Exemplos de ShopLogic em Python

Exemplo n.º 1

Arquivo: IntegrationTests.py Projeto: omriattiya/uTrade

    def test_policies_torture(self):
        UsersLogic.register(RegisteredUser('ShaharBenS', "SsS0897SsS"))
        UsersLogic.update_details('ShaharBenS', 'AFG', 20, 'Male')

        UsersLogic.register(RegisteredUser('ShaharBenS2', "SsS0897SsS"))
        ShopLogic.create_shop(Shop('eBay', "Active"), 'ShaharBenS2')
        ShopLogic.create_shop(Shop('Amazon', "Active"), 'ShaharBenS2')
        item1 = Item(1, 'eBay', 'apple', 'vegas', 'good', 10, 500, 'regular',
                     None, 0, 0, 0)
        item2 = Item(2, 'Amazon', 'apple', 'fruits', 'good', 10, 500,
                     'regular', None, 0, 0, 0)
        ItemsLogic.add_item_to_shop(item1, 'ShaharBenS2')
        ItemsLogic.add_item_to_shop(item2, 'ShaharBenS2')

        ShoppingPolicyLogic.add_shopping_policy_on_shop(
            'ShaharBenS2', 'eBay', "age = ''20''", "AL", 3)
        ShoppingPolicyLogic.add_shopping_policy_on_shop(
            'ShaharBenS2', 'Amazon', "age > ''15''", "UT", 5)
        ShoppingPolicyLogic.add_shopping_policy_on_identity(
            'Ultimate_ShaharShahar', "sex = ''Male''", "AL", 9)
        ShoppingPolicyLogic.add_shopping_policy_on_category(
            'Ultimate_ShaharShahar', "vegas", "state = ''AFG''", "UT", 5)
        ShoppingPolicyLogic.add_shopping_policy_on_items(
            'Ultimate_ShaharShahar', "apple", "state != ''AFG''", "E", 2)

        access_token = hashlib.md5('ShaharBenS'.encode()).hexdigest()
        Consumer.loggedInUsers[access_token] = 'ShaharBenS'
        Consumer.loggedInUsersShoppingCart[access_token] = []

        UserShoppingCartLogic.add_item_shopping_cart(
            access_token, ShoppingCartItem('ShaharBenS', 2, 3, None))
        UserShoppingCartLogic.add_item_shopping_cart(
            access_token, ShoppingCartItem('ShaharBenS', 1, 7, None))
        status = UserShoppingCartLogic.pay_all(access_token)
        self.assertFalse(StoB(status))

Exemplo n.º 2

Arquivo: ExternalTests.py Projeto: omriattiya/uTrade

    def test_supply_system(self):
        UsersLogic.register(RegisteredUser('ShaharBenS', "SsS0897SsS"))
        UsersLogic.update_details('ShaharBenS', 'AFG', 20, 'Male')

        UsersLogic.register(RegisteredUser('ShaharBenS2', "SsS0897SsS"))
        ShopLogic.create_shop(Shop('eBay', "Active"), 'ShaharBenS2')
        ShopLogic.create_shop(Shop('Amazon', "Active"), 'ShaharBenS2')
        item1 = Item(1, 'eBay', 'apple', 'vegas', 'good', 10, 500, 'regular',
                     None, 0, 0, 0)
        item2 = Item(2, 'Amazon', 'apple', 'fruits', 'good', 10, 500,
                     'regular', None, 0, 0, 0)
        ItemsLogic.add_item_to_shop(item1, 'ShaharBenS2')
        ItemsLogic.add_item_to_shop(item2, 'ShaharBenS2')

        access_token = hashlib.md5('ShaharBenS'.encode()).hexdigest()
        Consumer.loggedInUsers[access_token] = 'ShaharBenS'
        Consumer.loggedInUsersShoppingCart[access_token] = []

        UserShoppingCartLogic.add_item_shopping_cart(
            access_token, ShoppingCartItem('ShaharBenS', 2, 3, None))
        UserShoppingCartLogic.add_item_shopping_cart(
            access_token, ShoppingCartItem('ShaharBenS', 1, 7, None))

