Don't crash on orders that don't have a slug

Orders created before we introduced slugs don't have a slug. This commit
introduces code to work with them. Without these changes, the legacy
orders are not reachable any more, and trying to create a link for them,
crashes the page.

I wrote this commit because in my test environment I had a long-lived
order for testing purposes, and the home page crashed because the order
would show up in the list of Open Orders.
This commit is contained in:
Midgard 2022-05-25 10:51:06 +02:00
parent 453cacebd9
commit ff0ea068de
Signed by: midgard
GPG key ID: 511C112F1331BBB4
6 changed files with 51 additions and 33 deletions

View file

@ -132,3 +132,19 @@ class Order(db.Model):
def can_modify_payment(self, user_id: int) -> bool: def can_modify_payment(self, user_id: int) -> bool:
user = User.query.filter_by(id=user_id).first() user = User.query.filter_by(id=user_id).first()
return user and (user.is_admin() or user == self.courier) return user and (user.is_admin() or user == self.courier)
@staticmethod
def get_by_slug(slug: str) -> "typing.Optional[Order]":
"""
Find an order by slug. Also matches orders by ID if they don't have a slug
"""
order_id = None
try:
order_id = int(slug)
except:
pass
return Order.query.filter(
(Order.slug == slug) |
((Order.slug == None) & (Order.id == order_id))
).first()

View file

@ -18,7 +18,7 @@ def webhook_text(order: Order) -> typing.Optional[str]:
if order.courier is not None: if order.courier is not None:
# pylint: disable=C0301, C0209 # pylint: disable=C0301, C0209
return "<!channel|@channel> {3} is going to {1}, order <{0}|here>! Deadline in {2} minutes!".format( return "<!channel|@channel> {3} is going to {1}, order <{0}|here>! Deadline in {2} minutes!".format(
url_for("order_bp.order_from_slug", order_slug=order.slug, _external=True), url_for("order_bp.order_from_slug", order_slug=order.slug or order.id, _external=True),
order.location_name, order.location_name,
remaining_minutes(order.stoptime), remaining_minutes(order.stoptime),
order.courier.username.title(), order.courier.username.title(),
@ -28,7 +28,7 @@ def webhook_text(order: Order) -> typing.Optional[str]:
return "<!channel|@channel> New order for {}. Deadline in {} minutes. <{}|Open here.>".format( return "<!channel|@channel> New order for {}. Deadline in {} minutes. <{}|Open here.>".format(
order.location_name, order.location_name,
remaining_minutes(order.stoptime), remaining_minutes(order.stoptime),
url_for("order_bp.order_from_slug", order_slug=order.slug, _external=True), url_for("order_bp.order_from_slug", order_slug=order.slug or order.id, _external=True),
) )

