ChaoticByte/drinks-manager
1
1
Fork 0
Code Issues Pull requests Projects Releases 20 Packages Wiki Activity Actions

Compare commits

base: ChaoticByte:main
Branches Tags
ChaoticByte:main
ChaoticByte:devel
ChaoticByte:22
ChaoticByte:21
ChaoticByte:20
ChaoticByte:19
ChaoticByte:18
ChaoticByte:17
ChaoticByte:16
ChaoticByte:15
ChaoticByte:14
ChaoticByte:13
ChaoticByte:12
ChaoticByte:11
ChaoticByte:10
ChaoticByte:9
ChaoticByte:8
ChaoticByte:7
ChaoticByte:6
ChaoticByte:5.0
ChaoticByte:4.0
ChaoticByte:3.0
..
compare: ChaoticByte:5.0
Branches Tags
ChaoticByte:main
ChaoticByte:devel
ChaoticByte:22
ChaoticByte:21
ChaoticByte:20
ChaoticByte:19
ChaoticByte:18
ChaoticByte:17
ChaoticByte:16
ChaoticByte:15
ChaoticByte:14
ChaoticByte:13
ChaoticByte:12
ChaoticByte:11
ChaoticByte:10
ChaoticByte:9
ChaoticByte:8
ChaoticByte:7
ChaoticByte:6
ChaoticByte:5.0
ChaoticByte:4.0
ChaoticByte:3.0

No commits in common. "main" and "5.0" have entirely different histories.
main ... 5.0

121 changed files with 3406 additions and 3439 deletions
Download patch file Download diff file Expand all files Collapse all files

31
.gitignore vendored
View file

@ -1,22 +1,15 @@
/data/* /config/*
/data/logs/* /static/admin
/data/tls/* /application/**/migrations/*
/data/django_static/* /archive/*
/data/profilepictures/* /logs/*
/data/archive/* /packages/*
!/data/logs/ /temp
!/data/logs/.gitkeep /tmp
!/data/tls/
!/data/tls/.gitkeep
!/data/profilepictures/
!/data/profilepictures/default.svg
!/data/archive/
!/data/archive/.gitkeep
!/data/Caddyfile
!/data/*.example.*
/venv
__pycache__ __pycache__
.vscode .vscode
*.pem *.pem
!/config/config.sample.sh
!/config/Caddyfile
!/config/tls/
!.gitkeep

2
LICENSE
View file

@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2021 Julian MĂĽller (ChaoticByte) Copyright (c) 2021 Julian MĂĽller (W13R)
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal

