From: Konrad Rosenbaum Date: Tue, 27 Dec 2011 20:14:02 +0000 (+0100) Subject: flag checking for events and orders X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=2570383e13df2b5202da850a6a6e22d855bc1fe3;p=web%2Fkonrad%2Fsmoke.git flag checking for events and orders --- diff --git a/pack b/pack index 9be5a0e..f40058f 160000 --- a/pack +++ b/pack @@ -1 +1 @@ -Subproject commit 9be5a0ec75e41359a6820c1cf43193eaa1a22853 +Subproject commit f40058f8f817598e0533e9c57c6a4a0d3517afd9 diff --git a/src/dialogs/orderwin.cpp b/src/dialogs/orderwin.cpp index c71f9d9..1268312 100644 --- a/src/dialogs/orderwin.cpp +++ b/src/dialogs/orderwin.cpp @@ -1161,7 +1161,14 @@ void MOrderItemView::changeItem(int idx) MShippingChange::MShippingChange(QWidget*pa,MOShipping s,int costs) :QDialog(pa) { - all=req->queryGetAllShipping().getshipping(); + QListships=req->queryGetAllShipping().getshipping(); + all.clear(); + MSInterface*ifc=MSInterface::instance(); + foreach(MOShipping ship,ships){ + if(ifc){ + if(ifc->checkFlags(ship.flags()))all<updateTemplates(true); } + +bool MSInterface::checkFlags(const QStringList& fl) const +{ + foreach(QString f,fl){ + f=f.trimmed(); + if(f.isEmpty())continue; + if(f[0]=='+'){ + if(!userflags.contains(f.mid(1)))return false; + }else if(f[0]=='-'){ + if(userflags.contains(f.mid(1)))return false; + }else //ooops! invalid flag spec + return false; + } + //survived all tests + return true; +} diff --git a/src/iface/msinterface.h b/src/iface/msinterface.h index bb54c22..8624853 100644 --- a/src/iface/msinterface.h +++ b/src/iface/msinterface.h @@ -55,6 +55,12 @@ class MSInterface:public MInterface ///returns whether the user has a particular flag Q_INVOKABLE bool hasFlag(QString f)const{return userflags.contains(f);} + ///checks the flags in the string list and returns true if all of them match + Q_INVOKABLE bool checkFlags(const QStringList&)const; + + ///checks the space separeted flags in the string and returns true if all of them match + Q_INVOKABLE bool checkFlags(const QString&s)const{return checkFlags(s.split(" "));} + /**returns the directory where to store data retrieved from the server*/ Q_INVOKABLE QString dataDir()const; /**returns the group in which to find settings in QSettings, this group can be used by any class that accesses the profile*/ diff --git a/src/mwin/carttab.cpp b/src/mwin/carttab.cpp index 0329b41..ca81712 100644 --- a/src/mwin/carttab.cpp +++ b/src/mwin/carttab.cpp @@ -162,7 +162,9 @@ void MCartTab::updateShipping() cartship->addItem(tr("(No Shipping)"),-1); MTGetAllShipping sh=MTGetAllShipping::query(); QListship=sh.getshipping(); + MSInterface*ifc=MSInterface::instance(); for(int i=0;icheckFlags(ship[i].flags()))continue; cartship->addItem(ship[i].description()); cartship->setItemData(cartship->count()-1,(int)ship[i].shipid(),SHIPPING_IDROLE); cartship->setItemData(cartship->count()-1,(int)ship[i].cost(),SHIPPING_PRICEROLE); @@ -317,9 +319,9 @@ void MCartTab::addTicketForEvent(qint64 id) } MOEvent ev=ge.getevent(); //get Price Category - QList ep=ev.price(); + QList ep=ev.priceFiltered(); if(ep.size()==0){ - QMessageBox::warning(this,tr("Warning"),tr("This event has no prices associated. Cannot sell tickets.")); + QMessageBox::warning(this,tr("Warning"),tr("This event has no prices associated that you can use for sales. Cannot sell tickets.")); return; } int pcidx=0; @@ -595,7 +597,9 @@ void MCartTab::verifyOrderCustomer(MOCartOrder&cord) invoiceaddr->setToolTip(tr("The invoice address is not valid, please chose another one.")); } if(cartship->currentIndex()>0 && cord.shippingtypeid().isNull()){ - QPalette red2=QComboBox().palette();red2.setColor(QPalette::Window,Qt::red); + QPalette red2=QComboBox().palette(); + red2.setColor(QPalette::Window,Qt::red); + red2.setColor(QPalette::Button,Qt::red); cartship->setPalette(red2); cartship->setToolTip(tr("Shipping