Compare commits
5 commits
master
...
feature/in
| Author | SHA1 | Date | |
|---|---|---|---|
|
e8431fcd12 | ||
|
|
1e0c8ed17a | ||
|
|
841c3d5fb8 | ||
|
|
da88d807d1 | ||
|
|
cc0c271a22 |
1
.tool-versions
Normal file
1
.tool-versions
Normal file
|
|
@ -0,0 +1 @@
|
|||
python 3.9.2
|
||||
21
app/app.py
21
app/app.py
|
|
@ -13,14 +13,15 @@ from flask_bootstrap import Bootstrap, StaticCDN
|
|||
from flask_debugtoolbar import DebugToolbarExtension
|
||||
from flask_login import LoginManager
|
||||
from flask_migrate import Migrate, MigrateCommand
|
||||
from flask_oauthlib.client import OAuth, OAuthException
|
||||
from flask_script import Manager, Server
|
||||
from login import init_login
|
||||
from auth.login import init_login
|
||||
from markupsafe import Markup
|
||||
|
||||
from config import Configuration
|
||||
from models import db
|
||||
from models.anonymous_user import AnonymouseUser
|
||||
from utils import euro_string, price_range_string
|
||||
from zeus import init_oauth
|
||||
from auth.zeus import init_oauth
|
||||
|
||||
|
||||
def register_plugins(app: Flask) -> Manager:
|
||||
|
|
@ -97,18 +98,22 @@ def add_routes(application: Flask) -> None:
|
|||
# import views # TODO convert to blueprint
|
||||
# import views.stats # TODO convert to blueprint
|
||||
|
||||
from login import auth_bp
|
||||
from auth.login import auth_bp
|
||||
from auth.microsoft import auth_microsoft_bp
|
||||
from auth.zeus import auth_zeus_bp
|
||||
from views.debug import debug_bp
|
||||
from views.general import general_bp
|
||||
from views.order import order_bp
|
||||
from views.stats import stats_blueprint
|
||||
from zeus import oauth_bp
|
||||
|
||||
application.register_blueprint(general_bp, url_prefix="/")
|
||||
application.register_blueprint(order_bp, url_prefix="/order")
|
||||
application.register_blueprint(stats_blueprint, url_prefix="/stats")
|
||||
application.register_blueprint(auth_bp, url_prefix="/")
|
||||
application.register_blueprint(oauth_bp, url_prefix="/")
|
||||
if Configuration.ENABLE_MICROSOFT_AUTH:
|
||||
application.register_blueprint(auth_microsoft_bp,
|
||||
url_prefix="/users/auth/microsoft_graph_auth") # "/auth/microsoft")
|
||||
application.register_blueprint(auth_zeus_bp, url_prefix="/auth/zeus")
|
||||
|
||||
if application.debug:
|
||||
application.register_blueprint(debug_bp, url_prefix="/debug")
|
||||
|
|
@ -165,6 +170,10 @@ def create_app():
|
|||
add_routes(app)
|
||||
add_template_filters(app)
|
||||
|
||||
@app.context_processor
|
||||
def inject_config():
|
||||
return dict(configuration=Configuration)
|
||||
|
||||
return app_manager
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,31 +1,25 @@
|
|||
"Script for everything related to logging in and out"
|
||||
"""Script for everything related to logging in and out"""
|
||||
from flask import Blueprint, abort, redirect, session, url_for
|
||||
from flask_login import current_user, logout_user
|
||||
from models import User
|
||||
from werkzeug.wrappers import Response
|
||||
from zeus import zeus_login
|
||||
|
||||
auth_bp = Blueprint("auth_bp", __name__)
|
||||
|
||||
|
||||
def init_login(app) -> None:
|
||||
"Initialize the login"
|
||||
"""Initialize the login"""
|
||||
|
||||
# pylint: disable=W0612
|
||||
@app.login_manager.user_loader
|
||||
def load_user(userid) -> User:
|
||||
"Load the user"
|
||||
"""Load the user"""
|
||||
return User.query.filter_by(id=userid).first()
|
||||
|
||||
|
||||
@auth_bp.route("/login")
|
||||
def login():
|
||||
"Function to handle a user trying to log in"
|
||||
return zeus_login()
|
||||
|
||||
|
||||
@auth_bp.route("/logout")
|
||||
def logout() -> Response:
|
||||
"Function to handle a user trying to log out"
|
||||
"""Function to handle a user trying to log out"""
|
||||
if "zeus_token" in session:
|
||||
session.pop("zeus_token", None)
|
||||
logout_user()
|
||||
|
|
@ -33,6 +27,6 @@ def logout() -> Response:
|
|||
|
||||
|
||||
def before_request() -> None:
|
||||
"Function for what has to be done before a request"
|
||||
"""Function for what has to be done before a request"""
|
||||
if current_user.is_anonymous() or not current_user.is_allowed():
|
||||
abort(401)
|
||||
77
app/auth/microsoft.py
Normal file
77
app/auth/microsoft.py
Normal file
|
|
@ -0,0 +1,77 @@
|
|||
import typing
|
||||
|
||||
from flask import Blueprint, url_for, request, redirect, flash, Response
|
||||
from flask_login import login_user
|
||||
from microsoftgraph.client import Client
|
||||
|
||||
from config import Configuration
|
||||
from models import User, db
|
||||
|
||||
auth_microsoft_bp = Blueprint("auth_microsoft_bp", __name__)
|
||||
|
||||
client = Client(Configuration.MICROSOFT_AUTH_ID,
|
||||
Configuration.MICROSOFT_AUTH_SECRET,
|
||||
account_type='common') # by default common, thus account_type is optional parameter.
