add suppliers/lists ui styling and security fixes

2012-09-07 15:19:02 +02:00
parent 2be6c0ee03
commit 76424f972f
33 changed files with 773 additions and 22 deletions
@@ -24,3 +24,11 @@ body
    li
      a
        background-color: rgba(0, 0, 0, 0.4)
+  dl
+    &.dl-horizontal
+      dt
+        &:after
+          content: ' :'
+      dd
+        &:after
+          content: '\a0'
@@ -1,6 +1,7 @@
 /*
 *= require 'bootstrap_and_overrides'
 *= require 'bootstrap_overrides'
+ *= require 'jquery-ui-1.8.23.custom.css'
 *= require 'general'
 *= require_directory .
 *= require_self
@@ -111,15 +111,4 @@ class SupplierController < ApplicationController
    @order.is_delivered!
    render nothing: true
  end
-
-  # GET /supplier/lists/1
-  def show_list
-    @list = List.find_by_supplier_id_and_id(current_supplier.id, params[:list_id])
-    respond_to do |format|
-      format.html {}
-      format.json do
-        render json: @list.with_orders_as_json
-      end
-    end
-  end
 end
@@ -0,0 +1,83 @@
+module Suppliers
+  class ListsController < Suppliers::ApplicationController
+    # GET /lists
+    # GET /lists.json
+    def index
+      @date = params[:date].present? ? (Date.parse(params[:date]) rescue Date.today) : Date.today
+      @time = @date.to_time(:utc)
+      @start_time = @time.beginning_of_day
+      @end_time = @time.end_of_day
+      if current_supplier.night_offset.present?
+        @start_time += current_supplier.night_offset.to_f.hours
+        @end_time += current_supplier.night_offset.to_f.hours
+      end
+      @lists  = List.for_user_created_at current_user, @start_time..@end_time
+
+      respond_to do |format|
+        format.html # index.html.erb
+        format.json { render json: @lists }
+      end
+    end
+
+    # GET /lists/1
+    # GET /lists/1.json
+    def show
+      @list = List.find_by_supplier_id_and_id(current_supplier.id, params[:id])
+      respond_to do |format|
+        format.html {}
+        format.json do
+          render json: @list.with_orders_as_json
+        end
+      end
+    end
+
+    # GET /lists/new
+    # GET /lists/new.json
+    def new
+      @list = List.new
+      @list.section_id = params[:section_id].presence
+
+      respond_to do |format|
+        format.html # new.html.erb
+        format.json { render json: @list }
+      end
+    end
+
+    # GET /lists/1/edit
+    def edit
+      @list = List.find_by_supplier_id_and_id(current_supplier.id, params[:id])
+      @tables = current_supplier.active_tables
+    end
+
+    # PUT /lists/1
+    # PUT /lists/1.json
+    def update
+      @list = List.find_by_supplier_id_and_id(current_supplier.id, params[:id])
+
+      respond_to do |format|
+        if @list.update_attributes(params[:list])
+          format.html { redirect_to [:suppliers, @list], notice: t('action.update.successfull', model: List.model_name.human) }
+          format.json { head :no_content }
+          format.js { head :no_content }
+        else
+          @tables = current_supplier.active_tables
+          format.html { render action: "edit" }
+          format.json { render json: @list.errors, status: :unprocessable_entity }
+          format.js { head :no_content }
+        end
+      end
+    end
+
+    # DELETE /lists/1
+    # DELETE /lists/1.json
+    def destroy
+      @list = List.find_by_supplier_id_and_id(current_supplier.id, params[:id])
+      @list.destroy
+
+      respond_to do |format|
+        format.html { redirect_to suppliers_lists_url, notice: t('action.destroy.successfull', model: List.model_name.human) }
+        format.json { head :no_content }
+      end
+    end
+  end
+end
@@ -15,7 +15,7 @@ module Suppliers
    # GET /sections/1
    # GET /sections/1.json
    def show
-      @section = Section.find(params[:id])
+      @section = Section.find_by_supplier_and_id(current_supplier, params[:id])

      respond_to do |format|
        format.html # show.html.erb
@@ -27,6 +27,7 @@ module Suppliers
    # GET /sections/new.json
    def new
      @section = Section.new
+      @section.supplier = current_supplier

      respond_to do |format|
        format.html # new.html.erb
@@ -36,7 +37,7 @@ module Suppliers

