From e9a81c9b03197987c292b02cb529bc397ceba27f Mon Sep 17 00:00:00 2001 From: Andrey Date: Tue, 24 Jan 2017 16:41:40 +0300 Subject: [PATCH] raise exception if user have no profile --- project/customer/utils.py | 4 +++ project/customer/views/bank_accounts.py | 8 +++++ project/customer/views/bank_accounts_ajax.py | 19 ++++++++--- project/customer/views/clients.py | 10 ++++++ project/customer/views/clients_ajax.py | 17 +++++++--- project/customer/views/docs.py | 3 ++ project/customer/views/license.py | 9 +++++ project/customer/views/profile.py | 35 ++++++++++---------- project/customer/views/profile_ajax.py | 21 ++++++------ project/docs/views/ajax.py | 4 +++ project/docs/views/base_views.py | 7 +++- 11 files changed, 101 insertions(+), 36 deletions(-) diff --git a/project/customer/utils.py b/project/customer/utils.py index 3c485be..55b59ed 100644 --- a/project/customer/utils.py +++ b/project/customer/utils.py @@ -79,3 +79,7 @@ def check_one_profile(profile, License, now, manual=False): email = EmailMessage(subject=subject, to=(licenses[0].user.email,), body=email_body) email.send() + +def raise_if_no_profile(request): + if not request.user.profile: + raise Exception(u"Profile not found for user: %d, '%s'" % request.user.pk, request.user.username) diff --git a/project/customer/views/bank_accounts.py b/project/customer/views/bank_accounts.py index 0ab6efa..6f1dff3 100644 --- a/project/customer/views/bank_accounts.py +++ b/project/customer/views/bank_accounts.py @@ -8,6 +8,7 @@ from project.commons.paginator import pagination, save_per_page_value from .. import models, forms from ..decorators import license_required +from ..utils import raise_if_no_profile @login_required @@ -15,6 +16,7 @@ from ..decorators import license_required @save_per_page_value def bank_accounts_list(request, page_num=None): """Список расчетных счетов пользователя.""" + raise_if_no_profile(request) template_name = 'customer/bank_accounts/list.html' account_list = models.BankAccount.objects.get_all(request.user.profile) page, pagination_form = pagination(request, account_list, page_num) @@ -25,6 +27,8 @@ def bank_accounts_list(request, page_num=None): @csrf_protect def bank_accounts_add(request): """Добавить расчетный счет.""" + raise_if_no_profile(request) + template_name='customer/bank_accounts/add.html' form_class = forms.BankAccountForm @@ -57,6 +61,8 @@ def bank_accounts_add(request): @csrf_protect def bank_accounts_edit(request, id): """Редактировать расчетный счет.""" + raise_if_no_profile(request) + template_name = 'customer/bank_accounts/edit.html' form_class = forms.BankAccountForm @@ -90,6 +96,8 @@ def bank_accounts_edit(request, id): @csrf_protect def bank_accounts_delete(request, id): """Удалить расчетный счет.""" + raise_if_no_profile(request) + template_name='customer/bank_accounts/delete.html' success_url = 'customer_bank_accounts_list' diff --git a/project/customer/views/bank_accounts_ajax.py b/project/customer/views/bank_accounts_ajax.py index c60c1c3..6b00c96 100644 --- a/project/customer/views/bank_accounts_ajax.py +++ b/project/customer/views/bank_accounts_ajax.py @@ -12,6 +12,7 @@ from project.commons.utils import dthandler from .. import models, forms from ..decorators import license_required +from ..utils import raise_if_no_profile @login_required @@ -20,6 +21,8 @@ def bank_accounts_list_ajax(request): if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + fields_list = ['pk', 'bik', 'name', 'address', 'korr_account', 'account', 'is_main',] accounts = models.BankAccount.objects.get_all(company=request.user.profile).values(*fields_list) @@ -40,6 +43,8 @@ def bank_accounts_get_ajax(request, id): if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + try: fields_list = forms.BankAccountForm.Meta.fields except AttributeError: @@ -56,11 +61,13 @@ def bank_accounts_get_ajax(request, id): @csrf_protect def bank_accounts_add_ajax(request): """Добавить расчетный счет - AJAX.""" - form_class = forms.BankAccountForm - if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + + form_class = forms.BankAccountForm + form = form_class(initial={'company': request.user.profile.id}, data=request.POST) if