Fix: Error in purchase return where the check for batch date was wrong.

Fix: Added some common validation for inputs
Feature: created a to_uuid function which will return uuid if the string is correct else None to parse uuid inputs.
Fix: Proper modal template so that the modal is proper width

brewman/models/auth.py

@@ -108,6 +108,8 @@ class User(Base):
 
     @classmethod
     def by_name(cls, name):
+        if not name:
+            return None
         return DBSession.query(cls).filter(cls.name.ilike(name)).first()
 
     @classmethod

brewman/static/scripts/account.js

@@ -59,7 +59,6 @@ var AccountCtrl = ['$scope', '$location', '$modal', 'account', 'account_types',
 AccountCtrl.resolve = {
     account: ['$route', 'Account', function ($route, Account) {
         var id = $route.current.params.id;
-
         return Account.get({id: id}).$promise;
     }],
     account_types: ['AccountType', function (AccountType) {

brewman/static/template/modal/confirm.html

@@ -1,13 +1,17 @@
-<div class="modal-content">
+<div class="modal-dialog">
-    <div class="modal-header">
+     <div class="modal-content">
-        <button id="close" class="close">×</button>
+        <div class="modal-header">
-        <h3>{{ title }}</h3>
+            <button id="close" class="close">×</button>
-    </div>
+            <h3>{{ title }}</h3>
-    <div class="modal-body">
+        </div>
-        {{ body }}
+        <div class="modal-body">
-    </div>
+            {{ body }}
-    <div class="modal-footer">
+        </div>
-        <button id="cancel" class="btn btn-default" ng-click="cancel()">Cancel</button>
+        <div class="modal-footer">
-        <button id="action" ng-class="{'btn':true, 'btn-primary': !isDelete, 'btn-danger': isDelete}" ng-click="ok()">Okay</button>
+            <button id="cancel" class="btn btn-default" ng-click="cancel()">Cancel</button>
+            <button id="action" ng-class="{'btn':true, 'btn-primary': !isDelete, 'btn-danger': isDelete}"
+                    ng-click="ok()">Okay
+            </button>
+        </div>
     </div>
 </div>

brewman/static/template/modal/window.html

@@ -1 +1 @@
-<div class="modal fade {{ windowClass }}" ng-class="{in: animate}" ng-style="{'z-index': 1050 + index*10}" ng-transclude></div>
+<div tabindex="-1" class="modal fade {{ windowClass }}" ng-class="{in: animate}" ng-style="{'z-index': 1050 + index*10}" ng-transclude></div>

brewman/views/__init__.py

@@ -1,8 +1,12 @@
 from datetime import date, datetime, timedelta, time
+import uuid
+import re
+
 import pkg_resources
 from pyramid.httpexceptions import HTTPForbidden, HTTPFound
 from pyramid.response import FileResponse, Response
 from pyramid.view import view_config
+
 from brewman.models.master import DbSetting
 
 
@@ -38,14 +42,19 @@ def get_lock_info():
     if not data['Start']['Locked']:
         start = None
     elif data['Start']['Rolling']:
-        start = datetime.combine(date.today(),time()) - timedelta(days=data['Start']['Days'])
+        start = datetime.combine(date.today(), time()) - timedelta(days=data['Start']['Days'])
     else:
         start = data['Start']['Date']
 
     if not data['Finish']['Locked']:
         finish = None
     elif data['Finish']['Rolling']:
-        finish = datetime.combine(date.today(),time()) + timedelta(days=data['Finish']['Days'])
+        finish = datetime.combine(date.today(), time()) + timedelta(days=data['Finish']['Days'])
     else:
         finish = data['Finish']['Date']
     return start, finish
+
+
+def to_uuid(value):
+    p = re.compile('^[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$')
+    return uuid.UUID(value) if p.match(value) else None

brewman/views/employee.py

@@ -12,6 +12,7 @@ from brewman.models import DBSession
 from brewman.models.master import CostCenter, Employee, LedgerBase, Ledger
 from brewman.models.validation_exception import ValidationError, TryCatchFunction
 from brewman.models.voucher import Voucher, Journal, VoucherType
+from brewman.views import to_uuid
 
