def add_book(request): """ Tests: - GETTest - SecurityTest """ # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if request.method == "POST": form = BookForm(request.POST) if form.is_valid(): student_id = form.cleaned_data['seller'] price = form.cleaned_data['price'] barcode = form.cleaned_data['barcode'] try: metabook = MetaBook.objects.get(barcode=barcode) except MetaBook.DoesNotExist: initial = { 'barcode' : barcode, 'seller' : student_id, 'price' : price, 'edition' : '1', } form = NewBookForm(initial=initial) var_dict = {'form' : form} template = 'books/add_new_book.html' return rtr(template, var_dict, context_instance=RC(request)) try: seller = User.objects.get(id=student_id) except User.DoesNotExist: seller = import_user(student_id) if seller == None: message = "Invalid Student ID: %s" % student_id return tidy_error(request, message) book = Book(price=price, status="F", metabook=metabook, seller=seller) book.save() Log(book=book, who=request.user, action='A').save() var_dict = { 'title' : metabook.title, 'book_id' : book.id } template = 'books/update_book/added.html' return rtr(template, var_dict, context_instance=RC(request)) # the form isn't valid. send the user back. var_dict = {'form' : form} template = 'books/add_book.html' return rtr(template, var_dict, context_instance=RC(request)) else: # the user is hitting the page for the first time form = BookForm() var_dict = {'form' : form} template = 'books/add_book.html' return rtr(template, var_dict, context_instance=RC(request))
def add_book(request): """ Tests: - GETTest - SecurityTest """ # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) if request.method == "POST": form = BookForm(request.POST) if form.is_valid(): student_id = form.cleaned_data['seller'] price = form.cleaned_data['price'] barcode = form.cleaned_data['barcode'] try: metabook = MetaBook.objects.get(barcode=barcode) except MetaBook.DoesNotExist: initial = { 'barcode': barcode, 'seller': student_id, 'price': price, 'edition': '1', } form = NewBookForm(initial=initial) var_dict = {'form': form} template = 'books/add_new_book.html' return rtr(template, var_dict, context_instance=RC(request)) try: seller = User.objects.get(id=student_id) except User.DoesNotExist: seller = import_user(student_id) if seller == None: message = "Invalid Student ID: %s" % student_id return tidy_error(request, message) book = Book(price=price, status="F", metabook=metabook, seller=seller) book.save() Log(book=book, who=request.user, action='A').save() var_dict = {'title': metabook.title, 'book_id': book.id} template = 'books/update_book/added.html' return rtr(template, var_dict, context_instance=RC(request)) # the form isn't valid. send the user back. var_dict = {'form': form} template = 'books/add_book.html' return rtr(template, var_dict, context_instance=RC(request)) else: # the user is hitting the page for the first time form = BookForm() var_dict = {'form': form} template = 'books/add_book.html' return rtr(template, var_dict, context_instance=RC(request))
def update_book_edit(request): """ Applies changes to a book made on the edit page If the barcode doesn't exist, it makes the user create a MetaBook object as well Tests: - GETTest - SecurityTest - NotAllowedTest """ if not request.method == "POST": t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) form = BookForm(request.POST) if form.is_valid(): id_to_edit = request.POST.get('idToEdit') try: book = Book.objects.get(id=id_to_edit) except Book.DoesNotExist: message = 'Book with ref# "%s" does not exist' % id_to_edit return tidy_error(request, message) try: barcode = form.cleaned_data['barcode'] book.metabook = MetaBook.objects.get(barcode=barcode) except MetaBook.DoesNotExist: # barcode doesn't exist in db, we have to create a metabook. initial = { 'barcode': barcode, 'seller' : form.cleaned_data['seller'], 'price' : form.cleaned_data['price'], 'book_id' : book.id, 'edition' : '1', } form = NewBookForm(initial=initial) var_dict = {'form' : form} template = 'books/attach_book.html' return rtr(template, var_dict, context_instance=RC(request)) try: seller_id = form.cleaned_data['seller'] book.seller = User.objects.get(id=seller_id) except User.DoesNotExist: user = import_user(seller_id) if user == None: message = "Invalid Student ID: %s" % id_to_edit return tidy_error(request, message) book.seller = user book.price = form.cleaned_data['price'] book.save() Log(who=request.user, action='E', book=book).save() var_dict = {'book' : book} template = 'books/update_book/edited.html' return rtr(template, var_dict, context_instance=RC(request)) elif request.POST.get('idToEdit'): # form isn't valid, but we have an id to work with. send user back id_to_edit = request.POST.get('idToEdit') var_dict = { 'form' : form, 'too_many' : False, 'id' : id_to_edit, 'logs' : Log.objects.filter(book=id_to_edit), } template = 'books/update_book/edit.html' return rtr(template, var_dict, context_instance=RC(request))
def update_book_edit(request): """ Applies changes to a book made on the edit page If the barcode doesn't exist, it makes the user create a MetaBook object as well Tests: - GETTest - SecurityTest - NotAllowedTest """ if not request.method == "POST": t = loader.get_template('405.html') c = RC(request) return HttpResponseNotAllowed(t.render(c), ['POST']) # User must be staff or admin to get to this page if not request.user.is_staff: t = loader.get_template('403.html') c = RC(request) return HttpResponseForbidden(t.render(c)) form = BookForm(request.POST) if form.is_valid(): id_to_edit = request.POST.get('idToEdit') try: book = Book.objects.get(id=id_to_edit) except Book.DoesNotExist: message = 'Book with ref# "%s" does not exist' % id_to_edit return tidy_error(request, message) try: barcode = form.cleaned_data['barcode'] book.metabook = MetaBook.objects.get(barcode=barcode) except MetaBook.DoesNotExist: # barcode doesn't exist in db, we have to create a metabook. initial = { 'barcode': barcode, 'seller': form.cleaned_data['seller'], 'price': form.cleaned_data['price'], 'book_id': book.id, 'edition': '1', } form = NewBookForm(initial=initial) var_dict = {'form': form} template = 'books/attach_book.html' return rtr(template, var_dict, context_instance=RC(request)) try: seller_id = form.cleaned_data['seller'] book.seller = User.objects.get(id=seller_id) except User.DoesNotExist: user = import_user(seller_id) if user == None: message = "Invalid Student ID: %s" % id_to_edit return tidy_error(request, message) book.seller = user book.price = form.cleaned_data['price'] book.save() Log(who=request.user, action='E', book=book).save() var_dict = {'book': book} template = 'books/update_book/edited.html' return rtr(template, var_dict, context_instance=RC(request)) elif request.POST.get('idToEdit'): # form isn't valid, but we have an id to work with. send user back id_to_edit = request.POST.get('idToEdit') var_dict = { 'form': form, 'too_many': False, 'id': id_to_edit, 'logs': Log.objects.filter(book=id_to_edit), } template = 'books/update_book/edit.html' return rtr(template, var_dict, context_instance=RC(request))