tanshu
/
brewman
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Fixed create user. 

Fixed bugs in voucher forms.
This commit is contained in:
Tanshu 2012-10-29 22:17:22 +05:30
parent 412704a73e
commit 3f32344334
13 changed files with 44 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Conversion/SqliteDB.txt
View File

@ -1,4 +1,3 @@
UPDATE Auth_Roles Set Name = 'Users' WHERE Name = 'CreateUser'
--update entities_ledgers set code = code + 60 where type = 13; -- to prevent duplicate code when converting --update entities_ledgers set code = code + 60 where type = 13; -- to prevent duplicate code when converting
UPDATE entities_ledgers SET type = 11 WHERE type = 13; UPDATE entities_ledgers SET type = 11 WHERE type = 13;
DROP TABLE Entities_Taxes; DROP TABLE Entities_Taxes;
@ -50,6 +49,7 @@ DROP TABLE "Entities_Products_old";
Roles -- Run one line at a time, not all at once Roles -- Run one line at a time, not all at once
-- Accounts -- Accounts
UPDATE Auth_Roles Set Name = 'Users' WHERE Name = 'CreateUser';
UPDATE Auth_Roles SET Name = 'Accounts' WHERE RoleID = X'F438262F72DD2F4E91865ABC3AF44FBA'; UPDATE Auth_Roles SET Name = 'Accounts' WHERE RoleID = X'F438262F72DD2F4E91865ABC3AF44FBA';
DELETE FROM Auth_RoleGroups WHERE RoleID IN (X'7117853BD6A1F44FAA7919195338C857', X'4DC8B2094C33114F9656D91F62999F6B', X'A5174D3F2D5B3B40AA1FD20D1BB292E5', X'457143A70A4E4C4CBB2DA65BF608624E'); DELETE FROM Auth_RoleGroups WHERE RoleID IN (X'7117853BD6A1F44FAA7919195338C857', X'4DC8B2094C33114F9656D91F62999F6B', X'A5174D3F2D5B3B40AA1FD20D1BB292E5', X'457143A70A4E4C4CBB2DA65BF608624E');
DELETE FROM Auth_Roles WHERE RoleID IN (X'7117853BD6A1F44FAA7919195338C857', X'4DC8B2094C33114F9656D91F62999F6B', X'A5174D3F2D5B3B40AA1FD20D1BB292E5', X'457143A70A4E4C4CBB2DA65BF608624E'); DELETE FROM Auth_Roles WHERE RoleID IN (X'7117853BD6A1F44FAA7919195338C857', X'4DC8B2094C33114F9656D91F62999F6B', X'A5174D3F2D5B3B40AA1FD20D1BB292E5', X'457143A70A4E4C4CBB2DA65BF608624E');

3
brewman/brewman/models/auth.py
View File

@ -71,8 +71,7 @@ class User(Base):
def __init__(self, name=None, password=None, locked_out=None): def __init__(self, name=None, password=None, locked_out=None):
self.name = name self.name = name
if self.password != password: self.password = password
self.password = encrypt(password)
self.locked_out = locked_out self.locked_out = locked_out
@classmethod @classmethod

9
brewman/brewman/security.py
View File

@ -1,3 +1,4 @@
import functools
import uuid import uuid
from brewman.models.auth import User from brewman.models.auth import User
from brewman.models.voucher import Voucher from brewman.models.voucher import Voucher
@ -15,16 +16,14 @@ class VoucherFactory(object):
return voucher return voucher
def groupfinder(user_id, request): def groupfinder(user_id, request):
if type(user_id) == str:
user_id = uuid.UUID(user_id)
perms = [] perms = []
if 'perms' in request.session: user = User.get_by_id(user_id)
perms = request.session['perms']
else:
user = User.get_by_id(uuid.UUID(user_id))
for item in user.groups: for item in user.groups:
for perm in item.roles: for perm in item.roles:
perms.append(perm.name) perms.append(perm.name)
perms = f7(perms) perms = f7(perms)
request.session['perms'] = perms
return perms return perms

