def create(req): if not 'user_id' in req.session: return redirect(reverse('landing')) if not req.method == "POST": return redirect(reverse('add_book')) print(req.POST) bookerrors = Book.objects.validate_book(req.POST) authorerrors = Author.objects.validate_author(req.POST) reviewerrors = Review.objects.validate_review(req.POST) #if errors if authorerrors or bookerrors or reviewerrors: flash_errors(req, bookerrors,"bookerrors" ) flash_errors(req, authorerrors, "authorerrors") flash_errors(req, reviewerrors, "reviewerrors") return redirect(reverse("add_book")) #create author, book, and review book = Book.objects.create_book(req.POST) user_id = req.session['user_id'] review = Review.objects.create_review(req.POST, book, user_id) return redirect(reverse("dashboard"))
def billings_invoice_edit(request, pk): bill_edit = True instance = get_object_or_404(FixedCostInvoice, id=pk) page_title, back_url = 'Edit %s' % instance.title, reverse('billings:billings') payment_orders = instance.payorders form = CreateBillForm(instance=instance) form_payment = PaymentForm(initial={'content_type': ContentType.objects.get_for_model(FixedCostInvoice), 'object_id': pk, 'date_expired': datetime.datetime.now(), 'is_paid': True, 'is_expense': True, 'value': instance.get_remaining_value(), }) if 'edit_form' in request.POST: form = CreateBillForm(request.POST, instance=instance) if form.is_valid(): if instance.payorders: messages.info(request, 'You need to delete the payments first!') else: form.save() return HttpResponseRedirect(reverse('billings:edit_bill', kwargs={'pk': pk})) if 'create_payment' in request.POST: form = PaymentForm(request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse('billings:edit_bill', kwargs={'pk': pk})) context = locals() return render(request, 'billings/form.html', context)
def login_in(req): if req.method == 'POST': username = req.POST.get('username') password = req.POST.get('password') if req.POST.get('action') == 'login': user = authenticate(username=username,password=password) if user is not None: # 认证成功 print("认证成功") login(req,user) return HttpResponseRedirect(reverse('first_page')) else: # 认证失败 print("认证失败") return HttpResponse("认证失败") elif req.POST.get('action') == 'register': #注册 try: # 创建后台账户 u = User.objects.create_user(username,'',password) # 这里应该要转到用户管理页,但是还没做 return HttpResponseRedirect(reverse('first_page')) except Exception as e: print("注册用户异常",e) else: return render(req,'login-register.html')
def test_non_staff_user_can_only_see_his_order(user_api_client, order): # FIXME: Remove client.login() when JWT authentication is re-enabled. user_api_client.login(username=order.user.email, password='******') query = """ query OrderQuery($id: ID!) { order(id: $id) { orderId } } """ ID = graphene.Node.to_global_id('Order', order.id) variables = json.dumps({'id': ID}) response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) order_data = content['data']['order'] assert order_data['orderId'] == order.pk order.user = None order.save() response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) order_data = content['data']['order'] assert not order_data
def form_valid(self, form): choice = int(form.cleaned_data['choice']) ref = form.cleaned_data['ref'] if choice == 1: return HttpResponseRedirect(reverse('invoice-detail', kwargs={'pk': ref})) else: return HttpResponseRedirect(reverse('person-detail', kwargs={'pk': ref}))
def get_success_url(self): if self.request.user.is_first_login: return reverse('users:user-first-login') return self.request.POST.get( self.redirect_field_name, self.request.GET.get(self.redirect_field_name, reverse('index')))
def test_query_staff( admin_api_client, user_api_client, staff_user, customer_user, admin_user): query = """ { staffUsers { edges { node { email isStaff } } } } """ variables = json.dumps({}) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) data = content['data']['staffUsers']['edges'] assert len(data) == 2 staff_emails = [user['node']['email'] for user in data] assert sorted(staff_emails) == [admin_user.email, staff_user.email] assert all([user['node']['isStaff'] for user in data]) # check permissions response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) assert_no_permission(response)
def register(request): context = {} login_form = LoginForm() context['login_form'] = login_form if request.method == 'GET': context['register_form'] = RegistrationForm() return render(request, 'register.html', context) register_form = RegistrationForm(request.POST) context['register_form'] = register_form if not register_form.is_valid(): return render(request, 'register.html', context) if request.method == 'POST': if not register_form.is_valid(): print "Register NOT Valid!" else: username = register_form.cleaned_data.get('username') print username # register_form.save() new_user = User.objects.create_user(username=register_form.cleaned_data['username'], email=register_form.cleaned_data['email'], password=register_form.cleaned_data['password'], first_name=register_form.cleaned_data['first_name'], last_name=register_form.cleaned_data['last_name']) # We need to activate every new user. new_user.is_active = False new_user.save() # Create related profile for this new user profile = Profile(user=new_user) profile.save() token = default_token_generator.make_token(new_user) # Send the validation email. confirm_message = """ Welcome to Grumblr!