diff --git a/counter/models.py b/counter/models.py
index 196b474d..0d373d36 100644
--- a/counter/models.py
+++ b/counter/models.py
@@ -27,8 +27,10 @@ from django.utils.translation import ugettext_lazy as _
from django.utils import timezone
from django.conf import settings
from django.core.urlresolvers import reverse
+from django.core.validators import MinLengthValidator
from django.forms import ValidationError
from django.utils.functional import cached_property
+from django.core.exceptions import PermissionDenied
from datetime import timedelta, date
import random
@@ -85,6 +87,29 @@ class Customer(models.Model):
letter = random.choice(string.ascii_lowercase)
return number + letter
+ def add_student_card(self, uid, request, counter=None):
+ """
+ Add a new student card on the customer account
+ """
+ # If you are comming from a counter, only your connection to the counter is checked, not your right on the user to avoid wierd conflicts
+ if counter != None and (
+ counter.type != "BAR"
+ or not (
+ "counter_token" in request.session.keys()
+ and request.session["counter_token"] == counter.token
+ )
+ or len(counter.get_barmen_list()) < 1
+ ):
+ raise PermissionDenied
+ # If you are not comming from a counter, your permissions are checked
+ if not (
+ request.user.id == self.user.id
+ or request.user.is_board_member
+ or request.user.is_root
+ ):
+ raise PermissionDenied
+ StudentCard(customer=self, uid=uid).save()
+
def save(self, allow_negative=False, is_selling=False, *args, **kwargs):
"""
is_selling : tell if the current action is a selling
@@ -744,7 +769,9 @@ class StudentCard(models.Model):
UID_SIZE = 14
- uid = models.CharField(_("uid"), max_length=14, unique=True)
+ uid = models.CharField(
+ _("uid"), max_length=14, unique=True, validators=[MinLengthValidator(4)]
+ )
customer = models.ForeignKey(
Customer,
related_name="student_cards",
diff --git a/counter/templates/counter/counter_click.jinja b/counter/templates/counter/counter_click.jinja
index aee9c309..521ec4c9 100644
--- a/counter/templates/counter/counter_click.jinja
+++ b/counter/templates/counter/counter_click.jinja
@@ -30,6 +30,16 @@
{{ user_mini_profile(customer.user) }}
{{ user_subscription(customer.user) }}
{% trans %}Amount: {% endtrans %}{{ customer.amount }} €
+
{% trans %}Selling{% endtrans %}
diff --git a/counter/views.py b/counter/views.py
index fd51b20f..439eb87d 100644
--- a/counter/views.py
+++ b/counter/views.py
@@ -380,6 +380,7 @@ class CounterClick(CounterTabsMixin, CanViewMixin, DetailView):
request.session["too_young"] = False
request.session["not_allowed"] = False
request.session["no_age"] = False
+ request.session["not_valid_student_card_uid"] = False
if self.object.type != "BAR":
self.operator = request.user
elif self.is_barman_price():
@@ -389,6 +390,8 @@ class CounterClick(CounterTabsMixin, CanViewMixin, DetailView):
if "add_product" in request.POST["action"]:
self.add_product(request)
+ elif "add_student_card" in request.POST["action"]:
+ self.add_student_card(request)
elif "del_product" in request.POST["action"]:
self.del_product(request)
elif "refill" in request.POST["action"]:
@@ -525,6 +528,19 @@ class CounterClick(CounterTabsMixin, CanViewMixin, DetailView):
request.session.modified = True
return True
+ def add_student_card(self, request):
+ """
+ Add a new student card on the customer account
+ """
+ uid = request.POST["student_card_uid"]
+ uid = str(uid)
+ if len(uid) != StudentCard.UID_SIZE:
+ request.session["not_valid_student_card_uid"] = True
+ return False
+
+ self.customer.add_student_card(uid, request, self.object)
+ return True
+
def del_product(self, request):
""" Delete a product from the basket """
pid = str(request.POST["product_id"])
@@ -648,6 +664,7 @@ class CounterClick(CounterTabsMixin, CanViewMixin, DetailView):
kwargs["basket_total"] = self.sum_basket(self.request)
kwargs["refill_form"] = self.refill_form or RefillForm()
kwargs["categories"] = ProductType.objects.all()
+ kwargs["student_card_max_uid_size"] = StudentCard.UID_SIZE
return kwargs