418
README.md
View file

@ -1,420 +1,44 @@
# Drinks Manager # Drinks Manager (season 2)
Note: This software is tailored to my own needs. Note: This piece of software is tailored to my own needs.
I probably won't accept feature requests, and don't recommend you I probably won't accept feature requests, and don't recommend you
to use this software if this isn't exactly what you are looking for. to use this software if this isn't exactly what you are looking for.
Can't keep track of the number of drinks your guests drink? Can't keep track of the number of drinks your guests drink?
Now you have a web interface that *really tries* to make things Now you have a web interface that *really tries* to make things less complicated- for
less complicated- for you and your guests. you and your guests.
This (exaggeration intended) most incredible piece of software is This (exaggeration intended) most incredible piece of software is written in Python,
written in Python, HTML, CSS, JS, Bash and uses Django and PostgreSQL. HTML, CSS, JS, Bash and uses Django and PostgreSQL.
You have to bring your own PostgreSQL Database though. You have to bring your own PostgreSQL Database though.
# Getting started
## System Requirements ## Setup, Installation, Updating and Dependencies
Beneath a `PostgreSQL` DBMS, you need the following things: see [Setup](docs/Setup.md)
- `pg_config` (Ubuntu: `libpq-dev`, RHEL: `libpq-devel`)
- `Caddy` 2.4.3+ (HTTP Reverse Proxy & Static File Server)
- `gcc`
- `gettext` (for development only)
- `Python` 3.9+
- `venv`
- `pip`
- `Python` header files (RHEL: `python3-devel`, Ubuntu: `python3-dev`)
## Database
This project is using PostgreSQL. After creating a
user and database for this application, make shure to
```sql
revoke all on schema public from PUBLIC;
```
and revoke/grant other privileges accordingly to secure the
database against public access.
## Configuration ## Configuration
Create the configuration file by copying `./data/config.example.yml` see [Configuration](docs/Configuration.md)
to `./data/config.yml`, and modify it for your needs.
## Create Environment & Install dependencies
Run the following from the main directory: ## Usage
```
./scripts/setup-env.sh
```
## Create admin account After setup, run ```./run.sh help``` to see a help text.
``` Start the production server with ```./run.sh server```. You can ignore the error message about the "lifespan error".
./scripts/create-admin.sh For more commands, see [Commands](docs/Commands.md).
```
This also runs all necessary migrations.
# Activate venv
**On every new session**, before running commands with ## Versions
manage.py, running special scripts, or developing,
you have to activate the virtual environment:
```
source ./venv/bin/activate
```
If you see `(venv)` before your command prompt, it worked!
# Usage You can find the latest releases [here](https://gitlab.com/W13R/drinks-manager/-/releases).
For Installation/Updating, you should consider using git,
though (for more information see [Setup](docs/Setup.md)).
To start the Application and Webserver, run The releases are versioned after the following scheme:
```
./start.sh
```
or
```
./start.sh --devel
```
# Third-Party Licenses `MAJOR`.`MINOR`
This software contains third-party software and resources. - `MAJOR`: may include **breaking changes** and/or significant new features
These are listed here with their respective licenses. - `MINOR`: will only include bugfixes and smaller, **non-breaking changes**
## Simple Keyboard
Source: https://github.com/hodgef/simple-keyboard
```
MIT License
Copyright (c) 2019 Francisco Hodge and project contributors.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
```
## Inter (Font)
Source: https://github.com/rsms/inter/
```
Copyright (c) 2016 The Inter Project Authors (https://github.com/rsms/inter)
This Font Software is licensed under the SIL Open Font License, Version 1.1.
This license is copied below, and is also available with a FAQ at:
http://scripts.sil.org/OFL
-----------------------------------------------------------
SIL OPEN FONT LICENSE Version 1.1 - 26 February 2007
-----------------------------------------------------------
PREAMBLE
The goals of the Open Font License (OFL) are to stimulate worldwide
development of collaborative font projects, to support the font creation
efforts of academic and linguistic communities, and to provide a free and
open framework in which fonts may be shared and improved in partnership
with others.
The OFL allows the licensed fonts to be used, studied, modified and
redistributed freely as long as they are not sold by themselves. The
fonts, including any derivative works, can be bundled, embedded,
redistributed and/or sold with any software provided that any reserved
names are not used by derivative works. The fonts and derivatives,
however, cannot be released under any other type of license. The
requirement for fonts to remain under this license does not apply
to any document created using the fonts or their derivatives.
DEFINITIONS
"Font Software" refers to the set of files released by the Copyright
Holder(s) under this license and clearly marked as such. This may
include source files, build scripts and documentation.
"Reserved Font Name" refers to any names specified as such after the
copyright statement(s).
"Original Version" refers to the collection of Font Software components as
distributed by the Copyright Holder(s).
"Modified Version" refers to any derivative made by adding to, deleting,