\n Please click the link below to verify your email address:\n http://%s%s """ % (request.get_host(), reverse('confirm', args=(new_user.username, token, ))) confirm_link = """ http://%s%s """ % (request.get_host(), reverse('confirm', args=(new_user.username, token, ))) send_mail(subject = "Hello from Grumblr!", message = confirm_message, from_email="*****@*****.**", recipient_list = [new_user.email]) context['username'] = new_user.username context['email'] = new_user.email context['confirm_message'] = confirm_message context['confirm_link'] = confirm_link return render(request, 'activation.html', context) return redirect('/') return render(request, 'register.html', {})
def follow(request, viewuser): user = get_object_or_404(User, username=viewuser) profile = get_object_or_404(Profile, user=user) posts = Post.objects.filter(profile=profile).order_by('-timestamp') context = { 'posts': posts, 'user': user, 'profile': profile, 'viewuser': viewuser, } followee = User.objects.get(username=viewuser) follower = User.objects.get(username=request.user) profile_ee = Profile.objects.get(user=followee) profile_er = Profile.objects.get(user=follower) follows = Follow.objects.filter(follower=profile_er) for item in follows: if profile_ee == item.followee: item.delete() print "Already followed." # return render(request, 'profile.html', context) return redirect(reverse('profile', args=(viewuser,))) follow = Follow(follower=profile_er, followee=profile_ee) follow.save() # return render(request, 'profile.html', context) return redirect(reverse('profile', args=(viewuser,)))
def test_voucher_permissions( staff_api_client, staff_user, permission_manage_discounts): query = """ query vouchers{ vouchers(first: 1) { edges { node { name } } } } """ # Query to ensure user with no permissions can't see vouchers response = staff_api_client.post(reverse('api'), {'query': query}) content = get_graphql_content(response) message = 'You do not have permission to perform this action' assert content['errors'][0]['message'] == message # Give staff user proper permissions staff_user.user_permissions.add(permission_manage_discounts) # Query again response = staff_api_client.post(reverse('api'), {'query': query}) content = get_graphql_content(response) assert 'errors' not in content
def get_context_data(self, **kwargs): ctx = super().get_context_data(**kwargs) settings_tabs = [ { "name": "General settings", "active": self.active_settings == self.GENERAL_SETTINGS, "url": reverse("user-settings", kwargs={"pk": self.request.user.pk}) } ] if self.request.user.is_teacher(): settings_tabs.append( { "name": "Teacher settings", "active": self.active_settings == self.TEACHER_SETTINGS, "url": reverse("teacher-profile-settings", kwargs={"pk": self.request.user.teacherprofile.pk}) } ) if self.request.user.is_student(): settings_tabs.append( { "name": "Student settings", "active": self.active_settings == self.STUDENT_SETTINGS, "url": reverse("student-profile-settings", kwargs={"pk": self.request.user.pk}) } ) ctx['settings_tabs'] = settings_tabs return ctx
def test_create_sale(user_api_client, admin_api_client): query = """ mutation saleCreate( $type: DiscountValueTypeEnum, $name: String, $value: Decimal) { saleCreate(input: {name: $name, type: $type, value: $value}) { errors { field message } sale { type name value } } } """ variables = json.dumps({ 'name': 'test sale', 'type': DiscountValueTypeEnum.FIXED.name, 'value': '10.12'}) response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) assert_no_permission(response) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) assert 'errors' not in content data = content['data']['saleCreate']['sale'] assert data['type'] == DiscountValueType.FIXED.upper() assert data['name'] == 'test sale' assert data['value'] == 10.12
def test_update_sale(user_api_client, admin_api_client, sale): query = """ mutation saleUpdate($type: DiscountValueTypeEnum, $id: ID!) { saleUpdate(id: $id, input: {type: $type}) { errors { field message } sale { type } } } """ # Set discount value type to 'fixed' and change it in mutation sale.type = DiscountValueType.FIXED sale.save() variables = json.dumps({ 'id': graphene.Node.to_global_id('Sale', sale.id), 'type': DiscountValueTypeEnum.PERCENTAGE.name}) response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) assert_no_permission(response) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) assert 'errors' not in content data = content['data']['saleUpdate']['sale'] assert data['type'] == DiscountValueType.PERCENTAGE.upper()
