def create_new_company():
security.has_csrf_token(session["csrf_token"])
security.has_role([4, 5, 6])
compname = request.form["compname"]
address = request.form["address"]
email = request.form["email"]
country = request.form["country"]
route = request.form["route"]
success = companies.create_company(compname, address, email, country,
route)
if success == False:
if security.has_auth([4, 6]):
return render_template("/sale/sale_create_company.html",
compname=compname,
address=address,
route=route,
email=email,
country=country)
if security.has_auth([5]):
return render_template("/buyer/buyer_create_new_supplier.html",
compname=compname,
address=address,
route=route,
email=email,
country=country)
else:
if security.has_auth([4, 6]):
return redirect("/create_company")
if security.has_auth([5]):
return redirect("/create_new_supplier")
def finalize_order():
security.has_csrf_token(request.form["csrf_token"])
security.has_role([1, 4, 5, 6])
company_id = None
if session["auth_lvl"] == 4:
company_id = request.form["company_id"]
random_number = str(randint(0, 9999999))
order_id = random_number.zfill(7)
user_id = users.get_user_id()
cart = session["cart"]
orderList = []
for i in range(len(cart)):
order = None
if security.has_auth([4]):
order = {'order_id': order_id,
'company_id': company_id,
'item_id': cart[i]["item_id"],
'qty': cart[i]["qty"],
'user_id': user_id,
'price': cart[i]["price"]}
if security.has_auth([1, 5, 6]):
order = {'order_id': order_id,
'company_id': cart[i]["company_id"],
'item_id': cart[i]["item_id"],
'qty': cart[i]["qty"],
'user_id': user_id,
'price': cart[i]["price"]}
orderList.append(order)
session["cart"] = []
if security.has_auth([5, 6]):
orders.create_supply_order(orderList)
flash("Order was successful", "success")
return order_id
if security.has_auth([1, 4]):
success = orders.create_sale_order(order_id, orderList)
if success:
return order_id
else:
flash("Sale order unsuccessful", "danger")
def update_supply_order():
security.has_role([2, 6])
security.has_csrf_token(request.form["csrf_token"])
order_id = request.form["order_id"]
qty = request.form["qty"]
logistics.update_supply_order_qty(order_id, qty)
if security.has_auth([6]):
return redirect("/controller_supply_orders")
return redirect("/supply_order_inventory#form")
def update_batch():
security.has_role([2, 6])
security.has_csrf_token(request.form["csrf_token"])
batchnr = request.form["batchnr"]
qty = request.form["qty"]
logistics.update_batch_qty(batchnr, qty)
if security.has_auth([6]):
return redirect("/controller_batches")
return redirect("/batch_inventory#form")
def add_new_item():
security.has_role([5, 6])
security.has_csrf_token(request.form["csrf_token"])
itemname = request.form["name"]
price = request.form["price"]
item.add_item(itemname, price)
if security.has_auth([6]):
return redirect("/controller_list_items#form")
return redirect("/items#form")
def create_company(compname, address, email, country, route):
regex = '^[a-z0-9]+[\._]?[a-z0-9]+[@][a-z0-9]+[.][a-z][a-z]+$'
if re.search(regex, email.lower()) == None:
flash("Invalid email address", "danger")
return False
if len(compname) < 4:
flash("Company name must be at least 4 characters", "danger")
return False
if len(address) < 4:
flash("Address length must be at least 4 characters", "danger")
return False
if len(compname) < 4:
flash("Company name length must be at least 4 characters", "danger")
return False
if len(country) < 2:
flash("Countrycode length must be at least 2 characters", "danger")
company = get_company_by_name(compname)
if company != None:
flash("Company %s already exists" % compname, "danger")
return False
sql = """INSERT INTO
companies (compname, address, email, country, route)
VALUES (:compname, :address, :email, :country, :route)"""
db.session.execute(
sql, {
"compname": compname,
"address": address,
"email": email,
"country": country,
"route": route
})
db.session.commit()
if security.has_auth([4]):
flash("Company %s added succesfully" % compname, "success")
else:
flash("Supplier %s added succesfully" % compname, "success")
return True