def new(self):
if is_met(has_permission("add_user")):
return render_form(self.menu_items, action="create", add_number_of_emails=1)
if is_met(is_anonymous()):
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
c.came_from = str(request.GET.get("came_from", "")) or url(controller="home", action="index")
if request.GET.get("came_from", None):
h.flash(_("After filling the from you will be sent back to your shopping cart"))
return render("/derived/user/new.html")
def update(self):
ftype = request.params.get('type',False)
if ftype == 'selected':
pass
else:
if is_met(has_permission(u'edit_invoice')):
return self._admin_update(request)
elif is_met(in_group('customer')):
h.flash(_('You can only delete an unconfirmed invoices. If you want to change anything in a shipping order contact us by phone'))
return redirect(controller='invoice',action='index')
def layout(self):
if is_met(has_all_permissions("view_datastores", "create_update_datastores")):
c.show_datastores_tab = True
else:
c.show_datastores_tab = False
return render("/layout.js")
def search(self,id=None,page=1):
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
action = request.params.getone('action')
values = dict(request.params)
del values['action']
if is_met(in_group('customer')):
schema = InvoiceSearchCustomer()
try:
result = schema.to_python(dict(request.params), c)
except Invalid, e:
html = render('/derived/invoice/customer/index.html')
return htmlfill.render(html, defaults=values, errors=variabledecode.variable_encode(
e.unpack_errors() or {},
add_repetitions=False
))
querystr = "Session.query(Invoice).filter_by(deleted=False).join(Invoice.customer).filter(User.user_name == '%s')"%identity['user'].user_name
products = result['contains_product']
if products :
querystr += ".join(Invoice.invoice_items).join(Invoice_item.product)"
if len(products)>1:
querystr += ".filter(and_("
for item in products:
querystr += ","
querystr += "Product.name.like('%%%s%%')"%item
querystr += "))"
else:
querystr += ".filter(Product.name.like('%%%s%%'))"%products[0]
def admin(self,id=None,page=1):
def asort(sort,querystr):
feilds ={'1':'Invoice.id',
'2':'Invoice.customer_id',
'3':'Invoice.date_time',
'4':'Invoice.total_price',
'5':'Invoice.Description',}
if sort != '':
if session['invoice_sort_togle'][sort]:
session['invoice_sort_togle'][sort] = False
direction = '.desc()'
else:
session['invoice_sort_togle'][sort] = True
direction = '.asc()'
querystr += ".order_by(%s%s)"%(feilds[sort],direction)
session['invoice_sort'] = sort
session['invoice_sort_direction']=direction
session.save()
elif 'invoice_sort' in session:
sort = session['invoice_sort']
direction = session['invoice_sort_direction']
querystr += ".order_by(%s%s)"%(feilds[sort],direction)
return querystr
came_from = str(request.GET.get('came_from', ''))
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
if came_from == 'removeproduct':
h.flash('To delete a product find it in the table and press on the Delete link')
elif came_from == 'editproduct':
h.flash('To Edit a product details find it in the table below and press on the Edit link')
sort = str(request.GET.get('sort',''))
if 'invoice_sort_togle' not in session:
session['invoice_sort_togle']={'1':True,
'2':True,
'3':True,
'4':True,
'5':True,}
session.save()
querystr=''
if is_met(has_permission('view_invoice')):
Uc = aliased(User)
Us = aliased(User)
if 'invoice_querystr' in session:
querystr = asort(sort,querystr)
invoices = eval(session['invoice_querystr']+querystr)
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page', page)),
items_per_page = 10)
html = render('/derived/invoice/staff/index.html')
return htmlfill.render(html, defaults=session['invoice_search_values'], errors={})
else:
querystr = "Session.query(Invoice).filter(Invoice.deleted==False)"
querystr = asort(sort,querystr)
invoices = eval(querystr)
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/invoice/staff/index.html')
def edit(self,id):
if is_met(has_permission(u'edit_invoice')):
return render_edit_form_admin(self.menu_items,id=id)
else:
#check to see if the user is the owner of the invoice and invoice is pending the show edit form
#check to see if staff is editing the form
h.flash(_('You don not have enough permission to edit invoice'))
return redirect(url(controller='invoice',action='index'))
def layout(self):
if is_met(
has_all_permissions('view_datastores',
'create_update_datastores')):
c.show_datastores_tab = True
else:
c.show_datastores_tab = False
return render("/layout.js")
def delete(self,id):
invoice = Session.query(Invoice).filter_by(id=id).one()
if is_met(has_permission('delete_invoice')):
return self._delete(invoice)
else:
if invoice.customer == request.environ.get('repoze.who.identity')['user']:
return self._delete(invoice)
else:
h.flash(_('You don not have enough permission to delete invoice'))
return redirect(url(controller='invoice',action='index'))
def view(self, id):
if is_met(has_permission("view_user")):
try:
user = Session.query(User).filter_by(id=id).one()
except:
h.flash(_("No user with ID:%s to view") % id)
return redirect(h.url(controller="user", action="index"))
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
c.user = user
return render("/derived/user/staff/view.html")
else:
return redirect(url(controller="user", action="index"))
def clearsearch(self):
try:
del session['invoice_search_values']
del session['invoice_querystr']
del session['invoice_sort']
del session['invoice_sort_direction']
session.save()
except:
session.save()
if is_met(has_permission('view_invoice')):
return redirect(url(controller='invoice',action='admin'))
else:
return redirect(url(controller='invoice',action='index'))
def edit(self, id):
user = Session.query(User).filter_by(id=id).one()
identity = request.environ.get("repoze.who.identity")
if is_met(has_permission("edit_user")):
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
values = create_dict(user)
return render_form(self.menu_items, values, action="update", id=user.id)
elif identity["user"] == user:
values = create_dict(user)
return render_customer_form(self.menu_items, user.id, values)
else:
h.flash("You are not authorized to edit this user data!")