def test_sale_delete_mutation(user_api_client, admin_api_client, sale): query = """ mutation DeleteSale($id: ID!) { saleDelete(id: $id) { sale { name id } errors { field message } } } """ variables = json.dumps({ 'id': graphene.Node.to_global_id('Sale', sale.id)}) response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) assert_no_permission(response) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) assert 'errors' not in content data = content['data']['saleDelete'] assert data['sale']['name'] == sale.name with pytest.raises(sale._meta.model.DoesNotExist): sale.refresh_from_db()
def edit_payroll_invoice(request, dk): instance = get_object_or_404(PayrollInvoice, id=dk) payments = instance.payorders form = CreatePayrollForm(instance=instance) page_title, back_url = 'Edit %s' % instance.title, reverse('billings:payroll_page') duplicate_url = reverse('billings:duplicate_payroll_invoice', kwargs={'dk': dk}) form_payment = PaymentForm(initial={'content_type': ContentType.objects.get_for_model(PayrollInvoice), 'object_id': dk, 'date_expired': datetime.datetime.now(), 'is_paid': True, 'is_expense': True, 'value': instance.get_remaining_value(), }) if 'edit_form' in request.POST: form = CreatePayrollForm(request.POST, instance=instance) if form.is_valid(): if instance.payorders.all(): messages.info(request, 'You need to delete the payments first!') else: form.save() messages.success(request, 'You edit the invoice succesfully') return HttpResponseRedirect(reverse('billings:payroll_page')) if 'create_payment' in request.POST: form = PaymentForm(request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse('billings:edit_bill', kwargs={'pk': dk})) context = locals() return render(request, 'billings/form.html', context)
def registration(request): """Render the registration page""" if request.user.is_authenticated: return redirect(reverse('index')) if request.method =="POST": registration_form = UserRegistrationForm(request.POST) if registration_form.is_valid(): registration_form.save() user = auth.authenticate(username=request.POST['username'], password=request.POST['password1']) if user: auth.login(user=user, request=request) messages.success(request, "You have successfully registered") return redirect(reverse('index')) else: messages.error(request, "Unable to register your account at this time") else: registration_form = UserRegistrationForm() return render(request, 'registration.html', {"registration_form": registration_form})
def delete(request,post_id): try: post=Post.objects.get(id=post_id) post.delete() return redirect(reverse('secrets:popular')) except: return redirect(reverse('secrets:popular'))
def test_staff_update(admin_api_client, staff_user, user_api_client): query = """ mutation UpdateStaff($id: ID!, $permissions: [String]) { staffUpdate(id: $id, input: {permissions: $permissions}) { errors { field message } user { permissions { code } } } } """ id = graphene.Node.to_global_id('User', staff_user.id) variables = json.dumps({'id': id, 'permissions': []}) # check unauthorized access response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) assert_no_permission(response) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) assert 'errors' not in content data = content['data']['staffUpdate'] assert data['errors'] == [] assert data['user']['permissions'] == []
def get_session(session_id, fail_url="crapdb:index", error="No session or session expired", http_response=False): ''' Returns a tuple of (status, session or redirect) - If status is True the second element is a session object - If status is False the second element is a django redirect ''' if not is_user_data_valid(session_id, data_type=DataType.OID): # WTF is this shit?! print("********get_session() - Session ID length - Somebody is messing around*********") if not http_response: return (False, redirect(reverse(fail_url) + "?error={}".format(error))) else: return (False, HttpResponse(json.dumps({"redirect": error}))) session = None try: session = Session.get_session(session_id) except KeyError: if not http_response: return (False, redirect(reverse(fail_url) + "?error={}".format(error))) else: return (False, HttpResponse(json.dumps({"redirect": error}))) return (True, session)
def test_customer_update(admin_api_client, customer_user, user_api_client): query = """ mutation UpdateCustomer($id: ID!, $note: String) { customerUpdate(id: $id, input: {note: $note}) { errors { field message } user { id email isStaff isActive note } } } """ id = graphene.Node.to_global_id('User', customer_user.id) note = 'Test update note' variables = json.dumps({'id': id, 'note': note}) # check unauthorized access response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) assert_no_permission(response) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) assert 'errors' not in content data = content['data']['customerUpdate'] assert data['errors'] == [] assert data['user']['note'] == note
