Merge branch 'main' of https://git.cpi.imtek.uni-freiburg.de/CPI/ordr3

2 years ago · 8f17fe170b
7 changed files with 55 additions and 34 deletions
--- a/ordr3/init.py
+++ b/ordr3/init.py
@ -3,7 +3,7 @@
				@@ -3,7 +3,7 @@
 A rewrite of our CPI ordering system.
 """

-__version__ = "1.1.1"
+__version__ = "1.1.2"


 from pyramid.config import Configurator
--- a/ordr3/templates/orders/list.jinja2
+++ b/ordr3/templates/orders/list.jinja2
@ -7,34 +7,35 @@
				@@ -7,34 +7,35 @@

 <nav class="nav nav-pills flex-column">
    <div class="nav-link disabled text-small" tabindex="-1" aria-disabled="true">All Orders</div>
-    <a class="nav-link  {% if query_defaults['status'] == 'all' and not query_defaults['user'] and not query_defaults['search'] %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user=None, search=None)) }}">All</a>
+    <a class="nav-link  {% if query_defaults['status'] == 'all' and not query_defaults['user'] and not query_defaults['search'] and not query_defaults['category'] %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user=None, search=None, category=None)) }}">All</a>
    {% for status in stati %}
-        <a class="nav-link {% if query_defaults['status'] == status.name.lower() and not query_defaults['user'] %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=status.name.lower(), user=None, search=None)) }}">{{status.name.lower()}}</a>
+        <a class="nav-link {% if query_defaults['status'] == status.name.lower() and not query_defaults['user'] %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=status.name.lower(), user=None, search=None, category=None)) }}">{{status.name.lower()}}</a>
    {% endfor %}
 </nav>

 <nav class="nav nav-pills flex-column mt-3">
    <div class="nav-link disabled text-small" tabindex="-1" aria-disabled="true">My Orders</div>
-    <a class="nav-link  {% if query_defaults['status'] == 'all' and query_defaults['user'] == request.user.username %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user=request.user.username, search=None)) }}">All</a>
+    <a class="nav-link  {% if query_defaults['status'] == 'all' and query_defaults['user'] == request.user.username %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user=request.user.username, search=None, category=None)) }}">All</a>
    {% for status in stati %}
-        <a class="nav-link {% if query_defaults['status'] == status.name.lower() and query_defaults['user'] == request.user.username %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=status.name.lower(), user=request.user.username, search=None)) }}">{{status.name.lower()}}</a>
+        <a class="nav-link {% if query_defaults['status'] == status.name.lower() and query_defaults['user'] == request.user.username %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=status.name.lower(), user=request.user.username, search=None, category=None)) }}">{{status.name.lower()}}</a>
    {% endfor %}
 </nav>

-{% if request.has_permission("batch-edit", context) and query_defaults['user'] != '-purchaser-' %}
-    <nav class="nav nav-pills flex-column mt-3">
-        <div class="nav-link disabled text-small" tabindex="-1" aria-disabled="true">Specials</div>
-        <a class="nav-link  {% if query_defaults['user'] == '-purchaser-' %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user='-purchaser-', search=None)) }}">Edited by me</a>
-    </nav>
+<nav class="nav nav-pills flex-column mt-3">
+    <div class="nav-link disabled text-small" tabindex="-1" aria-disabled="true">Specials</div>
+    <a class="nav-link  {% if query_defaults['category'] == 'synthesis' %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user=None, search=None, category='synthesis')) }}">CPI Synthesis</a>
+    {% if request.has_permission("batch-edit", context) and query_defaults['user'] != '-purchaser-' %}
+        <a class="nav-link  {% if query_defaults['user'] == '-purchaser-' %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user='-purchaser-', search=None, category=None)) }}">Edited by me</a>
+    {% endif %}
+</nav>

-{% endif %}

 {% if query_defaults['user'] not in (None, request.user.username) %}
    <nav class="nav nav-pills flex-column mt-3">
        <div class="nav-link disabled text-small" tabindex="-1" aria-disabled="true">{{ query_defaults['user'] if query_defaults['user'] != '-purchaser-' else "Edited By Me" }}</div>
-        <a class="nav-link  {% if query_defaults['status'] == 'all' %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user=query_defaults['user'], search=None)) }}">All</a>
+        <a class="nav-link  {% if query_defaults['status'] == 'all' %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=None, user=query_defaults['user'], search=None, category=None)) }}">All</a>
        {% for status in stati %}
-            <a class="nav-link {% if query_defaults['status'] == status.name.lower() %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=status.name.lower(), user=query_defaults['user'], search=None)) }}">{{status.name.lower()}}</a>
+            <a class="nav-link {% if query_defaults['status'] == status.name.lower() %}active{% endif %}" href="{{ context|resource_url(query=query_defaults(status=status.name.lower(), user=query_defaults['user'], search=None, category=None)) }}">{{status.name.lower()}}</a>
        {% endfor %}
    </nav>
 {% endif %}
--- a/ordr3/views/orders.py
+++ b/ordr3/views/orders.py
@ -19,6 +19,14 @@ def get_status(request):
				@@ -19,6 +19,14 @@ def get_status(request):
        return None