|
||||
|
||||
|
||||
def microsoft_login():
|
||||
"""Log in using Microsoft"""
|
||||
scope = ["openid", "profile", "User.Read", "User.Read.All"]
|
||||
url = client.authorization_url(url_for("auth_microsoft_bp.authorized", _external=True), scope, state=None)
|
||||
return redirect(url)
|
||||
|
||||
|
||||
@auth_microsoft_bp.route("/login")
|
||||
def login():
|
||||
"""Function to handle a user trying to log in"""
|
||||
return microsoft_login()
|
||||
|
||||
|
||||
@auth_microsoft_bp.route("callback") # "/authorized")
|
||||
def authorized() -> typing.Any:
|
||||
# type is 'typing.Union[str, Response]', but this errors due to
|
||||
# https://github.com/python/mypy/issues/7187
|
||||
"""Check authorized status"""
|
||||
|
||||
oauth_code = request.args['code']
|
||||
|
||||
resp = client.exchange_code(url_for("auth_microsoft_bp.authorized", _external=True), oauth_code)
|
||||
|
||||
# access_token = resp.data['access_token']
|
||||
# id_token = resp.data['id_token']
|
||||
# expires_in = resp.data['expires_in']
|
||||
|
||||
client.set_token(resp.data)
|
||||
|
||||
resp = client.users.get_me()
|
||||
# print(resp.data)
|
||||
|
||||
username = resp.data['userPrincipalName']
|
||||
microsoft_uuid = resp.data['id']
|
||||
|
||||
user = User.query.filter_by(username=username).first()
|
||||
|
||||
if username and user:
|
||||
return login_and_redirect_user(user)
|
||||
elif username:
|
||||
# TODO Save 'ugent_username' or something similar
|
||||
user = create_user(username, microsoft_uuid)
|
||||
return login_and_redirect_user(user)
|
||||
|
||||
flash("You're not allowed to enter, please contact a system administrator")
|
||||
return redirect(url_for("general_bp.home"))
|
||||
|
||||
|
||||
def login_and_redirect_user(user) -> Response:
|
||||
"""Log in the user and then redirect them"""
|
||||
login_user(user)
|
||||
return redirect(url_for("general_bp.home"))
|
||||
|
||||
|
||||
def create_user(username, microsoft_uuid) -> User:
|
||||
"""Create a temporary user if it is needed"""
|
||||
user = User()
|
||||
user.configure(username, False, 1, microsoft_uuid)
|
||||
db.session.add(user)
|
||||
db.session.commit()
|
||||
return user
|
||||
|
|
@ -4,24 +4,30 @@ import typing
|
|||
from flask import (Blueprint, current_app, flash, redirect, request, session,
|
||||
url_for)
|
||||
from flask_login import login_user
|
||||
from flask_oauthlib.client import OAuth, OAuthException
|
||||
from flask_oauthlib.client import OAuth, OAuthException, OAuthRemoteApp
|
||||
from models import User, db
|
||||
from werkzeug.wrappers import Response
|
||||
|
||||
oauth_bp = Blueprint("oauth_bp", __name__)
|
||||
auth_zeus_bp = Blueprint("auth_zeus_bp", __name__)
|
||||
|
||||
|
||||
def zeus_login():
|
||||
"Log in using ZeusWPI"
|
||||
"""Log in using ZeusWPI"""
|
||||
return current_app.zeus.authorize(
|
||||
callback=url_for("oauth_bp.authorized", _external=True))
|
||||
callback=url_for("auth_zeus_bp.authorized", _external=True))
|
||||
|
||||
|
||||
@oauth_bp.route("/login/zeus/authorized")
|
||||
@auth_zeus_bp.route("/login")
|
||||
def login():
|
||||
"""Function to handle a user trying to log in"""
|
||||
return zeus_login()
|
||||
|
||||
|
||||
@auth_zeus_bp.route("/authorized")
|
||||
def authorized() -> typing.Any:
|
||||
# type is 'typing.Union[str, Response]', but this errors due to
|
||||
# https://github.com/python/mypy/issues/7187
|
||||
"Check authorized status"
|
||||
"""Check authorized status"""
|
||||
resp = current_app.zeus.authorized_response()
|
||||
if resp is None:
|
||||
# pylint: disable=C0301
|
||||
|
|
@ -45,8 +51,8 @@ def authorized() -> typing.Any:
|
|||
return redirect(url_for("general_bp.home"))
|
||||
|
||||
|
||||
def init_oauth(app):
|
||||
"Initialize the OAuth for ZeusWPI"
|
||||
def init_oauth(app) -> OAuthRemoteApp:
|
||||
"""Initialize the OAuth for ZeusWPI"""
|
||||
oauth = OAuth(app)
|
||||
|
||||
zeus = oauth.remote_app(
|
||||
|
|
@ -69,13 +75,13 @@ def init_oauth(app):
|
|||
|
||||
|
||||
def login_and_redirect_user(user) -> Response:
|
||||
"Log in the user and then redirect them"
|
||||
"""Log in the user and then redirect them"""
|
||||
login_user(user)
|
||||
return redirect(url_for("general_bp.home"))
|
||||
|
||||
|
||||
def create_user(username) -> User:
|
||||
"Create a temporary user if it is needed"
|
||||
"""Create a temporary user if it is needed"""
|
||||
user = User()
|
||||
user.configure(username, False, 1)
|
||||
db.session.add(user)
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
"An example for a Haldis config"
|
||||
"""An example for a Haldis config"""
|
||||
# config
|
||||
|
||||
|
||||
|
|
@ -14,3 +14,7 @@ class Configuration:
|
|||
LOGFILE = "haldis.log"
|
||||
ZEUS_KEY = "tomtest"
|
||||
ZEUS_SECRET = "blargh"
|
||||
|
||||
ENABLE_MICROSOFT_AUTH = False
|
||||
MICROSOFT_AUTH_ID = ""
|
||||
MICROSOFT_AUTH_SECRET = ""
|
||||
|
|
|
|||
|
|
@ -2,7 +2,9 @@
|
|||
|
||||
import add_admins
|
||||
|
||||
from app import app_manager, db
|
||||
from app import create_app, db
|
||||
|
||||
app_manager = create_app()
|
||||
|
||||
entry_sets = {
|
||||
"admins": add_admins.add,