        ExternalSystems.supply = ProxySupplySystem.ProxySupplySystem()
        status = UserShoppingCartLogic.pay_all(access_token)
        if isinstance(status, list) is not True:
            status = False
        self.assertFalse(status)

        ExternalSystems.supply = SupplySystem.SupplySystem()
        status = UserShoppingCartLogic.pay_all(access_token)
        if isinstance(status, list):
            status = True
        self.assertTrue(status)

Exemplo n.º 3

def add_review_on_shop(request):
    if request.method == 'POST':
        shop_name = request.POST.get('shop_name')
        description = request.POST.get('description')
        rank = int(request.POST.get('rank'))

        event = "ADD REVIEW ON SHOP"
        suspect_sql_injection = False
        suspect_sql_injection = LoggerLogic.identify_sql_injection(
            shop_name, event) or suspect_sql_injection
        suspect_sql_injection = LoggerLogic.identify_sql_injection(
            description, event) or suspect_sql_injection

        if suspect_sql_injection:
            return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION)

        login = request.COOKIES.get('login_hash')
        if login is not None:
            writer_id = Consumer.loggedInUsers.get(login)
            shop_review = ShopReview(writer_id, description, rank, shop_name)
            old_review = ShopLogic.get_shop_review_with_writer(
                shop_name, writer_id)
            if old_review is not False:
                return HttpResponse('has reviews')
            if ShopLogic.add_review_on_shop(shop_review):
                return HttpResponse('success')
        return HttpResponse('fail')

Exemplo n.º 4

 def setUp(self):
     init_database('db.sqlite3')
     register(RegisteredUser('YoniYoni', '1234567878'))
     register(RegisteredUser('StoreManager1', '1234567878'))
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, 'YoniYoni')
     UsersLogic.add_manager('YoniYoni', StoreManager('StoreManager1', 'My Shop', 1, 1, 1, 1, 1, 1, 1, 1))

Exemplo n.º 5

def get_reviews(request):
    if request.method == 'GET':
        login = request.COOKIES.get('login_hash')
        guest = request.COOKIES.get('guest_hash')
        context = {
            'topbar': Topbar_Navbar.get_top_bar(login),
            'navbar': Topbar_Navbar.get_nav_bar(login, guest)
        }
        shop_name = request.GET.get('shop_name')
        shop = ShopLogic.search_shop(shop_name)
        if shop is not False:
            reviews = ShopLogic.get_shop_reviews(shop_name)
            string_reviews = ""
            for review in reviews:
                string_reviews += loader.render_to_string(
                    'components/review.html', {
                        'writer_name': review.writerId,
                        'rank': review.rank,
                        'description': review.description
                    }, None, None)
                context.update({
                    'shop_name': shop_name,
                    'reviews': string_reviews
                })
            return render(request, 'shop_reviews.html', context=context)
        return HttpResponse(shop_not_exist)
    return HttpResponse(not_get_request)

Exemplo n.º 6

    def test_permissions(self):
        UsersLogic.register(RegisteredUser('ShaharShahar', '1212345678'))
        UsersLogic.register(RegisteredUser('TomerTomerLev', '65412321'))
        shop = Shop('myShop', 'Active')
        ShopLogic.create_shop(shop, 'ShaharShahar')
        UsersLogic.add_manager(
            'ShaharShahar',
            StoreManager('TomerTomerLev', 'myShop', 1, 1, 1, 1, 1, 1, 1, 1))
        ItemsLogic.add_item_to_shop(
            Item(None, 'myShop', 'doll', 'toys', 'toys:kids', 20, 300,
                 'regular', None, 0, 0, 0), 'TomerTomerLev')
        item = Items.get_item(1)
        self.assertEqual(item.shop_name, 'myShop')
        self.assertEqual(item.price, 20)
        self.assertEqual(item.quantity, 300)

        status = ItemsLogic.edit_shop_item('TomerTomerLev', 1, 'price', 40)
        self.assertTrue(status)
        status = ItemsLogic.edit_shop_item('TomerTomerLev', 1, 'name',
                                           'doll_new')
        self.assertTrue(status)
        status = ItemsLogic.edit_shop_item('TomerTomerLev', 1, 'quantity', 40)
        self.assertTrue(status)

        item = Items.get_item(1)
        self.assertEqual(item.name, 'doll_new')
        self.assertEqual(item.quantity, 40)
        self.assertEqual(item.keyWords, 'toys:kids')

        status = ItemsLogic.remove_item_from_shop(1, 'TomerTomerLev')
        self.assertTrue(status)

