diff --git a/routes/admin/orders/edit.js b/routes/admin/orders/edit.js new file mode 100644 index 0000000..56127f9 --- /dev/null +++ b/routes/admin/orders/edit.js @@ -0,0 +1,94 @@ +const express = require("express"); +const router = express.Router(); +const sessionCheck = require("../../../middlewares/sessionCheck"); +const error = require("../../utils/error"); +const models = require("../../../models"); + + +router.get("/", sessionCheck(3), async (req, res) => { + if (!req.query.id) + return error(req, res, "Missing arg", 400); + + let order = await models.Order.findByPk(req.query.id, {include: [models.Sandwich, models.User, models.Department]}); + if (!order) + return error(req, res, "Invalid order !", 400); + + res.render("admin/orders/edit", { + title: "SOD - Orders administration", + order: order, + departments: await models.Department.findAll(), + sandwiches: await models.Sandwich.findAll(), + users: await models.User.findAll() + }); +}).post("/", sessionCheck(3), async (req, res) => { + if (!req.body.id || !req.body.department || !req.body.firstName || !req.body.lastName || + req.body.sandwiches.length < 1 || req.body.dates.length < 1 || + req.body.sandwiches.length !== req.body.dates.length) + return error(req, res, "Missing arguments !", 400); + + let order = await models.Order.findByPk(req.body.id, {include: [models.Sandwich, models.User, models.Department]}); + if (!order) + return error(req, res, "Invalid order edit !", 400, "Invalid order"); + + let department = await models.Department.findByPk(req.body.department); + if (!department) + return error(req, res, "Invalid order edit !", 400, "Invalid department"); + if (department.name !== order.Department.name) + await order.setDepartment(department); + + let user = null; + if (req.body.username) + user = await models.User.findOne({where: {username: req.body.username}}); + if (user && (!order.User || user.username !== order.User.username)) + await order.setUser(user); + else if (!user && order.User) + await order.setUser(null); + + let sandwiches = []; + let price = 0; + for (let s in req.body.sandwiches) { + if (!req.body.dates[s]) + return error(req, res, "Invalid order edit !", 400, "Sandwich without date"); + + let sandwich = await models.Sandwich.findByPk(req.body.sandwiches[s]); + if (!sandwich) + return error(req, res, "Invalid order edit !", 400, "Invalid sandwich: "+req.body.sandwiches[s]); + + let date = new Date(req.body.dates[s]); + + try { + sandwiches.push([sandwich.name, date.toISOString().substring(0, 10)]); + } catch { + return error(req, res, "Invalid order edit !", 400, "Invalid date"); + } + price += sandwich.price; + } + + if (order.price !== price) + order.price = price; + + if (req.body.firstName !== order.firstName) + order.firstName = req.body.firstName; + if (req.body.lastName !== order.lastName) + order.lastName = req.body.lastName; + if (req.body.paid !== order.paid) + order.paid = Boolean(req.body.paid); + if (req.body.give !== order.give) + order.give = Boolean(req.body.give); + + await order.removeSandwiches(order.Sandwiches); + for (let data of sandwiches) + try { + await models.SandwichOrder.create({OrderId: order.id, SandwichName: data[0], date: data[1]}); + } catch (e) { + await order.destroy(); + error(req, res, "Invalid order !"); + throw e; + } + + await order.save(); + + res.redirect("/admin/orders"); +}); + +module.exports = router; diff --git a/routes/admin/orders/index.js b/routes/admin/orders/index.js index ff4e355..167206e 100644 --- a/routes/admin/orders/index.js +++ b/routes/admin/orders/index.js @@ -10,31 +10,17 @@ router.get("/", sessionCheck(3), async (req, res) => { title: "SOD - Orders administration", orders: await models.Order.findAll({include: models.Sandwich, order: ["date"]}) }); -}).post("/order/delete", sessionCheck(3), async (req, res) => { - if (!req.body.id) +}).get("/delete", sessionCheck(3), async (req, res) => { + if (!req.query.id) return error(req, res, "Fail to remove order !", 400, "Missing args"); - try { - await (await models.Order.findByPk(req.body.id)).destroy(); - res.redirect("/admin/orders"); - } catch (e) { - error(req, res, "Fail to remove order !"); - throw e; - } -}).post("/sandwich/delete", sessionCheck(3), async (req, res) => { - if (!req.body.id) - return error(req, res, "Fail to remove sandwich !", 400, "Missing args"); + let order = await models.Order.findByPk(req.query.id); + if (!order) + return error(req, res, "Invalid order !", 400); - try { - let sandwich = await models.SandwichOrder.findByPk(req.body.id); - await sandwich.destroy(); - res.redirect("/admin/orders"); - } catch (e) { - error(req, res, "Fail to remove sandwich !"); - throw e; - } -}) - .use("/date", require("./date")) + await order.destroy(); + res.redirect("/admin/orders"); +}).use("/date", require("./date")) .use("/add", require("./add")) .use("/edit", require("./edit")); diff --git a/views/admin/orders/edit.pug b/views/admin/orders/edit.pug new file mode 100644 index 0000000..8963ac7 --- /dev/null +++ b/views/admin/orders/edit.pug @@ -0,0 +1,62 @@ +extends ../../layout + +block content + div.card + h1=__("admin.ordersManagement") + form#order(method="POST") + input(type="hidden" name="id" value=order.id) + div.field + label(for="department")=__("department") + ":" + input#department(type="list" list="department-list" name="department" autocomplete="off" value=order.Department.name required) + datalist#department-list + each department in departments + option(value=department.name) + + div.field + label(for="firstname")=__("firstName") + ":" + input#firstname(type="text" name="firstName" value=order.firstName required) + div.field + label(for="lastname")=__("lastName") + ":" + input#lastname(type="text" name="lastName" value=order.lastName required) + + div.field + label(for="username")=__("username") + input#username(list="usernames" name="username" value=order.User ? order.User.username : "" autocomplete="off") + + - i = 0; + each sandwich in order.Sandwiches + - i++; + div.order(id="order"+i) + h2=__("order") + " " + i + div.field + label(for="sandwich"+i)=__("sandwich") + ":" + input(id="#sandwich"+i type="list" list="sandwich-list" name="sandwiches["+i+"]" autocomplete="off" value=sandwich.name required) + div.field + label(for="day"+i)=__("index.day") + ":" + input(id="#day"+i type="date" name="dates["+i+"]" value=sandwich.SandwichOrder.date required) + + div#order-action + a#add-order + + if i > 1 + a#remove-order - + else + a#remove-order.hide - + + div.field + label(for="paid")=__("admin.paid") + input#paid(type="checkbox" name="paid" checked=order.paid) + label(for="given")=__("admin.given") + input#given(type="checkbox" name="give" checked=order.give) + + div.field + input#send(type="submit" value=__("admin.add")) + + datalist#sandwich-list + each sandwich in sandwiches + option(value=sandwich.name) + datalist#usernames + each user in users + option(value=user.username) + + + script(src="/javascripts/admin/orders/add.js") diff --git a/views/admin/orders/index.pug b/views/admin/orders/index.pug index 75085ce..2fa516c 100644 --- a/views/admin/orders/index.pug +++ b/views/admin/orders/index.pug @@ -10,15 +10,14 @@ block content div.order div.title h2=order.id - form(action="/admin/orders/order/delete" method="POST") - input.hide(type="number" name="id" value=order.id) - input(type="submit" value="x") - h3 #{order.firstName} #{order.lastName} + h3 #{order.firstName} #{order.lastName} - #{order.price}€ each sandwich in order.Sandwiches div.sandwich p #{sandwich.name} - #{sandwich.SandwichOrder.date} - form(action="/admin/orders/sandwich/delete" method="POST") - input.hide(type="number" name="id" value=sandwich.SandwichOrder.id) - input(type="submit" value="x") + div.buttons + a.edit(href="/admin/orders/edit?id=" + order.id) + button=__("admin.edit") + a.remove(href="/admin/orders/delete?id=" + order.id) + button=__("admin.remove") script(src="/javascripts/admin/orders/index.js")