View file

@ -23,7 +23,7 @@
<div id="qrcode"></div> <div id="qrcode"></div>
<script type="text/javascript"> <script type="text/javascript">
var qrcode = new QRCode(document.getElementById("qrcode"), { var qrcode = new QRCode(document.getElementById("qrcode"), {
text: "{{ url_for("order_bp.order_from_slug", order_slug=order.slug, _external=True) }}", text: "{{ url_for("order_bp.order_from_slug", order_slug=order.slug or order.id, _external=True) }}",
width: 128, width: 128,
height: 128, height: 128,
colorDark : "#000000", colorDark : "#000000",
@ -43,7 +43,7 @@
{% endif %} {% endif %}
</div> </div>
<div> <div>
Unique order link: <code>{{ url_for("order_bp.order_from_slug", order_slug=order.slug, _external=True) }}</code> Unique order link: <code>{{ url_for("order_bp.order_from_slug", order_slug=order.slug or order.id, _external=True) }}</code>
</div> </div>
</div> </div>
</header> </header>
@ -57,7 +57,7 @@
{% for item in my_items %} {% for item in my_items %}
<li class="spacecake"> <li class="spacecake">
{% if item.can_delete(order.id, current_user.id, session.get('anon_name', '')) -%} {% if item.can_delete(order.id, current_user.id, session.get('anon_name', '')) -%}
<form action="{{ url_for('order_bp.delete_item', order_slug=order.slug, item_id=item.id) }}" method="post" style="display:inline"> <form action="{{ url_for('order_bp.delete_item', order_slug=order.slug or order.id, item_id=item.id) }}" method="post" style="display:inline">
<button class="btn btn-link btn-sm" type="submit" style="padding: 0 0.5em;"><span class="glyphicon glyphicon-remove"></span></button> <button class="btn btn-link btn-sm" type="submit" style="padding: 0 0.5em;"><span class="glyphicon glyphicon-remove"></span></button>
</form> </form>
{%- endif %} {%- endif %}
@ -86,7 +86,7 @@
<h3>Add item to order</h3> <h3>Add item to order</h3>
{% for dish in order.location.dishes %} {% for dish in order.location.dishes %}
<form method="post" action="{{ url_for('order_bp.order_item_create', order_slug=order.slug) }}" id="dish_{{ dish.id }}"> <form method="post" action="{{ url_for('order_bp.order_item_create', order_slug=order.slug or order.id) }}" id="dish_{{ dish.id }}">
{{ form.csrf_token }} {{ form.csrf_token }}
<input type="hidden" name="dish_id" value="{{ dish.id }}" /> <input type="hidden" name="dish_id" value="{{ dish.id }}" />
@ -188,7 +188,7 @@
<dd> <dd>
{% if order.courier == None %} {% if order.courier == None %}
{% if not current_user.is_anonymous() %} {% if not current_user.is_anonymous() %}
<form action="{{ url_for('order_bp.volunteer', order_slug=order.slug) }}" method="post" style="display:inline"> <form action="{{ url_for('order_bp.volunteer', order_slug=order.slug or order.id) }}" method="post" style="display:inline">
<input type="submit" class="btn btn-primary btn-sm" value="Volunteer"></input> <input type="submit" class="btn btn-primary btn-sm" value="Volunteer"></input>
</form> </form>
{% else %}No-one yet{% endif %} {% else %}No-one yet{% endif %}
@ -201,12 +201,12 @@
<div> <div>
{% if order.can_close(current_user.id) -%} {% if order.can_close(current_user.id) -%}
<form action="{{ url_for('order_bp.close_order', order_slug=order.slug) }}" method="post" style="display:inline"> <form action="{{ url_for('order_bp.close_order', order_slug=order.slug or order.id) }}" method="post" style="display:inline">
<input type="submit" class="btn btn-danger" value="Close"></input> <input type="submit" class="btn btn-danger" value="Close"></input>
</form> </form>
{% endif %} {% endif %}
{% if courier_or_admin %} {% if courier_or_admin %}
<a class="btn" href="{{ url_for('order_bp.order_edit', order_slug=order.slug) }}">Edit</a> <a class="btn" href="{{ url_for('order_bp.order_edit', order_slug=order.slug or order.id) }}">Edit</a>
{%- endif %} {%- endif %}
</div> </div>
</div> </div>
@ -279,7 +279,7 @@
<div class="footer"> <div class="footer">
Total {{ order.items.count() }} items — {{ total_price|euro }} Total {{ order.items.count() }} items — {{ total_price|euro }}
&nbsp; &nbsp;
<a class="btn btn-sm" href="{{ url_for('order_bp.items_shop_view', order_slug=order.slug) }}">Shop view</a> <a class="btn btn-sm" href="{{ url_for('order_bp.items_shop_view', order_slug=order.slug or order.id) }}">Shop view</a>
</div> </div>
</div> </div>
</div> </div>
@ -288,7 +288,7 @@
<section class="single_column"> <section class="single_column">
<div class="box" id="per_person"> <div class="box" id="per_person">
<h3>Items per person</h3> <h3>Items per person</h3>
<form action="{{ url_for('order_bp.modify_items', order_slug=order.slug) }}" method="post"> <form action="{{ url_for('order_bp.modify_items', order_slug=order.slug or order.id) }}" method="post">
<table class="table table-condensed"> <table class="table table-condensed">
<thead> <thead>
<tr><th>Total</th><th>Name</th><th>Items</th></tr> <tr><th>Total</th><th>Name</th><th>Items</th></tr>
@ -314,7 +314,7 @@
<li class="{{ 'paid' if item.paid }}"> <li class="{{ 'paid' if item.paid }}">
<div class="actions"> <div class="actions">
{% if item.can_delete(order.id, current_user.id, session.get('anon_name', '')) -%} {% if item.can_delete(order.id, current_user.id, session.get('anon_name', '')) -%}
<form action="{{ url_for('order_bp.delete_item', order_slug=order.slug, item_id=item.id) }}" method="post" style="display:inline"> <form action="{{ url_for('order_bp.delete_item', order_slug=order.slug or order.id, item_id=item.id) }}" method="post" style="display:inline">
<button class="btn btn-link btn-sm" type="submit" style="padding: 0 0.5em;"><span class="glyphicon glyphicon-remove"></span></button> <button class="btn btn-link btn-sm" type="submit" style="padding: 0 0.5em;"><span class="glyphicon glyphicon-remove"></span></button>
</form> </form>
{% else %} {% else %}
@ -348,7 +348,7 @@
{% if order.can_modify_prices(current_user.id) %} {% if order.can_modify_prices(current_user.id) %}
&nbsp; <span style="border-left: 1px solid var(--gray0); display: inline-block;">&nbsp;</span>&nbsp; &nbsp; <span style="border-left: 1px solid var(--gray0); display: inline-block;">&nbsp;</span>&nbsp;
<a href="{{ url_for('order_bp.prices', order_slug=order.slug) }}" class="btn btn-sm"> <a href="{{ url_for('order_bp.prices', order_slug=order.slug or order.id) }}" class="btn btn-sm">
<span class="glyphicon glyphicon-pencil"></span> Edit prices <span class="glyphicon glyphicon-pencil"></span> Edit prices
</a> </a>
{% endif %} {% endif %}