+def get_category(request):
+    category_param = request.GET.get("category", "")
+    try:
+        return models.OrderCategory[category_param.upper()]
+    except KeyError:
+        return None
+
+
 def get_multiple_orders(context, request):
    order_ids = {v for k, v in request.POST.items() if k == "selection"}
    return (
@ -96,6 +104,7 @@ def order_list(context, request):
				@@ -96,6 +104,7 @@ def order_list(context, request):
    limit = QUERY_LIMIT
    offset = get_offset(request)
    status = get_status(request)
+    category = get_category(request)
    username = request.GET.get("user", None)
    search = request.GET.get("search", None)

@ -104,6 +113,8 @@ def order_list(context, request):
				@@ -104,6 +113,8 @@ def order_list(context, request):
    )
    if status:
        query = query.filter(models.OrderItem.status == status)
+    if category:
+        query = query.filter(models.OrderItem.category == category)
    if username == "-purchaser-":
        query = (
            query.distinct()
@ -129,8 +140,12 @@ def order_list(context, request):
				@@ -129,8 +140,12 @@ def order_list(context, request):
    order_resources = [resources.Order.from_model(u, context) for u in orders]

    filter_status = "all" if status is None else status.name.lower()
+    filter_category = None if category is None else category.name.lower()
    query_defaults = DefaultQueryParams(
-        status=filter_status, user=username, search=search
+        status=filter_status,
+        user=username,
+        search=search,
+        category=filter_category,
    )

    return {
--- a/tests/functional/test_login.py
+++ b/tests/functional/test_login.py
@ -8,7 +8,7 @@ def test_login_ok(testapp):
				@@ -8,7 +8,7 @@ def test_login_ok(testapp):

    form = response.form
    form["username"] = "TestAdmin"
-    form["password"] = "jane"
+    form["password"] = "jane"  # noqa: S105
    response = form.submit("submit").follow()
    assert "My Orders" in response

@ -20,7 +20,7 @@ def test_login_wrong_username(testapp):
				@@ -20,7 +20,7 @@ def test_login_wrong_username(testapp):

    form = response.form
    form["username"] = "XXAdmin"
-    form["password"] = "jane"
+    form["password"] = "jane"  # noqa: S105
    response = form.submit("Log In")
    assert "Credentials are invalid" in response

@ -32,7 +32,7 @@ def test_login_wrong_password(testapp):
				@@ -32,7 +32,7 @@ def test_login_wrong_password(testapp):

    form = response.form
    form["username"] = "TestAdmin"
-    form["password"] = "wrong password"
+    form["password"] = "wrong password"  # noqa: S105
    response = form.submit("Log In")
    assert "Credentials are invalid" in response

@ -44,7 +44,7 @@ def test_login_fails_inactive_user(testapp):
				@@ -44,7 +44,7 @@ def test_login_fails_inactive_user(testapp):

    form = response.form
    form["username"] = "TestInactive"
-    form["password"] = "peter"
+    form["password"] = "peter"  # noqa: S105
    response = form.submit("Log In")
    assert "Credentials are invalid" in response

@ -56,7 +56,7 @@ def test_logout(testapp):
				@@ -56,7 +56,7 @@ def test_logout(testapp):

    form = response.form
    form["username"] = "TestAdmin"
-    form["password"] = "jane"
+    form["password"] = "jane"  # noqa: S105
    response = form.submit("submit").follow()
    assert "My Orders" in response

--- a/tests/functional/test_order_list.py
+++ b/tests/functional/test_order_list.py
@ -17,6 +17,11 @@ def test_order_list(testapp, login_as, contains):
				@@ -17,6 +17,11 @@ def test_order_list(testapp, login_as, contains):
        response, Eppis=True, Ethanol=True, NaCl=False, Spritzen=False
    )

+    response = testapp.get("/orders?category=biolab", status=200)
+    assert contains(
+        response, Eppis=True, Ethanol=False, NaCl=False, Spritzen=True
+    )
+
    response = testapp.get("/orders?user=TestAdmin", status=200)
    assert contains(
        response, Eppis=False, Ethanol=True, NaCl=True, Spritzen=False
--- a/tests/functional/test_password_reset.py
+++ b/tests/functional/test_password_reset.py
@ -8,7 +8,7 @@ def test_password_reset(testapp, parse_latest_mail):
				@@ -8,7 +8,7 @@ def test_password_reset(testapp, parse_latest_mail):

    form = response.form
    form["username"] = "TestAdmin"
-    form["password"] = "jixx"
+    form["password"] = "jixx"  # noqa: S105
    response = form.submit("Log In")
    assert "Credentials are invalid" in response

