From 9a135ade50c0eee744c64896efd3c920035185b0 Mon Sep 17 00:00:00 2001 From: Skia Date: Tue, 19 Apr 2016 19:58:57 +0200 Subject: [PATCH] Refactor counters view a bit, and protect ClickView if no barman is logged --- counter/models.py | 17 +++++++++++++++++ counter/views.py | 42 +++++++++++++++++++----------------------- sith/settings.py | 2 -- 3 files changed, 36 insertions(+), 25 deletions(-) diff --git a/counter/models.py b/counter/models.py index e8462758..386c8e34 100644 --- a/counter/models.py +++ b/counter/models.py @@ -1,11 +1,15 @@ from django.db import models from django.utils.translation import ugettext_lazy as _ +from django.utils import timezone from django.conf import settings from django.core.urlresolvers import reverse +from datetime import timedelta + from club.models import Club from accounting.models import Product from core.models import Group +from subscription.models import Subscriber class Counter(models.Model): name = models.CharField(_('name'), max_length=30) @@ -31,3 +35,16 @@ class Counter(models.Model): def can_be_viewed_by(self, user): return user.is_in_group(settings.SITH_MAIN_BOARD_GROUP) + + def get_barmen_list(counter_id): + bl = [] + counter_id = str(counter_id) + if counter_id in list(Counter.barmen_session.keys()): + if (timezone.now() - Counter.barmen_session[counter_id]['time']) < timedelta(minutes=settings.SITH_BARMAN_TIMEOUT): + for b in Counter.barmen_session[counter_id]['users']: + bl.append(Subscriber.objects.filter(id=b).first()) + Counter.barmen_session[counter_id]['time'] = timezone.now() + else: + Counter.barmen_session[counter_id]['users'] = set() + return bl + diff --git a/counter/views.py b/counter/views.py index b3d96bd7..2148f4b6 100644 --- a/counter/views.py +++ b/counter/views.py @@ -7,10 +7,8 @@ from django.core.urlresolvers import reverse_lazy from django.contrib.auth.forms import AuthenticationForm from django.http import HttpResponseRedirect from django.utils import timezone -from django.conf import settings from django import forms -from datetime import timedelta from core.views import CanViewMixin, CanEditMixin, CanEditPropMixin from subscription.models import Subscriber @@ -62,16 +60,7 @@ class CounterMain(DetailView, ProcessFormView, FormMixin): # TODO: make some checks on the counter type, in order not to make the AuthenticationForm if there is no need to kwargs['login_form'] = AuthenticationForm() kwargs['form'] = self.get_form() - if str(self.object.id) in list(Counter.barmen_session.keys()): - if (timezone.now() - Counter.barmen_session[str(self.object.id)]['time']) < timedelta(minutes=settings.SITH_BARMAN_TIMEOUT): - kwargs['barmen'] = [] - for b in Counter.barmen_session[str(self.object.id)]['users']: - kwargs['barmen'].append(Subscriber.objects.filter(id=b).first()) - Counter.barmen_session[str(self.object.id)]['time'] = timezone.now() - else: - Counter.barmen_session[str(self.object.id)]['users'] = set() - else: - kwargs['barmen'] = [] + kwargs['barmen'] = Counter.get_barmen_list(self.object.id) return kwargs def form_valid(self, form): @@ -114,14 +103,19 @@ class CounterClick(DetailView): def get(self, request, *args, **kwargs): """Simple get view""" self.customer = Customer.objects.filter(user__id=self.kwargs['user_id']).first() - if 'basket' not in request.session.keys(): + ret = super(CounterClick, self).get(request, *args, **kwargs) + if len(Counter.get_barmen_list(self.object.id)) < 1: # Check that at least one barman is logged in + return self.cancel(request) # Otherwise, go to main view + if 'basket' not in request.session.keys(): # Init the basket session entry request.session['basket'] = {} - return super(CounterClick, self).get(request, *args, **kwargs) + return ret def post(self, request, *args, **kwargs): """ Handle the many possibilities of the post request """ self.object = self.get_object() self.customer = Customer.objects.filter(user__id=self.kwargs['user_id']).first() + if len(Counter.get_barmen_list(self.object.id)) < 1: # Check that at least one barman is logged in + return self.cancel(request) if 'basket' not in request.session.keys(): request.session['basket'] = {} @@ -138,20 +132,22 @@ class CounterClick(DetailView): def add_product(self, request): """ Add a product to the basket """ - if str(request.POST['product_id']) in request.session['basket']: - request.session['basket'][str(request.POST['product_id'])] += 1 + pid = str(request.POST['product_id']) + if pid in request.session['basket']: + request.session['basket'][pid] += 1 else: - request.session['basket'][str(request.POST['product_id'])] = 1 + request.session['basket'][pid] = 1 request.session.modified = True def del_product(self, request): """ Delete a product from the basket """ - if str(request.POST['product_id']) in request.session['basket']: - request.session['basket'][str(request.POST['product_id'])] -= 1 - if request.session['basket'][str(request.POST['product_id'])] <= 0: - del request.session['basket'][str(request.POST['product_id'])] + pid = str(request.POST['product_id']) + if pid in request.session['basket']: + request.session['basket'][pid] -= 1 + if request.session['basket'][pid] <= 0: + del request.session['basket'][pid] else: - request.session['basket'][str(request.POST['product_id'])] = 0 + request.session['basket'][pid] = 0 request.session.modified = True def finish(self, request): @@ -164,7 +160,7 @@ class CounterClick(DetailView): def cancel(self, request): """ Cancel the click session """ kwargs = {'counter_id': self.object.id} - del request.session['basket'] + request.session.pop('basket', None) return HttpResponseRedirect(reverse_lazy('counter:details', args=self.args, kwargs=kwargs)) def get_context_data(self, **kwargs): diff --git a/sith/settings.py b/sith/settings.py index 83dcb76d..6d27972d 100644 --- a/sith/settings.py +++ b/sith/settings.py @@ -57,8 +57,6 @@ MIDDLEWARE_CLASSES = ( 'core.middleware.AuthenticationMiddleware', ) -SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer' - ROOT_URLCONF = 'sith.urls' TEMPLATES = [