Пример #1
0
def order(order_id):
    o = Order.get(order_id)
    # mark all comments as read
    for c in o.comments:
        c.unread = False
        c.save()
    return render_template('order/order.html', o=o)
Пример #2
0
def admin_order_set_status(order_id, new_status_code):
    if not current_user.is_admin:
        abort(403)  # access denied
    o = Order.get(order_id)
    if not OrderStatus.get(new_status_code):
        return abort(400)  # bad request
    o.status_id = new_status_code
    o.save()
    return redirect(url_for('admin_order', order_id=order_id))
Пример #3
0
def admin_order_resolve(order_id):
    if not current_user.is_admin:
        abort(403)  # access denied
    o = Order.get(order_id)
    if not o:
        abort(404)
    if 'book_id' not in request.form:
        abort(400)
    o.status_id = 2  # resolved
    o.book_id = request.form['book_id']
    o.save()
    return redirect(url_for('admin_orders'))
Пример #4
0
def comment_add(order_id):
    text = request.form['text']
    c = Comment()
    o = Order.get(order_id)
    if not o:
        abort(404)
    c.text = text
    c.order_id = order_id
    c.user_login = current_user.login
    c.save()
    if current_user.is_admin:
        return redirect(url_for('admin_order', order_id=order_id))
    return redirect(url_for('order', order_id=order_id))
Пример #5
0
def admin_order(order_id):
    if not current_user.is_admin:
        abort(403)  # access denied
    o = Order.get(order_id)
    return render_template('admin/order.html', o=o)