View file

@ -11,10 +11,10 @@
{% block container %} {% block container %}
<header> <header>
<h2 id="order-title">Edit prices</h2> <h2 id="order-title">Edit prices</h2>
<div>Only applied to <a href="{{ url_for('order_bp.order_from_slug', order_slug=order.slug) }}">order {{ order.id }}</a>. To permanently change prices for {{ order.location_name }}, edit the <a href="https://git.zeus.gent/haldis/menus/-/blob/master/{{order.location_id}}.hlds">HLDS location definition</a>.</div> <div>Only applied to <a href="{{ url_for('order_bp.order_from_slug', order_slug=order.slug or order.id) }}">order {{ order.id }}</a>. To permanently change prices for {{ order.location_name }}, edit the <a href="https://git.zeus.gent/haldis/menus/-/blob/master/{{order.location_id}}.hlds">HLDS location definition</a>.</div>
</header> </header>
<form action="{{ url_for('order_bp.prices', order_slug=order.slug) }}" method="post"> <form action="{{ url_for('order_bp.prices', order_slug=order.slug or order.id) }}" method="post">
<div class="col-md-6" id="per_dish"> <div class="col-md-6" id="per_dish">
<h3>Per dish</h3> <h3>Per dish</h3>
<div class="noscript">This functionality requires JavaScript.</div> <div class="noscript">This functionality requires JavaScript.</div>
@ -86,7 +86,7 @@
</div> </div>
<div> <div>
<a href="{{ url_for('order_bp.order_from_slug', order_slug=order.slug) }}" class="btn btn-sm">Cancel</a> <a href="{{ url_for('order_bp.order_from_slug', order_slug=order.slug or order.id) }}" class="btn btn-sm">Cancel</a>
<button class="btn btn-sm btn-primary">Apply</button> <button class="btn btn-sm btn-primary">Apply</button>
</div> </div>
</form> </form>