form.is_valid(): new_account = form.save(commit=False) @@ -84,11 +91,13 @@ def bank_accounts_add_ajax(request): @csrf_protect def bank_accounts_edit_ajax(request, id): """Редактировать расчетный счет - AJAX.""" - form_class = forms.BankAccountForm - if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + + form_class = forms.BankAccountForm + account = get_object_or_404(models.BankAccount, pk=id, company=request.user.profile) form = form_class(data=request.POST, instance=account) @@ -115,6 +124,8 @@ def bank_accounts_delete_ajax(request, id): if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + account = get_object_or_404(models.BankAccount, pk=id, company=request.user.profile) account.delete() diff --git a/project/customer/views/clients.py b/project/customer/views/clients.py index cfae48f..7f36c21 100644 --- a/project/customer/views/clients.py +++ b/project/customer/views/clients.py @@ -7,6 +7,7 @@ from project.commons.paginator import pagination, save_per_page_value from .. import models, forms from ..decorators import license_required +from ..utils import raise_if_no_profile @login_required @@ -14,6 +15,9 @@ from ..decorators import license_required @save_per_page_value def clients_list(request, page_num=None): """Список контрагентов пользователя.""" + + raise_if_no_profile(request) + template_name='customer/clients/list.html' client_list = models.Client.objects.filter(company=request.user.profile).order_by('name', '-created_at') @@ -34,6 +38,8 @@ def clients_list(request, page_num=None): @csrf_protect def clients_add(request): """Добавить контрагента.""" + raise_if_no_profile(request) + template_name='customer/clients/add.html' success_url = 'customer_clients_list' form_class = forms.ClientForm @@ -60,6 +66,8 @@ def clients_add(request): @csrf_protect def clients_edit(request, id): """Редактировать контрагента.""" + raise_if_no_profile(request) + template_name='customer/clients/edit.html' success_url = 'customer_clients_list' @@ -90,6 +98,8 @@ def clients_edit(request, id): @csrf_protect def clients_delete(request, id): """Удалить контрагента.""" + raise_if_no_profile(request) + template_name='customer/clients/delete.html' success_url = 'customer_clients_list' diff --git a/project/customer/views/clients_ajax.py b/project/customer/views/clients_ajax.py index 6b9e582..9fa32d8 100644 --- a/project/customer/views/clients_ajax.py +++ b/project/customer/views/clients_ajax.py @@ -12,6 +12,7 @@ from django.template.loader import render_to_string from .. import models, forms from ...docs.models import Invoice, Faktura, AktRabot, AktSverki, Nakladn, Platejka, Dover from ..decorators import license_required +from ..utils import raise_if_no_profile @login_required @@ -23,6 +24,8 @@ def clients_get_ajax(request, id): if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + try: fields_list = forms.ClientForm.Meta.fields except AttributeError: @@ -38,11 +41,13 @@ def clients_get_ajax(request, id): @csrf_protect def clients_add_ajax(request): """Добавить контрагента - AJAX.""" - form_class = forms.ClientForm - if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + + form_class = forms.ClientForm + new_client_id = None new_client_str = None form = form_class(data=request.POST) @@ -81,11 +86,13 @@ def clients_add_ajax(request): @csrf_protect def clients_edit_ajax(request, id): """Редактировать контрагента - AJAX.""" - form_class = forms.ClientForm - if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + + form_class = forms.ClientForm + client = get_object_or_404(models.Client, pk=id, company=request.user.profile) form = form_class(data=request.POST, instance=client) @@ -121,6 +128,8 @@ def clients_delete_ajax(request, id): if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + client = get_object_or_404(models.Client, pk=id, company=request.user.profile) client_docs = [] doc_list = [(Invoice, u'счета'), (Faktura, u'счета-фактуры'), (Nakladn, u'накладные'), diff --git a/project/customer/views/docs.py b/project/customer/views/docs.py index 152c08c..e635c10 100644 --- a/project/customer/views/docs.py +++ b/project/customer/views/docs.py @@ -11,6 +11,7 @@ from xlutils.copy import copy from pytils.numeral import rubles from ..models import License +from ..utils import raise_if_no_profile XLS_ROOT = os.path.join(settings.TEMPLATE_DIRS[0], 'xls') @@ -20,6 +21,8 @@ def get_doc(request, order_num=None): if not request.user.is_authenticated(): raise HttpResponseForbidden + raise_if_no_profile(request) + license = License.objects.get(pk=order_num) pm = license.payform data = request.user.profile diff --git a/project/customer/views/license.py b/project/customer/views/license.py index 08c0df7..92df19b 100644 --- a/project/customer/views/license.py +++ b/project/customer/views/license.py @@ -17,6 +17,7 @@ from yandex_money.models import Payment from ..models import License, LicensePrice from ..consts import PAYFORMS from ..forms import LicenseForm, YaForm +from ..utils import raise_if_no_profile @login_required @@ -36,6 +37,8 @@ def yandex_pay(request, payment_id): def order_license(request): """заказ лицензии """ + raise_if_no_profile(request) + template_name = 'customer/profile/license.html' form = LicenseForm(request.POST or None, initial = {'term': LicensePrice.objects.all()[1], 'payform': 0}) @@ -70,6 +73,8 @@ def order_license(request): def license_list(request): """Список счетов на лицензии """ + raise_if_no_profile(request) + template_name = 'customer/profile/license_list.html' licenses = License.objects.filter(company=request.user.profile, deleted=False, status__gt=-1).order_by('-id') dictionary = { @@ -82,6 +87,8 @@ def license_list(request): def paid_list(request): """Оплаченные лицензии """ + raise_if_no_profile(request) + template_name = 'customer/profile/paid_list.html' licenses = License.objects.filter(company=request.user.profile, status__in=[-1, 1, 2, 3, 4], deleted=False).order_by('-id') @@ -96,6 +103,8 @@ def delete_license(request, pk): if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + try: license = License.objects.get(pk=pk, status=0, company=request.user.profile) if request.method == 'POST': diff --git a/project/customer/views/profile.py b/project/customer/views/profile.py index e97ab0d..bdaef4f 100644 --- a/project/customer/views/profile.py +++ b/project/customer/views/profile.py @@ -1,7 +1,7 @@ # -*- coding: utf-8 -*- import os import json -import tempfile +import tempfile from email.header import Header from django.shortcuts import render, redirect, get_object_or_404 @@ -21,7 +21,8 @@ from project.commons.pdf_tools import render_pdf_to_string, pdf_to_response from .. import models, forms from ..decorators import license_required - +from ..utils import raise_if_no_profile + PDF_PROFILE_NAME = u'Реквизиты.pdf' SUPPORT_EMAIL = getattr(settings, 'SUPPORT_EMAIL', '') @@ -33,13 +34,13 @@ SUPPORT_EMAIL = getattr(settings, 'SUPPORT_EMAIL', '') @csrf_protect def profile_view(request): """Просмотр профиля пользователя, фильтрация реквизитов, скачать/отправить реквизиты по почте.""" + raise_if_no_profile(request) + template_name = 'customer/profile/view.html' - try: - profile = request.user.profile - except: - raise Http404 - accounts = models.BankAccount.objects.get_all(request.user.profile) + profile = request.user.profile + + accounts = models.BankAccount.objects.get_all(profile) filters_form_class = forms.get_profile_filters_form_class(profile.profile_type) filters = models.UserProfileFilters.objects.get_or_create_filters(user=request.user) @@ -72,20 +73,20 @@ def profile_view(request): @csrf_protect def profile_edit(request): """Редактировать профиль пользователя.""" + raise_if_no_profile(request) + template_name = 'customer/profile/edit.html' success_url = 'customer_profile_view' if request.method == 'POST' and '_cancel' in request.POST: return redirect(success_url) - try: - profile = request.user.profile - except: - raise Http404 + profile = request.user.profile + form_class = forms.get_profile_form_class(profile.profile_type) - accounts = models.BankAccount.objects.get_all(request.user.profile) - bank_account_form = forms.BankAccountForm(initial={'company': request.user.profile}) + accounts = models.BankAccount.objects.get_all(profile) + bank_account_form = forms.BankAccountForm(initial={'company': profile}) if request.method == 'POST': form = form_class(data=request.POST, files=request.FILES, instance=profile) @@ -193,6 +194,8 @@ def _send_profile_email(subject, to, body, pdf_content): @csrf_protect def profile_email(request): """Форма отправки профиля пользователя на email аттачем в PDF.""" + raise_if_no_profile(request) + template_name = 'customer/profile/email.html' success_url = 'customer_profile_view' @@ -201,10 +204,8 @@ def profile_email(request): if request.method == 'POST' and '_cancel' in request.POST: return redirect('customer_profile_view') - try: - profile = request.user.profile - except: - raise Http404 + profile = request.user.profile + filters = models.UserProfileFilters.objects.get_or_create_filters(user=request.user) if request.method == 'POST': diff --git a/project/customer/views/profile_ajax.py b/project/customer/views/profile_ajax.py index 2044461..32a288f 100644 --- a/project/customer/views/profile_ajax.py +++ b/project/customer/views/profile_ajax.py @@ -9,8 +9,9 @@ from django.contrib.auth.decorators import login_required from .. import models, forms -from ..decorators import license_required +from ..decorators import license_required from .profile import _send_profile_email, _profile_get_pdf +from ..utils import raise_if_no_profile @login_required @@ -21,11 +22,11 @@ def profile_filters_edit_ajax(request): if not request.is_ajax(): return HttpResponseBadRequest() - try: - profile = request.user.profile - except: - raise Http404 - accounts = models.BankAccount.objects.get_all(request.user.profile) + raise_if_no_profile(request) + + profile = request.user.profile + + accounts = models.BankAccount.objects.get_all(profile) filters_form_class = forms.get_profile_filters_form_class(profile.profile_type) filters = models.UserProfileFilters.objects.get_or_create_filters(user=request.user) @@ -54,12 +55,12 @@ def profile_email_ajax(request): if not request.is_ajax(): return HttpResponseBadRequest() + raise_if_no_profile(request) + form_class = forms.EmailProfileForm - try: - profile = request.user.profile - except: - raise Http404 + profile = request.user.profile + filters = models.UserProfileFilters.objects.get_or_create_filters(user=request.user) form = form_class(data=request.POST) diff --git a/project/docs/views/ajax.py b/project/docs/views/ajax.py index ca2a1fe..048f5e7 100644 --- a/project/docs/views/ajax.py +++ b/project/docs/views/ajax.py @@ -8,6 +8,7 @@ from django.db.models import get_model from django.views.decorators.csrf import csrf_protect from ..models import Invoice +from project.customer.utils import raise_if_no_profile def get_pair(request, model, param1, val1, param2): @@ -30,6 +31,9 @@ def get_pair(request, model, param1, val1, param2): def get_invoices(request, client_id=None): if not request.is_ajax(): return HttpResponseBadRequest() + + raise_if_no_profile(request) + if client_id: invoices = Invoice.objects.filter(client__id=client_id) else: diff --git a/project/docs/views/base_views.py b/project/docs/views/base_views.py index 8d39abf..a9a59a4 100644 --- a/project/docs/views/base_views.py +++ b/project/docs/views/base_views.py @@ -33,7 +33,8 @@ from ..as_xls import render_xls_to_string from ..forms import EmailForm, InvoicesListForm from .. import filters -from project.customer.decorators import license_required +from project.customer.decorators import license_required +from project.customer.utils import raise_if_no_profile DEBUG = getattr(settings, 'DEBUG', False) @@ -249,6 +250,8 @@ class BaseViews(object): """Добавить документ. Если при GET-запросе в kwargs передать initial, то создаст предзаполненный документ. """ + raise_if_no_profile(self.request) + if self.request.method == 'POST' and '_cancel' in self.request.POST: return redirect(self.REDIRECT_AFTER_ADD) @@ -635,6 +638,8 @@ class BaseItemsViews(BaseViews): """Добавить документ. Если при GET-запросе в kwargs передать initial и/или initial_items, то создаст предзаполненный документ. """ + raise_if_no_profile(self.request) + if self.request.method == 'POST' and '_cancel' in self.request.POST: return redirect(self.REDIRECT_AFTER_ADD)