Exemplo n.º 7

 def test_bad_create_shop(self):
     register(RegisteredUser('TomerTomer', '1234567878'))
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, 'TomerTomer')
     shop_founded = Shops.search_shop('My Shop')
     self.assertTrue(shop_founded.name == 'My Shop')
     status = ShopLogic.create_shop(shop, 'TomerTomer')
     self.assertEqual(status, 'FAILED: Shop name is taken')

Exemplo n.º 8

Arquivo: OwnerTests.py Projeto: omriattiya/uTrade

 def test_add_manager(self):
     ShopLogic.create_shop(SHOP, USERNAME)
     UsersLogic.register(OTHER_USER)
     manager = StoreManager(OTHER_USERNAME, SHOP_NAME, PERMISSIONS[0], PERMISSIONS[1],
                            PERMISSIONS[2], PERMISSIONS[3], PERMISSIONS[4], PERMISSIONS[5], PERMISSIONS[6],
                            PERMISSIONS[7])
     is_added = UsersLogic.add_manager(USERNAME, manager)
     self.assertTrue(is_added)

Exemplo n.º 9

 def test_bad_sys_man_close_shop_permanently(self):
     register(RegisteredUser('YoniYoni', '12121122'))
     register(RegisteredUser('ToniToni', '12121122'))
     remover = get_user('YoniYoni')
     owner = get_user('ToniToni')
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, owner.username)
     status = close_shop_permanently(remover.username, 'My Shop')
     self.assertFalse(status)

Exemplo n.º 10

Arquivo: OwnerTests.py Projeto: omriattiya/uTrade

    def test_modify_notifications(self):
        ShopLogic.create_shop(SHOP, USERNAME)
        UsersLogic.modify_notifications(USERNAME, 0, SHOP.name)
        owner = Owners.get_owner(USERNAME, SHOP_NAME)
        self.assertEqual(0, owner.should_notify)

        UsersLogic.modify_notifications(USERNAME, 1, SHOP.name)
        owner = Owners.get_owner(USERNAME, SHOP_NAME)
        self.assertEqual(1, owner.should_notify)

Exemplo n.º 11

    def setUp(self):
        init_database('db.sqlite3')
        UsersLogic.register(RegisteredUser('ShaharBenS', "SsS0897SsS"))
        UsersLogic.update_details('ShaharBenS', 'AFG', 20, 'Male')

        UsersLogic.register(RegisteredUser('ShaharBenS2', "SsS0897SsS"))
        ShopLogic.create_shop(Shop('eBay', "Active"), 'ShaharBenS2')
        item1 = Item(1, 'eBay', 'banana', 'vegas', 'good', 10, 500, 'regular', None, 0, 0, 0)
        ItemsLogic.add_item_to_shop(item1, 'ShaharBenS2')

Exemplo n.º 12

 def test_close_shop_permanently(self):
     register(RegisteredUser('YoniYoni', '12121212'))
     register(RegisteredUser('ToniToniToniToni', '12112212'))
     remover = get_user('YoniYoni')
     owner = get_user('ToniToniToniToni')
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, owner.username)
     add_system_manager(SystemManager(remover.username, remover.password))
     status = close_shop_permanently(remover.username, shop.name)
     self.assertTrue(status)

Exemplo n.º 13

 def test_add_store_manager(self):
     UsersLogic.register(RegisteredUser('ShaharShahar', '12345126'))
     UsersLogic.register(RegisteredUser('TomerTomerLev', '65412321'))
     shop = Shop('myShop', 'Active')
     ShopLogic.create_shop(shop, 'ShaharShahar')
     UsersLogic.add_manager(
         'ShaharShahar',
         StoreManager('TomerTomerLev', 'myShop', 1, 1, 1, 1, 1, 1, 1, 1))
     manager = StoreManagers.get_store_manager('TomerTomerLev', 'myShop')
     self.assertTrue(manager.permission_add_item > 0)
     self.assertTrue(manager.permission_remove_item > 0)
     self.assertTrue(manager.permission_edit_item > 0)
     self.assertEqual(manager.store_name, 'myShop')
     self.assertEqual(manager.username, 'TomerTomerLev')

