def read_all_notifications(request, id):
data = {}
lastnotemp = execute_query(
f"SELECT id FROM NotiEmployee WHERE employee = '{request.session['user']['emp_key']}';",
'one')
if lastnotemp == None:
notemp = execute_query(
f"SELECT id FROM NotiEmployee ORDER BY id DESC LIMIT 1;", 'one')
if notemp == None:
notemp = 1
else:
notemp = notemp[1][0]
notemp = int(notemp) + 1
lastnotemp = call_stored_procedure(
f"SELECT addNotiEmployee({notemp}, '{id}', '{request.session['user']['emp_key']}', '{request.session['user']['area']}');",
'one')
if lastnotemp[1]:
data['status'] = 200
print('primera vez')
return JsonResponse(data)
else:
data['status'] = 400
return JsonResponse(data)
else:
resp = call_stored_procedure(
f"SELECT updateNotiEmployee({id}, '{request.session['user']['emp_key']}');",
'one')
if resp[1]:
data['status'] = 200
print('update')
return JsonResponse(data)
else:
data['status'] = 400
return JsonResponse(data)
def post_product(request):
data = {}
categorias = [
'BOMBON', 'CHOCOLATE', 'CARAMELO', 'GALLETA', 'GOMITA', 'PALETA',
'PAPA'
]
proveedores = [
'DLAROSA', 'RIKOLINO', 'WONKA', 'JOLLYRAN', 'GABI', 'MARINELA',
'GAMESA', 'CORONADO', 'SABRITAS', 'COYOTES'
]
if request.method == 'POST':
nombre = request.POST['nombre']
descripcion = request.POST['descripcion']
precio = request.POST['precio']
categoria = request.POST['categoria']
proveedor = request.POST['proveedor']
cantidad = request.POST['cantidad']
accion = request.POST['accion']
if 'id' in request.POST:
idProduct = request.POST['id']
regex_precio = r'[0-9.]{,10}'
regex_cantitdad = r'[0-9]{,10}'
if not categoria in categorias or not proveedor in proveedores:
data['status'] = 400
data['error_desc'] = 'Categoria o Proveedor incorrectos'
return JsonResponse(data)
elif not re.match(regex_precio, precio) or not re.match(
regex_cantitdad, cantidad):
data['status'] = 400
data['error_desc'] = 'Cantidad o Precio invalido'
return JsonResponse(data)
else:
if accion == 'NEW':
resp = call_stored_procedure(
f'SELECT addProduct(\'{nombre}\', \'{descripcion}\', {float(precio)}, \'{categoria}\', \'{proveedor}\', {int(cantidad)})',
'one')
if resp[1]:
data['status'] = 200
ConcreteObserver().update(
transmitter=request.session['user']['emp_key'],
receiver='ALL',
description=f"Se agrego {nombre} al inventario!",
area=request.session['user']['area'])
return JsonResponse(data)
else:
data['status'] = 400
return JsonResponse(data)
elif accion == 'EDIT':
resp = call_stored_procedure(
f'SELECT editProduct(\'{idProduct}\',\'{nombre}\', \'{descripcion}\', {float(precio)}, \'{categoria}\', \'{proveedor}\', {int(cantidad)})',
'one')
if resp[1]:
data['status'] = 200
return JsonResponse(data)
else:
data['status'] = 400
return JsonResponse(data)
def buy_product(request):
data = {}
if request.method == 'POST':
product = request.POST['product']
amount = request.POST['amount']
total = request.POST['total']
provider = request.POST['provider']
employee = request.POST['employee']
regex_precio = r'[0-9.]{,10}'
regex_cantitdad = r'[0-9]{,10}'
if not re.match(regex_precio, total) or not re.match(
regex_cantitdad, amount):
data['status'] = 400
data['error_desc'] = 'Cantidad o Precio invalido'
return JsonResponse(data)
else:
resp = call_stored_procedure(
f'SELECT purchaseProduct(\'{product}\', {int(amount)}, \'{provider}\', {float(total)}, \'{employee}\');',
'one')
if resp[1]:
data['status'] = 200
return JsonResponse(data)
else:
data['status'] = 400
return JsonResponse(data)
def update(self, **kwargs):
notid = execute_query(f"SELECT notification_key FROM Notification ORDER BY notification_key DESC LIMIT 1;", 'one')
if notid == None:
notid = 1
else:
notid = notid[1][0]
notid = int(notid)+1
resp = call_stored_procedure(f"SELECT insertNotif({notid}, '{kwargs['transmitter']}', '{kwargs['receiver']}', '{kwargs['description']}', '{kwargs['area']}');", 'one')
def delete_staff(request, id):
data = {}
resp = call_stored_procedure(f'SELECT deleteUser(\'{id}\')', 'one')
if resp[1]:
data['status'] = 200