View file

@ -9,7 +9,7 @@
{% else %}open{% endif %}<br/> {% else %}open{% endif %}<br/>
</div> </div>
<div class="col-md-4 col-lg-3 expand_button_wrapper"> <div class="col-md-4 col-lg-3 expand_button_wrapper">
<a class="btn btn-primary btn-block align-bottom expand_button" href="{{ url_for('order_bp.order_from_slug', order_slug=order.slug) }}">Expand</a> <a class="btn btn-primary btn-block align-bottom expand_button" href="{{ url_for('order_bp.order_from_slug', order_slug=(order.slug or order.id)) }}">Expand</a>
</div> </div>
</div> </div>
{%- endmacro %} {%- endmacro %}

View file

@ -43,14 +43,14 @@ def order_create() -> typing.Union[str, Response]:
db.session.add(order) db.session.add(order)
db.session.commit() db.session.commit()
post_order_to_webhook(order) post_order_to_webhook(order)
return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug)) return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug or order.id))
return orders(form=orderForm) return orders(form=orderForm)
@order_bp.route("/<order_slug>") @order_bp.route("/<order_slug>")
def order_from_slug(order_slug: str, form: OrderForm = None, dish_id=None) -> str: def order_from_slug(order_slug: str, form: OrderForm = None, dish_id=None) -> str:
"""Generate order view from id""" """Generate order view from id"""
order = Order.query.filter(Order.slug == order_slug).first() order = Order.get_by_slug(order_slug)
if order is None: if order is None:
abort(404) abort(404)
if current_user.is_anonymous() and not order.public: if current_user.is_anonymous() and not order.public:
@ -80,7 +80,7 @@ def order_from_slug(order_slug: str, form: OrderForm = None, dish_id=None) -> st
@order_bp.route("/<order_slug>/items") @order_bp.route("/<order_slug>/items")
def items_shop_view(order_slug: int) -> str: def items_shop_view(order_slug: int) -> str:
"""Generate order items view from id""" """Generate order items view from id"""
order = Order.query.filter(Order.slug == order_slug).first() order = Order.get_by_slug(order_slug)
if order is None: if order is None:
abort(404) abort(404)
if current_user.is_anonymous() and not order.public: if current_user.is_anonymous() and not order.public:
@ -94,7 +94,7 @@ def items_shop_view(order_slug: int) -> str:
@login_required @login_required
def order_edit(order_slug: str) -> typing.Union[str, Response]: def order_edit(order_slug: str) -> typing.Union[str, Response]:
"""Generate order edit view from id""" """Generate order edit view from id"""
order = Order.query.filter(Order.slug == order_slug).first() order = Order.get_by_slug(order_slug)
if current_user.id is not order.courier_id and not current_user.is_admin(): if current_user.id is not order.courier_id and not current_user.is_admin():
abort(401) abort(401)
if order is None: if order is None:
@ -105,8 +105,8 @@ def order_edit(order_slug: str) -> typing.Union[str, Response]:
order_form.populate_obj(order) order_form.populate_obj(order)
order.update_from_hlds() order.update_from_hlds()
db.session.commit() db.session.commit()
return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug)) return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug or order.id))
return render_template("order_edit.html", form=order_form, order_slug=order.slug) return render_template("order_edit.html", form=order_form, order_slug=order.slug or order.id)
@order_bp.route("/<order_slug>/create", methods=["GET", "POST"]) @order_bp.route("/<order_slug>/create", methods=["GET", "POST"])
@ -114,7 +114,7 @@ def order_item_create(order_slug: str) -> typing.Any:
# type is 'typing.Union[str, Response]', but this errors due to # type is 'typing.Union[str, Response]', but this errors due to
# https://github.com/python/mypy/issues/7187 # https://github.com/python/mypy/issues/7187
"""Add item to order from slug""" """Add item to order from slug"""
current_order = Order.query.filter(Order.slug == order_slug).first() current_order = Order.get_by_slug(order_slug)
if current_order is None: if current_order is None:
abort(404) abort(404)
if current_order.is_closed(): if current_order.is_closed():
@ -171,7 +171,7 @@ def order_item_create(order_slug: str) -> typing.Any:
return redirect( return redirect(