Exemplo n.º 14

 def test_add_invisible_discount_bad(self):
     register(RegisteredUser('YoniYoni', '1234567878'))
     register(RegisteredUser('StoreManager1', '1234567878'))
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, 'YoniYoni')
     UsersLogic.add_manager(
         'YoniYoni',
         StoreManager('StoreManager1', 'My Shop', 1, 1, 1, 1, 1, 1, 1, 1))
     item1 = Item(1, 'My Shop', 'milk', 'diary', 'good', 12, 100, 'regular',
                  None, 0, 0, 0)
     ItemsLogic.add_item_to_shop(item1, 'StoreManager1')
     invdisc = InvisibleDiscount('ABCDEFGHIJKLMNO', item1.id, shop.name, -1,
                                 '2018-12-01', '2019-12-01')
     self.assertFalse(add_invisible_discount(invdisc, 'YoniYoni'))

Exemplo n.º 15

 def test_review_on_shop(self):
     register(RegisteredUser('TomerTomer', '1234567878'))
     user = get_user('TomerTomer')
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, 'TomerTomer')
     ItemsLogic.add_item_to_shop(Item(1, 'My Shop', 'milk', 'diary', 'good', 12, 100, 'regular', None, 0, 0, 0),
                                 'TomerTomer')
     purchase_id = add_purchase_and_return_id(datetime.now(), 'TomerTomer', 0)
     status = PurchasedItems.add_purchased_item(purchase_id, 1, 10, 10)
     shop_review = ShopReview('TomerTomer', 'Best', 10, 'My Shop')
     status = ShopLogic.add_review_on_shop(shop_review)
     reviews = get_all_reviews_on_shop('My Shop')
     answer = len(reviews) == 1
     self.assertTrue(answer)

Exemplo n.º 16

    def setUp(self):
        init_database('db.sqlite3')

        username = '******'
        shop_name = 'My New Shop'
        register(RegisteredUser(username, '12341256'))  # register user
        ShopLogic.create_shop(Shop.Shop(shop_name, 'Active'),
                              username)  # add shop
        ItemsLogic.add_item_to_shop(
            Item.Item(1, shop_name, 'milk', 'milk', 'keywords', 12, 100,
                      'regular', None, 0, 0, 0), username)
        ItemsLogic.add_item_to_shop(
            Item.Item(2, shop_name, 'glue', 'glue', 'keywords', 12, 100,
                      'regular', None, 0, 0, 0), username)

Exemplo n.º 17

Arquivo: MessagesTests.py Projeto: omriattiya/uTrade

 def test_bad_no_get_all_premss_send_message_and_get_messages_of_shops(self):
     register(RegisteredUser('TomerTomer1', '1234567878'))
     shop1 = Shop('My Shop1', 'Active')
     ShopLogic.create_shop(shop1, 'TomerTomer1')
     register(RegisteredUser('TomerTomer2', '1234567878'))
     shop2 = Shop('My Shop2', 'Active')
     ShopLogic.create_shop(shop2, 'TomerTomer2')
     UsersLogic.add_manager('TomerTomer1', StoreManager('TomerTomer2', 'My Shop1', 1, 1, 1, 1, 0, 1, 1, 1))
     UsersLogic.add_manager('TomerTomer2', StoreManager('TomerTomer1', 'My Shop2', 1, 1, 1, 1, 0, 1, 1, 1))
     MessagingLogic.send_message_from_shop('TomerTomer2', Message(1, 'My Shop1', 'My Shop2', 'Hello 1'))
     MessagingLogic.send_message_from_shop('TomerTomer1', Message(2, 'My Shop2', 'My Shop1', 'Hello 2'))
     messages1 = MessagingLogic.get_all_shop_messages('TomerTomer2', 'My Shop1')
     messages2 = MessagingLogic.get_all_shop_messages('TomerTomer1', 'My Shop2')
     self.assertFalse(messages1)
     self.assertFalse(messages2)

