No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

views.py 7.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181
  1. # -*- coding: utf8 -*-
  2. # This file is part of k4ever, a point-of-sale system
  3. # Contact............ <k4ever@lists.someserver.de>
  4. # Website............ http://k4ever.someserver.de/
  5. # Bug tracker........ http://k4ever.someserver.de/report
  6. #
  7. # Licensed under GNU Affero General Public License v3 or later
  8. from django.contrib.auth.forms import PasswordChangeForm
  9. from django.contrib.auth.decorators import login_required
  10. from django.db.models import Count, Max
  11. from django.http import HttpResponseRedirect
  12. from django.shortcuts import render_to_response
  13. from django.template import RequestContext
  14. from buyable.models import Purchase, Buyable, BuyableType
  15. from main.helper import getUserFromAuthblob
  16. from main.models import Plugin, PluginPermission
  17. from settings import SNACK_TYPE_ID, DRINK_TYPE_ID
  18. @login_required
  19. def startpage(request):
  20. ''' Diese Funktion wird wahrscheinlich viel Last erzeugen, da
  21. sie ueber mehrere Tabellen joined,filtered und wieder reduced.
  22. '''
  23. drinks = BuyableType.objects.get(pk=DRINK_TYPE_ID).buyable_set.all()
  24. snacks = BuyableType.objects.get(pk=SNACK_TYPE_ID).buyable_set.all()
  25. context = {}
  26. drink_data = (drinks, ('allMostDrinks', 'usersMostDrinks', 'usersLastDrinks'))
  27. snack_data = (snacks, ('allMostSnacks', 'usersMostSnacks', 'usersLastSnacks'))
  28. for buyables, context_vars in (drink_data, snack_data):
  29. buyables = buyables.values('name', 'id','image','price','deposit')
  30. # allMost
  31. context[context_vars[0]] = buyables.filter(purchase__isDeposit=False).annotate(
  32. num_buys=Count('purchase')).order_by('-num_buys')[:5]
  33. # filtert fuer die anderen Variablen vor
  34. buyables = buyables.filter( purchase__order__user=request.user.id,
  35. purchase__isDeposit=False)
  36. buyables = buyables.annotate(num_buys=Count('purchase'))
  37. # usersMost
  38. context[context_vars[1]] = buyables.order_by('-num_buys')[:5]
  39. # usersLast
  40. buyables = buyables.annotate(max_dateTime=Max('purchase__order__dateTime'))
  41. context[context_vars[2]] = buyables.order_by('-max_dateTime')[:5]
  42. return render_to_response("main/startpage.html", context, RequestContext(request))
  43. def register(request):
  44. """ The "no registration available" page... """
  45. return render_to_response("registration/register.html", RequestContext(request))
  46. def getPluginDict(request):
  47. """ Generate a dict containing the users plugin information. """
  48. plugins = Plugin.objects.all()
  49. allowed = Plugin.objects.filter(pluginpermission__user=request.user)
  50. unallowed = Plugin.objects.exclude(pluginpermission__user=request.user)
  51. perms = PluginPermission.objects.filter(user=request.user)
  52. form = None
  53. if request.user.has_usable_password():
  54. form = PasswordChangeForm(request.user)
  55. return {'plugins': plugins, 'allowed': allowed, 'unallowed': unallowed, 'permissions': perms, 'form': form}
  56. @login_required
  57. def settings(request):
  58. """ Render settings page. """
  59. pdict = getPluginDict(request)
  60. if request.method == "POST":
  61. form = PasswordChangeForm(request.user, data=request.POST)
  62. if form.is_valid():
  63. form.save()
  64. pdict['password_success'] = "Es wurde ein neues Passwort gesetzt."