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
"Script for everything Order related in the database"
|
||||
"""Script for everything Order related in the database"""
|
||||
import typing
|
||||
from collections import defaultdict
|
||||
from datetime import datetime
|
||||
import secrets
|
||||
import string
|
||||
|
||||
from hlds.definitions import location_definitions
|
||||
from utils import first
|
||||
|
|
@ -10,8 +12,13 @@ from .database import db
|
|||
from .user import User
|
||||
|
||||
|
||||
def generate_slug():
|
||||
alphabet = string.ascii_letters + string.digits
|
||||
return ''.join(secrets.choice(alphabet) for i in range(7))
|
||||
|
||||
|
||||
class Order(db.Model):
|
||||
"Class used for configuring the Order model in the database"
|
||||
"""Class used for configuring the Order model in the database"""
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
courier_id = db.Column(db.Integer, nullable=True)
|
||||
location_id = db.Column(db.String(64))
|
||||
|
|
@ -19,6 +26,7 @@ class Order(db.Model):
|
|||
starttime = db.Column(db.DateTime)
|
||||
stoptime = db.Column(db.DateTime)
|
||||
public = db.Column(db.Boolean, default=True)
|
||||
slug = db.Column(db.String(7), default=generate_slug, unique=True)
|
||||
|
||||
items = db.relationship("OrderItem", backref="order", lazy="dynamic")
|
||||
|
||||
|
|
@ -47,7 +55,7 @@ class Order(db.Model):
|
|||
self.location_name = self.location.name
|
||||
|
||||
def for_user(self, anon=None, user=None) -> typing.List:
|
||||
"Get the items for a certain user"
|
||||
"""Get the items for a certain user"""
|
||||
return list(
|
||||
filter(
|
||||
(lambda i: i.user == user)
|
||||
|
|
@ -58,7 +66,7 @@ class Order(db.Model):
|
|||
)
|
||||
|
||||
def group_by_user(self) -> typing.List[typing.Tuple[str, typing.List]]:
|
||||
"Group items of an Order by user"
|
||||
"""Group items of an Order by user"""
|
||||
group: typing.Dict[str, typing.List] = {}
|
||||
|
||||
# pylint: disable=E1133
|
||||
|
|
@ -78,7 +86,7 @@ class Order(db.Model):
|
|||
) -> typing.List[
|
||||
typing.Tuple[str, int, typing.List[typing.Tuple[str, typing.List]]]
|
||||
]:
|
||||
"Group items of an Order by dish"
|
||||
"""Group items of an Order by dish"""
|
||||
group: typing.Dict[str, typing.Dict[str, typing.List]] = defaultdict(
|
||||
lambda: defaultdict(list)
|
||||
)
|
||||
|
|
@ -101,11 +109,11 @@ class Order(db.Model):
|
|||
)
|
||||
|
||||
def is_closed(self) -> bool:
|
||||
"Return whether or not the order is closed"
|
||||
"""Return whether the order is closed"""
|
||||
return self.stoptime and datetime.now() > self.stoptime
|
||||
|
||||
def can_close(self, user_id: int) -> bool:
|
||||
"Check if a user can close the Order"
|
||||
"""Check if a user can close the Order"""
|
||||
if self.stoptime and self.stoptime < datetime.now():
|
||||
return False
|
||||
user = None
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ from .user import User
|
|||
|
||||
|
||||
class OrderItem(db.Model):
|
||||
"Class used for configuring the OrderItem model in the database"
|
||||
"""Class used for configuring the OrderItem model in the database"""
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
order_id = db.Column(db.Integer, db.ForeignKey("order.id"), nullable=False)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey("user.id"))
|
||||
|
|
@ -60,7 +60,7 @@ class OrderItem(db.Model):
|
|||
|
||||
# pylint: disable=W0613
|
||||
def can_delete(self, order_id: int, user_id: int, name: str) -> bool:
|
||||
"Check if a user can delete an item"
|
||||
"""Check if a user can delete an item"""
|
||||
if int(self.order_id) != int(order_id):
|
||||
return False
|
||||
if self.order.is_closed():
|
||||
|
|
|
|||
|
|
@ -3,11 +3,15 @@ from models import db
|
|||
|
||||
|
||||
class User(db.Model):
|
||||
"Class used for configuring the User model in the database"
|
||||
"""Class used for configuring the User model in the database"""
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
username = db.Column(db.String(80), unique=True, nullable=False)
|
||||
admin = db.Column(db.Boolean)
|
||||
bias = db.Column(db.Integer)
|
||||
# Microsoft OAUTH info
|
||||
microsoft_uuid = db.Column(db.String(120), unique=True)
|
||||
ugent_username = db.Column(db.String(80), unique=True)
|
||||
# Relations
|
||||
runs = db.relation(
|
||||
"Order",
|
||||
backref="courier",
|
||||
|
|
@ -16,11 +20,12 @@ class User(db.Model):
|
|||
)
|
||||
orderItems = db.relationship("OrderItem", backref="user", lazy="dynamic")
|
||||
|
||||
def configure(self, username: str, admin: bool, bias: int) -> None:
|
||||
"Configure the User"
|
||||
def configure(self, username: str, admin: bool, bias: int, microsoft_uuid: str = None) -> None:
|
||||
"""Configure the User"""
|
||||
self.username = username
|
||||
self.admin = admin
|
||||
self.bias = bias
|
||||
self.microsoft_uuid = microsoft_uuid
|
||||
|
||||
# pylint: disable=C0111, R0201
|
||||
def is_authenticated(self) -> bool:
|
||||
|
|
|
|||
|
|
@ -11,14 +11,14 @@ from models.order import Order
|
|||
|
||||
|
||||
def webhook_text(order: Order) -> typing.Optional[str]:
|
||||
