Exemplo n.º 1
0
def admin_orders_action(req, id):
    check_login(req)
    check_token(req, req.form.get('token'))
    check_right(req, module_right)

    if req.uri.endswith('/storno'):
        ostate = STATE_STORNED
    elif req.uri.endswith('/process'):
        ostate = STATE_PROCESS
    elif req.uri.endswith('/sent'):
        ostate = STATE_SENT
    elif req.uri.endswith('/close'):
        ostate = STATE_CLOSED
    elif req.uri.endswith('/wait_for_paid'):
        ostate = STATE_WAIT_FOR_PAID
    elif req.uri.endswith('/wait_for_pick_up'):
        ostate = STATE_WAIT_FOR_PICK_UP
    else:
        raise SERVER_RETURN(state.HTTP_BAD_REQUEST)

    note = req.form.getfirst('note', '', uni)

    order = Order(id)
    if order.set_state(req, ostate, note) is None:
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    if ostate != STATE_CLOSED:
        send_order_status(req, order)

    redirect(req, '/admin/eshop/orders/%d' % id)
Exemplo n.º 2
0
def login_mod(req):
    check_login(req)

    login = Login(req.login.id)
    token = do_create_token(req, "/login")

    state = None
    if req.method == "POST":
        check_token(req, req.form.get("token"))
        login.bind(req.form, req.cfg.login_rounds)
        email = login.email if login.email != req.login.email else None
        state = login.pref(req, email=email)

        if 0 < state < 64:
            return generate_page(req, "login/login_mod.html", token=token, item=login, error=state)

        state = 0 if state is None else state
        if email:
            host = "%s (%s)" % (req.remote_host, req.remote_addr)
            send_verify_email(req, login, req.login.email, host=host, browser=req.user_agent)
            state |= REQUEST_FOR_EMAIL
    else:
        email = None
    # endif

    login.get(req)
    req.login = login
    return generate_page(req, "login/login_mod.html", token=token, item=login, state=state, email=email)
Exemplo n.º 3
0
def eshop_cart_add(req):
    do_check_mgc(req)
    check_token(req, req.json.get('token'))
    cart = ShoppingCart(req)

    item_id = req.json.getfirst('item_id', fce=nint)
    count = req.json.getfirst('count', 0, int)
    if count < 1:
        req.state = state.HTTP_BAD_REQUEST
        req.content_type = 'application/json'
        return json.dumps({'reason': 'count must bigger then zero'})

    item = Item(item_id)
    if not item.get(req) or item.state != STATE_VISIBLE:
        req.state = state.HTTP_NOT_FOUND
        req.content_type = 'application/json'
        return json.dumps({'reason': 'item not found'})

    # append or incrase item
    cart.merge_items(((item_id, {'name': item.name,
                                 'price': item.price,
                                 'count': count
                                 }),))
    cart.store(req)
    cart.calculate()
    req.content_type = 'application/json'
    return json.dumps({'reason': 'item append to cart', 'cart': cart.dict()})
Exemplo n.º 4
0
def admin_logins_enable(req, id):
    check_login(req, "/log_in?referer=/admin/logins")
    check_right(req, R_ADMIN)
    check_token(req, req.form.get("token"))

    login = Login(id)
    if req.login.id == login.id:  # not good idea to
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)  # disable himself

    login.enabled = int(req.uri.endswith("/enable"))
    login.enable(req)
    redirect(req, "/admin/logins")
Exemplo n.º 5
0
def admin_menu_delete(req, codebook, id):
    check_login(req)
    check_right(req, module_right)
    check_token(req, req.args.get('token'),
                uri='/admin/codebooks/%s' % codebook)

    Codebook = build_class(codebook)

    item = Codebook(id)
    if item.delete(req):
        return json_response(req)

    req.status = state.HTTP_BAD_REQUEST
    req.content_type = 'application/json'
    return json_response(req, {'reason': 'integrity_error'})
Exemplo n.º 6
0
def admin_item_state(req, id):
    check_login(req, '/log_in?referer=/admin/eshop/store')
    check_right(req, module_right)
    check_token(req, req.form.get('token'), uri='/admin/eshop/store')

    item = Item(id)
    if not item.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    if req.uri.endswith('/visible'):
        item.set_state(req, STATE_VISIBLE)
    elif req.uri.endswith('/hidden'):
        item.set_state(req, STATE_HIDDEN)
    else:
        item.set_state(req, STATE_DISABLED)