url_for( url_for(
"order_bp.order_item_create", "order_bp.order_item_create",
order_slug=current_order.slug, order_slug=current_order.slug or current_order.id,
dish=form.dish_id.data, dish=form.dish_id.data,
user_name=user_name, user_name=user_name,
comment=comment, comment=comment,
@ -241,7 +241,7 @@ def modify_items(order_slug: str) -> typing.Optional[Response]:
return None return None
def set_items_paid(order_slug: str, user_names: typing.Iterable[str], paid: bool): def set_items_paid(order_slug: str, user_names: typing.Iterable[str], paid: bool):
order = Order.query.filter(Order.slug == order_slug).first() order = Order.get_by_slug(order_slug)
total_paid_items = 0 total_paid_items = 0
total_failed_items = 0 total_failed_items = 0
for user_name in user_names: for user_name in user_names:
@ -279,7 +279,9 @@ def delete_item(order_slug: str, item_id: int) -> typing.Any:
# https://github.com/python/mypy/issues/7187 # https://github.com/python/mypy/issues/7187
"""Delete an item from an order""" """Delete an item from an order"""
item: OrderItem = OrderItem.query.filter(OrderItem.id == item_id).first() item: OrderItem = OrderItem.query.filter(OrderItem.id == item_id).first()
order: Order = Order.query.filter(Order.slug == order_slug).first() order = Order.get_by_slug(order_slug)
if order is None:
abort(404)
user_id = None user_id = None
if not current_user.is_anonymous(): if not current_user.is_anonymous():
user_id = current_user.id user_id = current_user.id
@ -296,7 +298,7 @@ def delete_item(order_slug: str, item_id: int) -> typing.Any:
@login_required @login_required
def volunteer(order_slug: str) -> Response: def volunteer(order_slug: str) -> Response:
"""Add a volunteer to an order""" """Add a volunteer to an order"""
order = Order.query.filter(Order.slug == order_slug).first() order = Order.get_by_slug(order_slug)
if order is None: if order is None:
abort(404) abort(404)
if order.courier_id is None or order.courier_id == 0: if order.courier_id is None or order.courier_id == 0:
@ -305,14 +307,14 @@ def volunteer(order_slug: str) -> Response:
flash("Thank you for volunteering!") flash("Thank you for volunteering!")
else: else:
flash("Volunteering not possible!") flash("Volunteering not possible!")
return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug)) return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug or order.id))
@order_bp.route("/<order_slug>/close", methods=["POST"]) @order_bp.route("/<order_slug>/close", methods=["POST"])
@login_required @login_required
def close_order(order_slug: str) -> typing.Optional[Response]: def close_order(order_slug: str) -> typing.Optional[Response]:
"""Close an order""" """Close an order"""
order = Order.query.filter(Order.slug == order_slug).first() order = Order.get_by_slug(order_slug)
if order is None: if order is None:
abort(404) abort(404)
if ( if (
@ -331,12 +333,12 @@ def close_order(order_slug: str) -> typing.Optional[Response]:
@order_bp.route("/<order_slug>/prices", methods=["GET", "POST"]) @order_bp.route("/<order_slug>/prices", methods=["GET", "POST"])
@login_required @login_required
def prices(order_slug: str) -> typing.Optional[Response]: def prices(order_slug: str) -> typing.Optional[Response]:
order = Order.query.filter(Order.slug == order_slug).first() order = Order.get_by_slug(order_slug)
if order is None: if order is None:
abort(404) abort(404)
if not order.can_modify_prices(current_user.id): if not order.can_modify_prices(current_user.id):
flash("You cannot modify the prices at this time.", "error") flash("You cannot modify the prices at this time.", "error")
return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug)) return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug or order.id))
if request.method == "GET": if request.method == "GET":
return render_template( return render_template(
@ -366,7 +368,7 @@ def prices(order_slug: str) -> typing.Optional[Response]:
item.price_modified = datetime.now() item.price_modified = datetime.now()
db.session.commit() db.session.commit()
return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug)) return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug or order.id))