tanshu/brewman
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Fixed create user.

Browse Source 
Fixed bugs in voucher forms.
This commit is contained in:
Tanshu 2012-10-29 22:17:22 +05:30
parent 412704a73e
commit 3f32344334
13 changed files with 44 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Conversion/SqliteDB.txt
View File

@ -1,4 +1,3 @@
UPDATE Auth_Roles Set Name = 'Users' WHERE Name = 'CreateUser'
--update entities_ledgers set code = code + 60 where type = 13; -- to prevent duplicate code when converting
UPDATE entities_ledgers SET type = 11 WHERE type = 13;
DROP TABLE Entities_Taxes;
@ -50,6 +49,7 @@ DROP TABLE "Entities_Products_old";
Roles -- Run one line at a time, not all at once
-- Accounts
UPDATE Auth_Roles Set Name = 'Users' WHERE Name = 'CreateUser';
UPDATE Auth_Roles SET Name = 'Accounts' WHERE RoleID = X'F438262F72DD2F4E91865ABC3AF44FBA';
DELETE FROM Auth_RoleGroups WHERE RoleID IN (X'7117853BD6A1F44FAA7919195338C857', X'4DC8B2094C33114F9656D91F62999F6B', X'A5174D3F2D5B3B40AA1FD20D1BB292E5', X'457143A70A4E4C4CBB2DA65BF608624E');
DELETE FROM Auth_Roles WHERE RoleID IN (X'7117853BD6A1F44FAA7919195338C857', X'4DC8B2094C33114F9656D91F62999F6B', X'A5174D3F2D5B3B40AA1FD20D1BB292E5', X'457143A70A4E4C4CBB2DA65BF608624E');

3
brewman/brewman/models/auth.py
View File

@ -71,8 +71,7 @@ class User(Base):
def __init__(self, name=None, password=None, locked_out=None):
self.name = name
if self.password != password:
self.password = encrypt(password)
self.password = password
self.locked_out = locked_out
@classmethod

17
brewman/brewman/security.py
View File

@ -1,3 +1,4 @@
import functools
import uuid
from brewman.models.auth import User
from brewman.models.voucher import Voucher
@ -15,16 +16,14 @@ class VoucherFactory(object):
return voucher
def groupfinder(user_id, request):
if type(user_id) == str:
user_id = uuid.UUID(user_id)
perms = []
if 'perms' in request.session:
perms = request.session['perms']
else:
user = User.get_by_id(uuid.UUID(user_id))
for item in user.groups:
for perm in item.roles:
perms.append(perm.name)
perms = f7(perms)
request.session['perms'] = perms
user = User.get_by_id(user_id)
for item in user.groups:
for perm in item.roles:
perms.append(perm.name)
perms = f7(perms)
return perms

3
brewman/brewman/static/scripts/issue.js
View File

@ -4,7 +4,6 @@
$scope.smallGrid = issue_grid;
if (typeof $routeParams.Source === 'undefined' && typeof $routeParams.Destination === 'undefined' && typeof $routeParams.id === 'undefined') {
console.log('Changing route on load');
var date = $scope.voucher.Date;
var source = getDebitCredit($scope.voucher.Journals, -1);
var destination = getDebitCredit($scope.voucher.Journals, 1);
@ -70,10 +69,8 @@
}
if (typeof $routeParams.Source !== 'undefined' && typeof $routeParams.Destination !== 'undefined' && typeof $routeParams.id !== 'undefined') {
console.log('journal watch location');
$location.path('/Issue/' + $scope.voucher.Date).search({Source:getDebitCredit(newJournals, -1), Destination:getDebitCredit(newJournals, 1)});
} else {
console.log('journal watch grid');
$scope.smallGrid = IssueGrid.query({date:$scope.voucher.Date, Source:getDebitCredit(newJournals, -1), Destination:getDebitCredit(newJournals, 1)});
}
}, true);

8
brewman/brewman/static/scripts/journal.js
View File

@ -41,7 +41,9 @@
}, true);
$scope.preventAlteration = function (voucher) {
if (typeof voucher.VoucherID === 'undefined') {
if (typeof $scope.perms === 'undefined') {
return false;
} else if (typeof voucher.VoucherID === 'undefined') {
return !$scope.perms['Journal'];
} else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) {
return true;
@ -63,7 +65,7 @@
$scope.save = function () {
$scope.voucher.$save({type:'Journal'}, function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:u.Code});
$location.path('/Journal/' + u.VoucherID)
$location.path('/Journal/' + u.VoucherID);
}, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data});
});
@ -72,7 +74,7 @@
$scope.delete = function () {
$scope.voucher.$delete(function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:''});
$location.path('/Journal')
$location.path('/Journal').replace();
}, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data});
});

6
brewman/brewman/static/scripts/overlord.js
View File

@ -134,21 +134,19 @@ function BaseCtrl($rootScope, $scope, Auth, $location) {
});
$scope.$on('spinnerStart', function (event, what) {
console.log(what);
if (what === 'http') {
$rootScope.spinner.http += 1
} else {
$rootScope.spinner[what] = false;
$rootScope.spinner.route = false;
}
$('#spinner').show();
});
$scope.$on('spinnerStop', function (event, what) {
console.log(what);
if (what === 'http') {
$rootScope.spinner.http -= 1
} else {
$rootScope.spinner[what] = false;
$rootScope.spinner.route = false;
}
if ($rootScope.spinner.http <= 0 && $rootScope.spinner.route === false) {
$('#spinner').hide();