    redirect(req, req.referer)
Exemplo n.º 7
0
def admin_item_mod(req, id):
    check_login(req)
    check_right(req, module_right)

    item = Item(id)
    if req.method == 'POST':
        check_token(req, req.form.get('token'))
        item.bind(req.form)
        error = item.mod(req)
        if error != item:
            return generate_page(req, "admin/eshop/item_mod.html",
                                 item=item, error=error)

    if not item.get(req):    # still fresh data
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    return generate_page(req, "admin/eshop/item_mod.html",
                         token=create_token(req), item=item)
Exemplo n.º 8
0
def admin_item_add(req):
    check_login(req)
    check_right(req, module_right)

    item = Item()
    if req.method == 'POST':
        check_token(req, req.form.get('token'), uri='/admin/eshop/store/add')
        item.bind(req.form)
        error = item.add(req)

        if error != item:
            return generate_page(req, "admin/eshop/item_mod.html",
                                 item=item, error=error)

        redirect(req, '/admin/eshop/store/%d' % item.id)
    # endif

    return generate_page(req, "admin/eshop/item_mod.html",
                         token=create_token(req), item=item)
Exemplo n.º 9
0
def admin_codebook_add_update(req, codebook, id=None):
    check_login(req)
    check_right(req, module_right)
    check_token(req, req.form.get('token'),
                uri='/admin/codebooks/%s' % codebook)

    Codebook = build_class(codebook)

    item = Codebook(id)
    item.bind(req.form)
    if not item.value:
        req.status = state.HTTP_BAD_REQUEST
        return json_response(req, {'reason': 'empty_value'})

    if (item.mod(req) if id else item.add(req)):
        return json_response(req)

    req.status = state.HTTP_BAD_REQUEST
    return json_response(req, {'reason': 'value_exist'})
Exemplo n.º 10
0
def eshop_cart_pay_and_order(req):
    do_check_mgc(req)
    check_token(req, req.form.get('token'), uri='/eshop/cart/recapitulation')
    cart = ShoppingCart(req)
    # TODO: payment page if could be (paypal, card, transfer)
    order = Order.from_cart(cart)
    if not order:
        redirect(req, '/eshop')
    order.client_id = req.login.id if req.login else None
    retval = order.add(req)
    if retval == order:
        cart.clean(req)
        send_order_status(req, order)
        return generate_page(req, "eshop/shopping_accept.html",
                             order=order)
    if retval[0] == EMPTY_ITEMS:
        redirect(req, '/eshop')
    if retval[0] == NOT_ENOUGH_ITEMS:
        cart.set_not_enought(retval[1])
        cart.store(req)
        redirect(req, '/eshop/cart')
Exemplo n.º 11
0
def eshop_cart(req):
    do_check_mgc(req)
    cart = ShoppingCart(req)

    if req.method == 'PATCH':
        check_token(req, req.json.get('token'), uri='/eshop/cart')
        cart.merge_items(req.json.get('items', []))
        req.content_type = 'application/json'
        cart.store(req)     # store shopping cart
        cart.calculate()
        return json.dumps({'cart': cart.dict()})

    cart.calculate()
    if req.is_xhr:
        check_origin(req)
        req.content_type = 'application/json'
        return json.dumps({'cart': cart.dict()})

    # GET method only view shopping cart - no store was needed
    return generate_page(req, "eshop/shopping_cart.html",
                         token=create_token(req),
                         cfg_currency=req.cfg.eshop_currency, cart=cart)
Exemplo n.º 12
0
def admin_item_actions(req, item_id):
    check_login(req)
    check_right(req, module_right)
    check_token(req, req.args.get('token'),
                uri='/admin/eshop/store/%s' % item_id)

    action_type = req.args.getfirst('type', '', uni)
    if action_type == 'inc':
        kwargs = {'action_type': ACTION_INC}
    elif action_type == 'dec':
        kwargs = {'action_type': ACTION_DEC}
    elif action_type == 'pri':
        kwargs = {'action_type': ACTION_PRI}
    else:
        kwargs = {}
    kwargs['item_id'] = item_id

    pager = Pager(sort='desc')
    pager.bind(req.args)

    actions = list(a.__dict__ for a in Action.list(req, pager, **kwargs))
    req.content_type = 'application/json'
    return json.dumps({'actions': actions, 'pager': pager.__dict__})
Exemplo n.º 13
0
def admin_logins_mod(req, id):
    check_login(req)
    check_right(req, R_ADMIN)
    token = do_create_token(req, "/admin/logins/%d" % id)