def post(self, request): if request.user.is_authenticated: return redirect(reverse('super_store:brands')) form = self.form_class(request.POST) message = '' if form.is_valid(): username = form.cleaned_data['email'] password = form.cleaned_data['password'] user = authenticate(username=username, password=password) if user: if user.is_active: login(self.request, user) redirect_to = request.GET.get('next', '') if redirect_to != '': if is_safe_url(url=redirect_to, host=request.get_host()): return redirect(redirect_to) else: return render(self.request, redirect_to, {'error': message, 'form': form}) else: return redirect(reverse('super_store:brands')) else: message = Message.LOGIN_DISABLED else: message = Message.LOGIN_INVALID return render(self.request, self.template_name, {'error': message, 'form': form})
def test_query_users(admin_api_client, user_api_client): query = """ query Users($isStaff: Boolean) { users(isStaff: $isStaff) { totalCount edges { node { isStaff } } } } """ variables = json.dumps({'isStaff': True}) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) users = content['data']['users']['edges'] assert users assert all([user['node']['isStaff'] for user in users]) variables = json.dumps({'isStaff': False}) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) users = content['data']['users']['edges'] assert users assert all([not user['node']['isStaff'] for user in users]) # check permissions response = user_api_client.post( reverse('api'), {'query': query, 'variables': variables}) assert_no_permission(response)
def test_get_redirect_url(self, waffle_mock, percentage_mock): student = User.objects.create_user('student', '*****@*****.**', '123123') # user has instructor and onboarding is enabled and equals 100 waffle_mock.switch_is_active.return_value = True percentage_mock.return_value = 100 Instructor.objects.create( user=student, ) self.assertEqual(get_redirect_url(student), reverse('ctms:my_courses')) waffle_mock.assert_called() percentage_mock.assert_called() # user has instructor and onboarding is enabled and equals less than 100 waffle_mock.reset_mock() percentage_mock.reset_mock() waffle_mock.switch_is_active.return_value = True percentage_mock.return_value = 70 self.assertEqual(get_redirect_url(student), reverse('ctms:onboarding')) waffle_mock.assert_called() percentage_mock.assert_called() # user has instructor and onboarding is disabled waffle_mock.reset_mock() percentage_mock.reset_mock() waffle_mock.switch_is_active.return_value = False self.assertEqual(get_redirect_url(student), reverse('ctms:my_courses')) waffle_mock.assert_called() percentage_mock.assert_called()
def test_create_token_mutation(admin_client, staff_user): query = ''' mutation { tokenCreate(email: "%(email)s", password: "******") { token errors { field message } } } ''' success_query = query % {'email': staff_user.email, 'password': '******'} response = admin_client.post( reverse('api'), json.dumps({'query': success_query}), content_type='application/json') content = get_graphql_content(response) assert 'errors' not in content token_data = content['data']['tokenCreate'] assert token_data['token'] assert not token_data['errors'] error_query = query % {'email': staff_user.email, 'password': '******'} response = admin_client.post( reverse('api'), json.dumps({'query': error_query}), content_type='application/json') content = get_graphql_content(response) assert 'errors' not in content token_data = content['data']['tokenCreate'] assert not token_data['token'] errors = token_data['errors'] assert errors assert not errors[0]['field']
def get_application_channel_for_code(): """ 获取应用渠道控制的后台菜单 """ code_list = [reverse("distribution:receive_experience_card"), reverse("distribution:use_experience_card"), reverse("distribution:add_experience_card"), reverse("distribution:distribution_ratio"), reverse("distribution:distribution_manage"), reverse("distribution:youin_income_list")] code_list = ",".join(code_list) return code_list
def test_customer_access(self): """ A Customer cannot access any URL """ # not logged-in for url in self.urls_get: response = self.client.get(url, follow=True) self.assertTrue(is_login_page(response)) for url in self.urls_post: response = self.client.post(url['url'], url['data'], follow=True) self.assertTrue(is_login_page(response)) # logged-in. Should throw a 403 or redirect to login self.client.login(self.user.email) for url in self.urls_get: response = self.client.get(url, follow=True) if response.status_code != 403: self.assertRedirects(response, reverse('wl_dashboard:tables_customer'), status_code=302, target_status_code=200) for url in self.urls_post: response = self.client.post(url['url'], url['data'], follow=True) if response.status_code != 403: self.assertRedirects(response, reverse('wl_dashboard:tables_customer'), status_code=302, target_status_code=200)