Type does not exist or you do not have permission to use it.")); } diff --git a/src/wext/event.cpp b/src/wext/event.cpp index a9acef0..ce9f356 100644 --- a/src/wext/event.cpp +++ b/src/wext/event.cpp @@ -61,3 +61,16 @@ QString MOEvent::endTimeString()const { return unix2dateTime(end()); } + +QList< MOEventPrice > MOEvent::priceFiltered() const +{ + QList ep=price(); + QList ret; + MSInterface *ifc=MSInterface::instance(); + if(ifc==0)return ep; + foreach(MOEventPrice p,ep){ + if(ifc->checkFlags(p.flags())) + ret<0;} + + ///returns only the prices that this user can order for + QList priceFiltered()const; }; Q_DECLARE_METATYPE(MOEvent) diff --git a/www/inc/wext/cart.php b/www/inc/wext/cart.php index 8f123e9..47562c8 100644 --- a/www/inc/wext/cart.php +++ b/www/inc/wext/cart.php @@ -159,10 +159,17 @@ class WOCartOrder extends WOCartOrderAbstract { if($this->prop_shippingtypeid !== null){ $ship=WTshipping::getFromDB($this->prop_shippingtypeid); + //check it exists if(!is_a($ship,"WTshipping")){ $this->prop_shippingtypeid=null; return false; } + //check we have the right + global $session; + if(!$session->checkFlags($ship->flags)){ + $this->prop_shippingtypeid=null; + return false; + } } return true; } @@ -191,9 +198,11 @@ class WOCartOrder extends WOCartOrderAbstract /**helper function for createOrder: verifies customer settings*/ private function verifyTickets($trans,$salestop) { + global $session; $ret=true; $evseats=array(); $evprice=array(); + $pcat=array(); $now=time(); if($salestop>0)$now+=$salestop*3600; foreach($this->prop_tickets as &$tick){ @@ -207,6 +216,13 @@ class WOCartOrder extends WOCartOrderAbstract $ret=false; continue; } + //check event flags + if(!$session->checkFlags($ev->flags)){ + $tick->setstatus(WOCartTicket::Invalid); + $ret=false; + continue; + } + //verify amount of seats in event if(!array_key_exists($evid,$evseats)) $evseats[$evid]=$this->eventTicketStatistics($evid,$ev->capacity,$evprice); //verify price category, set price @@ -216,6 +232,15 @@ class WOCartOrder extends WOCartOrderAbstract $ret=false; continue; } + //check that we have the right to sell this category + if(!array_key_exists($pcid,$pcat)) + $pcat[$pcid]=$session->checkFlags(WTpricecategory::getFromDB($pcid)->flags); + if(!$pcat[$pcid]){ + $tick->setstatus(WOCartTicket::Invalid); + $ret=false; + continue; + } + //set the price $tick->setprice($evprice[$evid][$pcid]); //check enough seats for event // print_r($evseats);print_r($tick); diff --git a/www/inc/wext/event.php b/www/inc/wext/event.php index 87799b9..a822a2a 100644 --- a/www/inc/wext/event.php +++ b/www/inc/wext/event.php @@ -82,8 +82,17 @@ class WOEvent extends WOEventAbstract /**XML iface: get all events*/ public static function getAllEvents($trans) { + //get all of them $evlst=WOEvent::fromTableArrayevent(WTevent::selectFromDB("","ORDER BY starttime")); - $trans->setevents($evlst); + //filter them by flags + $evlst2=array(); + global $session; + foreach($evlst as $ev){ + if($session->checkFlags($ev->getflags())) + $evlst2[]=$ev; + } + //return... + $trans->setevents($evlst2); } /**XML iface: get list of events*/ diff --git a/www/inc/wext/order.php b/www/inc/wext/order.php index b4af70a..1c37823 100644 --- a/www/inc/wext/order.php +++ b/www/inc/wext/order.php @@ -161,6 +161,7 @@ class WOOrder extends WOOrderAbstract //get shipping $shipid=$trans->getshippingid(); // print_r($shipid); + global $session; if($shipid===false)$shipid=-1;else $shipid=$shipid+0; if($shipid>=0){ $ship=WTshipping::getFromDB($shipid); @@ -168,6 +169,10 @@ class WOOrder extends WOOrderAbstract $trans->abortWithError(tr("Invalid shipping ID.")); return; } + if(!$session->checkFlags($ship->flags)){ + $trans->abortWithError(tr("You cannot use this shipping type.")); + return; + } } //get order $ord=WTorder::getFromDB($trans->getorderid());