    login = Login(id)
    if req.login.id == login.id:  # not good idea to remove
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)  # rights himself

    done = None
    if req.method == "POST":
        check_token(req, req.form.get("token"))
        login.bind(req.form, req.cfg.login_rounds)
        done = login.mod(req)

        if 0 < done < 64:
            return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, error=done)
        # endif
    # endif

    if not login.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)
    return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, state=done)
Exemplo n.º 14
0
def admin_logins_add(req):
    check_login(req)
    check_right(req, R_ADMIN)
    token = do_create_token(req, "/admin/logins/add")

    if req.method == "POST":
        check_token(req, req.form.get("token"))
        login = Login()
        login.bind(req.form, req.cfg.login_rounds)
        if not req.cfg.login_created_verify_link:
            login.enabled = 1
        login.rights = ["user"]
        error = login.add(req)

        if error:
            return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, error=error)

        if req.cfg.login_created_verify_link:
            send_login_created(req, login)
        redirect(req, "/admin/logins/%d" % login.id)
    # endif

    return generate_page(req, "admin/logins_mod.html", token=token, rights=rights)
Exemplo n.º 15
0
def admin_item_incdec(req, id):
    check_login(req, '/log_in?referer=/admin/eshop/store/%s' % id)
    check_right(req, module_right)
    check_token(req, req.form.get('token'), uri='/admin/eshop/store/%s' % id)

    if req.uri.endswith('/inc'):
        action_type = ACTION_INC
    elif req.uri.endswith('/dec'):
        action_type = ACTION_DEC
    elif req.uri.endswith('/pri'):
        action_type = ACTION_PRI
    else:
        raise RuntimeError('Unknow action')

    action = Action.bind(req.form, action_type)

    item = Item(id)
    if not item.action(req, action) or not item.get(req):
        req.status = state.HTTP_NOT_FOUND
        req.content_type = 'application/json'
        return json.dumps({'reason': 'item not found'})

    req.content_type = 'application/json'
    return json.dumps({'item': item.__dict__})
Exemplo n.º 16
0
def eshop_cart_address_post(req):
    do_check_mgc(req)
    check_token(req, req.form.get('token'), uri='/eshop/cart/address')
    cart = ShoppingCart(req)

    way = req.form.getfirst('way', '', str)
    same_as_billing = 'same_as_billing' in req.form
    billing_address = Address.bind(req.form, 'billing_')
    if same_as_billing:
        shipping_address = billing_address.copy()
        shipping_address['same_as_billing'] = True
    else:
        shipping_address = Address.bind(req.form, 'shipping_')
        shipping_address['same_as_billing'] = False
    transportation = req.form.getfirst('transportation', '', str)
    payment = req.form.getfirst('payment', '', str)
    if req.login:
        email = req.login.email
        emailcheck = email
    else:
        email = req.form.getfirst('email', '', str)
        emailcheck = req.form.getfirst('emailcheck', '', str)

    transportation_price = req.cfg.__dict__.get(
        'eshop_transportation_' + transportation, -1)
    payment_price = req.cfg.__dict__.get(
        'eshop_payment_' + payment, -1)

    if transportation and transportation_price < 0:
        raise SERVER_RETURN(state.HTTP_BAD_REQUEST)
    if payment and payment_price < 0:
        raise SERVER_RETURN(state.HTTP_BAD_REQUEST)

    if len(billing_address):
        cart.billing_address = billing_address
    if len(shipping_address):
        cart.shipping_address = shipping_address
    if transportation:
        cart.transportation = (transportation, transportation_price)
    if payment:
        cart.payment = (payment, payment_price)
    if re_email.match(email):
        cart.email = email
    if re_email.match(emailcheck):
        cart.emailcheck = emailcheck

    cart.store(req)     # store shopping cart

    if not billing_address:
        return eshop_cart_address(req, cart, error='no_billing_address')
    if len(shipping_address) == 1:  # only same_as_billing
        return eshop_cart_address(req, cart, error='no_shipping_address')
    if not email or email != emailcheck:
        return eshop_cart_address(req, cart, error='no_email')
    if not transportation:
        return eshop_cart_address(req, cart, error='no_transportation')
    if not payment:
        return eshop_cart_address(req, cart, error='no_payment')
    # end of errors block

    cart.calculate()

    if way == 'next':
        redirect(req, '/eshop/cart/recapitulation')
    elif way == 'prev':
        redirect(req, '/eshop/cart')
    return eshop_cart_address(req, cart)