came_from = str(request.GET.get("came_from", "")) or url(controller="user", action="index")
return redirect(h.url(came_from))
def post_login(self):
identity = request.environ.get('repoze.who.identity')
if not identity:
session['failedlogin'] +=1
session.save()
#h.flash(_("Incorrect User name or Password"))
if session['failedlogin']>3:
session['failedlogin'] = 0
session.save()
#return "To many login atempts!"
return HTTPForbidden(request=request,body="Incorrect User name or Password")
if identity['user'].pending:
session['failedlogin'] = 0
session.save()
h.flash(_('Your account is still pending. Check your email for activation link'))
#return redirect logout
return redirect(url(controller="account",action="logout"))
#return render(path.join(get_lang()[0],'derived/account/login.mako'))
if identity['user'].deleted:
session['failedlogin'] = 0
session.save()
h.flash(_('Your account has been deleted!'))
return redirect(url(controller="account",action="logout"))
#return render(path.join(get_lang()[0],'derived/account/login.mako'))
session['user'] = identity['user'].id
if is_met(not_anonymous()):
session['failedlogin'] = 0
session['user_selection']={}
session['product_selection']={}
session['invoice_selection']={}
session.save()
if 'came_from' in session:
came_from = session['came_from']
del session['came_from']
session.save()
return redirect(came_from)
return render(path.join(get_lang()[0],'derived/account/login.mako'))
def _confirm(self,invoice):
customer = invoice.customer
if not is_met(has_permission('confirm_invoice')):
h.flash(_("You don't have enough permision to confirm ivoice"))
return redirect(url(controller='invoice', action='edit',id=invoice.id))
if invoice.total_price > customer.balance + customer.cradit:
h.flash(_("Customer balance is low. <a href='%s'>Give him enough cradit or contanct him about the funds</a>")%url(controller='user',action='edit',id=customer.id))
invoice.Description = _("Low balance")
Session.add(invoice)
Session.commit()
return redirect(url(controller='invoice',action='edit',id=invoice.id))
invoice_id = invoice.id
invoice_items=[]
for invoice_item in invoice.invoice_items:
product = invoice_item.product
product.quantity -= invoice_item.quantity
customer.balance -= invoice_item.total_price
Session.add(product)
Session.add(customer)
invoice.pending = False
Session.add(invoice)
Session.commit()
def index(self,id=None,page=1):
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
if is_met(in_group('customer')):
if session.has_key('invoice_querystr'):
invoices2 = eval(session['invoice_querystr']+".order_by(desc(Invoice.date_time))")
#invoices = Session.query(Invoice).filter_by(customer=identity['user']).filter_by(deleted=False).order_by(Invoice.date_time)
c.paginator = paginate.Page(invoices2,
page=int(request.params.get('page',page)),
items_per_page=10)
html = render('/derived/invoice/customer/index.html')
return htmlfill.render(html, defaults=session['invoice_search_values'], errors={})
else:
invoices = Session.query(Invoice).filter_by(customer=identity['user']).filter_by(deleted=False).order_by(desc(Invoice.date_time))
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page',page)),
items_per_page=10)
return render('/derived/invoice/customer/index.html')
else:
h.flash(_('Please take a few moments to %s\n')%(h.link_to(_("register"),url(controller="user", action="new"))))
return redirect(url(controller='home',action='index'))
def update(self, id):
user = Session.query(User).filter_by(id=int(id)).one()
values = dict(request.params)
action = values["action"]
del values["action"]
if is_met(has_permission("edit_user")):
res = self._proccess_form(action, values, postto="update", id=user.id, renderer=render_form)
if res is not False:
return res
schema = UserFormEdit()
try:
result = schema.to_python(values, c)
except Invalid, e:
return render_form(
self.menu_items,
values,
action="update",
errors=variabledecode.variable_encode(e.unpack_errors() or {}, add_repetitions=False),
id=user.id,
)
self._save(result, user)
h.flash(_("User %s data updated") % result["user_name"])