 
 @view_config(route_name='employee_list', renderer='brewman:templates/angular_base.mako', permission='Authenticated')
@@ -78,8 +79,12 @@ def delete(request):
 
 
 @view_config(request_method='GET', route_name='api_employee_id', renderer='json', permission='Employees')
+@TryCatchFunction
 def show_id(request):
-    return employee_info(uuid.UUID(request.matchdict.get('id', None)))
+    id = to_uuid(request.matchdict['id'])
+    if id is None:
+        raise ValidationError("Invalid Employee")
+    return employee_info(id)
 
 
 @view_config(request_method='GET', route_name='api_employee', renderer='json', permission='Employees')
@@ -124,6 +129,8 @@ def employee_info(id):
         employee = {'Code': '(Auto)', 'IsActive': True, 'CostCenter': CostCenter.overall()}
     else:
         employee = Employee.by_id(id)
+        if employee is None:
+            raise ValidationError("Invalid Employee")
         employee = {'LedgerID': employee.id, 'Code': employee.code, 'Name': employee.name,
                     'IsActive': employee.is_active, 'Designation': employee.designation, 'Salary': employee.salary,
                     'ServicePoints': employee.service_points, 'JoiningDate': employee.joining_date.strftime('%d-%b-%Y'),

brewman/views/reports/product_ledger.py

@@ -7,8 +7,10 @@ from pyramid.view import view_config
 
 from brewman.models import DBSession
 from brewman.models.master import Product, CostCenter
+from brewman.models.validation_exception import ValidationError, TryCatchFunction
 
 from brewman.models.voucher import Voucher, Journal, VoucherType, Inventory
+from brewman.views import to_uuid
 from brewman.views.services.session import session_period_start, session_period_finish
 from brewman.views.services.voucher import get_edit_url
 
@@ -28,9 +30,12 @@ def show_blank(request):
 
 
 @view_config(request_method='GET', route_name='api_product_ledger_id', renderer='json', permission='Product Ledger')
+@TryCatchFunction
 def show_data(request):
-    id = request.matchdict['id']
+    id = to_uuid(request.matchdict['id'])
-    product = Product.by_id(uuid.UUID(id))
+    if id is None:
+        raise ValidationError("Invalid Product")
+    product = Product.by_id(id)
     start_date = request.GET.get('StartDate', session_period_start(request))
     finish_date = request.GET.get('FinishDate', session_period_finish(request))
     info = {'StartDate': start_date, 'FinishDate': finish_date,

brewman/views/services/voucher/purchase_return.py

@@ -34,8 +34,8 @@ def purchase_return_create_inventory(voucher, item):
         raise ValidationError("Quantity of {0} cannot be zero".format(item.product.name))
     if quantity > batch.quantity_remaining:
         raise ValidationError("Quantity available is {0} only".format(batch.quantity_remaining))
-    if batch.name < voucher.date:
+    if batch.name > voucher.date:
-        raise ValidationError("Batch of {0} was purchased after the issue date".format(item.product.name))
+        raise ValidationError("Batch of {0} was purchased after the issue date".format(batch.product.name))
 
     batch.quantity_remaining -= quantity
 
@@ -93,7 +93,7 @@ def purchase_return_update_inventory(voucher, newInventories, date):
                 if quantity - item.quantity > item.batch.quantity_remaining:
                     raise ValidationError("Maximum quantity available for {0} is {1}".format(item.product.full_name,
                                                                                              item.quantity + item.batch.quantity_remaining))
-                if item.batch.name < voucher.date:
+                if item.batch.name > voucher.date:
                     raise ValidationError("Batch of {0} was purchased after the issue date".format(item.product.name))
                 item.batch.quantity_remaining -= (quantity - item.quantity)
                 item.quantity = quantity