Sith/counter/views/click.py

469 lines
18 KiB
Python
Raw Permalink Normal View History

#
# Copyright 2023 © AE UTBM
# ae@utbm.fr / ae.info@utbm.fr
#
# This file is part of the website of the UTBM Student Association (AE UTBM),
# https://ae.utbm.fr.
#
# You can find the source code of the website at https://github.com/ae-utbm/sith
#
# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
2024-09-23 08:25:27 +00:00
# SEE : https://raw.githubusercontent.com/ae-utbm/sith/master/LICENSE
# OR WITHIN THE LOCAL FILE "LICENSE"
#
#
2024-06-24 11:07:36 +00:00
import re
from http import HTTPStatus
2024-10-06 11:22:09 +00:00
from typing import TYPE_CHECKING
from urllib.parse import parse_qs
2024-06-24 11:07:36 +00:00
from django.core.exceptions import PermissionDenied
from django.db import DataError, transaction
from django.db.models import F
2024-11-27 17:41:12 +00:00
from django.http import Http404, HttpResponseRedirect, JsonResponse
2024-07-21 08:44:43 +00:00
from django.shortcuts import get_object_or_404, redirect
2024-11-27 17:41:12 +00:00
from django.urls import reverse_lazy
2024-06-24 11:07:36 +00:00
from django.utils.translation import gettext_lazy as _
from django.views.generic import DetailView, FormView
2016-03-28 12:54:35 +00:00
from core.utils import FormFragmentTemplateData
2024-11-27 17:41:12 +00:00
from core.views import CanViewMixin
from counter.forms import RefillForm
from counter.models import Counter, Customer, Product, Selling
from counter.utils import is_logged_in_counter
2024-11-27 18:02:48 +00:00
from counter.views.mixins import CounterTabsMixin
2024-12-07 23:32:28 +00:00
from counter.views.student_card import StudentCardFormView
2016-03-28 12:54:35 +00:00
2024-10-06 11:22:09 +00:00
if TYPE_CHECKING:
from core.models import User
2017-06-12 07:47:24 +00:00
2017-01-04 18:39:37 +00:00
class CounterClick(CounterTabsMixin, CanViewMixin, DetailView):
2024-07-12 07:34:16 +00:00
"""The click view
This is a detail view not to have to worry about loading the counter
2024-07-12 07:34:16 +00:00
Everything is made by hand in the post method.
2016-04-15 09:50:31 +00:00
"""
2018-10-04 19:29:19 +00:00
model = Counter
queryset = Counter.objects.annotate_is_open()
2018-10-04 19:29:19 +00:00
template_name = "counter/counter_click.jinja"
2016-04-15 09:50:31 +00:00
pk_url_kwarg = "counter_id"
2016-09-28 09:07:32 +00:00
current_tab = "counter"
def render_to_response(self, *args, **kwargs):
if self.is_ajax(self.request):
response = {"errors": []}
status = HTTPStatus.OK
if self.request.session["too_young"]:
response["errors"].append(_("Too young for that product"))
status = HTTPStatus.UNAVAILABLE_FOR_LEGAL_REASONS
if self.request.session["not_allowed"]:
response["errors"].append(_("Not allowed for that product"))
status = HTTPStatus.FORBIDDEN
if self.request.session["no_age"]:
response["errors"].append(_("No date of birth provided"))
status = HTTPStatus.UNAVAILABLE_FOR_LEGAL_REASONS
if self.request.session["not_enough"]:
response["errors"].append(_("Not enough money"))
status = HTTPStatus.PAYMENT_REQUIRED
if len(response["errors"]) > 1:
status = HTTPStatus.BAD_REQUEST
response["basket"] = self.request.session["basket"]
return JsonResponse(response, status=status)
else: # Standard HTML page
return super().render_to_response(*args, **kwargs)
def dispatch(self, request, *args, **kwargs):
2018-10-04 19:29:19 +00:00
self.customer = get_object_or_404(Customer, user__id=self.kwargs["user_id"])
2024-07-21 08:44:43 +00:00
obj: Counter = self.get_object()
if not self.customer.can_buy:
raise Http404
2024-07-21 08:44:43 +00:00
if obj.type != "BAR" and not request.user.is_authenticated:
raise PermissionDenied
2024-08-01 13:47:41 +00:00
if obj.type == "BAR" and (
2024-07-21 08:44:43 +00:00
"counter_token" not in request.session
or request.session["counter_token"] != obj.token
or len(obj.barmen_list) == 0
):
return redirect(obj)
2024-06-27 12:46:43 +00:00
return super().dispatch(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
2024-07-12 07:34:16 +00:00
"""Simple get view."""
