def clearsearch(self):
came_from = str(request.GET.get('came_from', 'list'))
try:
del session['product_querystr']
del session['product_search_values']
del session['product_sort']
del session['product_sort_direction']
session.save()
except:
session.save()
if came_from == 'admin':
return redirect(h.url(controller='product',action='admin'))
else:
return redirect(h.url(controller='product',action='list'))
def new(self):
user = None
if "repoze.who.identity" in request.environ:
user = request.environ.get('repoze.who.identity')['user']
values= dict(request.params)
for email in session['site_settings']['contactusmail'].split(','):
if user:
message = Message(user.emails[0].email_address,
email,
"contactus from %s"%values['email'],
encoding='utf-8')
message.plain = "%s"%values['message']
message.send()
else:
message = Message(values['email'],
email,
"contactus asked to reply to %s"%values['email'],
encoding='utf-8')
message.plain = "%s"%values['message']
message.send()
h.flash(_("Your message was sent successfully."))
return redirect(h.url(controller='contactus',action='index'))
def view(self, id):
if is_met(has_permission("view_user")):
try:
user = Session.query(User).filter_by(id=id).one()
except:
h.flash(_("No user with ID:%s to view") % id)
return redirect(h.url(controller="user", action="index"))
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
c.user = user
return render("/derived/user/staff/view.html")
else:
return redirect(url(controller="user", action="index"))
def undelete(self, id):
came_from = str(request.GET.get("came_from", "")) or url(controller="user", action="admin")
try:
user = Session.query(User).filter_by(id=id).one()
except:
h.flash(_("No user with ID:%s to delete" % id))
return redirect(h.url(controller="user", action="index"))
user.deleted = False
Session.add(user)
Session.commit()
h.flash(_("User %s undeleted!") % user.user_name)
return redirect(came_from)
def edit(self, id):
user = Session.query(User).filter_by(id=id).one()
identity = request.environ.get("repoze.who.identity")
if is_met(has_permission("edit_user")):
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
values = create_dict(user)
return render_form(self.menu_items, values, action="update", id=user.id)
elif identity["user"] == user:
values = create_dict(user)
return render_customer_form(self.menu_items, user.id, values)
else:
h.flash("You are not authorized to edit this user data!")
came_from = str(request.GET.get("came_from", "")) or url(controller="user", action="index")
return redirect(h.url(came_from))
def delete(self, id):
def delcommons(user):
phones = Session.query(Phone).filter_by(user_id=user.id).all()
addresses = Session.query(Address).filter_by(user_id=user.id).all()
emails = Session.query(Email).filter_by(user_id=user.id).all()
for phone in phones:
Session.delete(phone)
for address in addresses:
Session.delete(address)
for email in emails:
Session.delete(email)
came_from = str(request.GET.get("came_from", "")) or url(controller="user", action="admin")
try:
user = Session.query(User).filter_by(id=id).one()
except:
h.flash(_("No user with ID:%s to delete" % id))
return redirect(h.url(controller="user", action="index"))
if user.user_name == "admin":
h.flash("Did u lost your mind?! deleting admin user will destroy ur program!")
return redirect(came_from)
if user.pending:
conf = Session.query(UserConfirm).filter_by(user_id=user.id).one()
Session.delete(conf)
delcommons(user)
Session.delete(user)
else:
invoices = Session.query(Invoice).filter_by(customer_id=user.id).filter_by(pending=False).all()
if invoices == []:
invoices = Session.query(Invoice).filter_by(customer_id=user.id).all()
for invoice in invoices:
for invoice_item in invoice.invoice_items:
Session.delete(invoice_item)
Session.delete(invoice)
delcommons(user)
Session.delete(user)
h.flash("user and all his/her pending orders were deleted")
else:
h.flash(
"you can not delete users permanently with confirmed orders from this site.instead this user has been marked as deleted and is unable to use his/her account anymore"
)
user.deleted = True
Session.add(user)
Session.commit()
h.flash(_("User %s deleted!") % user.user_name)
return redirect(came_from)
def _delete(self,invoice):
if not invoice.pending:
h.flash(_('You can not delete a confirmed invoice.'))
return redirect(h.url(controller='invoice',action='index'))
invoice.deleted = True
customer = invoice.customer
invoice_items=[]
for invoice_item in invoice.invoice_items:
product = invoice_item.product
product.quantity += invoice_item.quantity
customer.balance += invoice_item.total_price
Session.add(customer)
Session.add(product)
Session.add(invoice_item)
Session.add(invoice)
Session.commit()
h.flash(_('Invoice %s was marked as deleted')%invoice.id)
return redirect(url(controller='invoice',action='index'))
def uploaddialog(self):
photos = Session.query(Photo).all()
session["photos"] = {}
session["photos"]["files"] = []
session.save()
basepath = os.path.join(config["pylons.paths"]["static_files"], "pics")
for photo in photos:
session["photos"]["files"].append(
{
"name": photo.file_path,
"size": os.path.getsize(os.path.join(basepath, photo.file_path))
if os.path.isfile(os.path.join(basepath, photo.file_path))
else 0,
"id": photo.id,
}
)
session.save()
c.action = h.url(controller="photo", action="upload")
return render("/derived/photo/uploaddialog.html")
def clearsearch(self):
del session["user_querystr"]
del session["user_search_values"]
session.save()
redirect(h.url(controller="user", action="admin"))