Exemplo n.º 18

Arquivo: MessagesTests.py Projeto: omriattiya/uTrade

 def test_bad_no_permssion_send_message_and_get_messages_of_shops(self):
     register(RegisteredUser('TomerTomer1', '1234567878'))
     shop1 = Shop('My Shop1', 'Active')
     ShopLogic.create_shop(shop1, 'TomerTomer1')
     register(RegisteredUser('TomerTomer2', '1234567878'))
     shop2 = Shop('My Shop2', 'Active')
     ShopLogic.create_shop(shop2, 'TomerTomer2')
     UsersLogic.add_manager('TomerTomer1', StoreManager('TomerTomer2', 'My Shop1', 1, 1, 1, 0, 1, 1, 1, 1))
     UsersLogic.add_manager('TomerTomer2', StoreManager('TomerTomer1', 'My Shop2', 1, 1, 1, 0, 1, 1, 1, 1))
     self.assertEqual(MessagingLogic.send_message_from_shop('TomerTomer2',
                                                            Message(1, 'My Shop1', 'My Shop2', 'Hello 1'))
                      , "FAILED: You don't have the permissions")
     self.assertEqual(MessagingLogic.send_message_from_shop('TomerTomer1',
                                                            Message(2, 'My Shop2', 'My Shop1', 'Hello 2'))
                      , "FAILED: You don't have the permissions")

Exemplo n.º 19

def create_shop(request):
    if request.method == 'POST':
        # return HttpResponse('item added')
        shop_name = request.POST.get('name')
        shop_status = request.POST.get('status')

        event = "ADD SHOP"
        suspect_sql_injection = False
        suspect_sql_injection = LoggerLogic.identify_sql_injection(
            shop_name, event) or suspect_sql_injection
        suspect_sql_injection = LoggerLogic.identify_sql_injection(
            shop_status, event) or suspect_sql_injection

        if suspect_sql_injection or shop_name == '':
            return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION)

        login = request.COOKIES.get('login_hash')
        if login is None:
            login = request.POST.get('login_hash')
        if login is None:
            return HttpResponse('FAILED: You are not logged in')
        username = Consumer.loggedInUsers.get(login)
        if username is None:
            return HttpResponse('FAILED: You are not logged in')

        shop = Shop(shop_name, shop_status)
        return HttpResponse(ShopLogic.create_shop(shop, username))

Exemplo n.º 20

Arquivo: Profile.py Projeto: omriattiya/uTrade

def get_system_shops(request):
    if request.method == 'GET':
        login = request.COOKIES.get('login_hash')

        if login is not None:
            username = Consumer.loggedInUsers.get(login)
            if username is not None:
                if UsersLogic.is_system_manager(username):
                    orders_html = ""
                    shops_html = ""
                    shops = ShopLogic.get_all_shops()
                    for shop in shops:
                        shops_html += loader.render_to_string(
                            'components/shop.html',
                            context={
                                'shop_name': shop.name,
                                'status': shop.status
                            })

                    context = {
                        'topbar': Topbar_Navbar.get_top_bar(login),
                        'navbar': Topbar_Navbar.get_nav_bar(login, None)
                    }
                    context.update({'shops': shops_html})
                    return render(request,
                                  'system-shops.html',
                                  context=context)
        return HttpResponse("You don't have the privilege to be here")

Exemplo n.º 21

    def test_no_permission(self):
        UsersLogic.register(RegisteredUser('ShaharShahar', '12312456'))
        UsersLogic.register(RegisteredUser('TomerTomerLev', '65431221'))
        shop = Shop('myShop', 'Active')
        ShopLogic.create_shop(shop, 'ShaharShahar')
        UsersLogic.add_manager(
            'ShaharShahar',
            StoreManager('TomerTomerLev', 'myShop', 0, 0, 0, 0, 0, 0, 0, 0))
        status = ItemsLogic.add_item_to_shop(
            Item(None, 'myShop', 'doll', 'toys', 'toys;kids', 20, 300,
                 'regular', None, 0, 0, 0), 'TomerTomerLev')
        self.assertFalse(status)

        message = Message(None, 'myShop', 'ShaharShahar', 'Hi There')
        status = MessagingLogic.send_message_from_shop('TomerTomerLev',
                                                       message)
        self.assertFalse(returnStringToBoolean(status))