10
brewman/brewman/static/scripts/payment.js
View File

@ -1,5 +1,5 @@
function PaymentCtrl($scope, $location, voucher, ledgers) {
$scop.voucher = voucher
$scope.voucher = voucher
$scope.ledgers = ledgers;
$scope.addJournal = function () {
@ -47,7 +47,9 @@
}, true);
$scope.preventAlteration = function (voucher) {
if (typeof voucher.VoucherID === 'undefined') {
if (typeof $scope.perms === 'undefined') {
return false;
} else if (typeof voucher.VoucherID === 'undefined') {
return !$scope.perms['Payment'];
} else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) {
return true;
@ -69,7 +71,7 @@
$scope.save = function () {
$scope.voucher.$save({type:'Payment'}, function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:u.Code});
$location.path('/Payment/' + u.VoucherID)
$location.path('/Payment/' + u.VoucherID);
}, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data});
});
@ -78,7 +80,7 @@
$scope.delete = function () {
$scope.voucher.$delete(function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:''});
$location.path('/Payment')
$location.path('/Payment').replace();
}, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data});
});

12
brewman/brewman/static/scripts/purchase.js
View File

@ -1,5 +1,5 @@
function PurchaseCtrl($scope, $routeParams, $location, voucher) {
$scop.voucher = voucher
function PurchaseCtrl($scope, $location, voucher) {
$scope.voucher = voucher
$scope.rate = 0;
$scope.addInventory = function () {
@ -59,7 +59,9 @@
}, true);
$scope.preventAlteration = function (voucher) {
if (typeof voucher.VoucherID === 'undefined') {
if (typeof $scope.perms === 'undefined') {
return false;
} else if (typeof voucher.VoucherID === 'undefined') {
return !$scope.perms['Purchase'];
} else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) {
return true;
@ -81,7 +83,7 @@
$scope.save = function () {
$scope.voucher.$save({type:'Purchase'}, function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:u.Code});
$location.path('/Purchase/' + u.VoucherID)
$location.path('/Purchase/' + u.VoucherID);
}, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data});
});
@ -90,7 +92,7 @@
$scope.delete = function () {
$scope.voucher.$delete(function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:''});
$location.path('/Purchase')
$location.path('/Purchase').replace();
}, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data});
});

12
brewman/brewman/static/scripts/receipt.js
View File

@ -1,5 +1,5 @@
function ReceiptCtrl($scope, $routeParams, $location, voucher, ledgers) {
$scop.voucher = voucher
function ReceiptCtrl($scope, $routeParams, $location, voucher, ledgers, Voucher) {
$scope.voucher = voucher
$scope.ledgers = ledgers;
$scope.addJournal = function () {
@ -47,7 +47,9 @@
}, true);
$scope.preventAlteration = function (voucher) {
if (typeof voucher.VoucherID === 'undefined') {
if (typeof $scope.perms === 'undefined') {
return false;
} else if (typeof voucher.VoucherID === 'undefined') {
return !$scope.perms['Receipt'];
} else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) {
return true;
@ -69,7 +71,7 @@
$scope.save = function () {
$scope.voucher.$save({type:'Receipt'}, function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:u.Code});
$location.path('/Receipt/' + u.VoucherID)
$location.path('/Receipt/' + u.VoucherID);
}, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data});
});
@ -78,7 +80,7 @@
$scope.delete = function () {
$scope.voucher.$delete(function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:''});
$location.path('/Receipt')
$location.path('/Receipt').replace();
}, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data});
});

3
brewman/brewman/views/services/session.py
View File

@ -5,6 +5,7 @@ from pyramid.response import Response
from pyramid.security import authenticated_userid, remember
from pyramid.view import view_config
from brewman import groupfinder
from brewman.models.auth import Role, User
from brewman.views.transactions import session_current_date
@ -37,7 +38,7 @@ def user_permission(request):
else:
user = User.get_by_id(uuid.UUID(user_id))
auth = {'isAuthenticated': True, 'Name': user.name, 'UserID': user.id}
session_perms = request.session['perms']
session_perms = groupfinder(user.id, request)
perms = {}
for item in Role.list():
perms[item.name] = True if item.name in session_perms else False

4
brewman/brewman/views/services/voucher/__init__.py
View File

@ -3,6 +3,7 @@ from pyramid.response import Response
from pyramid.security import authenticated_userid
from pyramid.view import view_config
import transaction
from brewman import groupfinder
from brewman.models import DBSession
from brewman.models.auth import User
from brewman.models.master import LedgerBase, CostCenter
@ -34,7 +35,8 @@ def voucher_post(request):
def check_delete_permissions(request, voucher):
user = User.get_by_id(uuid.UUID(authenticated_userid(request)))
permissions = request.session['perms']
permissions = groupfinder(user.id, request)
if voucher.posted and not 'Edit Posted Vouchers' in permissions:
response = Response("You are not allowed to edit posted vouchers")
response.status_int = 403

0
brewman/brewman/views/services/voucher/blank_voucher.py → brewman/brewman/views/services/voucher/empty_voucher.py
View File

3
brewman/brewman/views/services/voucher/update_voucher.py
View File

@ -3,6 +3,7 @@ from pyramid.response import Response
from pyramid.security import authenticated_userid
from pyramid.view import view_defaults, view_config
import transaction
from brewman import groupfinder
from brewman.models.auth import User
from brewman.models.validation_exception import ValidationError
from brewman.models.voucher import Voucher
@ -19,7 +20,7 @@ class update_voucher(object):
self.voucher = Voucher.by_id(uuid.UUID(request.matchdict.get('id', None)))
self.json = request.json_body
permissions = request.session['perms']
permissions = groupfinder(self.user.id, self.request)
if self.voucher.posted and not 'Edit Posted Vouchers' in permissions:
response = Response("You are not allowed to edit posted vouchers")
response.status_int = 403