seba
/
k4ever
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '63b3f71141'
${ noResults }
k4ever/k4ever/main/views.py

192 lines
7.1 KiB
Raw Blame History

# -*- coding: utf8 -*-
# This file is part of k4ever, a point-of-sale system
# Contact............ <k4ever@lists.someserver.de>
# Website............ http://k4ever.someserver.de/
# Bug tracker........ http://k4ever.someserver.de/report
#
# Licensed under GNU Affero General Public License v3 or later
from django.contrib.auth.forms import PasswordChangeForm
from django.contrib.auth.decorators import login_required
from django.db.models import Count, Max
from django.http import HttpResponseRedirect
from django.shortcuts import render
from django.template import RequestContext
from django.core.urlresolvers import reverse
import django.contrib.auth.views
from buyable.models import Purchase, Buyable, BuyableType
from main.helper import getUserFromAuthblob
from main.models import Plugin, PluginPermission
from k4ever.settings import SNACK_TYPE_ID, DRINK_TYPE_ID
@login_required
def startpage(request):
''' Diese Funktion wird wahrscheinlich viel Last erzeugen, da
sie ueber mehrere Tabellen joined,filtered und wieder reduced.
'''
drinks = BuyableType.objects.get(pk=DRINK_TYPE_ID).buyable_set.all()
snacks = BuyableType.objects.get(pk=SNACK_TYPE_ID).buyable_set.all()
context = {}
drink_data = (drinks, ('allMostDrinks', 'usersMostDrinks', 'usersLastDrinks'))
snack_data = (snacks, ('allMostSnacks', 'usersMostSnacks', 'usersLastSnacks'))
for buyables, context_vars in (drink_data, snack_data):
buyables = buyables.values('name', 'id','image','price','deposit')
# allMost
context[context_vars[0]] = buyables.filter(purchase__isDeposit=False).annotate(
num_buys=Count('purchase')).order_by('-num_buys')[:5]
# filtert fuer die anderen Variablen vor
buyables = buyables.filter( purchase__order__user=request.user.id,
purchase__isDeposit=False)
buyables = buyables.annotate(num_buys=Count('purchase'))
# usersMost
context[context_vars[1]] = buyables.order_by('-num_buys')[:5]
# usersLast
buyables = buyables.annotate(max_dateTime=Max('purchase__order__dateTime'))
context[context_vars[2]] = buyables.order_by('-max_dateTime')[:5]
return render(request, "main/startpage.html", context)
def register(request):
""" The "no registration available" page... """
return render(request, "registration/register.html")
def getPluginDict(request):
""" Generate a dict containing the users plugin information. """
plugins = Plugin.objects.all()
allowed = Plugin.objects.filter(pluginpermission__user=request.user)
unallowed = Plugin.objects.exclude(pluginpermission__user=request.user)
perms = PluginPermission.objects.filter(user=request.user)
form = None
if request.user.has_usable_password():
form = PasswordChangeForm(request.user)
return {'plugins': plugins, 'allowed': allowed, 'unallowed': unallowed, 'permissions': perms, 'form': form}
@login_required
def settings(request):
""" Render settings page. """
pdict = getPluginDict(request)
if request.method == "POST":
form = PasswordChangeForm(request.user, data=request.POST)
if form.is_valid():
form.save()
pdict['password_success'] = "Es wurde ein neues Passwort gesetzt."
pdict['form'] = form
return render(request, "settings/settings.html", pdict)
@login_required
def pluginPermission(request, method, pluginId):
""" View to edit the users :class:`Plugin` permissions. """
plugin = None
try:
plugin = Plugin.objects.get(id=pluginId)
except Plugin.DoesNotExist:
d = getPluginDict(request)
d['pluginerror'] = "Ein Plugin mit der angegebenen ID existiert nicht"
return render(request, "settings/settings.html", d)
if method == "allow":
try:
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
d = getPluginDict(request)
d['pluginerror'] = "Dieses Plugin wurde bereits erlaubt"
return render(request, "settings/settings.html", d)
except PluginPermission.DoesNotExist:
p = PluginPermission(user=request.user, plugin=plugin)
p.save()
else:
try:
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
p.delete()
except PluginPermission.DoesNotExist:
d = getPluginDict(request)
d['pluginerror'] = "Keine Berechtigungen f&uuml;r dieses Plugin gefunden - kann also auch nicht zur&uuml;ckgezogen werden"
return render(request, "settings/settings.html", d)
return HttpResponseRedirect("/user/settings/")
@login_required
def pluginAuthblob(request, pluginId):
""" View to edit the users :attr:`authblob <PluginPermission.authblob>`. """
if request.method != "POST":
return HttpResponseRedirect("/user/settings/")
# find plugin
plugin = None
try:
plugin = Plugin.objects.get(id=pluginId)
except Plugin.DoesNotExist:
d = getPluginDict(request)
d['pluginerror'] = "Ein Plugin mit der angegebenen ID existiert nicht"
return render(request, "settings/settings.html", d)
# find plugin permission for user
p = None
try:
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
except PluginPermission.DoesNotExist:
d = getPluginDict(request)
d['pluginerror'] = "Vor dem editieren vom Authblob muss das Plugin ersteinmal erlaubt werden"
return render(request, "settings/settings.html", d)
# has the user write access to the authblob?
if not p.plugin.userCanWriteAuthblob or not "authblob" in request.POST:
d = getPluginDict(request)
d['pluginerror'] = "Der Authblob darf f&uuml;r dieses Plugin nicht vom User ver&auml;ndert werden (oder der Authblob war kaputt)"
return render(request, "settings/settings.html", d)
# clean authblob \r\n ==> \n
authblob = request.POST["authblob"].replace("\r\n", "\n")
# is the authblob too long (too many lines)?
if p.plugin.maxLinesPerAuthblob > 0 and (authblob.rstrip().count("\n") + 1) > p.plugin.maxLinesPerAuthblob:
d = getPluginDict(request)
d['pluginerror'] = "Der Authblob darf maximal %d Zeilen haben" % (p.plugin.maxLinesPerAuthblob,)
return render(request, "settings/settings.html", d)
# check, if this is equal to the old users plugin
pluginsWithAuthblob = PluginPermission.objects.filter(plugin=plugin, user=request.user, authblob__exact=authblob)
if pluginsWithAuthblob.count() > 0:
d = getPluginDict(request)
d['pluginerror'] = "Das ist der gleiche Authblob, den du vorher auch hattest."
return render(request, "settings/settings.html", d)
# check for every authblob-line, if there is somebody who has it (if unique)
if p.plugin.uniqueAuthblob:
print authblob.split("\n")
for line in authblob.split("\n"):
usr = getUserFromAuthblob(line, plugin)
if usr:
if usr == request.user:
# we know this one
continue
else:
d = getPluginDict(request)
d['pluginerror'] = "Achtung! Dein Authblob (bzw. eine der Zeile davon) wird bereits von einer anderen Person benutzt. Bitte w&auml;hle einen anderen (eindeutigen) Authblob!"
return render(request, "settings/settings.html", d)
p.authblob = authblob
p.save()
d = getPluginDict(request)
d['pluginmsg'] = "Authblob erfolgreich ge&auml;ndert"
return render(request, "settings/settings.html", d)
def login(request):
''' Login - redirect wenn schon angemeldet.
'''
if request.user.is_authenticated():
return HttpResponseRedirect(reverse('main.views.startpage'))
return django.contrib.auth.views.login(request)
Reference in new issue View Git Blame Copy Permalink