Exemplo n.º 22

Arquivo: SearchTests.py Projeto: omriattiya/uTrade

 def setUp(self):
     init_database('db.sqlite3')
     register(RegisteredUser('TomerTomer', '1234567878'))
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, 'TomerTomer')
     ItemsLogic.add_item_to_shop(
         Item(1, 'My Shop', 'milk', 'diary', 'good', 12, 100, 'regular',
              None, 0, 0, 0), 'TomerTomer')
     ItemsLogic.add_item_to_shop(
         Item(2, 'My Shop', 'steak', 'meat', 'bad', 12, 100, 'regular',
              None, 0, 0, 0), 'TomerTomer')
     ItemsLogic.add_item_to_shop(
         Item(3, 'My Shop', 'banana', 'fruit', 'best', 12, 100, 'regular',
              None, 0, 0, 0), 'TomerTomer')
     ItemsLogic.add_item_to_shop(
         Item(4, 'My Shop', 'water', 'drinks', 'one two', 12, 100,
              'regular', None, 0, 0, 0), 'TomerTomer')

Exemplo n.º 23

 def test_get_visible_discount_bad_item(self):
     register(RegisteredUser('YoniYoni', '1234567878'))
     register(RegisteredUser('StoreManager1', '1234567878'))
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, 'YoniYoni')
     UsersLogic.add_manager(
         'YoniYoni',
         StoreManager('StoreManager1', 'My Shop', 1, 1, 1, 1, 1, 1, 1, 1))
     item1 = Item(1, 'My Shop', 'milk', 'diary', 'good', 12, 100, 'regular',
                  None, 0, 0, 0)
     item2 = Item(2, 'My Shop', 'milk1', 'diary1', 'good', 12, 100,
                  'regular', None, 0, 0, 0)
     ItemsLogic.add_item_to_shop(item1, 'StoreManager1')
     disc = VisibleDiscount(item1.id, shop.name, 50, '2018-12-01',
                            '2019-12-01')
     self.assertTrue(add_visible_discount(disc, 'YoniYoni'))
     self.assertFalse(get_visible_discount(item2.id, shop.name))

Exemplo n.º 24

def close_shop_permanently(request):
    if request.method == 'POST':
        shop_name = request.POST.get('shop_name')
        login = request.COOKIES.get('login_hash')
        if login is not None:
            username = Consumer.loggedInUsers.get(login)
            if ShopLogic.close_shop_permanently(username, shop_name):
                return HttpResponse('success')
        return HttpResponse('fail')

Exemplo n.º 25

 def test_get_visible_discount(self):
     register(RegisteredUser('YoniYoni', '1234567878'))
     register(RegisteredUser('StoreManager1', '1234567878'))
     shop = Shop('My Shop', 'Active')
     ShopLogic.create_shop(shop, 'YoniYoni')
     UsersLogic.add_manager(
         'YoniYoni',
         StoreManager('StoreManager1', 'My Shop', 1, 1, 1, 1, 1, 1, 1, 1))
     item1 = Item(1, 'My Shop', 'milk', 'diary', 'good', 12, 100, 'regular',
                  None, 0, 0, 0)
     ItemsLogic.add_item_to_shop(item1, 'StoreManager1')
     disc = VisibleDiscount(item1.id, shop.name, 50, '2018-12-01',
                            '2019-12-01')
     self.assertTrue(add_visible_discount(disc, 'YoniYoni'))
     getted = get_visible_discount(item1.id, shop.name)
     self.assertEqual(getted.item_id, disc.item_id)
     self.assertEqual(getted.shop_name, disc.shop_name)
     self.assertEqual(getted.percentage, disc.percentage)

Exemplo n.º 26

def get_shop_owner(request):
    if request.method == 'GET':
        shop_name = request.GET.get('shop_name')
        login = request.COOKIES.get('login_hash')

        if login is not None:
            username = Consumer.loggedInUsers.get(login)
            if username is not None:
                if UsersLogic.is_system_manager(username):
                    shops = ShopLogic.get_store_owners(shop_name)
                    shops_string = ""
                    for shop in shops:
                        shops_string += shop.username + "\n"
                    return HttpResponse(shops_string)
        return HttpResponse('fail')