return redirect(url(controller="user", action="admin"))
def view(self,id,page=1):
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
invoice = Session.query(Invoice).filter_by(id=id).one()
if is_met(has_permission('view_invoice')):
c.invoice = invoice
c.paginator = paginate.Page(
invoice.invoice_items,
page=int(request.params.get('page', page)),
items_per_page = 10
)
return render('/derived/invoice/view.html')
elif invoice.customer == identity['user']:
c.invoice = invoice
c.paginator = paginate.Page(
invoice.invoice_items,
page=int(request.params.get('page', page)),
items_per_page = 10
)
return render('/derived/invoice/view.html')
else:
h.flash(_('You are not authorized to view this invoice'))
return redirect(url(controller='invoice',action='index'))
def customer(self):
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
if is_met(in_group("customer")) or is_met(in_group("admin")):
user = request.environ.get("repoze.who.identity")["user"]
values = create_dict(user)
return render_customer_form(self.menu_items, user.id, values)
def admin(self, page=1):
def __asort(_session, _sort, _querystr):
feilds = {
"1": "User.id",
"2": "User.user_name",
"3": ["User.last_name", "User.first_name"],
"4": "User.id",
"5": "User.id",
"6": "User.id",
"7": "User.balance",
"8": "User.cradit",
"9": "User.pending",
}
if _sort != "":
if _session["user_sort_togle"][_sort]:
_session["user_sort_togle"][_sort] = False
direction = ".desc()"
else:
_session["user_sort_togle"][_sort] = True
direction = ".asc()"
if type(feilds[_sort]) is list:
for item in feilds[_sort]:
_querystr += ".order_by(%s%s)" % (item, direction)
else:
_querystr += ".order_by(%s%s)" % (feilds[_sort], direction)
_session["user_sort"] = _sort
_session["user_sort_direction"] = direction
_session.save()
elif "user_sort" in _session:
_sort = _session["user_sort"]
direction = _session["user_sort_direction"]
_querystr += ".order_by(%s%s)" % (feilds[_sort], direction)
return _querystr
came_from = str(request.GET.get("came_from", ""))
if came_from == "removeuser":
h.flash("To delete a user find it in the table and press on the Delete link")
elif came_from == "edituser":
h.flash("To Edit a user details find it in the table below and press on the Edit link")
sort = str(request.GET.get("sort", ""))
if "user_sort_togle" not in session:
session["user_sort_togle"] = {
"1": True,
"2": True,
"3": True,
"4": True,
"5": True,
"6": True,
"7": True,
"8": True,
"9": True,
}
session.save()
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
c.tags = Session.query(UserTag).all()
querystr = ""
if is_met(has_permission("view_user")):
if session.has_key("user_querystr"):
if session.has_key("aliasedtags"):
for item in session["aliasedtags"]:
exec item in locals(), globals()
querystr = __asort(session, sort, querystr)
users = eval(session["user_querystr"] + querystr)
c.paginator = paginate.Page(users, page=int(request.params.get("page", page)), items_per_page=10)
html = render("/derived/user/staff/index.html")
return htmlfill.render(html, defaults=session["user_search_values"], errors={})
else:
querystr = "Session.query(User).filter_by(deleted=False)"
querystr = __asort(session, sort, querystr)
users = eval(querystr)
c.paginator = paginate.Page(users, page=int(request.params.get("page", page)), items_per_page=10)
return render(path.join(get_lang()[0], "/derived/user/staff/index.mako"))
def signin(self):
if is_met(not_anonymous()):
c.user = request.environ.get("repoze.what.credentials")["repoze.what.userid"]
return render("/signin.html")
def is_met_util(self):
if is_met(not_anonymous()):
return 'You are not anonymous'
return 'You are anonymous'
session.save()
else:
if 'paliasedtags' in session:
del session['paliasedtags']
session.save()
querystr += ".join(Product.tags)"
querystr += ".filter(ProductTag.tag=='%s')"%tags[0].tag
elif 'paliasedtags' in session:
del session['paliasedtags']
session.save()
if result['from_price']:
querystr += '.filter(Product.sell_price > %s)'%result['from_price']
if result['to_price']:
querystr += '.filter(Product.sell_price < %s)'%result['to_price']
if is_met(has_permission('edit_product')) and came_from == 'admin':