3
brewman/brewman/static/scripts/issue.js
View File

@ -4,7 +4,6 @@
$scope.smallGrid = issue_grid; $scope.smallGrid = issue_grid;
if (typeof $routeParams.Source === 'undefined' && typeof $routeParams.Destination === 'undefined' && typeof $routeParams.id === 'undefined') { if (typeof $routeParams.Source === 'undefined' && typeof $routeParams.Destination === 'undefined' && typeof $routeParams.id === 'undefined') {
console.log('Changing route on load');
var date = $scope.voucher.Date; var date = $scope.voucher.Date;
var source = getDebitCredit($scope.voucher.Journals, -1); var source = getDebitCredit($scope.voucher.Journals, -1);
var destination = getDebitCredit($scope.voucher.Journals, 1); var destination = getDebitCredit($scope.voucher.Journals, 1);
@ -70,10 +69,8 @@
} }
if (typeof $routeParams.Source !== 'undefined' && typeof $routeParams.Destination !== 'undefined' && typeof $routeParams.id !== 'undefined') { if (typeof $routeParams.Source !== 'undefined' && typeof $routeParams.Destination !== 'undefined' && typeof $routeParams.id !== 'undefined') {
console.log('journal watch location');
$location.path('/Issue/' + $scope.voucher.Date).search({Source:getDebitCredit(newJournals, -1), Destination:getDebitCredit(newJournals, 1)}); $location.path('/Issue/' + $scope.voucher.Date).search({Source:getDebitCredit(newJournals, -1), Destination:getDebitCredit(newJournals, 1)});
} else { } else {
console.log('journal watch grid');
$scope.smallGrid = IssueGrid.query({date:$scope.voucher.Date, Source:getDebitCredit(newJournals, -1), Destination:getDebitCredit(newJournals, 1)}); $scope.smallGrid = IssueGrid.query({date:$scope.voucher.Date, Source:getDebitCredit(newJournals, -1), Destination:getDebitCredit(newJournals, 1)});
} }
}, true); }, true);

8
brewman/brewman/static/scripts/journal.js
View File

@ -41,7 +41,9 @@
}, true); }, true);
$scope.preventAlteration = function (voucher) { $scope.preventAlteration = function (voucher) {
if (typeof voucher.VoucherID === 'undefined') { if (typeof $scope.perms === 'undefined') {
return false;
} else if (typeof voucher.VoucherID === 'undefined') {
return !$scope.perms['Journal']; return !$scope.perms['Journal'];
} else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) { } else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) {
return true; return true;
@ -63,7 +65,7 @@
$scope.save = function () { $scope.save = function () {
$scope.voucher.$save({type:'Journal'}, function (u, putResponseHeaders) { $scope.voucher.$save({type:'Journal'}, function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:u.Code}); $scope.toasts.push({Type:'Success', Message:u.Code});
$location.path('/Journal/' + u.VoucherID) $location.path('/Journal/' + u.VoucherID);
}, function (data, status) { }, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data}); $scope.toasts.push({Type:'Error', Message:data.data});
}); });
@ -72,7 +74,7 @@
$scope.delete = function () { $scope.delete = function () {
$scope.voucher.$delete(function (u, putResponseHeaders) { $scope.voucher.$delete(function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:''}); $scope.toasts.push({Type:'Success', Message:''});
$location.path('/Journal') $location.path('/Journal').replace();
}, function (data, status) { }, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data}); $scope.toasts.push({Type:'Error', Message:data.data});
}); });

6
brewman/brewman/static/scripts/overlord.js
View File

@ -134,21 +134,19 @@ function BaseCtrl($rootScope, $scope, Auth, $location) {
}); });
$scope.$on('spinnerStart', function (event, what) { $scope.$on('spinnerStart', function (event, what) {
console.log(what);
if (what === 'http') { if (what === 'http') {
$rootScope.spinner.http += 1 $rootScope.spinner.http += 1
} else { } else {
$rootScope.spinner[what] = false; $rootScope.spinner.route = false;
} }
$('#spinner').show(); $('#spinner').show();
}); });
$scope.$on('spinnerStop', function (event, what) { $scope.$on('spinnerStop', function (event, what) {
console.log(what);
if (what === 'http') { if (what === 'http') {
$rootScope.spinner.http -= 1 $rootScope.spinner.http -= 1
} else { } else {
$rootScope.spinner[what] = false; $rootScope.spinner.route = false;
} }
if ($rootScope.spinner.http <= 0 && $rootScope.spinner.route === false) { if ($rootScope.spinner.http <= 0 && $rootScope.spinner.route === false) {
$('#spinner').hide(); $('#spinner').hide();