    # GET /sections/1/edit
    def edit
-      @section = Section.find(params[:id])
+      @section = Section.find_by_supplier_and_id(current_supplier, params[:id])
    end

    # POST /sections
@@ -75,7 +76,7 @@ module Suppliers
    # DELETE /sections/1
    # DELETE /sections/1.json
    def destroy
-      @section = Section.find(params[:id])
+      @section = Section.find_by_supplier_and_id(current_supplier, params[:id])
      @section.destroy

      respond_to do |format|
@@ -87,7 +88,7 @@ module Suppliers
    # GET /sections/1/manage_tables
    # GET /sections/1/manage_tables.json
    def manage_tables
-      @section = Section.find(params[:id])
+      @section = Section.find_by_supplier_and_id(current_supplier, params[:id])

      respond_to do |format|
        format.html # show.html.erb
@@ -98,7 +99,7 @@ module Suppliers
    # GET /sections/1/tables_view
    # GET /sections/1/tables_view.json
    def tables_view
-      @section = Section.find(params[:id])
+      @section = Section.find_by_supplier_and_id(current_supplier, params[:id])

      respond_to do |format|
        format.html # show.html.erb
@@ -14,6 +14,12 @@ module ApplicationHelper
    end
  end

+  # overwrite i18n l, to handle nil values
+  def l(*args)
+    return '' unless args.first
+    super(*args)
+  end
+
  def are_you_sure?
    t('helpers.links.are_you_sure')
  end
@@ -57,4 +63,8 @@ module ApplicationHelper
  def slider_image
    image_tag('spinner.gif')
  end
+
+  def show_boolean(bool)
+    t("general.boolean.boolean_#{bool.present? ? 'yes' : 'no'}")
+  end
 end
@@ -7,6 +7,7 @@ class List
  property :needs_payment, type: :boolean, default: false
  property :closed_at, type: Time
  property :join_requests, type: Array, default: []
+  property :price, type: Float

  has_many :orders, dependent: :destroy
  belongs_to :table
@@ -50,13 +51,31 @@ class List
    end
  end

+  def self.for_user_created_at(user, range, options = {})
+    database.view(for_user_view({startkey: [user.id, range.last], endkey: [user.id, range.first], include_docs: true, reduce: false, descending: true}.merge(options)))
+  end
+
  def close!
+    orders.include_relation(:product_orders)
+    set_price
    orders.map(&:close!)
    self.state = 'closed'
    self.closed_at = Time.now
    save
  end

+  def set_price
+    list_total = 0.0
+    for order in orders
+      order_total = 0.0
+      for product_order in order.product_orders
+        order_total += (product_order.amount * product_order.price).round(2)
+      end
+      list_total += order_total.round(2)
+    end
+    self.price = list_total.round(2)
+  end
+
  def table_number
    @table_number ||= table.number
  end
@@ -5,6 +5,7 @@ class Supplier

  property :name
  property :open, type: :boolean, default: false
+  property :night_offset, type: Float
  
  #WIFI
  property :offer_wifi
@@ -16,6 +17,7 @@ class Supplier
  has_many :products, dependent: :destroy
  has_many :product_categories, dependent: :destroy
  has_many :tables, dependent: :destroy
+  has_many :lists, dependent: :destroy
  #has_many :lists, through: :tables
  has_many :orders
  has_many :sections, dependent: :destroy
@@ -63,7 +65,6 @@ class Supplier
    self.open = false
    save
  end
-
  private