"Function that makes the text for the notification"
|
||||
"""Function that makes the text for the notification"""
|
||||
if order.location_id == "test":
|
||||
return None
|
||||
|
||||
if order.courier is not None:
|
||||
# pylint: disable=C0301, C0209
|
||||
return "<!channel|@channel> {3} is going to {1}, order <{0}|here>! Deadline in {2} minutes!".format(
|
||||
url_for("order_bp.order_from_id", order_id=order.id, _external=True),
|
||||
url_for("order_bp.order_from_slug", order_slug=order.slug, _external=True),
|
||||
order.location_name,
|
||||
remaining_minutes(order.stoptime),
|
||||
order.courier.username.title(),
|
||||
|
|
@ -28,12 +28,12 @@ def webhook_text(order: Order) -> typing.Optional[str]:
|
|||
return "<!channel|@channel> New order for {}. Deadline in {} minutes. <{}|Open here.>".format(
|
||||
order.location_name,
|
||||
remaining_minutes(order.stoptime),
|
||||
url_for("order_bp.order_from_id", order_id=order.id, _external=True),
|
||||
url_for("order_bp.order_from_slug", order_slug=order.slug, _external=True),
|
||||
)
|
||||
|
||||
|
||||
def post_order_to_webhook(order: Order) -> None:
|
||||
"Function that sends the notification for the order"
|
||||
"""Function that sends the notification for the order"""
|
||||
message = webhook_text(order)
|
||||
if message:
|
||||
webhookthread = WebhookSenderThread(message, app.config["SLACK_WEBHOOK"])
|
||||
|
|
@ -41,7 +41,7 @@ def post_order_to_webhook(order: Order) -> None:
|
|||
|
||||
|
||||
class WebhookSenderThread(Thread):
|
||||
"Extension of the Thread class, which sends a webhook for the notification"
|
||||
"""Extension of the Thread class, which sends a webhook for the notification"""
|
||||
|
||||
def __init__(self, message: str, url: str) -> None:
|
||||
super().__init__()
|
||||
|
|
@ -52,7 +52,7 @@ class WebhookSenderThread(Thread):
|
|||
self.slack_webhook()
|
||||
|
||||
def slack_webhook(self) -> None:
|
||||
"The webhook for the specified chat platform"
|
||||
"""The webhook for the specified chat platform"""
|
||||
if self.url:
|
||||
requests.post(self.url, json={"text": self.message})
|
||||
else:
|
||||
|
|
@ -60,7 +60,7 @@ class WebhookSenderThread(Thread):
|
|||
|
||||
|
||||
def remaining_minutes(value) -> str:
|
||||
"Return the remaining minutes until the deadline of and order"
|
||||
"""Return the remaining minutes until the deadline of and order"""
|
||||
delta = value - datetime.now()
|
||||
if delta.total_seconds() < 0:
|
||||
return "0"
|
||||
|
|
|
|||
2
app/static/js/jquery.min.js
vendored
Normal file
2
app/static/js/jquery.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
1
app/static/js/qrcode.min.js
vendored
Normal file
1
app/static/js/qrcode.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
|
|
@ -63,7 +63,8 @@
|
|||
<nav class="navbar navbar-default navbar-fixed-top">
|
||||
<div class="container">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar"
|
||||
aria-expanded="false" aria-controls="navbar">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
|
|
@ -81,7 +82,10 @@
|
|||
</ul>
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
{% if current_user.is_anonymous() %}
|
||||
<li><a href="{{ url_for('auth_bp.login') }}">Login</a></li>
|
||||
{% if configuration.ENABLE_MICROSOFT_AUTH %}
|
||||
<li><a href="{{ url_for('auth_microsoft_bp.login') }}">Login with Microsoft</a></li>
|
||||
{% endif %}
|
||||
<li><a href="{{ url_for('auth_zeus_bp.login') }}">Login with Zeus</a></li>
|
||||
{% else %}
|
||||
<li><a href="{{ url_for('general_bp.profile') }}">{{ current_user.username }}</a></li>
|
||||
<li><a href="{{ url_for('auth_bp.logout') }}">Logout</a></li>
|
||||
|
|
@ -96,8 +100,8 @@
|
|||
{{ utils.flashed_messages(container=True) }}
|
||||
|
||||
<div class="container main">
|
||||
{% block container -%}
|
||||
{%- endblock %}
|
||||
{% block container -%}
|
||||
{%- endblock %}
|
||||
</div>
|
||||
|
||||
<footer>
|
||||
|
|
|
|||
|
|
@ -12,18 +12,39 @@
|
|||
{% block metas %}
|
||||
{{ super() }}
|
||||
<meta name="robots" content="noindex, nofollow">
|
||||
|
||||
<script type="text/javascript" src="{{ url_for('static', filename='js/jquery.min.js') }}"></script>
|
||||
<script type="text/javascript" src="{{ url_for('static', filename='js/qrcode.min.js') }}"></script>
|
||||
{% endblock %}
|
||||
|
||||
{% block container %}
|
||||
<header>
|
||||
<h2 id="order-title">Order {{ order.id }}</h2>
|
||||
<header class="row">
|
||||
<div class="col-md-2" style="padding-top: 2em">
|
||||
<div id="qrcode"></div>
|
||||
<script type="text/javascript">
|
||||
var qrcode = new QRCode(document.getElementById("qrcode"), {
|
||||
text: "{{ url_for("order_bp.order_from_slug", order_slug=order.slug, _external=True) }}",
|
||||
width: 128,
|
||||
height: 128,
|
||||
colorDark : "#000000",
|
||||
colorLight : "#ffffff",
|
||||
correctLevel : QRCode.CorrectLevel.H
|
||||
});
|
||||
</script>
|
||||
</div>
|
||||
<div class="col-md-10">
|
||||
<h2 id="order-title">Order {{ order.id }}</h2>
|
||||
|
||||
<div class="location">
|
||||
{% if order.location %}
|
||||
<a href="{{ url_for('general_bp.location', location_id=order.location_id) }}">{{ order.location_name }}</a>