10
brewman/brewman/static/scripts/payment.js
View File

@ -1,5 +1,5 @@
function PaymentCtrl($scope, $location, voucher, ledgers) { function PaymentCtrl($scope, $location, voucher, ledgers) {
$scop.voucher = voucher $scope.voucher = voucher
$scope.ledgers = ledgers; $scope.ledgers = ledgers;
$scope.addJournal = function () { $scope.addJournal = function () {
@ -47,7 +47,9 @@
}, true); }, true);
$scope.preventAlteration = function (voucher) { $scope.preventAlteration = function (voucher) {
if (typeof voucher.VoucherID === 'undefined') { if (typeof $scope.perms === 'undefined') {
return false;
} else if (typeof voucher.VoucherID === 'undefined') {
return !$scope.perms['Payment']; return !$scope.perms['Payment'];
} else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) { } else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) {
return true; return true;
@ -69,7 +71,7 @@
$scope.save = function () { $scope.save = function () {
$scope.voucher.$save({type:'Payment'}, function (u, putResponseHeaders) { $scope.voucher.$save({type:'Payment'}, function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:u.Code}); $scope.toasts.push({Type:'Success', Message:u.Code});
$location.path('/Payment/' + u.VoucherID) $location.path('/Payment/' + u.VoucherID);
}, function (data, status) { }, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data}); $scope.toasts.push({Type:'Error', Message:data.data});
}); });
@ -78,7 +80,7 @@
$scope.delete = function () { $scope.delete = function () {
$scope.voucher.$delete(function (u, putResponseHeaders) { $scope.voucher.$delete(function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:''}); $scope.toasts.push({Type:'Success', Message:''});
$location.path('/Payment') $location.path('/Payment').replace();
}, function (data, status) { }, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data}); $scope.toasts.push({Type:'Error', Message:data.data});
}); });

12
brewman/brewman/static/scripts/purchase.js
View File

@ -1,5 +1,5 @@
function PurchaseCtrl($scope, $routeParams, $location, voucher) { function PurchaseCtrl($scope, $location, voucher) {
$scop.voucher = voucher $scope.voucher = voucher
$scope.rate = 0; $scope.rate = 0;
$scope.addInventory = function () { $scope.addInventory = function () {
@ -59,7 +59,9 @@
}, true); }, true);
$scope.preventAlteration = function (voucher) { $scope.preventAlteration = function (voucher) {
if (typeof voucher.VoucherID === 'undefined') { if (typeof $scope.perms === 'undefined') {
return false;
} else if (typeof voucher.VoucherID === 'undefined') {
return !$scope.perms['Purchase']; return !$scope.perms['Purchase'];
} else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) { } else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) {
return true; return true;
@ -81,7 +83,7 @@
$scope.save = function () { $scope.save = function () {
$scope.voucher.$save({type:'Purchase'}, function (u, putResponseHeaders) { $scope.voucher.$save({type:'Purchase'}, function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:u.Code}); $scope.toasts.push({Type:'Success', Message:u.Code});
$location.path('/Purchase/' + u.VoucherID) $location.path('/Purchase/' + u.VoucherID);
}, function (data, status) { }, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data}); $scope.toasts.push({Type:'Error', Message:data.data});
}); });
@ -90,7 +92,7 @@
$scope.delete = function () { $scope.delete = function () {
$scope.voucher.$delete(function (u, putResponseHeaders) { $scope.voucher.$delete(function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:''}); $scope.toasts.push({Type:'Success', Message:''});
$location.path('/Purchase') $location.path('/Purchase').replace();
}, function (data, status) { }, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data}); $scope.toasts.push({Type:'Error', Message:data.data});
}); });

12
brewman/brewman/static/scripts/receipt.js
View File

@ -1,5 +1,5 @@
function ReceiptCtrl($scope, $routeParams, $location, voucher, ledgers) { function ReceiptCtrl($scope, $routeParams, $location, voucher, ledgers, Voucher) {
$scop.voucher = voucher $scope.voucher = voucher
$scope.ledgers = ledgers; $scope.ledgers = ledgers;
$scope.addJournal = function () { $scope.addJournal = function () {
@ -47,7 +47,9 @@
}, true); }, true);
$scope.preventAlteration = function (voucher) { $scope.preventAlteration = function (voucher) {
if (typeof voucher.VoucherID === 'undefined') { if (typeof $scope.perms === 'undefined') {
return false;
} else if (typeof voucher.VoucherID === 'undefined') {
return !$scope.perms['Receipt']; return !$scope.perms['Receipt'];
} else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) { } else if (voucher.Posted && !$scope.perms['Edit Posted Vouchers']) {
return true; return true;
@ -69,7 +71,7 @@
$scope.save = function () { $scope.save = function () {
$scope.voucher.$save({type:'Receipt'}, function (u, putResponseHeaders) { $scope.voucher.$save({type:'Receipt'}, function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:u.Code}); $scope.toasts.push({Type:'Success', Message:u.Code});
$location.path('/Receipt/' + u.VoucherID) $location.path('/Receipt/' + u.VoucherID);
}, function (data, status) { }, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data}); $scope.toasts.push({Type:'Error', Message:data.data});
}); });
@ -78,7 +80,7 @@
$scope.delete = function () { $scope.delete = function () {
$scope.voucher.$delete(function (u, putResponseHeaders) { $scope.voucher.$delete(function (u, putResponseHeaders) {
$scope.toasts.push({Type:'Success', Message:''}); $scope.toasts.push({Type:'Success', Message:''});
$location.path('/Receipt') $location.path('/Receipt').replace();
}, function (data, status) { }, function (data, status) {
$scope.toasts.push({Type:'Error', Message:data.data}); $scope.toasts.push({Type:'Error', Message:data.data});
}); });

