def expenditures_archived(self): """ Returns a paginated list of archived expenditures.""" page = int(self.request.params.get('page', 1)) expenditures = Expenditure.page(self.request, page, archived=True) return {'paginator': expenditures, 'title': 'Archived expenditures', 'archived': True}
def expenditure_create(self): """ New expenditure. Method for both post and get request. """ form = ExpenditureCreateForm(self.request.POST, csrf_context=self.request.session) private = self.request.params.get('private') if private: """ Check if there exists any private categories. """ if not Category.first_private(self.request): self.request.session.flash(self.missing_priv_cat, 'error') return HTTPFound(location=self.request .route_url('expenditures')) form.category_id.query = Category.all_private(self.request) else: """ Check if there exists any categories. """ if not Category.first_active(): self.request.session.flash(self.missing_shared_cat, 'error') return HTTPFound(location=self.request .route_url('expenditures')) form.category_id.query = Category.all_active(self.request) if self.request.method == 'POST' and form.validate(): e = Expenditure() form.populate_obj(e) e.user_id = authenticated_userid(self.request) e.category_id = form.category_id.data.id DBSession.add(e) self.request.session.flash('Expenditure %s created' % (e.title), 'success') """ A bit ugly, but redirect the user based on private or not. """ if private: return HTTPFound(location= self.request .route_url('expenditures', _query={'private': 1})) return HTTPFound(location=self.request.route_url('expenditures')) return {'title': 'New private expenditure' if private else 'New expenditure', 'form': form, 'action': 'expenditure_new', 'private': private}
def expenditures(self): """ Return a paginated list of active expenditures. Handles both private and shared expenditures. """ result = {} private = self.request.params.get('private') if private: categories = Category.all_private(self.request).all() else: categories = Category.all_active(self.request).all() for c in categories: e = Expenditure.with_category(c.id) if e: s = Expenditure.with_category(c.id, total_only=True) result[c.title] = [e, s] return {'items': result, 'title': 'Private expenditures' if private else 'Shared expenditures', 'private': private}
def expenditure_edit(self): """ Edit expenditure. Method for both post and get request. """ id = int(self.request.matchdict.get('id')) e = Expenditure.by_id(id) if not e: return HTTPNotFound() """ Authorization check. """ if (e.category.private and e.category.user_id is not authenticated_userid(self.request)): return HTTPForbidden() form = ExpenditureEditForm(self.request.POST, e, csrf_context=self.request.session) private = self.request.params.get('private') if private: """ Check if there exists any categories. """ if not Category.first_private(self.request): self.request.session.flash(self.missing_priv_cat, 'error') return HTTPFound(location=self.request .route_url('expenditures')) form.category_id.query = Category.all_private(self.request) else: """ Check if there exists any categories. """ if not Category.first_active(): self.request.session.flash(self.missing_shared_cat, 'error') return HTTPFound(location=self.request .route_url('expenditures')) form.category_id.query = Category.all_active(self.request) if self.request.method == 'POST' and form.validate(): form.populate_obj(e) e.category_id = form.category_id.data.id self.request.session.flash('Expenditure %s updated' % (e.title), 'status') """ A bit ugly, but redirect the user based on private or not. """ if private: return HTTPFound(location= self.request .route_url('expenditures', _query={'private': 1})) return HTTPFound(location=self.request.route_url('expenditures')) form.category_id.data = e.category return {'title': 'Edit private expenditure' if private else 'Edit expenditure', 'form': form, 'id': id, 'action': 'expenditure_edit', 'private': private}
def expenditure_archive(self): """ Archive expenditure, returns redirect. """ id = int(self.request.matchdict.get('id')) e = Expenditure.by_id(id) if not e: return HTTPNotFound() """ Authorization check. """ if (e.category.private and e.category.user_id is not authenticated_userid(self.request)): return HTTPForbidden() e.archived = True DBSession.add(e) self.request.session.flash('Expenditure %s archived' % (e.title), 'status') return HTTPFound(location=self.request.route_url('expenditures'))