|
||||
{% else %}
|
||||
{{ order.location_name }}
|
||||
{% endif %}
|
||||
<div class="location">
|
||||
{% if order.location %}
|
||||
<a href="{{ url_for('general_bp.location', location_id=order.location_id) }}">{{ order.location_name }}</a>
|
||||
{% else %}
|
||||
{{ order.location_name }}
|
||||
{% endif %}
|
||||
</div>
|
||||
<div>
|
||||
Unique order link: <code>{{ url_for("order_bp.order_from_slug", order_slug=order.slug, _external=True) }}</code>
|
||||
</div>
|
||||
</div>
|
||||
</header>
|
||||
|
||||
|
|
@ -36,7 +57,7 @@
|
|||
{% for item in my_items %}
|
||||
<li class="spacecake">
|
||||
{% if item.can_delete(order.id, current_user.id, session.get('anon_name', '')) -%}
|
||||
<form action="{{ url_for('order_bp.delete_item', order_id=order.id, item_id=item.id) }}" method="post" style="display:inline">
|
||||
<form action="{{ url_for('order_bp.delete_item', order_slug=order.slug, item_id=item.id) }}" method="post" style="display:inline">
|
||||
<button class="btn btn-link btn-sm" type="submit" style="padding: 0 0.5em;"><span class="glyphicon glyphicon-remove"></span></button>
|
||||
</form>
|
||||
{%- endif %}
|
||||
|
|
@ -65,7 +86,7 @@
|
|||
<h3>Add item to order</h3>
|
||||
|
||||
{% for dish in order.location.dishes %}
|
||||
<form method="post" action="{{ url_for('order_bp.order_item_create', order_id=order.id) }}" id="dish_{{ dish.id }}">
|
||||
<form method="post" action="{{ url_for('order_bp.order_item_create', order_slug=order.slug) }}" id="dish_{{ dish.id }}">
|
||||
{{ form.csrf_token }}
|
||||
<input type="hidden" name="dish_id" value="{{ dish.id }}" />
|
||||
|
||||
|
|
@ -167,7 +188,7 @@
|
|||
<dd>
|
||||
{% if order.courier == None %}
|
||||
{% if not current_user.is_anonymous() %}
|
||||
<form action="{{ url_for('order_bp.volunteer', order_id=order.id) }}" method="post" style="display:inline">
|
||||
<form action="{{ url_for('order_bp.volunteer', order_slug=order.slug) }}" method="post" style="display:inline">
|
||||
<input type="submit" class="btn btn-primary btn-sm" value="Volunteer"></input>
|
||||
</form>
|
||||
{% else %}No-one yet{% endif %}
|
||||
|
|
@ -180,12 +201,12 @@
|
|||
|
||||
<div>
|
||||
{% if order.can_close(current_user.id) -%}
|
||||
<form action="{{ url_for('order_bp.close_order', order_id=order.id) }}" method="post" style="display:inline">
|
||||
<form action="{{ url_for('order_bp.close_order', order_slug=order.slug) }}" method="post" style="display:inline">
|
||||
<input type="submit" class="btn btn-danger" value="Close"></input>
|
||||
</form>
|
||||
{% endif %}
|
||||
{% if courier_or_admin %}
|
||||
<a class="btn" href="{{ url_for('order_bp.order_edit', order_id=order.id) }}">Edit</a>
|
||||
<a class="btn" href="{{ url_for('order_bp.order_edit', order_slug=order.slug) }}">Edit</a>
|
||||
{%- endif %}
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -258,7 +279,7 @@
|
|||
<div class="footer">
|
||||
Total {{ order.items.count() }} items — {{ total_price|euro }}
|
||||
|
||||
<a class="btn btn-sm" href="{{ url_for('order_bp.items_shop_view', order_id=order.id) }}">Shop view</a>
|
||||
<a class="btn btn-sm" href="{{ url_for('order_bp.items_shop_view', order_slug=order.slug) }}">Shop view</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -290,7 +311,7 @@
|
|||
<li class="{{ 'paid' if item.paid }}">
|
||||
<div class="actions">
|
||||
{% if item.can_delete(order.id, current_user.id, session.get('anon_name', '')) -%}
|
||||
<form action="{{ url_for('order_bp.delete_item', order_id=order.id, item_id=item.id) }}" method="post" style="display:inline">
|
||||
<form action="{{ url_for('order_bp.delete_item', order_slug=order.slug, item_id=item.id) }}" method="post" style="display:inline">
|
||||
<button class="btn btn-link btn-sm" type="submit" style="padding: 0 0.5em;"><span class="glyphicon glyphicon-remove"></span></button>
|
||||
</form>
|
||||
{% else %}
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
<h3>Edit order</h3>
|
||||
<div class="row darker">
|
||||
<div class="col-sm-12">
|
||||
<form method="post" action="{{ url_for('.order_edit', order_id=order_id) }}">
|
||||
<form method="post" action="{{ url_for('.order_edit', order_slug=order_slug) }}">
|
||||
{{ form.csrf_token }}
|
||||
<div class="form-group select2 {{ 'has-errors' if form.courier_id.errors else ''}}">
|
||||
{{ form.courier_id.label(class='control-label') }}<br>
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@
|
|||
{% else %}open{% endif %}<br/>
|
||||
</div>
|
||||
<div class="col-md-4 col-lg-3 expand_button_wrapper">
|
||||
<a class="btn btn-primary btn-block align-bottom expand_button" href="{{ url_for('order_bp.order_from_id', order_id=order.id) }}">Expand</a>
|
||||
<a class="btn btn-primary btn-block align-bottom expand_button" href="{{ url_for('order_bp.order_from_slug', order_slug=order.slug) }}">Expand</a>
|
||||
</div>
|
||||
</div>
|
||||
{%- endmacro %}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
"Script to generate the order related views of Haldis"
|
||||
"""Script to generate the order related views of Haldis"""
|
||||
import random
|
||||
import typing
