def post(self, request, *args, **kwargs):
pk = kwargs['pk']
product = get_object_or_404(Product, pk=pk)
parent = request.user.parent
student_event_ids = request.POST.getlist('student_event_id', '')
for student_event in student_event_ids:
try:
event_id, student_id = student_event.split(",")
except:
error_message('Invalid request data', request)
return redirect(reverse('product_detail', args=(pk,)))
student = get_object_or_404(Student, pk=student_id)
if student.parent.get(pk=parent.pk) is None:
error_message('No Access to student {}'.format(student),
request)
return redirect(reverse('product_detail', args=(pk,)))
event = get_object_or_404(Event, pk=event_id)
Cart.objects.get_or_create(parent=parent, student=student,
event=event, product=product,
defaults={'quantity': 1,
'price': product.price})
return redirect(reverse('cart'))
def post(self, request, *args, **kwargs):
pk = kwargs['pk']
cart = get_object_or_404(Cart, pk=pk)
cart_id = cart.id
if cart.parent != request.user.parent:
error_message('No Access to cart {}'.format(cart),
request)
return JsonResponse({'status': False, 'cart_id': cart.pk})
cart.delete()
return JsonResponse({'status': True, 'cart_id': cart_id})
def dispatch(self, request, *args, **kwargs):
try:
parent = getattr(request.user, 'parent', None)
except Parent.DoesNotExist:
parent = None
if not request.user.is_authenticated():
return self.handle_no_permission()
if not parent:
error_message('Admin does not grant permission for shopping',
request)
return self.handle_no_permission()
return super(ParentRequiredMixin, self).dispatch(request, *args,
**kwargs)
def post(self, request, *args, **kwargs):
pk = kwargs['pk']
cart = get_object_or_404(Cart, pk=pk)
if cart.parent != request.user.parent:
error_message('No Access to cart {}'.format(cart),
request)
return JsonResponse({'status': False, 'cart_id': cart.pk})
try:
quantity = int(request.POST.get('quantity', 1))
except:
quantity = 1
quantity = max(1, quantity)
cart.quantity = quantity
cart.save()
return JsonResponse({'status': True, 'cart_id': cart.id,
'quantity': quantity})
def post(self, request, *args, **kwargs):
form = AuthenticationForm(data=request.POST)
if form.is_valid():
user = form.get_user()
success = True
next_url = request.GET.get('next') or self.get_success_url()
try:
user.parent
except Parent.DoesNotExist:
if not user.is_superuser:
error_message(
'Only parent and admin users can login here!', request)
success = False
else:
next_url = reverse('admin:index')
if success:
auth_login(request, user)
return redirect(next_url)
else:
send_form_errors(form, request)
ctx = {"form": form}
return render(request, "registration/login.html", ctx)