or substituting -- in part or in whole -- any of the components of the
Original Version, by changing formats or by porting the Font Software to a
new environment.
"Author" refers to any designer, engineer, programmer, technical
writer or other person who contributed to the Font Software.
PERMISSION AND CONDITIONS
Permission is hereby granted, free of charge, to any person obtaining
a copy of the Font Software, to use, study, copy, merge, embed, modify,
redistribute, and sell modified and unmodified copies of the Font
Software, subject to the following conditions:
1) Neither the Font Software nor any of its individual components,
in Original or Modified Versions, may be sold by itself.
2) Original or Modified Versions of the Font Software may be bundled,
redistributed and/or sold with any software, provided that each copy
contains the above copyright notice and this license. These can be
included either as stand-alone text files, human-readable headers or
in the appropriate machine-readable metadata fields within text or
binary files as long as those fields can be easily viewed by the user.
3) No Modified Version of the Font Software may use the Reserved Font
Name(s) unless explicit written permission is granted by the corresponding
Copyright Holder. This restriction only applies to the primary font name as
presented to the users.
4) The name(s) of the Copyright Holder(s) or the Author(s) of the Font
Software shall not be used to promote, endorse or advertise any
Modified Version, except to acknowledge the contribution(s) of the
Copyright Holder(s) and the Author(s) or with their explicit written
permission.
5) The Font Software, modified or unmodified, in part or in whole,
must be distributed entirely under this license, and must not be
distributed under any other license. The requirement for fonts to
remain under this license does not apply to any document created
using the Font Software.
TERMINATION
This license becomes null and void if any of the above conditions are
not met.
DISCLAIMER
THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
OF COPYRIGHT, PATENT, TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL THE
COPYRIGHT HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
INCLUDING ANY GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL
DAMAGES, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF THE USE OR INABILITY TO USE THE FONT SOFTWARE OR FROM
OTHER DEALINGS IN THE FONT SOFTWARE.
```
## Material Design Icons
Source: https://github.com/google/material-design-icons
Files:
- `./app/static/material-icons/*`
- `./data/profilepictures/default.svg`
```
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```

6
app/apps.py
View file

@ -1,6 +0,0 @@
from django.apps import AppConfig
class AppConfig(AppConfig):
default_auto_field = "django.db.models.BigAutoField"
name = "app"

180
app/db_queries.py
View file

@ -1,180 +0,0 @@
#from datetime import datetime
from django.conf import settings
from django.db import connection
from django.utils.translation import gettext
from calendar import day_name
COMBINE_ALPHABET = "abcdefghijklmnopqrstuvwxyz"
def _db_select(sql_select:str):
result = None
with connection.cursor() as cursor:
cursor.execute(sql_select)
result = cursor.fetchall()
return result
def _combine_results(results:list) -> dict:
'''
e.g.
input: [
[("x", 12), ("y", 13)],
[("y", 10), ("z", 42)]
]
output: {
"x": {"a": 12},
"y": {"a": 13, "b": 10},
"z": {"b": 42}
}
'''
result = {}
for i, d in enumerate(results):
a = COMBINE_ALPHABET[i]
for r in d:
r_0 = r[0]
if r_0 not in result:
result[r_0] = {}
result[r_0][a] = r[1]
return result
def select_history(user, language_code="en") -> list:
# select order history and deposits
user_id = user.pk
result = _db_select(f"""
select
price_sum as "sum",
concat(
product_name,
' (',
content_litres::real, -- converting to real removes trailing zeros
'l) x ', amount
) as "text",
datetime
from app_order
where user_id = {user_id}
union
select
transaction_sum as "sum",
'{gettext("Deposit")}' as "text",
datetime
from app_userdeposits_view
where user_id = {user_id}
union
select
transaction_sum as "sum",
comment as "text",
datetime
from app_registertransaction
where user_id = {user_id} and is_transfer = true
order by datetime desc
fetch first 30 rows only;
""")
result = [list(row) for row in result]
return result
def select_orders_per_month(user) -> dict:
# number of orders per month (last 12 months)
result_user = _db_select(f"""
select
to_char(date_trunc('month', datetime), 'YYYY-MM') as "month",
sum(amount) as "count"
from app_order
where user_id = {user.pk}
and date_trunc('month', datetime) > date_trunc('month', now() - '12 months'::interval)
group by "month"
order by "month" desc;
""")
result_all = _db_select(f"""
select
to_char(date_trunc('month', datetime), 'YYYY-MM') as "month",
sum(amount) as "count"
from app_order
where date_trunc('month', datetime) > date_trunc('month', now() - '12 months'::interval)
group by "month"
order by "month" desc;
""")
return _combine_results([result_all, result_user])
def select_orders_per_weekday(user) -> list:
# number of orders per weekday (all time)
result = _db_select(f"""
with q_all as (
select
extract(isodow from datetime) as "d",
sum(amount) as "c"
from app_order
group by d
), q_user as (
select
extract(isodow from datetime) as "d",
sum(amount) as "c"
from app_order
where user_id = {user.pk}
group by d
)
select q_all.d as "day", q_all.c, q_user.c from q_all full join q_user on q_all.d = q_user.d