def test_category_create_mutation(admin_api_client): query = """ mutation($name: String, $slug: String, $description: String, $parentId: ID) { categoryCreate( input: { name: $name slug: $slug description: $description parent: $parentId } ) { category { id name slug description parent { name id } } errors { field message } } } """ category_name = 'Test category' category_slug = slugify(category_name) category_description = 'Test description' # test creating root category variables = json.dumps({ 'name': category_name, 'description': category_description, 'slug': category_slug}) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) assert 'errors' not in content data = content['data']['categoryCreate'] assert data['errors'] == [] assert data['category']['name'] == category_name assert data['category']['description'] == category_description assert not data['category']['parent'] # test creating subcategory parent_id = data['category']['id'] variables = json.dumps({ 'name': category_name, 'description': category_description, 'parentId': parent_id, 'slug': category_slug}) response = admin_api_client.post( reverse('api'), {'query': query, 'variables': variables}) content = get_graphql_content(response) assert 'errors' not in content data = content['data']['categoryCreate'] assert data['errors'] == [] assert data['category']['parent']['id'] == parent_id
def test_get_redirect_url_with_invite(self): student = User.objects.create_user('student', '*****@*****.**', '123123') instructor_user = User.objects.create_user('instructor', '*****@*****.**', '123123') Instructor.objects.create( user=instructor_user, ) course = Course.objects.create(title='Test title', description='test description', access='Public', enrollCode='111', lockout='222', addedBy=instructor_user) unit = Unit.objects.create(title='Test title', addedBy=instructor_user) courseunit = CourseUnit.objects.create( unit=unit, course=course, order=0, addedBy=instructor_user, releaseTime=timezone.now() ) enroll_unit_code = EnrollUnitCode.get_code(courseunit, give_instance=True) # create invite Invite.create_new(True, course, instructor_user.instructor, student.email, 'student', enroll_unit_code) # simulate student has come in chat but haven't started it yet Role.objects.create( user=student, course=course, role=Role.ENROLLED ) self.assertEqual(get_redirect_url(student), reverse('lms:course_view', kwargs={'course_id': course.id})) # to lms/course from role course_2 = Course.objects.create( title='Test title2', description='test description2', access='Public', enrollCode='1112', lockout='2222', addedBy=instructor_user ) unit_2 = Unit.objects.create(title='Test title 2', addedBy=instructor_user) courseunit_2 = CourseUnit.objects.create( unit=unit_2, course=course_2, order=1, addedBy=instructor_user, releaseTime=timezone.now() ) enroll_unit_code_2 = EnrollUnitCode.get_code(courseunit_2, give_instance=True) Chat.objects.create( user=student, instructor=instructor_user, enroll_code=enroll_unit_code_2 ) self.assertEqual(get_redirect_url(student), reverse('lms:course_view', kwargs={'course_id': course_2.id})) # to lms/course from role
def update(req, id): data = req.POST errors = User.objects.validate(data) if errors: req.session['errors'] = errors return redirect(reverse("edit", kwargs={'id':id})) user = User.objects.edit_user(data) return redirect(reverse("show_user", kwargs={'id':user.id}))
def edit_user(request, id): if request.method == "POST": errors = User.objects.validate(request.POST) if errors: request.session['errors'] = errors return redirect(reverse('edit', kwargs = {'id':user.id})) id = request.POST['id'] user = User.objects.edit(request.POST) return redirect(reverse('show', kwargs = {'id':user.id}))
def get_absolute_url(self): return reverse("shop:product_category_list", args=[self.slug])
def myaccount(request): def getParams(request): params = [ "name_card", "month", "year", "card_no", "cvv", "name_address", "country", "address", "postcode", "blok", "unit" ] result = [] for param in params: result += [request.POST[param]] return result def returnParams(request, details, records, total, ids, message): return render( request, "library/payment.html", { "name_card": details[0], "month": details[1], "year": details[2], "card_no": details[3], "cvv": details[4], "name_address": details[5], "country": details[6], "address": details[7], "postcode": details[8], "blok": details[9], "unit": details[10], "message": message, "outstandings": records, "total": total, "bookids": ids }) def payment(request, borrows, reserves, outstandings): button = request.POST["button"] # if the user wants to check out if button == "CHECK OUT": details = getParams(request) bookids = request.POST.getlist("ids") bookids = convertToInteger(bookids) # if there are missing fileds except block and unit i = 0 for detail in details: if i is not 9 and i is not 10 and detail is "": total = request.POST["total"] message = "Please fill in the missing fields." return returnParams(request, details, outstandings, total, bookids, message) i += 1 # if the payment is successful for bookid in bookids: q = f"SELECT AVAILABILITY FROM BOOK WHERE BOOKID = {bookid}" c.execute(q) availability = c.fetchone() if availability[0] == "BORROWED": q = f"UPDATE BOOK SET AVAILABILITY = 'AVAILABLE' WHERE BOOKID = {bookid}" c.execute(q) elif availability[0] == "RESERVED": today = (date.today() + timedelta(days=13)).strftime("%Y-%m-%d") q = f"UPDATE RESERVES SET DUEDATE = '{today}' WHERE BOOKID = {bookid}" c.execute(q) q = f"DELETE FROM BORROWS WHERE BOOKID = {bookid}" c.execute(q) request.session["message"] = "Payment successful." return HttpResponseRedirect(reverse("myaccount")) # get selected bookids if "bookids" not in request.POST: return render( request, "library/myaccount.html", { "borrows": borrows, "reserves": reserves, "outstandings": outstandings, "total": 0 }) results = dict(request.POST)["bookids"] bookids = [int(i) for i in results] # calculate total fine sum = 0 for record in list(outstandings): if list(record)[0] in bookids: sum += list(record)[3] # if the user wants to calculate the fines if button == "Calculate": return render( request, "library/myaccount.html", { "borrows": borrows, "reserves": reserves, "outstandings": outstandings, "total": sum, "bookids": bookids }) # if the user wants to pay if button == "Pay": return render(request, "library/payment.html", { "total": sum, "outstandings": outstandings, "bookids": bookids }) if "userid" not in request.session: if "admin" in request.session: request.session[ "message"] = "Please log out and sign in as a member user." return HttpResponseRedirect(reverse("adminhome")) return HttpResponseRedirect(reverse("login")) # get system messages message = getSessionMessage(request) # get the borrow records userid = request.session["userid"][0] # if the user has unpaid fines, clear all reservations checkUnpaidFines(userid) c = connection.cursor() q = f"SELECT BOOKID, TITLE, DUEDATE, EXTENSION FROM "\ f"BORROWS NATURAL JOIN BOOK WHERE USERID = '{userid}'" c.execute(q) borrows = c.fetchall() # get the reserve records q = f"WITH T AS (SELECT BOOKID AS TBOOKID, TITLE, DUEDATE AS RESERVEDATE "\ f"FROM RESERVES NATURAL JOIN BOOK WHERE USERID = '{userid}') "\ f"SELECT TBOOKID, TITLE, RESERVEDATE, DUEDATE AS BORROWDATE "\ f"FROM T LEFT JOIN BORROWS ON BOOKID = TBOOKID" c.execute(q) reserves = c.fetchall() # get outstanding fees records c = connection.cursor() q = f"SELECT BOOKID, TITLE, DUEDATE, DATEDIFF(NOW(), DUEDATE) AS AMOUNT " \ f"FROM BORROWS NATURAL JOIN BOOK WHERE DATEDIFF(NOW(), DUEDATE) > 0 AND USERID = '{userid}'" c.execute(q) outstandings = c.fetchall() # if the user press calculate or pay buttons if request.method == "POST": return payment(request, borrows, reserves, outstandings) return render( request, "library/myaccount.html", { "message": message, "borrows": borrows, "reserves": reserves, "outstandings": outstandings })
def get_absolute_url(self): return reverse("shop:product_detail", args=[self.id, self.slug])
def get_success_url(self): return reverse('post-detail', args=[self.get_object().post.id])
def get_absolute_url(self): return reverse("detail", kwargs={ 'slug' : self.slug })
def get_absolute_url(self): return reverse("core:product", kwargs={'slug': self.slug})
def get_success_url(self): return reverse('direcciones_envio:direcciones')
def get_absolute_url(self): return reverse('tag_detail_url', kwargs={'slug': self.slug})
def get_success_url(self): return reverse("authors_admin:index")
def payment(request, borrows, reserves, outstandings): button = request.POST["button"] # if the user wants to check out if button == "CHECK OUT": details = getParams(request) bookids = request.POST.getlist("ids") bookids = convertToInteger(bookids) # if there are missing fileds except block and unit i = 0 for detail in details: if i is not 9 and i is not 10 and detail is "": total = request.POST["total"] message = "Please fill in the missing fields." return returnParams(request, details, outstandings, total, bookids, message) i += 1 # if the payment is successful for bookid in bookids: q = f"SELECT AVAILABILITY FROM BOOK WHERE BOOKID = {bookid}" c.execute(q) availability = c.fetchone() if availability[0] == "BORROWED": q = f"UPDATE BOOK SET AVAILABILITY = 'AVAILABLE' WHERE BOOKID = {bookid}" c.execute(q) elif availability[0] == "RESERVED": today = (date.today() + timedelta(days=13)).strftime("%Y-%m-%d") q = f"UPDATE RESERVES SET DUEDATE = '{today}' WHERE BOOKID = {bookid}" c.execute(q) q = f"DELETE FROM BORROWS WHERE BOOKID = {bookid}" c.execute(q) request.session["message"] = "Payment successful." return HttpResponseRedirect(reverse("myaccount")) # get selected bookids if "bookids" not in request.POST: return render( request, "library/myaccount.html", { "borrows": borrows, "reserves": reserves, "outstandings": outstandings, "total": 0 }) results = dict(request.POST)["bookids"] bookids = [int(i) for i in results] # calculate total fine sum = 0 for record in list(outstandings): if list(record)[0] in bookids: sum += list(record)[3] # if the user wants to calculate the fines if button == "Calculate": return render( request, "library/myaccount.html", { "borrows": borrows, "reserves": reserves, "outstandings": outstandings, "total": sum, "bookids": bookids }) # if the user wants to pay if button == "Pay": return render(request, "library/payment.html", { "total": sum, "outstandings": outstandings, "bookids": bookids })