3
brewman/brewman/views/services/session.py
View File

@ -5,6 +5,7 @@ from pyramid.response import Response
from pyramid.security import authenticated_userid, remember from pyramid.security import authenticated_userid, remember
from pyramid.view import view_config from pyramid.view import view_config
from brewman import groupfinder
from brewman.models.auth import Role, User from brewman.models.auth import Role, User
from brewman.views.transactions import session_current_date from brewman.views.transactions import session_current_date
@ -37,7 +38,7 @@ def user_permission(request):
else: else:
user = User.get_by_id(uuid.UUID(user_id)) user = User.get_by_id(uuid.UUID(user_id))
auth = {'isAuthenticated': True, 'Name': user.name, 'UserID': user.id} auth = {'isAuthenticated': True, 'Name': user.name, 'UserID': user.id}
session_perms = request.session['perms'] session_perms = groupfinder(user.id, request)
perms = {} perms = {}
for item in Role.list(): for item in Role.list():
perms[item.name] = True if item.name in session_perms else False perms[item.name] = True if item.name in session_perms else False

4
brewman/brewman/views/services/voucher/__init__.py
View File

@ -3,6 +3,7 @@ from pyramid.response import Response
from pyramid.security import authenticated_userid from pyramid.security import authenticated_userid
from pyramid.view import view_config from pyramid.view import view_config
import transaction import transaction
from brewman import groupfinder
from brewman.models import DBSession from brewman.models import DBSession
from brewman.models.auth import User from brewman.models.auth import User
from brewman.models.master import LedgerBase, CostCenter from brewman.models.master import LedgerBase, CostCenter
@ -34,7 +35,8 @@ def voucher_post(request):
def check_delete_permissions(request, voucher): def check_delete_permissions(request, voucher):
user = User.get_by_id(uuid.UUID(authenticated_userid(request))) user = User.get_by_id(uuid.UUID(authenticated_userid(request)))
permissions = request.session['perms'] permissions = groupfinder(user.id, request)
if voucher.posted and not 'Edit Posted Vouchers' in permissions: if voucher.posted and not 'Edit Posted Vouchers' in permissions:
response = Response("You are not allowed to edit posted vouchers") response = Response("You are not allowed to edit posted vouchers")
response.status_int = 403 response.status_int = 403

0
brewman/brewman/views/services/voucher/blank_voucher.py → brewman/brewman/views/services/voucher/empty_voucher.py
View File

3
brewman/brewman/views/services/voucher/update_voucher.py
View File

@ -3,6 +3,7 @@ from pyramid.response import Response
from pyramid.security import authenticated_userid from pyramid.security import authenticated_userid
from pyramid.view import view_defaults, view_config from pyramid.view import view_defaults, view_config
import transaction import transaction
from brewman import groupfinder
from brewman.models.auth import User from brewman.models.auth import User
from brewman.models.validation_exception import ValidationError from brewman.models.validation_exception import ValidationError
from brewman.models.voucher import Voucher from brewman.models.voucher import Voucher
@ -19,7 +20,7 @@ class update_voucher(object):
self.voucher = Voucher.by_id(uuid.UUID(request.matchdict.get('id', None))) self.voucher = Voucher.by_id(uuid.UUID(request.matchdict.get('id', None)))
self.json = request.json_body self.json = request.json_body
permissions = request.session['perms'] permissions = groupfinder(self.user.id, self.request)
if self.voucher.posted and not 'Edit Posted Vouchers' in permissions: if self.voucher.posted and not 'Edit Posted Vouchers' in permissions:
response = Response("You are not allowed to edit posted vouchers") response = Response("You are not allowed to edit posted vouchers")
response.status_int = 403 response.status_int = 403