if "basket" not in request.session: # Init the basket session entry
2018-10-04 19:29:19 +00:00
request.session["basket"] = {}
request.session["basket_total"] = 0
request.session["not_enough"] = False # Reset every variable
request.session["too_young"] = False
request.session["not_allowed"] = False
request.session["no_age"] = False
2024-06-27 12:46:43 +00:00
ret = super().get(request, *args, **kwargs)
if (self.object.type != "BAR" and not request.user.is_authenticated) or (
2024-07-21 08:44:43 +00:00
self.object.type == "BAR" and len(self.object.barmen_list) == 0
2018-10-04 19:29:19 +00:00
): # Check that at least one barman is logged in
2017-06-12 07:47:24 +00:00
ret = self.cancel(request) # Otherwise, go to main view
return ret
2016-04-15 09:50:31 +00:00
def post(self, request, *args, **kwargs):
2024-07-12 07:34:16 +00:00
"""Handle the many possibilities of the post request."""
self.object = self.get_object()
if (self.object.type != "BAR" and not request.user.is_authenticated) or (
2024-07-21 08:44:43 +00:00
self.object.type == "BAR" and len(self.object.barmen_list) < 1
2018-10-04 19:29:19 +00:00
): # Check that at least one barman is logged in
return self.cancel(request)
2018-10-04 19:29:19 +00:00
if self.object.type == "BAR" and not (
"counter_token" in self.request.session
2018-10-04 19:29:19 +00:00
and self.request.session["counter_token"] == self.object.token
): # Also check the token to avoid the bar to be stolen
return HttpResponseRedirect(
reverse_lazy(
"counter:details",
args=self.args,
kwargs={"counter_id": self.object.id},
)
+ "?bad_location"
)
if "basket" not in request.session:
2018-10-04 19:29:19 +00:00
request.session["basket"] = {}
request.session["basket_total"] = 0
request.session["not_enough"] = False # Reset every variable
request.session["too_young"] = False
request.session["not_allowed"] = False
request.session["no_age"] = False
2016-07-22 11:34:34 +00:00
if self.object.type != "BAR":
self.operator = request.user
2024-12-15 20:33:43 +00:00
elif self.object.customer_is_barman(self.customer):
2016-07-22 11:34:34 +00:00
self.operator = self.customer.user
else:
2016-08-06 10:37:36 +00:00
self.operator = self.object.get_random_barman()
action = self.request.POST.get("action", None)
if action is None:
action = parse_qs(request.body.decode()).get("action", [""])[0]
if action == "add_product":
self.add_product(request)
elif action == "del_product":
self.del_product(request)
elif action == "code":
2016-06-26 17:30:28 +00:00
return self.parse_code(request)
elif action == "cancel":
return self.cancel(request)
elif action == "finish":
return self.finish(request)
context = self.get_context_data(object=self.object)
return self.render_to_response(context)
def get_product(self, pid):
return Product.objects.filter(pk=int(pid)).first()
def get_price(self, pid):
p = self.get_product(pid)
2024-12-15 20:33:43 +00:00
if self.object.customer_is_barman(self.customer):
price = p.special_selling_price
else:
price = p.selling_price
return price
def sum_basket(self, request):
total = 0
2024-07-08 10:34:06 +00:00
for infos in request.session["basket"].values():
2018-10-04 19:29:19 +00:00
total += infos["price"] * infos["qty"]
return total / 100
2016-08-20 14:09:46 +00:00
def get_total_quantity_for_pid(self, request, pid):
pid = str(pid)
if pid not in request.session["basket"]:
2016-08-20 14:09:46 +00:00
return 0
return (
request.session["basket"][pid]["qty"]
+ request.session["basket"][pid]["bonus_qty"]
)
2016-08-20 14:09:46 +00:00
2017-07-21 19:39:49 +00:00
def compute_record_product(self, request, product=None):
recorded = 0
2018-10-04 19:29:19 +00:00
basket = request.session["basket"]
2017-07-21 19:39:49 +00:00