def get_absolute_url(self): return reverse("profiles:profile-detail-view", kwargs={"slug": self.slug})
def get_absolute_url(self): return reverse('core:products-page', kwargs={'slug': self.slug})
def get_add_to_cart_url(self): return reverse('core:add-to-cart', kwargs={'slug': self.slug})
def get_remove_from_cart_url(self): return reverse('core:remove-from-cart', kwargs={'slug': self.slug})
def get_absolute_url(self): return reverse("screenshot_get", kwargs={"id": self.id})
def test_phone_number_field_type(api_client, data_fixture): user, token = data_fixture.create_user_and_token(email="*****@*****.**", password="******", first_name="Test1") table = data_fixture.create_database_table(user=user) response = api_client.post( reverse("api:database:fields:list", kwargs={"table_id": table.id}), { "name": "phone", "type": "phone_number" }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json["type"] == "phone_number" assert PhoneNumberField.objects.all().count() == 1 field_id = response_json["id"] response = api_client.patch( reverse("api:database:fields:item", kwargs={"field_id": field_id}), {"name": "Phone"}, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) assert response.status_code == HTTP_200_OK expected_phone_number = "+44761198672" response = api_client.post( reverse("api:database:rows:list", kwargs={"table_id": table.id}), {f"field_{field_id}": expected_phone_number}, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json[f"field_{field_id}"] == expected_phone_number model = table.get_model(attribute_names=True) row = model.objects.all().last() assert row.phone == expected_phone_number response = api_client.post( reverse("api:database:rows:list", kwargs={"table_id": table.id}), {f"field_{field_id}": ""}, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json[f"field_{field_id}"] == "" row = model.objects.all().last() assert row.phone == "" response = api_client.post( reverse("api:database:rows:list", kwargs={"table_id": table.id}), {f"field_{field_id}": None}, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json[f"field_{field_id}"] == "" row = model.objects.all().last() assert row.phone == "" response = api_client.post( reverse("api:database:rows:list", kwargs={"table_id": table.id}), {}, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json[f"field_{field_id}"] == "" row = model.objects.all().last() assert row.phone == "" email = reverse("api:database:fields:item", kwargs={"field_id": field_id}) response = api_client.delete(email, HTTP_AUTHORIZATION=f"JWT {token}") assert response.status_code == HTTP_204_NO_CONTENT assert PhoneNumberField.objects.all().count() == 0
def get_delete_url(self): return reverse('tag_delete_url', kwargs={'slug': self.slug})
def get_absolute_url(self): return reverse("blog:blog_detail", kwargs={"slug": self.slug})
def get_update_url(self): return reverse('post_update_url', kwargs={'slug': self.slug})
def form_valid(self, form): pk = self.kwargs.get("pk") form.save(pk) messages.success(self.request, "Photo Uploaded") return redirect(reverse("rooms:photos", kwargs={"pk": pk}))
def get_absolute_url(self): return reverse('movie_detail', kwargs={'slug': self.url})
def get_success_url(self): room_pk = self.kwargs.get("room_pk") return reverse("rooms:photos", kwargs={"pk": room_pk})
def user_logout(request): logout(request) return redirect(reverse('article:article_list'))
def test_deleting_movie(self): response = self.client.delete(reverse('detail', kwargs={'pk': 1})) self.assertEqual(204, response.status_code)
def get_blog_url(self): return reverse("home:blog", kwargs={'slug': self.slug})
def test_getting_movies(self): response = self.client.get(reverse('movies'), format="json") self.assertEqual(len(response.data), 1)
def logout(request): dj_logout(request) return HttpResponseRedirect(reverse('deals_app:base'))
def logout(request): """Log the user out""" auth.logout(request) messages.success(request, "You have sucessfully logged out! Hope to see back soon") return redirect(reverse('index'))
