diff --git a/app/models.py b/app/models.py index 86ca9e5..418d4d2 100644 --- a/app/models.py +++ b/app/models.py @@ -1,3 +1,4 @@ +from datetime import datetime from app import db @@ -103,3 +104,12 @@ class OrderItem(db.Model): def __repr__(self): return 'OrderItem' + + def can_delete(self, order_id, user_id): + if self.user_id != user_id: + return False + if int(self.order_id) != int(order_id): + return False + if self.order.stoptime and self.order.stoptime < datetime.now(): + return False + return True diff --git a/app/templates/home_loggedin.html b/app/templates/home_loggedin.html index 8207d05..51b3f32 100644 --- a/app/templates/home_loggedin.html +++ b/app/templates/home_loggedin.html @@ -6,7 +6,7 @@

Open orders:

diff --git a/app/templates/layout.html b/app/templates/layout.html index fd0ca1d..8f4c712 100644 --- a/app/templates/layout.html +++ b/app/templates/layout.html @@ -2,7 +2,7 @@ {% set navbar = [ ('home', 'Home'), - ('orders', 'Orders'), + ('order_bp.orders', 'Orders'), ('about', 'About'), ('stats', 'Stats'), ] -%} diff --git a/app/templates/order.html b/app/templates/order.html index 7485461..39e13b0 100644 --- a/app/templates/order.html +++ b/app/templates/order.html @@ -1,18 +1,25 @@ {% extends "layout.html" %} {% set active_page = "orders" -%} +{% import "bootstrap/wtf.html" as wtf %} {% block container %}
-
+

Order {{ order.id }}

Courrier: {{ order.courrier.username }}
Location: {{ order.location.name }}
Starttime: {{ order.starttime }}
Stoptime: {{ order.stoptime }}
+ Total price: {{ total_price|euro }}

Orders

{% for item in order.orders %} - {{ item.user.username }} - {{ item.food.name }} - {{ item.food.price|euro }}
+ {{ item.user.username }} - {{ item.food.name }} - {{ item.food.price|euro }} + {% if item.can_delete(order.id, current_user.id) -%}{%- endif %}
{% endfor %}
+
+

Order:

+ {{ wtf.quick_form(form, action=url_for('.order_create'), button_map={'submit_button': 'primary'}, form_type='horizontal') }} +
{% endblock %} \ No newline at end of file diff --git a/app/templates/orders.html b/app/templates/orders.html index 4673a78..abae873 100644 --- a/app/templates/orders.html +++ b/app/templates/orders.html @@ -8,12 +8,12 @@

Open orders:

- {{ wtf.quick_form(form, action=url_for('order_create'), button_map={'submit_button': 'primary'}, form_type='horizontal') }} + {{ wtf.quick_form(form, action=url_for('.order_create'), button_map={'submit_button': 'primary'}, form_type='horizontal') }}
diff --git a/app/views/order.py b/app/views/order.py index e3f094c..a12ba3d 100644 --- a/app/views/order.py +++ b/app/views/order.py @@ -1,5 +1,5 @@ __author__ = 'feliciaan' -from flask import url_for, render_template, abort, redirect +from flask import url_for, render_template, abort, redirect, Blueprint from flask.ext.login import current_user, login_required from datetime import datetime @@ -7,17 +7,45 @@ from app import app, db from models import Order, OrderItem from forms import OrderItemForm, OrderForm +order_bp = Blueprint('order_bp', 'order') -@app.route('/order/') +@order_bp.route('/') +@login_required +def orders(): + orders = Order.query.filter((Order.stoptime > datetime.now()) | (Order.stoptime == None)).all() + orderForm = OrderForm() + orderForm.populate() + return render_template('orders.html', orders=orders, form=orderForm) + + +@order_bp.route('/create', methods=['GET', 'POST']) +@login_required +def order_create(): + orderForm = OrderForm() + orderForm.populate() + if orderForm.validate_on_submit(): + order = Order() + orderForm.populate_obj(order) + db.session.add(order) + db.session.commit() + return redirect(url_for('.order', id=order.id)) + + return render_template('order_form.html', form=orderForm, url=url_for(".order_create")) + + +@order_bp.route('/') @login_required def order(id): order = Order.query.filter(Order.id == id).first() if order is not None: - return render_template('order.html', order=order) + form = OrderItemForm() + form.populate(order.location) + total_price = sum([o.food.price for o in order.orders]) + return render_template('order.html', order=order, form=form, total_price=total_price) return abort(404) -@app.route('/order//create', methods=['GET', 'POST']) +@order_bp.route('//create', methods=['GET', 'POST']) @login_required def order_item_create(id): order = Order.query.filter(Order.id == id).first() @@ -31,31 +59,18 @@ def order_item_create(id): item.user_id = current_user.id db.session.add(item) db.session.commit() - return redirect(url_for('order', id=id)) - return render_template('order_form.html', form=form, url=url_for("order_item_create", id=id)) + return redirect(url_for('.order', id=id)) + return render_template('order_form.html', form=form, url=url_for(".order_item_create", id=id)) return abort(404) - -@app.route('/order/create', methods=['GET', 'POST']) +@order_bp.route('///delete') @login_required -def order_create(): - orderForm = OrderForm() - orderForm.populate() - if orderForm.validate_on_submit(): - order = Order() - orderForm.populate_obj(order) - db.session.add(order) +def delete_item(order_id, item_id): + item = OrderItem.query.filter(OrderItem.id == item_id).first() + if item.can_delete(order_id, current_user.id): + db.session.delete(item) db.session.commit() - return redirect(url_for('order', id=order.id)) - - return render_template('order_form.html', form=orderForm, url=url_for("order_create")) - - -@app.route('/order') -@login_required -def orders(): - orders = Order.query.filter((Order.stoptime > datetime.now()) | (Order.stoptime == None)).all() - orderForm = OrderForm() - orderForm.populate() - return render_template('orders.html', orders=orders, form=orderForm) + return redirect(url_for('.order', id=order_id)) + abort(404) +app.register_blueprint(order_bp, url_prefix='/order') \ No newline at end of file