if product:
if product.is_record_product:
recorded -= 1
elif product.is_unrecord_product:
recorded += 1
for p in basket:
bproduct = self.get_product(str(p))
if bproduct.is_record_product:
2018-10-04 19:29:19 +00:00
recorded -= basket[p]["qty"]
2017-07-21 19:39:49 +00:00
elif bproduct.is_unrecord_product:
2018-10-04 19:29:19 +00:00
recorded += basket[p]["qty"]
2017-07-21 19:39:49 +00:00
return recorded
def is_record_product_ok(self, request, product):
return self.customer.can_record_more(
2018-10-04 19:29:19 +00:00
self.compute_record_product(request, product)
)
2017-07-21 19:39:49 +00:00
@staticmethod
def is_ajax(request):
# when using the fetch API, the django request.POST dict is empty
# this is but a wretched contrivance which strive to replace
# the deprecated django is_ajax() method
# and which must be replaced as soon as possible
# by a proper separation between the api endpoints of the counter
return len(request.POST) == 0 and len(request.body) != 0
2017-06-12 07:47:24 +00:00
def add_product(self, request, q=1, p=None):
2024-07-12 07:34:16 +00:00
"""Add a product to the basket
q is the quantity passed as integer
2024-07-12 07:34:16 +00:00
p is the product id, passed as an integer.
"""
pid = p or parse_qs(request.body.decode())["product_id"][0]
2016-07-16 14:48:56 +00:00
pid = str(pid)
price = self.get_price(pid)
total = self.sum_basket(request)
product: Product = self.get_product(pid)
user: User = self.customer.user
buying_groups = list(product.buying_groups.values_list("pk", flat=True))
can_buy = len(buying_groups) == 0 or any(
user.is_in_group(pk=group_id) for group_id in buying_groups
)
if not can_buy:
2018-10-04 19:29:19 +00:00
request.session["not_allowed"] = True
return False
2017-06-12 07:47:24 +00:00
bq = 0 # Bonus quantity, for trays
2018-10-04 19:29:19 +00:00
if (
product.tray
): # Handle the tray to adjust the quantity q to add and the bonus quantity bq
2016-08-20 14:09:46 +00:00
total_qty_mod_6 = self.get_total_quantity_for_pid(request, pid) % 6
2017-06-12 07:47:24 +00:00
bq = int((total_qty_mod_6 + q) / 6) # Integer division
2016-08-20 14:09:46 +00:00
q -= bq
2018-10-04 19:29:19 +00:00
if self.customer.amount < (
total + round(q * float(price), 2)
): # Check for enough money
request.session["not_enough"] = True
2016-06-26 17:30:28 +00:00
return False
2018-10-04 19:29:19 +00:00
if product.is_unrecord_product and not self.is_record_product_ok(
request, product
):
request.session["not_allowed"] = True
2017-07-21 19:39:49 +00:00
return False
if product.limit_age >= 18 and not user.date_of_birth:
2018-10-04 19:29:19 +00:00
request.session["no_age"] = True
2016-09-01 14:55:43 +00:00
return False
if product.limit_age >= 18 and user.is_banned_alcohol:
2018-10-04 19:29:19 +00:00
request.session["not_allowed"] = True
2016-10-15 00:33:38 +00:00
return False
if user.is_banned_counter:
2018-10-04 19:29:19 +00:00
request.session["not_allowed"] = True
return False
2018-10-04 19:29:19 +00:00
if (
user.date_of_birth and self.customer.user.get_age() < product.limit_age
2018-10-04 19:29:19 +00:00
): # Check if affordable
request.session["too_young"] = True
return False
2018-10-04 19:29:19 +00:00
if pid in request.session["basket"]: # Add if already in basket
request.session["basket"][pid]["qty"] += q
request.session["basket"][pid]["bonus_qty"] += bq
2017-06-12 07:47:24 +00:00
else: # or create if not
2018-10-04 19:29:19 +00:00
request.session["basket"][pid] = {
"qty": q,
"price": int(price * 100),
"bonus_qty": bq,
}
request.session.modified = True
2016-06-26 17:30:28 +00:00
return True
def del_product(self, request):
2024-07-12 07:34:16 +00:00
"""Delete a product from the basket."""