  def add_section_on_create
@@ -41,13 +41,13 @@ html lang="en"
                  li= link_to 'Logout', destroy_supplier_session_path, method: :delete
          .container.nav-collapse
            ul.nav#top-navigation-list
-              li= link_to t('supplier.menu.active_orders', orders: Order.model_name.human_plural), supplier_active_orders_path
-              li= link_to t('supplier.menu.active_lists', lists: List.model_name.human_plural), supplier_active_lists_path
+              //li= link_to t('supplier.menu.active_orders', orders: Order.model_name.human_plural), supplier_active_orders_path
+              //li= link_to t('supplier.menu.active_lists', lists: List.model_name.human_plural), supplier_active_lists_path
              li= link_to ProductCategory.model_name.human_plural, suppliers_product_categories_path
              li= link_to Product.model_name.human_plural, suppliers_products_path
              li= link_to Section.model_name.human_plural, suppliers_sections_path
              li= link_to Table.model_name.human_plural, suppliers_tables_path
-
+              li= link_to List.model_name.human_plural, suppliers_lists_path
    .container
      .content
        - if flash[:alert].present?
@@ -0,0 +1,22 @@
+= form_for [:suppliers, @list], html: {class: 'form-horizontal' } do |f|
+  = render 'error_messages', target: @list
+  .control-group class=(@list.errors[:state].any? ? 'error' : nil)
+    = f.label :state, class: 'control-label'
+    .controls
+      = f.text_field :state, class: 'text_field', disabled: true
+  .control-group class=(@list.errors[:needs_help].any? ? 'error' : nil)
+    = f.label :needs_help, class: 'control-label'
+    .controls
+      = f.check_box :needs_help, class: 'check_box'
+  .control-group class=(@list.errors[:needs_payment].any? ? 'error' : nil)
+    = f.label :needs_payment, class: 'control-label'
+    .controls
+      = f.check_box :needs_payment, class: 'check_box'
+  .control-group class=(@list.errors[:table_id].any? ? 'error' : nil)
+    = f.label :table_id, Table.model_name.human, class: 'control-label'
+    .controls
+      = f.collection_select :table_id, @tables, :id, :number, include_blank: nil
+  .form-actions
+    = f.submit nil, class: 'btn btn-primary'
+    '
+    = link_to t("helpers.links.cancel"), suppliers_lists_path, class: 'btn'
@@ -0,0 +1,4 @@
+- model_class = List
+.page-header
+  = title :edit, model_class
+= render 'form' 
@@ -0,0 +1,41 @@
+- model_class = List
+div.page-header= title :index, model_class
+form action='' method="get"
+  input#lists-date type="text" name="date" value=@date.to_s('%Y-%m-%d')
+.well
+  - if @lists.any?
+    table.table
+      thead
+        tr
+          th= model_class.human_attribute_name(:state)
+          th= model_class.human_attribute_name(:needs_help)
+          th= model_class.human_attribute_name(:needs_payment)
+          th= model_class.human_attribute_name(:closed_at)
+          th= Table.model_name.human
+          th.currency= model_class.human_attribute_name(:price)
+          th.timestamp= model_class.human_attribute_name(:created_at)
+          th.actions=t 'helpers.actions'
+      tbody
+        - @lists.each do |list|
+          tr
+            td= link_to list.state, [:suppliers, list]
+            td=show_boolean list.needs_help
+            td=show_boolean list.needs_payment
+            td=l list.closed_at, format: :short
+            td= link_to_if list.table.present?, list.table.try(:number), [:suppliers, list.table]
+            td.currency= list.price.present? ? currency(list.price) : '...'
+            td.timestamp=l list.created_at, format: :short
+            td.actions
+              = link_to t('helpers.links.edit'), [:edit, :suppliers, list], class: 'btn btn-mini'
+              '
+              = link_to t("helpers.links.destroy"), [:suppliers, list], method: :delete, data: {confirm: are_you_sure? }, class: 'btn btn-mini btn-danger'
+  - else
+    = no_content_given model_class
+- content_for :footer do
+  javascript:
+    $('#lists-date').datepicker({
+      dateFormat: 'yy-mm-dd',
+      onSelect: function(dateText, inst){
+        $(this).parents('form').submit();
+      }
+    })
@@ -0,0 +1,4 @@
+- model_class = List
+.page-header
+  = title :new, model_class
+= render 'form'
@@ -7,7 +7,7 @@ dl.dl-horizontal.show-list
  dt= model_class.human_attribute_name(:code)
  dd= @product.code
  dt= model_class.human_attribute_name(:price)
-  dd= @product.price
+  dd=currency @product.price
  - if @product.product_category.present?
    dt= ProductCategory.model_name.human
    dd= link_to @product.product_category.name, @product.product_category