|
||||
from datetime import datetime
|
||||
|
|
@ -19,7 +19,7 @@ order_bp = Blueprint("order_bp", "order")
|
|||
|
||||
@order_bp.route("/")
|
||||
def orders(form: OrderForm = None) -> str:
|
||||
"Generate general order view"
|
||||
"""Generate general order view"""
|
||||
if form is None and not current_user.is_anonymous():
|
||||
form = OrderForm()
|
||||
location_id = request.args.get("location_id")
|
||||
|
|
@ -32,7 +32,7 @@ def orders(form: OrderForm = None) -> str:
|
|||
@order_bp.route("/create", methods=["POST"])
|
||||
@login_required
|
||||
def order_create() -> typing.Union[str, Response]:
|
||||
"Generate order create view"
|
||||
"""Generate order create view"""
|
||||
orderForm = OrderForm()
|
||||
orderForm.populate()
|
||||
if orderForm.validate_on_submit():
|
||||
|
|
@ -42,14 +42,14 @@ def order_create() -> typing.Union[str, Response]:
|
|||
db.session.add(order)
|
||||
db.session.commit()
|
||||
post_order_to_webhook(order)
|
||||
return redirect(url_for("order_bp.order_from_id", order_id=order.id))
|
||||
return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug))
|
||||
return orders(form=orderForm)
|
||||
|
||||
|
||||
@order_bp.route("/<order_id>")
|
||||
def order_from_id(order_id: int, form: OrderForm = None, dish_id=None) -> str:
|
||||
"Generate order view from id"
|
||||
order = Order.query.filter(Order.id == order_id).first()
|
||||
@order_bp.route("/<order_slug>")
|
||||
def order_from_slug(order_slug: str, form: OrderForm = None, dish_id=None) -> str:
|
||||
"""Generate order view from id"""
|
||||
order = Order.query.filter(Order.slug == order_slug).first()
|
||||
if order is None:
|
||||
abort(404)
|
||||
if current_user.is_anonymous() and not order.public:
|
||||
|
|
@ -76,10 +76,10 @@ def order_from_id(order_id: int, form: OrderForm = None, dish_id=None) -> str:
|
|||
)
|
||||
|
||||
|
||||
@order_bp.route("/<order_id>/items")
|
||||
def items_shop_view(order_id: int) -> str:
|
||||
"Generate order items view from id"
|
||||
order = Order.query.filter(Order.id == order_id).first()
|
||||
@order_bp.route("/<order_slug>/items")
|
||||
def items_shop_view(order_slug: int) -> str:
|
||||
"""Generate order items view from id"""
|
||||
order = Order.query.filter(Order.slug == order_slug).first()
|
||||
if order is None:
|
||||
abort(404)
|
||||
if current_user.is_anonymous() and not order.public:
|
||||
|
|
@ -89,31 +89,31 @@ def items_shop_view(order_id: int) -> str:
|
|||
return render_template("order_items.html", order=order, total_price=total_price)
|
||||
|
||||
|
||||
@order_bp.route("/<order_id>/edit", methods=["GET", "POST"])
|
||||
@order_bp.route("/<order_slug>/edit", methods=["GET", "POST"])
|
||||
@login_required
|
||||
def order_edit(order_id: int) -> typing.Union[str, Response]:
|
||||
"Generate order edit view from id"
|
||||
order = Order.query.filter(Order.id == order_id).first()
|
||||
def order_edit(order_slug: str) -> typing.Union[str, Response]:
|
||||
"""Generate order edit view from id"""
|
||||
order = Order.query.filter(Order.slug == order_slug).first()
|
||||
if current_user.id is not order.courier_id and not current_user.is_admin():
|
||||
abort(401)
|
||||
if order is None:
|
||||
abort(404)
|
||||
orderForm = OrderForm(obj=order)
|
||||
orderForm.populate()
|
||||
if orderForm.validate_on_submit():
|
||||
orderForm.populate_obj(order)
|
||||
order_form = OrderForm(obj=order)
|
||||
order_form.populate()
|
||||
if order_form.validate_on_submit():
|
||||
order_form.populate_obj(order)
|
||||
order.update_from_hlds()
|
||||
db.session.commit()
|
||||
return redirect(url_for("order_bp.order_from_id", order_id=order.id))
|
||||
return render_template("order_edit.html", form=orderForm, order_id=order_id)
|
||||
return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug))
|
||||
return render_template("order_edit.html", form=order_form, order_slug=order.slug)
|
||||
|
||||
|
||||
@order_bp.route("/<order_id>/create", methods=["GET", "POST"])
|
||||
def order_item_create(order_id: int) -> typing.Any:
|
||||
@order_bp.route("/<order_slug>/create", methods=["GET", "POST"])
|
||||
def order_item_create(order_slug: str) -> typing.Any:
|
||||
# type is 'typing.Union[str, Response]', but this errors due to
|
||||
# https://github.com/python/mypy/issues/7187
|
||||
"Add item to order from id"
|
||||
current_order = Order.query.filter(Order.id == order_id).first()
|
||||
"""Add item to order from slug"""
|
||||
current_order = Order.query.filter(Order.slug == order_slug).first()
|
||||
if current_order is None:
|
||||
abort(404)
|
||||
if current_order.is_closed():
|
||||
|
|
@ -122,7 +122,7 @@ def order_item_create(order_id: int) -> typing.Any:
|
|||
flash("Please login to see this order.", "info")
|
||||
abort(401)
|
||||
location = current_order.location
|
||||
# If location doesn't exist any more, adding items is nonsensical
|
||||
# If location doesn't exist anymore, adding items is nonsensical
|
||||
if not location:
|
||||
abort(404)
|
||||
form = AnonOrderItemForm() if current_user.is_anonymous() else OrderItemForm()
|
||||
|
|
@ -170,7 +170,7 @@ def order_item_create(order_id: int) -> typing.Any:
