aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--servo/views/checkin.py75
1 files changed, 44 insertions, 31 deletions
diff --git a/servo/views/checkin.py b/servo/views/checkin.py
index 4ef84e5..9d89544 100644
--- a/servo/views/checkin.py
+++ b/servo/views/checkin.py
@@ -11,9 +11,10 @@ from django.contrib import messages
from django.core.cache import cache
from django.utils import translation
-from django.core.exceptions import ValidationError
from django.utils.translation import ugettext as _
+from django.views.decorators.cache import never_cache
from django.shortcuts import render, redirect, get_object_or_404
+from django.core.exceptions import ValidationError, PermissionDenied
from servo.lib.utils import json_response
from servo.views.order import put_on_paper
@@ -47,7 +48,7 @@ def find_device(request):
def find_customer(request, phone):
if not request.user.is_authenticated():
- return
+ raise PermissionDenied
results = []
@@ -111,7 +112,7 @@ def get_device(request, sn):
return device
-def reset_session(request):
+def init_session(request):
# initialize some basic vars
if not request.user.is_authenticated():
request.session.flush()
@@ -119,34 +120,41 @@ def reset_session(request):
# initialize locale
init_locale(request)
- request.session['checkin_device'] = None
+ request.session['checkin_device'] = None
request.session['checkin_customer'] = None
+ user = User.get_checkin_user()
+ location = user.location
+
if not request.session.get('company_name'):
request.session['company_name'] = Configuration.conf('company_name')
if request.user.is_authenticated():
- if request.GET.get('u'):
- user = User.objects.get(pk=request.GET['u'])
- else:
- user = request.user
+ # these are our fallback defaults
+ user = request.user
+ location = user.location
- if request.GET.get('l'):
- location = Location.objects.get(pk=request.GET['l'])
- else:
- location = user.location
+ try:
+ location_id = request.GET['l']
+ except KeyError:
+ # not given - try session, then default to user's location
+ location_id = request.session.get('checkin_location', location.pk)
+ finally:
+ location = get_object_or_404(Location, pk=location_id)
+
+ try:
+ user_id = request.GET['u']
+ except KeyError:
+ # not given - default to session, then auth user
+ user_id = request.session.get('checkin_user', user.pk)
+
+ user = get_object_or_404(User, pk=user_id)
+ request.session['checkin_locations'] = Location.get_checkin_list()
checkin_users = User.get_checkin_group()
- request.session['checkin_users'] = User.get_checkin_group_list()
- request.session['checkin_locations'] = request.user.get_location_list()
-
queryset = checkin_users.filter(location=location)
request.session['checkin_users'] = User.serialize(queryset)
-
- else:
- user = User.get_checkin_user()
- location = user.location
request.session['checkin_user'] = user.pk
request.session['checkin_location'] = location.pk
@@ -155,7 +163,7 @@ def reset_session(request):
def reset(request):
- reset_session(request)
+ init_session(request)
return redirect(index)
@@ -184,7 +192,7 @@ def get_customer(request):
Returns the selected customer data
"""
if not request.user.is_authenticated():
- return
+ raise PermissionDenied
if not request.GET.get('c'):
return
@@ -192,14 +200,13 @@ def get_customer(request):
customer = get_object_or_404(Customer, pk=request.GET['c'])
request.session['checkin_customer'] = customer.pk
- fdata = {'fname': customer.firstname}
- fdata['lname'] = customer.lastname
- fdata['email'] = customer.email
+ fdata = {'fname': customer.firstname, 'lname': customer.lastname}
fdata['city'] = customer.city
+ fdata['email'] = customer.email
fdata['phone'] = customer.phone
fdata['country'] = customer.country
- fdata['address'] = customer.street_address
fdata['postal_code'] = customer.zip_code
+ fdata['address'] = customer.street_address
return json_response(fdata)
@@ -241,13 +248,19 @@ def terms(request):
return render(request, 'checkin/terms.html', locals())
+@never_cache
def index(request):
- """The checkin page
-
+ """
+ The checkin page
@FIXME: would be nice to break this into smaller chunks...
"""
+
+ request.session.set_test_cookie()
+ if not request.session.test_cookie_worked():
+ return
+
if request.method == 'GET':
- reset_session(request)
+ init_session(request)
title = _('Service Order Check-In')
@@ -283,15 +296,15 @@ def index(request):
if device_form.is_valid() and issue_form.is_valid() and customer_form.is_valid():
- user = User.objects.get(pk=request.session['checkin_user'])
+ user = get_object_or_404(User, pk=request.session['checkin_user'])
idata = issue_form.cleaned_data
ddata = device_form.cleaned_data
cdata = customer_form.cleaned_data
-
customer_id = request.session.get('checkin_customer')
+
if customer_id:
- customer = Customer.objects.get(pk=customer_id)
+ customer = get_object_or_404(Customer, pk=customer_id)
else:
customer = Customer()