klmp200/Sith
1
0
Fork 0
mirror of https://github.com/ae-utbm/sith.git synced 2024-11-25 10:34:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bugfix' into 'master'

Browse Source 
Serious counter fix

See merge request !62
This commit is contained in:
Skia 2017-04-04 15:48:59 +02:00
commit ec8ee15d0e
1 changed files with 69 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
counter/views.py
View File

@ -2,6 +2,7 @@ from django.shortcuts import render, get_object_or_404
from django.http import Http404
from django.core.exceptions import PermissionDenied
from django.views.generic import ListView, DetailView, RedirectView, TemplateView
from django.views.generic.base import View
from django.views.generic.edit import UpdateView, CreateView, DeleteView, ProcessFormView, FormMixin
from django.forms.models import modelform_factory
from django.forms import CheckboxSelectMultiple
@ -28,6 +29,33 @@ from counter.models import Counter, Customer, Product, Selling, Refilling, Produ
CashRegisterSummary, CashRegisterSummaryItem, Eticket, Permanency
from accounting.models import CurrencyField
class CounterAdminMixin(View):
"""
This view is made to protect counter admin section
"""
edit_group = [settings.SITH_GROUP_COUNTER_ADMIN_ID]
edit_club = []
def _test_group(self, user):
for g in self.edit_group:
if user.is_in_group(g):
return True
return False
def _test_club(self, user):
for c in self.edit_club:
if c.can_be_edited_by(user):
return True
return False
def dispatch(self, request, *args, **kwargs):
res = super(CounterAdminMixin, self).dispatch(request, *args, **kwargs)
if not (request.user.is_root or self._test_group(request.user)
or self._test_club(request.user)):
raise PermissionDenied
return res
class GetUserForm(forms.Form):
"""
The Form class aims at providing a valid user_id field in its cleaned data, in order to pass it to some view,
@ -158,8 +186,16 @@ class CounterClick(CounterTabsMixin, CanViewMixin, DetailView):
def dispatch(self, request, *args, **kwargs):
self.customer = get_object_or_404(Customer, user__id=self.kwargs['user_id'])
obj = self.get_object()
if not self.customer.can_buy:
raise Http404
if obj.type == "BAR":
if not ('counter_token' in request.session.keys() and
request.session['counter_token'] == obj.token) or len(obj.get_barmen_list())<1:
raise PermissionDenied
else:
if not request.user.is_authenticated():
raise PermissionDenied
return super(CounterClick, self).dispatch(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
@ -376,14 +412,17 @@ class CounterClick(CounterTabsMixin, CanViewMixin, DetailView):
def refill(self, request):
"""Refill the customer's account"""
form = RefillForm(request.POST)
if form.is_valid():
form.instance.counter = self.object
form.instance.operator = self.operator
form.instance.customer = self.customer
form.instance.save()
if self.get_object().type == 'BAR':
form = RefillForm(request.POST)
if form.is_valid():
form.instance.counter = self.object
form.instance.operator = self.operator
form.instance.customer = self.customer
form.instance.save()
else:
self.refill_form = form
else:
self.refill_form = form
raise PermissionDenied
def get_context_data(self, **kwargs):
""" Add customer to the context """
@ -496,7 +535,7 @@ class CounterEditForm(forms.ModelForm):
sellers = make_ajax_field(Counter, 'sellers', 'users', help_text="")
products = make_ajax_field(Counter, 'products', 'products', help_text="")
class CounterEditView(CounterAdminTabsMixin, CanEditMixin, UpdateView):
class CounterEditView(CounterAdminTabsMixin, CounterAdminMixin, UpdateView):
"""
Edit a counter's main informations (for the counter's manager)
"""
@ -506,10 +545,15 @@ class CounterEditView(CounterAdminTabsMixin, CanEditMixin, UpdateView):
template_name = 'core/edit.jinja'
current_tab = "counters"
def dispatch(self, request, *args, **kwargs):
obj = self.get_object()
self.edit_club.append(obj.club)
return super(CounterEditView, self).dispatch(request, *args, **kwargs)
def get_success_url(self):
return reverse_lazy('counter:admin', kwargs={'counter_id': self.object.id})
class CounterEditPropView(CounterAdminTabsMixin, CanEditPropMixin, UpdateView):
class CounterEditPropView(CounterAdminTabsMixin, CounterAdminMixin, UpdateView):
"""
Edit a counter's main informations (for the counter's admin)
"""
@ -519,7 +563,7 @@ class CounterEditPropView(CounterAdminTabsMixin, CanEditPropMixin, UpdateView):
template_name = 'core/edit.jinja'
current_tab = "counters"
class CounterCreateView(CounterAdminTabsMixin, CanEditMixin, CreateView):
class CounterCreateView(CounterAdminTabsMixin, CounterAdminMixin, CreateView):
"""
Create a counter (for the admins)
"""
@ -529,7 +573,7 @@ class CounterCreateView(CounterAdminTabsMixin, CanEditMixin, CreateView):
template_name = 'core/create.jinja'
current_tab = "counters"
class CounterDeleteView(CounterAdminTabsMixin, CanEditMixin, DeleteView):
class CounterDeleteView(CounterAdminTabsMixin, CounterAdminMixin, DeleteView):
"""
Delete a counter (for the admins)
"""