Exemplo n.º 27

def watch_purchase_history(request):
    if request.method == 'GET':
        shop_name = request.GET.get('shop_name')
        login = request.COOKIES.get('login_hash')
        guest = request.COOKIES.get('guest_hash')
        if login is not None:
            username = Consumer.loggedInUsers.get(login)
            if username is None:
                return HttpResponse(error_login_owner)
        else:
            return HttpResponse(error_login_owner)

        if not UsersLogic.is_owner_of_shop(username, shop_name):
            if UsersLogic.is_manager_of_shop(username, shop_name):
                manager = UsersLogic.get_manager(username, shop_name)
                if manager.permission_get_purchased_history is not 1:  # no permission
                    return HttpResponse(
                        'no permission to watch purchase history')
            else:
                return HttpResponse('fail')  # not manager not owner

        every_html = {
            'top_bar': Topbar_Navbar.get_top_bar(login),
            'nav_bar': Topbar_Navbar.get_nav_bar(login, guest)
        }
        shop_items = ShopLogic.get_shop_purchase_history(username, shop_name)
        string_items = ""
        for item in shop_items:
            string_items += loader.render_to_string(
                'components/purchase_item_owner.html', {
                    'purchase_id': item.purchase_id,
                    'item_id': item.item_id,
                    'quantity': item.quantity,
                    'price': item.price
                })
        return render(request,
                      'shop_view_purchase_history.html',
                      context={
                          'every_html': every_html,
                          'items': string_items,
                          'shop_name': shop_name
                      })
    return HttpResponse(not_get_request)

Exemplo n.º 28

Arquivo: Profile.py Projeto: omriattiya/uTrade

def get_managers(request):
    if request.method == 'GET':
        login = request.COOKIES.get('login_hash')
        shop_name = request.GET.get('shop_name')

        if login is not None:
            username = Consumer.loggedInUsers.get(login)
            if username is not None:
                if UsersLogic.is_owner_on_shop(username,
                                               shop_name) is not False:
                    managers_html = ""
                    managers = ShopLogic.get_store_managers(shop_name)
                    for manager in managers:
                        check_array = ["", "checked"]
                        managers_html += loader.render_to_string(
                            'components/ManagersOnShop.html',
                            context={
                                'manager_name':
                                manager.username,
                                'checked_AIP':
                                check_array[manager.permission_add_item],
                                'checked_RIP':
                                check_array[manager.permission_remove_item],
                                'checked_EIP':
                                check_array[manager.permission_edit_item],
                                'checked_RMP':
                                check_array[manager.permission_reply_messages],
                                'checked_GAP':
                                check_array[
                                    manager.permission_get_all_messages],
                                'checked_GPHP':
                                check_array[
                                    manager.permission_get_purchased_history],
                                'checked_DP':
                                check_array[manager.discount_permission],
                                'checked_SP':
                                check_array[manager.permission_set_policy],
                            })
                    return HttpResponse(managers_html)

        return HttpResponse('fail')

Exemplo n.º 29

def get_shop_to_owner(request):
    if request.method == 'GET':
        shop_name = request.GET.get('shop_name')
        login = request.COOKIES.get('login_hash')
        guest = request.COOKIES.get('guest_hash')
        context = {
            'topbar': Topbar_Navbar.get_top_bar(login),
            'navbar': Topbar_Navbar.get_nav_bar(login, guest)
        }
        if login is not None:
            username = Consumer.loggedInUsers.get(login)
            if username is None:
                return HttpResponse(error_login_owner)
        else:
            return HttpResponse(error_login_owner)
        if UsersLogic.is_owner_of_shop(username, shop_name) is not False:
            shop_items = ShopLogic.get_shop_items(shop_name)
            string_items = ""
            for item in shop_items:
                string_items += loader.render_to_string(
                    'components/item_owner.html', {
                        'item_name': item.name,
                        'item_quantity': item.quantity,
                        'item_category': item.category,
                        'item_keywords': item.keyWords,
                        'item_price': item.price,
                        'item_url': item.url,
                        'item_id': item.id,
                        'shop_name': item.shop_name
                    })
            context.update({'items': string_items, 'shop_name': shop_name})
            return render(request,
                          'shop_items_management.html',
                          context=context)
        else:
            return HttpResponse(shop_not_exist + " with username=" + username)
    return HttpResponse(not_get_request)

