c.invoice = invoice c.paginator = paginate.Page( invoice.invoice_items, page=int(request.params.get('page', page)), items_per_page = 10 ) return render('/derived/invoice/view.html') elif invoice.customer == identity['user']: c.invoice = invoice c.paginator = paginate.Page( invoice.invoice_items, page=int(request.params.get('page', page)), items_per_page = 10 ) return render('/derived/invoice/view.html') else: h.flash(_('You are not authorized to view this invoice')) return redirect(url(controller='invoice',action='index'))
def customer(self): c.menu_items = h.top_menu(self.menu_items, _("Customers")) if is_met(in_group("customer")) or is_met(in_group("admin")): user = request.environ.get("repoze.who.identity")["user"] values = create_dict(user) return render_customer_form(self.menu_items, user.id, values)
def admin(self, page=1): def __asort(_session, _sort, _querystr): feilds = { "1": "User.id", "2": "User.user_name", "3": ["User.last_name", "User.first_name"], "4": "User.id", "5": "User.id", "6": "User.id", "7": "User.balance", "8": "User.cradit", "9": "User.pending", } if _sort != "": if _session["user_sort_togle"][_sort]: _session["user_sort_togle"][_sort] = False direction = ".desc()" else: _session["user_sort_togle"][_sort] = True direction = ".asc()" if type(feilds[_sort]) is list: for item in feilds[_sort]: _querystr += ".order_by(%s%s)" % (item, direction) else: _querystr += ".order_by(%s%s)" % (feilds[_sort], direction) _session["user_sort"] = _sort _session["user_sort_direction"] = direction _session.save() elif "user_sort" in _session: _sort = _session["user_sort"] direction = _session["user_sort_direction"] _querystr += ".order_by(%s%s)" % (feilds[_sort], direction) return _querystr came_from = str(request.GET.get("came_from", "")) if came_from == "removeuser": h.flash("To delete a user find it in the table and press on the Delete link") elif came_from == "edituser": h.flash("To Edit a user details find it in the table below and press on the Edit link") sort = str(request.GET.get("sort", "")) if "user_sort_togle" not in session: session["user_sort_togle"] = { "1": True, "2": True, "3": True, "4": True, "5": True, "6": True, "7": True, "8": True, "9": True, } session.save() c.menu_items = h.top_menu(self.menu_items, _("Customers")) c.tags = Session.query(UserTag).all() querystr = "" if is_met(has_permission("view_user")): if session.has_key("user_querystr"): if session.has_key("aliasedtags"): for item in session["aliasedtags"]: exec item in locals(), globals() querystr = __asort(session, sort, querystr) users = eval(session["user_querystr"] + querystr) c.paginator = paginate.Page(users, page=int(request.params.get("page", page)), items_per_page=10) html = render("/derived/user/staff/index.html") return htmlfill.render(html, defaults=session["user_search_values"], errors={}) else: querystr = "Session.query(User).filter_by(deleted=False)" querystr = __asort(session, sort, querystr) users = eval(querystr) c.paginator = paginate.Page(users, page=int(request.params.get("page", page)), items_per_page=10) return render(path.join(get_lang()[0], "/derived/user/staff/index.mako"))
def signin(self): if is_met(not_anonymous()): c.user = request.environ.get("repoze.what.credentials")["repoze.what.userid"] return render("/signin.html")
def is_met_util(self): if is_met(not_anonymous()): return 'You are not anonymous' return 'You are anonymous'