def test_number_field_type(api_client, data_fixture): user, token = data_fixture.create_user_and_token(email="*****@*****.**", password="******", first_name="Test1") table = data_fixture.create_database_table(user=user) # Create a positive integer field response = api_client.post( reverse("api:database:fields:list", kwargs={"table_id": table.id}), { "name": "PositiveInt", "type": "number", "number_type": "INTEGER", "number_negative": False, }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) # Make sure the field was created properly response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json["type"] == "number" assert NumberField.objects.all().count() == 1 positive_int_field_id = response_json["id"] # Create a negative integer field response = api_client.post( reverse("api:database:fields:list", kwargs={"table_id": table.id}), { "name": "NegativeInt", "type": "number", "number_type": "INTEGER", "number_negative": True, }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) # Make sure the field was created properly response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json["type"] == "number" assert NumberField.objects.all().count() == 2 negative_int_field_id = response_json["id"] # Create a positive decimal field response = api_client.post( reverse("api:database:fields:list", kwargs={"table_id": table.id}), { "name": "PositiveDecimal", "type": "number", "number_type": "DECIMAL", "number_negative": False, "number_decimal_places": 2, }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) # Make sure the field was created properly response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json["type"] == "number" assert NumberField.objects.all().count() == 3 positive_decimal_field_id = response_json["id"] # Create a negative decimal field response = api_client.post( reverse("api:database:fields:list", kwargs={"table_id": table.id}), { "name": "NegativeDecimal", "type": "number", "number_type": "DECIMAL", "number_negative": True, "number_decimal_places": 2, }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) # Make sure the field was created properly response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json["type"] == "number" assert NumberField.objects.all().count() == 4 negative_decimal_field_id = response_json["id"] # Test re-writing the name of a field. 'PositiveInt' is now called 'PositiveIntEdit' response = api_client.patch( reverse("api:database:fields:item", kwargs={"field_id": positive_int_field_id}), {"name": "PositiveIntEdit"}, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) assert response.status_code == HTTP_200_OK # Add a row with correct values valid_pos_int = "99999999999999999999999999999999999999999999999999" valid_neg_int = "-99999999999999999999999999999999999999999999999999" response = api_client.post( reverse("api:database:rows:list", kwargs={"table_id": table.id}), { f"field_{positive_int_field_id}": valid_pos_int, f"field_{negative_int_field_id}": valid_neg_int, f"field_{positive_decimal_field_id}": 1000.00, f"field_{negative_decimal_field_id}": -1000.00, }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json[f"field_{positive_int_field_id}"] == valid_pos_int assert response_json[f"field_{negative_int_field_id}"] == valid_neg_int assert response_json[f"field_{positive_decimal_field_id}"] == "1000.00" assert response_json[f"field_{negative_decimal_field_id}"] == "-1000.00" model = table.get_model(attribute_names=True) row = model.objects.all().last() assert row.positiveintedit == Decimal(valid_pos_int) assert row.negativeint == Decimal(valid_neg_int) assert row.positivedecimal == Decimal(1000.00) assert row.negativedecimal == Decimal(-1000.00) # Add a row with Nones' response = api_client.post( reverse("api:database:rows:list", kwargs={"table_id": table.id}), { f"field_{positive_int_field_id}": None, f"field_{negative_int_field_id}": None, f"field_{positive_decimal_field_id}": None, f"field_{negative_decimal_field_id}": None, }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) response_json = response.json() assert response.status_code == HTTP_200_OK assert response_json[f"field_{positive_int_field_id}"] is None assert response_json[f"field_{negative_int_field_id}"] is None assert response_json[f"field_{positive_decimal_field_id}"] is None assert response_json[f"field_{negative_decimal_field_id}"] is None row = model.objects.all().last() assert row.positiveintedit is None assert row.negativeint is None assert row.positivedecimal is None assert row.negativedecimal is None # Add a row with an integer that's too big invalid_pos_int = "999999999999999999999999999999999999999999999999999" response = api_client.post( reverse("api:database:rows:list", kwargs={"table_id": table.id}), { f"field_{positive_int_field_id}": invalid_pos_int, }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) response_json = response.json() assert response.status_code == HTTP_400_BAD_REQUEST assert response_json["error"] == "ERROR_REQUEST_BODY_VALIDATION" assert (response_json["detail"][f"field_{positive_int_field_id}"][0] ["code"] == "max_digits") # Add a row with an integer that's too small invalid_neg_int = "-9999999999999999999999999999999999999999999999999999" response = api_client.post( reverse("api:database:rows:list", kwargs={"table_id": table.id}), { f"field_{negative_int_field_id}": invalid_neg_int, }, format="json", HTTP_AUTHORIZATION=f"JWT {token}", ) assert response.status_code == HTTP_400_BAD_REQUEST assert response_json["error"] == "ERROR_REQUEST_BODY_VALIDATION" assert (response_json["detail"][f"field_{positive_int_field_id}"][0] ["code"] == "max_digits")
def location(self, item): return reverse(item)