Exemplo n.º 30

def add_discount(request):
    global result
    if request.method == 'POST':
        shop_name = request.POST.get('shop_name')
        percent = int(request.POST.get('percent'))
        kind = request.POST.get('kind')

        event = "ADD DISCOUNT"
        suspect_sql_injection = False
        suspect_sql_injection = LoggerLogic.identify_sql_injection(
            shop_name, event) or suspect_sql_injection
        suspect_sql_injection = LoggerLogic.identify_sql_injection(
            kind, event) or suspect_sql_injection

        if suspect_sql_injection:
            return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION)

        start_date = request.POST.get('start_date')
        end_date = request.POST.get('duration')
        end_date = end_date.split('-')
        end_date = end_date[0] + '-' + end_date[2] + '-' + end_date[1]
        start_date = start_date.split('-')
        start_date = start_date[0] + '-' + start_date[2] + '-' + start_date[1]

        if shop_name is None or ShopLogic.search_shop(shop_name) is False:
            return HttpResponse('invalid shop')
        login = request.COOKIES.get('login_hash')
        username = None
        if login is not None:
            username = Consumer.loggedInUsers.get(login)
            if username is None:
                return HttpResponse('user not logged in')
        if not UsersLogic.is_owner_of_shop(username, shop_name):
            if UsersLogic.is_manager_of_shop(username, shop_name):
                manager = UsersLogic.get_manager(username, shop_name)
                if manager.discount_permission is not 1:  # no permission
                    return HttpResponse('no permission to add discount')
            else:
                return HttpResponse('not owner or manager in this shop'
                                    )  # not manager not owner

        if kind == "visible_item":
            item_id = request.POST.get('item_id')

            if LoggerLogic.identify_sql_injection(item_id, event):
                return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION)

            item = ItemsLogic.get_item_without_lottery(item_id)
            if item is False or item.shop_name != shop_name:
                return HttpResponse("item with id=" + item_id +
                                    " doesnt exist in this shop or a ticket")
            discount = VisibleDiscount(item_id, shop_name, percent, start_date,
                                       end_date)
            result = DiscountLogic.add_visible_discount(discount, username)
        elif kind == "invisible_item":
            item_id = request.POST.get('item_id')
            code = request.POST.get('code')

            suspect_sql_injection = False
            suspect_sql_injection = LoggerLogic.identify_sql_injection(
                item_id, event) or suspect_sql_injection
            suspect_sql_injection = LoggerLogic.identify_sql_injection(
                code, event) or suspect_sql_injection

            if suspect_sql_injection:
                return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION)

            item = ItemsLogic.get_item_without_lottery(item_id)
            if item is False or item.shop_name != shop_name:
                return HttpResponse("item with id=" + item_id +
                                    " doesnt exist in this shop or a ticket")

            discount = InvisibleDiscount(code, item_id, shop_name, percent,
                                         start_date, end_date)
            result = DiscountLogic.add_invisible_discount(discount, username)
        elif kind == "visible_category":
            category = request.POST.get('category')

            if LoggerLogic.identify_sql_injection(category, event):
                return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION)

            discount = VisibleDiscountCategory(category, shop_name, percent,
                                               start_date, end_date)
            result = DiscountLogic.add_visible_discount_category(
                discount, username)
        elif kind == "invisible_category":
            category = request.POST.get('category')
            code = request.POST.get('code')

            suspect_sql_injection = False
            suspect_sql_injection = LoggerLogic.identify_sql_injection(
                category, event) or suspect_sql_injection
            suspect_sql_injection = LoggerLogic.identify_sql_injection(
                code, event) or suspect_sql_injection

            if suspect_sql_injection:
                return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION)

            discount = InvisibleDiscountCategory(code, category, shop_name,
                                                 percent, start_date, end_date)
            result = DiscountLogic.add_invisible_discount_category(
                discount, username)

        if result:
            return HttpResponse('success')
        else:
            return HttpResponse(
                'discount already exist for this item/category!')
    else:
        return HttpResponse('FAIL: not post request')