|
|||
return redirect(
|
||||
url_for(
|
||||
"order_bp.order_item_create",
|
||||
order_id=order_id,
|
||||
order_slug=current_order.slug,
|
||||
dish=form.dish_id.data,
|
||||
user_name=user_name,
|
||||
comment=comment,
|
||||
|
|
@ -179,14 +179,13 @@ def order_item_create(order_id: int) -> typing.Any:
|
|||
|
||||
# If the form was not submitted (GET request) or the form had errors: show form again
|
||||
if not form.validate_on_submit():
|
||||
return order_from_id(order_id, form=form, dish_id=dish_id)
|
||||
return order_from_slug(current_order.slug, form=form, dish_id=dish_id)
|
||||
|
||||
# Form was submitted and is valid
|
||||
|
||||
item = OrderItem()
|
||||
form.populate_obj(item)
|
||||
item.hlds_data_version = location_definition_version
|
||||
item.order_id = order_id
|
||||
item.order_id = current_order.id
|
||||
if not current_user.is_anonymous():
|
||||
item.user_id = current_user.id
|
||||
else:
|
||||
|
|
@ -221,59 +220,61 @@ def order_item_create(order_id: int) -> typing.Any:
|
|||
|
||||
db.session.add(item)
|
||||
db.session.commit()
|
||||
flash("Ordered %s" % (item.dish_name), "success")
|
||||
return redirect(url_for("order_bp.order_from_id", order_id=order_id))
|
||||
flash("Ordered %s" % item.dish_name, "success")
|
||||
return redirect(url_for("order_bp.order_from_slug", order_slug=order_slug))
|
||||
|
||||
|
||||
@order_bp.route("/<order_id>/<user_name>/user_paid", methods=["POST"])
|
||||
@order_bp.route("/<order_slug>/<user_name>/user_paid", methods=["POST"])
|
||||
@login_required
|
||||
# pylint: disable=R1710
|
||||
def items_user_paid(order_id: int, user_name: str) -> typing.Optional[Response]:
|
||||
"Indicate payment status for a user in an order"
|
||||
def items_user_paid(order_slug: str, user_name: str) -> typing.Optional[Response]:
|
||||
"""Indicate payment status for a user in an order"""
|
||||
user = User.query.filter(User.username == user_name).first()
|
||||
order = Order.query.filter(Order.slug == order_slug).first()
|
||||
items: typing.List[OrderItem] = []
|
||||
if user:
|
||||
items = OrderItem.query.filter(
|
||||
(OrderItem.user_id == user.id) & (OrderItem.order_id == order_id)
|
||||
(OrderItem.user_id == user.id) & (OrderItem.order_id == order.id)
|
||||
).all()
|
||||
else:
|
||||
items = OrderItem.query.filter(
|
||||
(OrderItem.user_name == user_name) & (OrderItem.order_id == order_id)
|
||||
(OrderItem.user_name == user_name) & (OrderItem.order_id == order.id)
|
||||
).all()
|
||||
current_order = Order.query.filter(Order.id == order_id).first()
|
||||
current_order = Order.query.filter(Order.id == order.id).first()
|
||||
if current_order.courier_id == current_user.id or current_user.admin:
|
||||
for item in items:
|
||||
item.paid = True
|
||||
db.session.commit()
|
||||
flash("Paid %d items for %s" % (len(items), item.for_name), "success")
|
||||
return redirect(url_for("order_bp.order_from_id", order_id=order_id))
|
||||
return redirect(url_for("order_bp.order_from_slug", order_slug=order_slug))
|
||||
abort(404)
|
||||
|
||||
|
||||
@order_bp.route("/<order_id>/<item_id>/delete", methods=["POST"])
|
||||
@order_bp.route("/<order_slug>/<item_id>/delete", methods=["POST"])
|
||||
# pylint: disable=R1710
|
||||
def delete_item(order_id: int, item_id: int) -> typing.Any:
|
||||
def delete_item(order_slug: str, item_id: int) -> typing.Any:
|
||||
# type is 'typing.Optional[Response]', but this errors due to
|
||||
# https://github.com/python/mypy/issues/7187
|
||||
"Delete an item from an order"
|
||||
item = OrderItem.query.filter(OrderItem.id == item_id).first()
|
||||
"""Delete an item from an order"""
|
||||
item: OrderItem = OrderItem.query.filter(OrderItem.id == item_id).first()
|
||||
order: Order = Order.query.filter(Order.slug == order_slug).first()
|
||||
user_id = None
|
||||
if not current_user.is_anonymous():
|
||||
user_id = current_user.id
|
||||
if item.can_delete(order_id, user_id, session.get("anon_name", "")):
|
||||
if item.can_delete(order.id, user_id, session.get("anon_name", "")):
|
||||
dish_name = item.dish_name
|
||||
db.session.delete(item)
|
||||
db.session.commit()
|
||||
flash("Deleted %s" % (dish_name), "success")
|
||||
return redirect(url_for("order_bp.order_from_id", order_id=order_id))
|
||||
flash("Deleted %s" % dish_name, "success")
|
||||
return redirect(url_for("order_bp.order_from_slug", order_slug=order_slug))
|
||||
abort(404)
|
||||
|
||||
|
||||
@order_bp.route("/<order_id>/volunteer", methods=["POST"])
|
||||
@order_bp.route("/<order_slug>/volunteer", methods=["POST"])
|
||||
@login_required
|
||||
def volunteer(order_id: int) -> Response:
|
||||
"Add a volunteer to an order"
|
||||
order = Order.query.filter(Order.id == order_id).first()
|
||||
def volunteer(order_slug: str) -> Response:
|
||||
"""Add a volunteer to an order"""
|
||||
order = Order.query.filter(Order.slug == order_slug).first()
|
||||
if order is None:
|
||||
abort(404)
|
||||
if order.courier_id is None or order.courier_id == 0:
|
||||
|
|
@ -282,14 +283,14 @@ def volunteer(order_id: int) -> Response:
|
|||
flash("Thank you for volunteering!")
