from flask import render_template, redirect, request, url_for, flash, session, abort, current_app from flask_login import login_required, login_user, logout_user, current_user from sqlalchemy import desc from . import uinvoice from .forms import PaymentForm from ..email import send_email from .. import db from ..models import User, Transaction @uinvoice.route('/transactions', methods=['GET']) @login_required def transactions(): page = { 'title': 'Payment Transaction' } cuser = current_user transactions = Transaction.query.filter_by(user_id=cuser.pid).order_by(Transaction.date_created.desc()).limit(20) labelslist = ['today'] translist = [cuser.wallet] prevvalue = cuser.wallet for tr in transactions: labelslist.insert(0, str(tr.date_created.strftime('%d.%m'))) translist.insert(0, prevvalue - tr.value) prevvalue -= tr.value if len(labelslist) <= 1: labelslist.insert(0, 'before') translist.insert(0, 0) #current_app.logger.info('[{}] transactions: {} {} '.format(cuser.email, translist, labelslist)) return render_template('uinvoice/transactions.html', transactions=transactions, translist=translist, labelslist=labelslist, cuser=cuser) @uinvoice.route('/order/', methods=['GET', 'POST']) @login_required def order(document_id): page = { 'title': 'Preview ' + str(document_id) } order = Transaction.query.filter_by(pid=document_id).first() db.session.commit() #check if document_id is owned by you. try: if order.user_id != current_user.pid: print('WARNING: user {} violates order {}'.format(current_user.pid, order.pid)) abort(404) except: abort(404) form = PaymentForm() if form.validate_on_submit(): #TODO: contact payment processor send_email(current_app.config['MAIL_USERNAME'], current_user.email + ' plati ' + str(order.units * order.unitvalue) + ' v koshnicata.', 'uinvoice/email/adm_payment', user=current_user, order=order ) order.paid = True return redirect(url_for('uinvoice.documents')) #except: # abort(404) return render_template('uinvoice/invoice.html', page=page, form=form, document=invoice, document_id=document_id)