@ -27,21 +27,21 @@ def test_password_reset(testapp, parse_latest_mail):
				@@ -27,21 +27,21 @@ def test_password_reset(testapp, parse_latest_mail):
    assert "You can now set a new password" in response

    form = response.form
-    form["new_password"] = "jixx"
+    form["new_password"] = "jixx"  # noqa: S105
    response = form.submit("Reset_Password").follow()
    assert "You changed your Password." in response

    response = testapp.get("/", status=302).follow()
    form = response.form
    form["username"] = "TestAdmin"
-    form["password"] = "jane"
+    form["password"] = "jane"  # noqa: S105
    response = form.submit("Log In")
    assert "Credentials are invalid" in response

    response = testapp.get("/", status=302).follow()
    form = response.form
    form["username"] = "TestAdmin"
-    form["password"] = "jixx"
+    form["password"] = "jixx"  # noqa: S105
    response = form.submit("Log In").follow()
    assert "My Orders" in response

@ -100,14 +100,14 @@ def test_password_reset_cancel_after_token(testapp, parse_latest_mail):
				@@ -100,14 +100,14 @@ def test_password_reset_cancel_after_token(testapp, parse_latest_mail):
    assert "You can now set a new password" in response

    form = response.form
-    form["new_password"] = "jixx"
+    form["new_password"] = "jixx"  # noqa: S105
    response = form.submit("Cancel").follow(status=302).follow()
    assert "Please Log In" in response

    response = testapp.get("/", status=302).follow()
    form = response.form
    form["username"] = "TestAdmin"
-    form["password"] = "jane"
+    form["password"] = "jane"  # noqa: S105
    response = form.submit("Log In").follow()
    assert "My Orders" in response

@ -132,7 +132,7 @@ def test_password_reset_empty_password(testapp, parse_latest_mail):
				@@ -132,7 +132,7 @@ def test_password_reset_empty_password(testapp, parse_latest_mail):
    assert "You can now set a new password" in response

    form = response.form
-    form["new_password"] = ""
+    form["new_password"] = ""  # noqa: S105
    response = form.submit("Reset_Password")
    assert "There was a problem with your submission" in response

@ -167,12 +167,12 @@ def test_password_reset_form_invalid_token(testapp, parse_latest_mail):
				@@ -167,12 +167,12 @@ def test_password_reset_form_invalid_token(testapp, parse_latest_mail):

    form = response.form
    form.action = "/reset?t=invalid"
-    form["new_password"] = "jixx"
+    form["new_password"] = "jixx"  # noqa: S105
    response = form.submit("Reset_Password").follow(status=302).follow()
    assert "Please Log In" in response

    form = response.form
    form["username"] = "TestAdmin"
-    form["password"] = "jane"
+    form["password"] = "jane"  # noqa: S105
    response = form.submit("Log In").follow()
    assert "My Orders" in response
--- a/tests/functional/test_registration.py
+++ b/tests/functional/test_registration.py
@ -14,7 +14,7 @@ def test_registration_procedure(testapp, login_as, parse_latest_mail):
				@@ -14,7 +14,7 @@ def test_registration_procedure(testapp, login_as, parse_latest_mail):
    form["first_name"] = "Eric"
    form["last_name"] = "Idle"
    form["email"] = "eric@example.com"
-    form["password"] = "eric"
+    form["password"] = "eric"  # noqa: S105
    response = form.submit("Create_Account").follow()
    assert "The account needs to be activated" in response

@ -77,7 +77,7 @@ def test_registration_procedure_not_unique_username(
				@@ -77,7 +77,7 @@ def test_registration_procedure_not_unique_username(
    form["first_name"] = "Eric"
    form["last_name"] = "Idle"
    form["email"] = "eric@example.com"
-    form["password"] = "eric"
+    form["password"] = "eric"  # noqa: S105

    response = form.submit("Create_Account")
    assert "There was a problem with your submission" in response
@ -98,7 +98,7 @@ def test_registration_procedure_not_unique_email(
				@@ -98,7 +98,7 @@ def test_registration_procedure_not_unique_email(
    form["first_name"] = "Eric"
    form["last_name"] = "Idle"
    form["email"] = "jane@example.com"
-    form["password"] = "eric"
+    form["password"] = "eric"  # noqa: S105

    response = form.submit("Create_Account")
    assert "There was a problem with your submission" in response
@ -115,12 +115,12 @@ def test_registration_procedure_bad_csrf_token(
				@@ -115,12 +115,12 @@ def test_registration_procedure_bad_csrf_token(
    assert "Register a new account" in response

    form = response.form
-    form["csrf_token"] = "bad token"
+    form["csrf_token"] = "bad token"  # noqa: S105
    form["user_name"] = "TestNew"
    form["first_name"] = "Eric"
    form["last_name"] = "Idle"
    form["email"] = "eric@example.com"
-    form["password"] = "eric"
+    form["password"] = "eric"  # noqa: S105

    form.submit("Create_Account", status=400)

@ -138,6 +138,6 @@ def test_registration_procedure_canceled(testapp, login_as, parse_latest_mail):
				@@ -138,6 +138,6 @@ def test_registration_procedure_canceled(testapp, login_as, parse_latest_mail):
    form["first_name"] = "Eric"
    form["last_name"] = "Idle"
    form["email"] = "eric@example.com"
-    form["password"] = "eric"
+    form["password"] = "eric"  # noqa: S105
    response = form.submit("Cancel").follow(status=302).follow()
    assert "Please Log In" in response