@ -541,7 +585,7 @@ class CounterDeleteView(CounterAdminTabsMixin, CanEditMixin, DeleteView):
# Product management
class ProductTypeListView(CounterAdminTabsMixin, CanEditPropMixin, ListView):
class ProductTypeListView(CounterAdminTabsMixin, CounterAdminMixin, ListView):
"""
A list view for the admins
"""
@ -549,7 +593,7 @@ class ProductTypeListView(CounterAdminTabsMixin, CanEditPropMixin, ListView):
template_name = 'counter/producttype_list.jinja'
current_tab = "product_types"
class ProductTypeCreateView(CounterAdminTabsMixin, CanCreateMixin, CreateView):
class ProductTypeCreateView(CounterAdminTabsMixin, CounterAdminMixin, CreateView):
"""
A create view for the admins
"""
@ -558,7 +602,7 @@ class ProductTypeCreateView(CounterAdminTabsMixin, CanCreateMixin, CreateView):
template_name = 'core/create.jinja'
current_tab = "products"
class ProductTypeEditView(CounterAdminTabsMixin, CanEditPropMixin, UpdateView):
class ProductTypeEditView(CounterAdminTabsMixin, CounterAdminMixin, UpdateView):
"""
An edit view for the admins
"""
@ -568,7 +612,7 @@ class ProductTypeEditView(CounterAdminTabsMixin, CanEditPropMixin, UpdateView):
pk_url_kwarg = "type_id"
current_tab = "products"
class ProductArchivedListView(CounterAdminTabsMixin, CanEditPropMixin, ListView):
class ProductArchivedListView(CounterAdminTabsMixin, CounterAdminMixin, ListView):
"""
A list view for the admins
"""
@ -578,7 +622,7 @@ class ProductArchivedListView(CounterAdminTabsMixin, CanEditPropMixin, ListView)
ordering = ['name']
current_tab = "archive"
class ProductListView(CounterAdminTabsMixin, CanEditPropMixin, ListView):
class ProductListView(CounterAdminTabsMixin, CounterAdminMixin, ListView):
"""
A list view for the admins
"""
@ -616,7 +660,7 @@ class ProductEditForm(forms.ModelForm):
c.save()
return ret
class ProductCreateView(CounterAdminTabsMixin, CanCreateMixin, CreateView):
class ProductCreateView(CounterAdminTabsMixin, CounterAdminMixin, CreateView):
"""
A create view for the admins
"""
@ -625,7 +669,7 @@ class ProductCreateView(CounterAdminTabsMixin, CanCreateMixin, CreateView):
template_name = 'core/create.jinja'
current_tab = "products"
class ProductEditView(CounterAdminTabsMixin, CanEditPropMixin, UpdateView):
class ProductEditView(CounterAdminTabsMixin, CounterAdminMixin, UpdateView):
"""
An edit view for the admins
"""
@ -855,7 +899,7 @@ class CounterActivityView(DetailView):
pk_url_kwarg = "counter_id"
template_name = 'counter/activity.jinja'
class CounterStatView(DetailView, CanEditMixin):
class CounterStatView(DetailView, CounterAdminMixin):
"""
Show the bar stats
"""
@ -917,7 +961,7 @@ class CounterStatView(DetailView, CanEditMixin):
return super(CanEditMixin, self).dispatch(request, *args, **kwargs)
raise PermissionDenied
class CashSummaryEditView(CanEditPropMixin, CounterAdminTabsMixin, UpdateView):
class CashSummaryEditView(CounterAdminTabsMixin, CounterAdminMixin, UpdateView):
"""Edit cash summaries"""
model = CashRegisterSummary
template_name = 'counter/cash_register_summary.jinja'
@ -933,7 +977,7 @@ class CashSummaryFormBase(forms.Form):
begin_date = forms.DateTimeField(['%Y-%m-%d %H:%M:%S'], label=_("Begin date"), required=False, widget=SelectDateTime)
end_date = forms.DateTimeField(['%Y-%m-%d %H:%M:%S'], label=_("End date"), required=False, widget=SelectDateTime)
class CashSummaryListView(CanEditPropMixin, CounterAdminTabsMixin, ListView):
class CashSummaryListView(CounterAdminTabsMixin, CounterAdminMixin, ListView):
"""Display a list of cash summaries"""
model = CashRegisterSummary
template_name = 'counter/cash_summary_list.jinja'
@ -970,7 +1014,7 @@ class CashSummaryListView(CanEditPropMixin, CounterAdminTabsMixin, ListView):
kwargs['refilling_sums'][c.name] = sum([s.amount for s in refillings.all()])
return kwargs
class InvoiceCallView(CounterAdminTabsMixin, TemplateView):
class InvoiceCallView(CounterAdminTabsMixin, CounterAdminMixin, TemplateView):
template_name = 'counter/invoices_call.jinja'
current_tab = 'invoices_call'
@ -997,7 +1041,7 @@ class InvoiceCallView(CounterAdminTabsMixin, TemplateView):
)).exclude(selling_sum=None).order_by('-selling_sum')
return kwargs
class EticketListView(CounterAdminTabsMixin, CanEditPropMixin, ListView):
class EticketListView(CounterAdminTabsMixin, CounterAdminMixin, ListView):
"""
A list view for the admins
"""
@ -1015,7 +1059,7 @@ class EticketForm(forms.ModelForm):
}
product = AutoCompleteSelectField('products', show_help_text=False, label=_("Product"), required=True)
class EticketCreateView(CounterAdminTabsMixin, CanEditPropMixin, CreateView):
class EticketCreateView(CounterAdminTabsMixin, CounterAdminMixin, CreateView):
"""
Create an eticket
"""
@ -1024,7 +1068,7 @@ class EticketCreateView(CounterAdminTabsMixin, CanEditPropMixin, CreateView):
form_class = EticketForm
current_tab = "etickets"
class EticketEditView(CounterAdminTabsMixin, CanEditPropMixin, UpdateView):
class EticketEditView(CounterAdminTabsMixin, CounterAdminMixin, UpdateView):
"""
Edit an eticket
"""