|
||||
else:
|
||||
flash("Volunteering not possible!")
|
||||
return redirect(url_for("order_bp.order_from_id", order_id=order_id))
|
||||
return redirect(url_for("order_bp.order_from_slug", order_slug=order.slug))
|
||||
|
||||
|
||||
@order_bp.route("/<order_id>/close", methods=["POST"])
|
||||
@order_bp.route("/<order_slug>/close", methods=["POST"])
|
||||
@login_required
|
||||
def close_order(order_id: int) -> typing.Optional[Response]:
|
||||
"Close an order"
|
||||
order = Order.query.filter(Order.id == order_id).first()
|
||||
def close_order(order_slug: str) -> typing.Optional[Response]:
|
||||
"""Close an order"""
|
||||
order = Order.query.filter(Order.slug == order_slug).first()
|
||||
if order is None:
|
||||
abort(404)
|
||||
if (
|
||||
|
|
@ -301,12 +302,12 @@ def close_order(order_id: int) -> typing.Optional[Response]:
|
|||
if courier is not None:
|
||||
order.courier_id = courier.id
|
||||
db.session.commit()
|
||||
return redirect(url_for("order_bp.order_from_id", order_id=order_id))
|
||||
return redirect(url_for("order_bp.order_from_slug", order_slug=order_slug))
|
||||
return None
|
||||
|
||||
|
||||
def select_user(items) -> typing.Optional[User]:
|
||||
"Select a random user from those who are signed up for the order"
|
||||
"""Select a random user from those who are signed up for the order"""
|
||||
user = None
|
||||
# remove non users
|
||||
items = [i for i in items if i.user_id]
|
||||
|
|
@ -325,7 +326,7 @@ def select_user(items) -> typing.Optional[User]:
|
|||
|
||||
|
||||
def get_orders(expression=None) -> typing.List[Order]:
|
||||
"Give the list of all currently open and public Orders"
|
||||
"""Give the list of all currently open and public Orders"""
|
||||
order_list: typing.List[OrderForm] = []
|
||||
if expression is None:
|
||||
expression = (datetime.now() > Order.starttime) & (
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ E="${normal}"
|
|||
if [ ! -d "venv" ]; then
|
||||
PYTHON_VERSION=$(cat .python-version)
|
||||
echo -e "${B} No venv found, creating a new one with version ${PYTHON_VERSION} ${E}"
|
||||
python3 -m virtualenv -p $PYTHON_VERSION venv
|
||||
python3 -m virtualenv -p "$PYTHON_VERSION" venv
|
||||
fi
|
||||
source venv/bin/activate
|
||||
|
||||
|
|
|
|||
|
|
@ -12,3 +12,4 @@ black
|
|||
pymysql
|
||||
pyyaml
|
||||
tatsu<5.6 # >=5.6 needs Python >=3.8
|
||||
microsoftgraph-python
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
#
|
||||
# This file is autogenerated by pip-compile
|
||||
# This file is autogenerated by pip-compile with python 3.9
|
||||
# To update, run:
|
||||
#
|
||||
# pip-compile
|
||||
|
|
@ -24,6 +24,18 @@ click==7.1.2
|
|||
# flask
|
||||
dominate==2.6.0
|
||||
# via flask-bootstrap
|
||||
flask==1.1.4
|
||||
# via
|
||||
# -r requirements.in
|
||||
# flask-admin
|
||||
# flask-bootstrap
|
||||
# flask-debugtoolbar
|
||||
# flask-login
|
||||
# flask-migrate
|
||||
# flask-oauthlib
|
||||
# flask-script
|
||||
# flask-sqlalchemy
|
||||
# flask-wtf
|
||||
flask-admin==1.5.8
|
||||
# via -r requirements.in
|
||||
flask-bootstrap==3.3.7.1
|
||||
|
|
@ -44,18 +56,6 @@ flask-sqlalchemy==2.5.1
|
|||
# flask-migrate
|
||||
flask-wtf==0.15.1
|
||||
# via -r requirements.in
|
||||
flask==1.1.4
|
||||
# via
|
||||
# -r requirements.in
|
||||
# flask-admin
|
||||
# flask-bootstrap
|
||||
# flask-debugtoolbar
|
||||
# flask-login
|
||||
# flask-migrate
|
||||
# flask-oauthlib
|
||||
# flask-script
|
||||
# flask-sqlalchemy
|
||||
# flask-wtf
|
||||
greenlet==1.1.0
|
||||
# via sqlalchemy
|
||||
idna==2.10
|
||||
|
|
@ -74,6 +74,8 @@ markupsafe==2.0.1
|
|||
# jinja2
|
||||
# mako
|
||||
# wtforms
|
||||
microsoftgraph-python==1.1.3
|
||||
# via -r requirements.in
|
||||
mypy-extensions==0.4.3
|
||||
# via black
|
||||
oauthlib==2.1.0
|
||||
|
|
@ -92,10 +94,12 @@ pyyaml==5.4.1
|
|||
# via -r requirements.in
|
||||
regex==2021.4.4
|
||||
# via black
|
||||
requests==2.25.1
|
||||
# via
|
||||
# microsoftgraph-python
|
||||
# requests-oauthlib
|
||||
requests-oauthlib==1.1.0
|
||||
# via flask-oauthlib
|
||||
requests==2.25.1
|
||||
# via requests-oauthlib
|
||||
six==1.16.0
|
||||
# via python-dateutil
|
||||
sqlalchemy==1.4.18
|
||||
|
|
|
|||
Loading…
Reference in a new issue