Exemplo n.º 1
0
    def invoice_edit(self):
        """ Edit invoice view. This method handles both post,
        and get requests. """

        id = int(self.request.matchdict.get('id'))
        i = Invoice.by_id(id)

        if not i:
            return HTTPNotFound()
        """ Authorization check. """
        if (i.category.private
           and i.category.user_id is not authenticated_userid(self.request)):
            return HTTPForbidden()
        """ Authorization check. """
        if (i.creditor.private
           and i.creditor.user_id is not authenticated_userid(self.request)):
            return HTTPForbidden()

        form = InvoiceEditForm(self.request.POST, i,
                               csrf_context=self.request.session)

        if not i.files:
            del form.files
        else:
            form.files.query = i.files

        private = self.request.params.get('private')
        if private:
            """ Check if the necessary object exists. """
            if not Category.first_private(self.request):
                self.request.session.flash(self.missing_priv_cat, 'error')
                return HTTPFound(location=self.request.route_url('invoices'))
            if not Creditor.first_private(self.request):
                self.request.session.flash(self.missing_priv_cred, 'error')
                return HTTPFound(location=self.request.route_url('invoices'))
            form.category_id.query = Category.all_private(self.request)
            form.creditor_id.query = Creditor.all_private(self.request)
        else:
            """ Check if the necessary object exists. """
            if not Category.first_active():
                self.request.session.flash(self.missing_shared_cat, 'error')
                return HTTPFound(location=self.request.route_url('invoices'))
            if not Creditor.first_active():
                self.request.session.flash(self.missing_shared_cred, 'error')
                return HTTPFound(location=self.request.route_url('invoices'))
            form.category_id.query = Category.all_shared()
            form.creditor_id.query = Creditor.all_shared()

        if self.request.method == 'POST' and form.validate():
            form.populate_obj(i)
            i.category_id = form.category_id.data.id
            i.creditor_id = form.creditor_id.data.id

            if form.files:
                i.files = form.files.data

            """ If file, make file object and save/create file. """
            upload = self.request.POST.get('attachment')
            try:
                f = File()
                f.filename = f.make_filename(upload.filename)
                f.filemime = f.guess_mime(upload.filename)
                f.write_file(upload.file)
                f.title = 'Invoice.' +\
                          form.title.data + '.' +\
                          self.randomstr(6) + '.' +\
                          form.category_id.data.title + '.' +\
                          form.creditor_id.data.title + '.' +\
                          str(i.due)
                if private:
                    f.private = True
                f.user_id = authenticated_userid(self.request)
                DBSession.add(f)
                i.files.append(f)
            except Exception:
                self.request.session.flash('No file added.',
                                           'status')

            self.request.session.flash('Invoice %s updated' %
                                       (i.title), 'status')
            self.update_flash()
            if private:
                return HTTPFound(location=
                                 self.request
                                     .route_url('invoices',
                                                _query={'private': 1}))
            return HTTPFound(location=self.request.route_url('invoices'))

        form.category_id.data = i.category
        form.creditor_id.data = i.creditor
        return {'title': 'Edit private invoice' if private else 'Edit invoice',
                'form': form,
                'id': id,
                'action': 'invoice_edit',
                'private': private,
                'invoice': i}
Exemplo n.º 2
0
    def invoice_create(self):
        """ New invoice view. This method handles both post,
        and get requests.
        """

        form = InvoiceCreateForm(self.request.POST,
                                 csrf_context=self.request.session)

        private = self.request.params.get('private')
        if private:
            """ Check if the necessary object exists. """
            if not Category.first_private(self.request):
                self.request.session.flash(self.missing_priv_cat)
                return HTTPFound(location=self.request.route_url('invoices'))
            if not Creditor.first_private(self.request):
                self.request.session.flash(self.missing_priv_cred)
                return HTTPFound(location=self.request.route_url('invoices'))
            form.category_id.query = Category.all_private(self.request)
            form.creditor_id.query = Creditor.all_private(self.request)
        else:
            """ Check if the necessary object exists. """
            if not Category.first_active():
                self.request.session.flash(self.missing_shared_cat, 'error')
                return HTTPFound(location=self.request.route_url('invoices'))
            if not Creditor.first_active():
                self.request.session.flash(self.missing_shared_cred, 'error')
                return HTTPFound(location=self.request.route_url('invoices'))
            form.category_id.query = Category.all_shared()
            form.creditor_id.query = Creditor.all_shared()

        if self.request.method == 'POST' and form.validate():
            i = Invoice()
            form.populate_obj(i)
            i.user_id = authenticated_userid(self.request)
            i.category_id = form.category_id.data.id
            i.creditor_id = form.creditor_id.data.id

            """ If file, make file object and save/create file. """
            upload = self.request.POST.get('attachment')
            try:
                f = File()
                f.filename = f.make_filename(upload.filename)
                f.filemime = f.guess_mime(upload.filename)
                f.write_file(upload.file)
                f.title = 'Invoice.' +\
                          form.title.data + '.' +\
                          self.randomstr(6) + '.' +\
                          form.category_id.data.title + '.' +\
                          form.creditor_id.data.title + '.' +\
                          str(i.due)
                if private:
                    f.private = True
                f.user_id = authenticated_userid(self.request)
                DBSession.add(f)
                i.files = [f]
            except Exception:
                self.request.session.flash('No file added.',
                                           'status')

            DBSession.add(i)
            self.request.session.flash('Invoice %s created' %
                                       (i.title), 'success')
            self.update_flash()
            if private:
                return HTTPFound(location=
                                 self.request
                                     .route_url('invoices',
                                                _query={'private': 1}))
            return HTTPFound(location=self.request.route_url('invoices'))
        return {'title': 'New private invoice' if private else 'New invoice',
                'form': form,
                'action': 'invoice_new',
                'private': private,
                'invoice': False}