pid = parse_qs(request.body.decode())["product_id"][0]
2016-08-20 14:09:46 +00:00
product = self.get_product(pid)
2018-10-04 19:29:19 +00:00
if pid in request.session["basket"]:
if (
product.tray
and (self.get_total_quantity_for_pid(request, pid) % 6 == 0)
and request.session["basket"][pid]["bonus_qty"]
):
request.session["basket"][pid]["bonus_qty"] -= 1
2016-08-20 14:09:46 +00:00
else:
2018-10-04 19:29:19 +00:00
request.session["basket"][pid]["qty"] -= 1
if request.session["basket"][pid]["qty"] <= 0:
del request.session["basket"][pid]
request.session.modified = True
2016-06-26 17:30:28 +00:00
def parse_code(self, request):
2024-07-12 07:34:16 +00:00
"""Parse the string entered by the barman.
This can be of two forms :
2024-07-12 07:34:16 +00:00
- `<str>`, where the string is the code of the product
- `<int>X<str>`, where the integer is the quantity and str the code.
"""
string = parse_qs(request.body.decode()).get("code", [""])[0].upper()
if string == "FIN":
2016-06-26 17:30:28 +00:00
return self.finish(request)
elif string == "ANN":
2016-06-26 17:30:28 +00:00
return self.cancel(request)
regex = re.compile(r"^((?P<nb>[0-9]+)X)?(?P<code>[A-Z0-9]+)$")
m = regex.match(string)
if m is not None:
2018-10-04 19:29:19 +00:00
nb = m.group("nb")
code = m.group("code")
nb = int(nb) if nb is not None else 1
2016-07-22 11:34:34 +00:00
p = self.object.products.filter(code=code).first()
2016-06-26 17:30:28 +00:00
if p is not None:
self.add_product(request, nb, p.id)
2016-06-26 17:30:28 +00:00
context = self.get_context_data(object=self.object)
return self.render_to_response(context)
def finish(self, request):
2024-07-12 07:34:16 +00:00
"""Finish the click session, and validate the basket."""
2016-07-21 23:19:04 +00:00
with transaction.atomic():
2018-10-04 19:29:19 +00:00
request.session["last_basket"] = []
2017-07-27 14:53:53 +00:00
if self.sum_basket(request) > self.customer.amount:
raise DataError(_("You have not enough money to buy all the basket"))
2018-10-04 19:29:19 +00:00
for pid, infos in request.session["basket"].items():
2016-07-21 23:19:04 +00:00
# This duplicates code for DB optimization (prevent to load many times the same object)
p = Product.objects.filter(pk=pid).first()
2024-12-15 20:33:43 +00:00
if self.object.customer_is_barman(self.customer):
2016-07-21 23:19:04 +00:00
uprice = p.special_selling_price
else:
uprice = p.selling_price
2018-10-04 19:29:19 +00:00
request.session["last_basket"].append(
"%d x %s" % (infos["qty"] + infos["bonus_qty"], p.name)
)
s = Selling(
label=p.name,
product=p,
club=p.club,
counter=self.object,
unit_price=uprice,
quantity=infos["qty"],
seller=self.operator,
customer=self.customer,
)
2016-07-21 23:19:04 +00:00
s.save()
2018-10-04 19:29:19 +00:00
if infos["bonus_qty"]:
s = Selling(
label=p.name + " (Plateau)",
product=p,
club=p.club,
counter=self.object,
unit_price=0,
quantity=infos["bonus_qty"],
seller=self.operator,
customer=self.customer,
)
2016-08-20 14:09:46 +00:00
s.save()
2017-07-21 19:39:49 +00:00
self.customer.recorded_products -= self.compute_record_product(request)
self.customer.save()
2018-10-04 19:29:19 +00:00
request.session["last_customer"] = self.customer.user.get_display_name()
request.session["last_total"] = "%0.2f" % self.sum_basket(request)
request.session["new_customer_amount"] = str(self.customer.amount)
del request.session["basket"]
2016-07-21 23:19:04 +00:00
request.session.modified = True
2018-10-04 19:29:19 +00:00
kwargs = {"counter_id": self.object.id}
return HttpResponseRedirect(
reverse_lazy("counter:details", args=self.args, kwargs=kwargs)
)
def cancel(self, request):
2024-07-12 07:34:16 +00:00
"""Cancel the click session."""