session.save() else: if 'paliasedtags' in session: del session['paliasedtags'] session.save() querystr += ".join(Product.tags)" querystr += ".filter(ProductTag.tag=='%s')"%tags[0].tag elif 'paliasedtags' in session: del session['paliasedtags'] session.save() if result['from_price']: querystr += '.filter(Product.sell_price > %s)'%result['from_price'] if result['to_price']: querystr += '.filter(Product.sell_price < %s)'%result['to_price'] if is_met(has_permission('edit_product')) and came_from == 'admin': if result['deleted']: querystr += ".filter(Product.deleted==True)" if result['from_date']: querystr += '.filter(Product.buy_date > %s)'%result['from_date'] if result['to_date']: querystr += '.filter(Product.buy_date < %s)'%result['to_date'] if result['description']: querystr += ".filter(Product.description.like('%%%s%%'))"%result['description'] if result['brand'] != '': querystr += ".filter(Product.brand.like('%%%s%%'))"%result['brand'] session['product_querystr'] = querystr session['product_search_values'] = values session.save() if came_from == 'admin': return redirect(url(controller='product',action='admin'))
def admin(self,page=1): def __asort(_session,_sort,_querystr): feilds ={'1':'Product.code', '2':'Product.name', '3':'Product.quantity', '4':'Product.buy_price', '5':'Product.sell_price', '6':'Product.wholesale_price', '7':'Product.buy_date', '8':'Product.brand', '9':'Product.tags.tag',} if _sort != '': if _session['product_sort_togle'][_sort]: _session['product_sort_togle'][_sort] = False direction = '.desc()' else: _session['product_sort_togle'][_sort] = True direction = '.asc()' _querystr += ".order_by(%s%s)"%(feilds[_sort],direction) _session['product_sort'] = _sort _session['product_sort_direction']=direction _session.save() elif 'product_sort' in _session: _sort = _session['product_sort'] direction = _session['product_sort_direction'] _querystr += ".order_by(%s%s)"%(feilds[_sort],direction) return _querystr came_from = str(request.GET.get('came_from', '')) if came_from == 'removeproduct': h.flash('To delete a product find it in the table and press on the Delete link') elif came_from == 'editproduct': h.flash('To Edit a product details find it in the table below and press on the Edit link') sort = str(request.GET.get('sort','')) if 'product_sort_togle' not in session: session['product_sort_togle']={'1':True, '2':True, '3':True, '4':True, '5':True, '6':True, '7':True, '8':True, '9':True,} session.save() c.menu_items = h.top_menu(self.menu_items,_('Products')) c.tags = Session.query(ProductTag).all() querystr='' if is_met(has_permission('edit_product')): if session.has_key('product_querystr'): if session.has_key('paliasedtags'): for item in session['paliasedtags']: exec item in locals(), globals() querystr = __asort(session,sort,querystr) products = eval(session['product_querystr']+querystr) c.paginator = paginate.Page(products, page=int(request.params.get('page', page)), items_per_page = 10) html = render('/derived/product/productadmin.html') return htmlfill.render(html,defaults=session['product_search_values']) else: querystr = "Session.query(Product).filter_by(deleted=False)" querystr = __asort(session,sort,querystr) products = eval(querystr) c.paginator = paginate.Page(products, page=int(request.params.get('page', page)), items_per_page = 10) return render('/derived/product/productadmin.html')
def signin(self): if is_met(not_anonymous()): c.user = request.environ.get( 'repoze.what.credentials')['repoze.what.userid'] return render("/signin.html")
del values['action'] schema = InvoiceEditAdmin() try: result = schema.to_python(values,c) except Invalid, e: return render_edit_form_admin( self.menu_items, values, errors=variabledecode.variable_encode( e.unpack_errors() or {}, add_repetitions=False), id=invoice_id) invoice = Session.query(Invoice).filter_by(id=invoice_id).one() customer = invoice.customer if action.startswith('Remove_'): if not is_met(has_permission('edit_invoice')): h.flash( _("You don't have enough permision to remove items from ivoice")) return redirect(url(controller='invoice', action='edit',id=invoice_id)) item_id =int(action.split('_')[-1]) invoice_items=[] totalprice = 0 for invoice_item in invoice.invoice_items: if invoice_item.id != item_id: invoice_items.append(invoice_item) totalprice += invoice_item.total_price else: delitem = invoice_item if invoice.pending is False: product = invoice_item.product product.quantity += invoice_item.quantity customer.balance += invoice_item.total_price