diff --git a/app/app.py b/app/app.py
index a861709..8eec72c 100644
--- a/app/app.py
+++ b/app/app.py
@@ -155,8 +155,8 @@ def add_template_filters(app: Flask) -> None:
return str(datetime.now().year)
@app.template_filter("euro")
- def euro(value: int) -> None:
- euro_string(value)
+ def euro(value: int) -> str:
+ return euro_string(value)
# For usage when you directly call the script with python
diff --git a/app/templates/order.html b/app/templates/order.html
index 8104e26..4096df4 100644
--- a/app/templates/order.html
+++ b/app/templates/order.html
@@ -11,14 +11,18 @@
Order {{ order.id }}
{% if order.can_close(current_user.id) -%}
-
Close
+
{% endif %}{% if courier_or_admin %}
Edit
{%- endif %}
courier: {{ order.courrier.username }}
{% if order.courrier == None and not current_user.is_anonymous() %}
- Volunteer
+
{% endif %}
location: {{ order.location.name }}
@@ -76,8 +80,18 @@
{{ item.get_name() }} |
{{ item.product.name }}{{ "*" if item.extra }} |
{{ item.product.price|euro }} |
- {% if courier_or_admin %}{% if not item.paid %} Pay {% else %} {% endif %} | {% endif %}
- {% if item.can_delete(order.id, current_user.id, session.get('anon_name', '')) -%}{%- endif %}
|
+ {% if courier_or_admin %}{% if not item.paid %}
+
+ {% else %}
+ {% endif %} |
+ {% endif %}
+ {% if item.can_delete(order.id, current_user.id, session.get('anon_name', '')) -%}
+
+ {%- endif %}
|
{%- endfor %}
@@ -113,7 +127,11 @@
{{ key }} |
{{ value["total"]|euro }} |
{{ value["to_pay"]|euro }} |
- {% if courier_or_admin %}{% if not value["to_pay"] == 0 %} Pay {% else %} {% endif %} | {% endif %}
+ {% if courier_or_admin %}{% if not value["to_pay"] == 0 %}
+
+ {% else %} {% endif %} | {% endif %}
{%- endfor %}
diff --git a/app/views/order.py b/app/views/order.py
index 1d011b2..b9d4b16 100644
--- a/app/views/order.py
+++ b/app/views/order.py
@@ -119,7 +119,7 @@ def order_item_create(id: int) -> typing.Any:
return order(id, form=form)
-@order_bp.route("///paid")
+@order_bp.route("///paid", methods=["POST"])
@login_required
def item_paid(order_id: int, item_id: int) -> typing.Optional[Response]:
item = OrderItem.query.filter(OrderItem.id == item_id).first()
@@ -132,7 +132,7 @@ def item_paid(order_id: int, item_id: int) -> typing.Optional[Response]:
abort(404)
-@order_bp.route("///user_paid")
+@order_bp.route("///user_paid", methods=["POST"])
@login_required
def items_user_paid(order_id: int, user_name: str) -> typing.Optional[Response]:
user = User.query.filter(User.username == user_name).first()
@@ -140,11 +140,11 @@ def items_user_paid(order_id: int, user_name: str) -> typing.Optional[Response]:
if user:
items = OrderItem.query.filter(
(OrderItem.user_id == user.id) & (OrderItem.order_id == order_id)
- )
+ ).all()
else:
items = OrderItem.query.filter(
(OrderItem.name == user_name) & (OrderItem.order_id == order_id)
- )
+ ).all()
current_order = Order.query.filter(Order.id == order_id).first()
for item in items:
print(item)
@@ -157,7 +157,7 @@ def items_user_paid(order_id: int, user_name: str) -> typing.Optional[Response]:
abort(404)
-@order_bp.route("///delete")
+@order_bp.route("///delete", methods=["POST"])
def delete_item(order_id: int, item_id: int) -> typing.Any:
# type is 'typing.Optional[Response]', but this errors due to
# https://github.com/python/mypy/issues/7187
@@ -175,7 +175,7 @@ def delete_item(order_id: int, item_id: int) -> typing.Any:
abort(404)
-@order_bp.route("//volunteer")
+@order_bp.route("//volunteer", methods=["POST"])
@login_required
def volunteer(id: int) -> Response:
order = Order.query.filter(Order.id == id).first()
@@ -190,7 +190,7 @@ def volunteer(id: int) -> Response:
return redirect(url_for("order_bp.order", id=id))
-@order_bp.route("//close")
+@order_bp.route("//close", methods=["POST"])
@login_required
def close_order(id: int) -> typing.Optional[Response]:
order = Order.query.filter(Order.id == id).first()