You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
195 lines
6.0 KiB
195 lines
6.0 KiB
''' Resources for the Admin Section ''' |
|
|
|
from sqlalchemy import or_ |
|
|
|
from pyramid.security import Allow, Authenticated, Deny, DENY_ALL, Everyone |
|
|
|
from .base import BaseResource, PaginationResourceMixin |
|
from ordr2.models import Category, Consumable, User, Role |
|
|
|
|
|
# user accounr resources |
|
|
|
class UserAccount(BaseResource): |
|
''' Resource for a user account ''' |
|
def __acl__(self): |
|
''' Access Controll List ''' |
|
return [ |
|
(Allow, 'role:admin', 'view'), |
|
(Allow, 'role:admin', 'edit'), |
|
(Allow, 'role:admin', 'delete'), |
|
DENY_ALL |
|
] |
|
|
|
|
|
class UserList(BaseResource, PaginationResourceMixin): |
|
''' Resource for a list of users ''' |
|
|
|
sql_model_class = User |
|
child_resource_class = UserAccount |
|
default_sorting = 'user.asc' |
|
default_items_per_page = 12 |
|
|
|
def __acl__(self): |
|
''' Access Controll List ''' |
|
return [ |
|
(Allow, 'role:admin', 'view'), |
|
(Allow, 'role:admin', 'edit'), |
|
(Allow, 'role:admin', 'delete'), |
|
DENY_ALL |
|
] |
|
|
|
def prepare_filtered_query(self, dbsession, filter_params): |
|
''' setup the base filtered query ''' |
|
query = dbsession.query(self.sql_model_class) |
|
|
|
# filter by role |
|
role_name = filter_params.get('role', None) |
|
try: |
|
role_name = role_name.lower() |
|
role = Role(role_name) |
|
query = query.filter_by(role=role) |
|
except (AttributeError, ValueError): |
|
role_name = None |
|
self.filters['role'] = role_name |
|
|
|
# filter by search term |
|
search = filter_params.get('search', None) |
|
if search: |
|
term = '%{}%'.format(search) |
|
query = query.filter( |
|
or_( |
|
self.sql_model_class.user_name.ilike(term), |
|
self.sql_model_class.first_name.ilike(term), |
|
self.sql_model_class.last_name.ilike(term), |
|
self.sql_model_class.email.ilike(term) |
|
) |
|
) |
|
self.filters['search'] = search |
|
|
|
return query |
|
|
|
def prepare_sorted_query(self, query, sorting): |
|
''' add sorting to the base query ''' |
|
available_fields = { |
|
'user': 'user_name', |
|
'first': 'first_name', |
|
'last': 'last_name', |
|
'email': 'email', |
|
'role': 'role' |
|
} |
|
name = available_fields.get(sorting.field, None) |
|
model_field = getattr(self.sql_model_class, name, None) |
|
if model_field: |
|
sort_func = sorting.func(model_field) |
|
query = query.order_by(sort_func) |
|
|
|
# add default sorting |
|
default_sort = self.parse_sort_parameters(self.default_sorting) |
|
if sorting.field != default_sort.field: |
|
default_sort = self.parse_sort_parameters(self.default_sorting) |
|
query = self.prepare_sorted_query(query, default_sort) |
|
|
|
return query |
|
|
|
|
|
|
|
# consumables resources |
|
|
|
class ConsumableResource(BaseResource): |
|
''' Resource for one consumable ''' |
|
def __acl__(self): |
|
''' Access Controll List ''' |
|
return [ |
|
(Allow, 'role:admin', 'view'), |
|
(Allow, 'role:admin', 'edit'), |
|
(Allow, 'role:admin', 'delete'), |
|
DENY_ALL |
|
] |
|
|
|
|
|
class ConsumableList(BaseResource, PaginationResourceMixin): |
|
''' Resource for a list of consumables ''' |
|
|
|
sql_model_class = Consumable |
|
child_resource_class = ConsumableResource |
|
default_sorting = 'cas.asc' |
|
default_items_per_page = 12 |
|
|
|
def __acl__(self): |
|
''' Access Controll List ''' |
|
return [ |
|
(Allow, 'role:admin', 'view'), |
|
(Allow, 'role:admin', 'create'), |
|
(Allow, 'role:admin', 'edit'), |
|
(Allow, 'role:admin', 'delete'), |
|
DENY_ALL |
|
] |
|
|
|
|
|
def prepare_filtered_query(self, dbsession, filter_params): |
|
''' setup the base filtered query ''' |
|
query = dbsession.query(self.sql_model_class) |
|
|
|
# filter by category |
|
category_name = filter_params.get('category', None) |
|
try: |
|
category_name = category_name.lower() |
|
category = Category(category_name) |
|
query = query.filter_by(category=category) |
|
except (AttributeError, ValueError): |
|
category_name = None |
|
self.filters['category'] = category_name |
|
|
|
# filter by search term |
|
search = filter_params.get('search', None) |
|
if search: |
|
term = '%{}%'.format(search) |
|
query = query.filter( |
|
or_( |
|
self.sql_model_class.cas_description.ilike(term), |
|
self.sql_model_class.vendor.ilike(term), |
|
self.sql_model_class.catalog_nr.ilike(term) |
|
) |
|
) |
|
self.filters['search'] = search |
|
|
|
return query |
|
|
|
def prepare_sorted_query(self, query, sorting): |
|
''' add sorting to the base query ''' |
|
available_fields = { |
|
'cas': 'cas_description', |
|
'category': 'category', |
|
'catalog': 'catalog_nr', |
|
'vendor': 'vendor', |
|
'pkg': 'package_size', |
|
'price': 'unit_price', |
|
'currency': 'currency' |
|
} |
|
name = available_fields.get(sorting.field, None) |
|
model_field = getattr(self.sql_model_class, name, None) |
|
if model_field: |
|
sort_func = sorting.func(model_field) |
|
query = query.order_by(sort_func) |
|
|
|
# add default sorting |
|
default_sort = self.parse_sort_parameters(self.default_sorting) |
|
if sorting.field != default_sort.field: |
|
default_sort = self.parse_sort_parameters(self.default_sorting) |
|
query = self.prepare_sorted_query(query, default_sort) |
|
|
|
return query |
|
|
|
|
|
class Admin(BaseResource): |
|
''' Resource for the admin section ''' |
|
|
|
nodes = { |
|
'users': UserList, |
|
'consumables': ConsumableList, |
|
} |
|
|
|
def __acl__(self): |
|
''' Access Controll List ''' |
|
return [ (Allow, 'role:admin', 'view') ]
|
|
|