2018-10-04 19:29:19 +00:00
kwargs = {"counter_id": self.object.id}
request.session.pop("basket", None)
return HttpResponseRedirect(
reverse_lazy("counter:details", args=self.args, kwargs=kwargs)
)
def get_context_data(self, **kwargs):
2024-07-12 07:34:16 +00:00
"""Add customer to the context."""
2024-06-27 12:46:43 +00:00
kwargs = super().get_context_data(**kwargs)
products = self.object.products.select_related("product_type")
2024-12-15 20:33:43 +00:00
if self.object.customer_is_barman(self.customer):
products = products.annotate(price=F("special_selling_price"))
else:
products = products.annotate(price=F("selling_price"))
kwargs["products"] = products
kwargs["categories"] = {}
for product in kwargs["products"]:
if product.product_type:
kwargs["categories"].setdefault(product.product_type, []).append(
product
)
2018-10-04 19:29:19 +00:00
kwargs["customer"] = self.customer
kwargs["basket_total"] = self.sum_basket(self.request)
if self.object.type == "BAR":
kwargs["student_card_fragment"] = StudentCardFormView.get_template_data(
self.customer
).render(self.request)
if self.object.can_refill():
kwargs["refilling_fragment"] = RefillingCreateView.get_template_data(
self.customer
).render(self.request)
return kwargs
class RefillingCreateView(FormView):
"""This is a fragment only view which integrates with counter_click.jinja"""
form_class = RefillForm
template_name = "counter/fragments/create_refill.jinja"
@classmethod
def get_template_data(
cls, customer: Customer, *, form_instance: form_class | None = None
) -> FormFragmentTemplateData[form_class]:
2024-12-17 00:41:45 +00:00
return FormFragmentTemplateData(
form=form_instance if form_instance else cls.form_class(),
template=cls.template_name,
context={
"action": reverse_lazy(
"counter:refilling_create", kwargs={"customer_id": customer.pk}
),
},
)
def dispatch(self, request, *args, **kwargs):
self.customer: Customer = get_object_or_404(Customer, pk=kwargs["customer_id"])
if not self.customer.can_buy:
raise Http404
if not is_logged_in_counter(request):
raise PermissionDenied
self.counter: Counter = get_object_or_404(
Counter, token=request.session["counter_token"]
)
if not self.counter.can_refill():
raise PermissionDenied
2024-12-15 20:33:43 +00:00
if self.counter.customer_is_barman(self.customer):
self.operator = self.customer.user
else:
self.operator = self.counter.get_random_barman()
return super().dispatch(request, *args, **kwargs)
def form_valid(self, form):
res = super().form_valid(form)
form.clean()
form.instance.counter = self.counter
form.instance.operator = self.operator
form.instance.customer = self.customer
form.instance.save()
return res
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
data = self.get_template_data(self.customer, form_instance=context["form"])
context.update(data.context)
return context
def get_success_url(self, **kwargs):
return self.request.path