  65. pdict['form'] = form
  66. return render_to_response("settings/settings.html", pdict, RequestContext(request))
  67. @login_required
  68. def pluginPermission(request, method, pluginId):
  69. """ View to edit the users :class:`Plugin` permissions. """
  70. plugin = None
  71. try:
  72. plugin = Plugin.objects.get(id=pluginId)
  73. except Plugin.DoesNotExist:
  74. d = getPluginDict(request)
  75. d['pluginerror'] = "Ein Plugin mit der angegebenen ID existiert nicht"
  76. return render_to_response("settings/settings.html", d, RequestContext(request))
  77. if method == "allow":
  78. try:
  79. p = PluginPermission.objects.get(user=request.user, plugin=plugin)
  80. d = getPluginDict(request)
  81. d['pluginerror'] = "Dieses Plugin wurde bereits erlaubt"
  82. return render_to_response("settings/settings.html", d, RequestContext(request))
  83. except PluginPermission.DoesNotExist:
  84. p = PluginPermission(user=request.user, plugin=plugin)
  85. p.save()
  86. else:
  87. try:
  88. p = PluginPermission.objects.get(user=request.user, plugin=plugin)
  89. p.delete()
  90. except PluginPermission.DoesNotExist:
  91. d = getPluginDict(request)
  92. d['pluginerror'] = "Keine Berechtigungen f&uuml;r dieses Plugin gefunden - kann also auch nicht zur&uuml;ckgezogen werden"
  93. return render_to_response("settings/settings.html", d, RequestContext(request))
  94. return HttpResponseRedirect("/user/settings/")
  95. @login_required
  96. def pluginAuthblob(request, pluginId):
  97. """ View to edit the users :attr:`authblob <PluginPermission.authblob>`. """
  98. if request.method != "POST":
  99. return HttpResponseRedirect("/user/settings/")
  100. # find plugin
  101. plugin = None
  102. try:
  103. plugin = Plugin.objects.get(id=pluginId)
  104. except Plugin.DoesNotExist:
  105. d = getPluginDict(request)
  106. d['pluginerror'] = "Ein Plugin mit der angegebenen ID existiert nicht"
  107. return render_to_response("settings/settings.html", d, RequestContext(request))
  108. # find plugin permission for user
  109. p = None
  110. try:
  111. p = PluginPermission.objects.get(user=request.user, plugin=plugin)
  112. except PluginPermission.DoesNotExist:
  113. d = getPluginDict(request)
  114. d['pluginerror'] = "Vor dem editieren vom Authblob muss das Plugin ersteinmal erlaubt werden"
  115. return render_to_response("settings/settings.html", d, RequestContext(request))
  116. # has the user write access to the authblob?
  117. if not p.plugin.userCanWriteAuthblob or not request.POST.has_key("authblob"):
  118. d = getPluginDict(request)
  119. d['pluginerror'] = "Der Authblob darf f&uuml;r dieses Plugin nicht vom User ver&auml;ndert werden (oder der Authblob war kaputt)"
  120. return render_to_response("settings/settings.html", d, RequestContext(request))
  121. # clean authblob \r\n ==> \n
  122. authblob = request.POST["authblob"].replace("\r\n", "\n")
  123. # is the authblob too long (too many lines)?
  124. if p.plugin.maxLinesPerAuthblob > 0 and (authblob.rstrip().count("\n") + 1) > p.plugin.maxLinesPerAuthblob:
  125. d = getPluginDict(request)
  126. d['pluginerror'] = "Der Authblob darf maximal %d Zeilen haben" % (p.plugin.maxLinesPerAuthblob,)
  127. return render_to_response("settings/settings.html", d, RequestContext(request))
  128. # check, if this is equal to the old users plugin
  129. pluginsWithAuthblob = PluginPermission.objects.filter(plugin=plugin, user=request.user, authblob=authblob)
  130. if pluginsWithAuthblob.count() > 0:
  131. d = getPluginDict(request)
  132. d['pluginerror'] = "Das ist der gleiche Authblob, den du vorher auch hattest."
  133. return render_to_response("settings/settings.html", d, RequestContext(request))
  134. # check for every authblob-line, if there is somebody who has it (if unique)
  135. if p.plugin.uniqueAuthblob:
  136. print authblob.split("\n")
  137. for line in authblob.split("\n"):
  138. usr = getUserFromAuthblob(line, plugin)
  139. if usr:
  140. if usr == request.user:
  141. # we know this one
  142. continue
  143. else:
  144. d = getPluginDict(request)
  145. d['pluginerror'] = "Achtung! Dein Authblob (bzw. eine der Zeile davon) wird bereits von einer anderen Person benutzt. Bitte w&auml;hle einen anderen (eindeutigen) Authblob!"
  146. return render_to_response("settings/settings.html", d, RequestContext(request))
  147. p.authblob = authblob
  148. p.save()
  149. d = getPluginDict(request)
  150. d['pluginmsg'] = "Authblob erfolgreich ge&auml;ndert"
  151. return render_to_response("settings/settings.html", d, RequestContext(request))