return JsonResponse(data)
else:
data['status'] = 400
return JsonResponse(data)
def adminCompras(self, user=None):
if ADMINS['AC'] == None:
resp = call_stored_procedure(
f"SELECT addNewEployee('AAC01', '{user['email']}', '{user['pass']}', '{user['first_name']}', '{user['last_name']}', 'AACOM', FALSE, TRUE, False)",
'one')
if resp[1][0] == True:
ADMINS['AC'] = user
return True
else:
return False
def adminVentas(self, user=None):
if ADMINS['AV'] == None:
resp = call_stored_procedure(
f"SELECT addNewEployee('AAV01', '{user['email']}', '{user['pass']}', '{user['first_name']}', '{user['last_name']}', 'AAVEN', FALSE, TRUE, FALSE)",
'one')
print(resp)
if resp[1][0] == True:
ADMINS['AV'] = user
return True
return False
else:
return False
def edit_stock(request):
data = {}
if request.method == 'POST':
producto = request.POST['producto']
cantidad = request.POST['cantidad']
regex_cantitdad = r'[0-9]{,10}'
if not re.match(regex_cantitdad, cantidad):
data['status'] = 400
data['error_desc'] = 'Cantidad o Precio invalido'
return JsonResponse(data)
else:
resp = call_stored_procedure(
f'SELECT editStock(\'{producto}\', {int(cantidad)})', 'one')
if resp[1]:
data['status'] = 200
return JsonResponse(data)
else:
data['status'] = 400
return JsonResponse(data)
def post_staff(request):
data = {}
areas = ['AA', 'AV', 'AC', 'SADMI']
tipos = ['employee', 'adminarea', 'superuser']
if request.method == 'POST':
nombre = request.POST['nombre']
apellidos = request.POST['apellidos']
correo = request.POST['correo']
contraseña = request.POST['contraseña']
ciph_contra = make_password(contraseña)
area = request.POST['area']
tipo = request.POST['tipo']
accion = request.POST['accion']
if 'id' in request.POST:
idStaff = request.POST['id']
if not area in areas or not tipo in tipos:
data['status'] = 403
data['error_desc'] = 'Categoria o Proveedor incorrectos'
return JsonResponse(data)
else:
if accion == 'NEW':
user = {
'email': correo,
'pass': ciph_contra,
'first_name': nombre,
'last_name': apellidos,
}
if tipo == 'adminarea':
config()
if area == 'AA':
resp = AdminArea().adminAlmacen(user)
if resp == True:
data['status'] = 200
else:
data['status'] = 400
elif area == 'AC':
resp = AdminArea().adminCompras(user)
if resp == True:
data['status'] = 200
else:
data['status'] = 400
elif area == 'AV':
resp = AdminArea().adminVentas(user)
if resp == True:
data['status'] = 200
else:
data['status'] = 400
else:
emp_id = make_employee_id(area=area, user_type=tipo)
if tipo == 'superuser':
resp = call_stored_procedure(
f"SELECT addNewEployee('{emp_id}', '{user['email']}', '{user['pass']}', '{user['first_name']}', '{user['last_name']}', 'SADMI', TRUE, FALSE, FALSE)",
'one')
if resp[1][0] == True:
data['status'] = 200
else:
data['status'] = 400
else:
resp = call_stored_procedure(
f"SELECT addNewEployee('{emp_id}', '{user['email']}', '{user['pass']}', '{user['first_name']}', '{user['last_name']}', '{area}', FALSE, FALSE, TRUE)",
'one')
if resp[1][0] == True:
data['status'] = 200
else:
data['status'] = 400
elif accion == 'EDIT':
user = {
'email': correo,
'pass': contraseña,
'first_name': nombre,
'last_name': apellidos,
'area': area,
}
temo = None
resp = execute_query(
f"SELECT * FROM Employee WHERE emp_key = '{idStaff}'",
'one')
if resp:
column_names = resp[0]
user_list = resp[1]
temp = {
column: user_list[i]
for i, column in enumerate(column_names)
}
temp['pass'] = temp['password']
if temp['email'] == user['email'] and temp[
'first_name'] == user['first_name'] and temp[
'last_name'] == user['last_name'] and temp[
'area'] == user['area']:
data['status'] = 200
data['info'] = '( ͡° ͜ʖ ͡°)'
else:
emp_id = make_employee_id(area=user['area'],
user_type=tipo)
resp = call_stored_procedure(
f"SELECT editStaff('{idStaff}', '{emp_id}', '{user['first_name']}', '{user['last_name']}', '{user['email']}', '{area}')",
'one')
if resp[1][0] == True:
data['status'] = 200
data[
'info'] = 'Empleado actualizado <br> correctamente'
else:
data['status'] = 400
return JsonResponse(data)