if result['deleted']:
querystr += ".filter(Product.deleted==True)"
if result['from_date']:
querystr += '.filter(Product.buy_date > %s)'%result['from_date']
if result['to_date']:
querystr += '.filter(Product.buy_date < %s)'%result['to_date']
if result['description']:
querystr += ".filter(Product.description.like('%%%s%%'))"%result['description']
if result['brand'] != '':
querystr += ".filter(Product.brand.like('%%%s%%'))"%result['brand']
session['product_querystr'] = querystr
session['product_search_values'] = values
session.save()
if came_from == 'admin':
return redirect(url(controller='product',action='admin'))
def admin(self,page=1):
def __asort(_session,_sort,_querystr):
feilds ={'1':'Product.code',
'2':'Product.name',
'3':'Product.quantity',
'4':'Product.buy_price',
'5':'Product.sell_price',
'6':'Product.wholesale_price',
'7':'Product.buy_date',
'8':'Product.brand',
'9':'Product.tags.tag',}
if _sort != '':
if _session['product_sort_togle'][_sort]:
_session['product_sort_togle'][_sort] = False
direction = '.desc()'
else:
_session['product_sort_togle'][_sort] = True
direction = '.asc()'
_querystr += ".order_by(%s%s)"%(feilds[_sort],direction)
_session['product_sort'] = _sort
_session['product_sort_direction']=direction
_session.save()
elif 'product_sort' in _session:
_sort = _session['product_sort']
direction = _session['product_sort_direction']
_querystr += ".order_by(%s%s)"%(feilds[_sort],direction)
return _querystr
came_from = str(request.GET.get('came_from', ''))
if came_from == 'removeproduct':
h.flash('To delete a product find it in the table and press on the Delete link')
elif came_from == 'editproduct':
h.flash('To Edit a product details find it in the table below and press on the Edit link')
sort = str(request.GET.get('sort',''))
if 'product_sort_togle' not in session:
session['product_sort_togle']={'1':True,
'2':True,
'3':True,
'4':True,
'5':True,
'6':True,
'7':True,
'8':True,
'9':True,}
session.save()
c.menu_items = h.top_menu(self.menu_items,_('Products'))
c.tags = Session.query(ProductTag).all()
querystr=''
if is_met(has_permission('edit_product')):
if session.has_key('product_querystr'):
if session.has_key('paliasedtags'):
for item in session['paliasedtags']:
exec item in locals(), globals()
querystr = __asort(session,sort,querystr)
products = eval(session['product_querystr']+querystr)
c.paginator = paginate.Page(products,
page=int(request.params.get('page', page)),
items_per_page = 10)
html = render('/derived/product/productadmin.html')
return htmlfill.render(html,defaults=session['product_search_values'])
else:
querystr = "Session.query(Product).filter_by(deleted=False)"
querystr = __asort(session,sort,querystr)
products = eval(querystr)
c.paginator = paginate.Page(products,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/product/productadmin.html')
def signin(self):
if is_met(not_anonymous()):
c.user = request.environ.get(
'repoze.what.credentials')['repoze.what.userid']
return render("/signin.html")
def is_met_util(self):
if is_met(not_anonymous()):
return 'You are not anonymous'
return 'You are anonymous'
del values['action']
schema = InvoiceEditAdmin()
try:
result = schema.to_python(values,c)
except Invalid, e:
return render_edit_form_admin(
self.menu_items,
values,
errors=variabledecode.variable_encode( e.unpack_errors() or {},
add_repetitions=False),
id=invoice_id)
invoice = Session.query(Invoice).filter_by(id=invoice_id).one()
customer = invoice.customer
if action.startswith('Remove_'):
if not is_met(has_permission('edit_invoice')):
h.flash( _("You don't have enough permision to remove items from ivoice"))
return redirect(url(controller='invoice', action='edit',id=invoice_id))
item_id =int(action.split('_')[-1])
invoice_items=[]
totalprice = 0
for invoice_item in invoice.invoice_items:
if invoice_item.id != item_id:
invoice_items.append(invoice_item)
totalprice += invoice_item.total_price
else:
delitem = invoice_item
if invoice.pending is False:
product = invoice_item.product
product.quantity += invoice_item.quantity
customer.balance += invoice_item.total_price