group by day, q_all.c, q_user.c
order by day asc;
""")
for i in range(len(result)):
day_, all_, user_ = result[i]
result[i] = (day_name[int(day_)-1], all_, user_)
return result
def select_orders_per_drink(user) -> dict:
# number of orders per drink (all time)
result_user = _db_select(f"""
select
d.product_name as "label",
sum(o.amount) as "data"
from app_drink d
join app_order o on (d.id = o.drink_id)
where o.user_id = {user.pk}
group by d.product_name
order by "data" desc;
""")
result_all = _db_select(f"""
select
d.product_name as "label",
sum(o.amount) as "data"
from app_drink d
join app_order o on (d.id = o.drink_id)
group by d.product_name
order by "data" desc;
""")
return _combine_results([result_all, result_user])
def select_order_sum_per_user_all_users() -> list:
# sum of all orders per user, for all users
result = _db_select(f"""
select
app_user.username as user,
sum(app_order.price_sum) as sum
from app_user
left outer join app_order on (app_user.id = app_order.user_id)
group by app_user.id
order by app_user asc;
""")
return result
def select_deposit_sum_per_user_all_users() -> list:
# sum of all orders per user, for all users
result = _db_select(f"""
select
app_user.username as user,
sum(rt.transaction_sum) as sum
from app_user
left outer join app_registertransaction rt on (app_user.id = rt.user_id)
where rt.is_user_deposit is true or rt.is_user_deposit is null
group by app_user.id
order by app_user asc;
""")
return result

BIN
app/locales/de/LC_MESSAGES/django.mo
View file

Binary file not shown.

276
app/locales/de/LC_MESSAGES/django.po
View file

@ -1,276 +0,0 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-11-01 19:29+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: Julian MĂĽller (ChaoticByte)\n"
"Language: DE\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: app/templates/admin/base_site.html:7
msgid "Django site admin"
msgstr "Django Administrator"
#: app/templates/admin/base_site.html:15
msgid "Django administration"
msgstr "Django Administration"
#: app/templates/baselayout.html:26
msgid "An error occured. Please log out and log in again."
msgstr "Ein Fehler ist aufgetreten. Bitte ab- und wieder anmelden."
#: app/templates/deposit.html:6
msgid "Drinks - Deposit"
msgstr "Getränke - Einzahlen"
#: app/templates/deposit.html:17 app/templates/userpanel.html:18
msgid "Deposit"
msgstr "Einzahlen"
#: app/templates/deposit.html:19 app/templates/transfer.html:43
msgid "Amount"
msgstr "Summe"
#: app/templates/deposit.html:30 app/templates/order.html:54
#: app/templates/registration/login.html:28 app/templates/supply.html:29
#: app/templates/transfer.html:54
msgid "cancel"
msgstr "Abbrechen"
#: app/templates/deposit.html:31 app/templates/transfer.html:55
msgid "confirm"
msgstr "Bestätigen"
#: app/templates/history.html:6
msgid "Drinks - History"
msgstr "Getränke - Verlauf"
#: app/templates/history.html:10 app/templates/userpanel.html:23
msgid "History"
msgstr "Verlauf"
#: app/templates/history.html:14
msgid "last 30 actions"
msgstr "letzte 30 Vorgänge"
#: app/templates/history.html:25
msgid "No history."
msgstr "Kein Verlauf verfĂĽgbar."
#: app/templates/index.html:6
msgid "Drinks - Home"
msgstr "Getränke - Home"
#: app/templates/index.html:10
msgid "Available Drinks"
msgstr "Verfügbare Getränke"
#: app/templates/index.html:18 app/templates/index.html:25
msgid "available"
msgstr "verfĂĽgbar"
#: app/templates/index.html:32
msgid "No drinks available."
msgstr "Es sind gerade keine Getränke verfügbar."
#: app/templates/order.html:7
msgid "Drinks - Order"
msgstr "Getränke - Bestellen"
#: app/templates/order.html:16
msgid "Order"
msgstr "Bestellung"
#: app/templates/order.html:18
msgid "Drink"
msgstr "Getränk"
#: app/templates/order.html:22
msgid "Price per Item"
msgstr "Preis pro Getränk"
#: app/templates/order.html:29
msgid "Available"
msgstr "VerfĂĽgbar"
#: app/templates/order.html:34
msgid "Sum"
msgstr "Summe"
#: app/templates/order.html:38
msgid "Count"
msgstr "Anzahl"
#: app/templates/order.html:55
msgid "order"
msgstr "Bestellen"
#: app/templates/order.html:62
msgid "Your balance is too low to order a drink."
msgstr "Dein Saldo ist zu niedrig um Getränke zu bestellen."
#: app/templates/order.html:63 app/templates/order.html:69
#: app/templates/supply.html:38
msgid "back"
msgstr "zurĂĽck"
#: app/templates/order.html:68
msgid "This drink is not available."
msgstr "Dieses Getränk ist gerade nicht verfügbar."
#: app/templates/registration/logged_out.html:6
msgid "Drinks - Logged Out"
msgstr "Getränke - Abgemeldet"
#: app/templates/registration/logged_out.html:15
msgid "Logged out! You will be redirected shortly."
msgstr "Du wurdest abgemeldet und wirst in KĂĽrze weitergeleitet."
#: app/templates/registration/logged_out.html:16
msgid "Click here if automatic redirection does not work."
msgstr ""
"Bitte klicke hier, wenn die automatische Weiterleitung nicht funktioniert."
#: app/templates/registration/login.html:8
msgid "Drinks - Login"
msgstr "Getränke - Anmeldung"
#: app/templates/registration/login.html:22
msgid "Log in"
msgstr "Anmelden"
#: app/templates/registration/login.html:26
msgid "Password/PIN"
msgstr "Passwort/PIN"
#: app/templates/registration/login.html:29
msgid "login"
msgstr "Anmelden"
#: app/templates/registration/login.html:40
msgid "Choose your account"
msgstr "Wähle deinen Account"
#: app/templates/statistics.html:6
msgid "Drinks - Statistics"
msgstr "Getränke - Statistiken"
#: app/templates/statistics.html:10 app/templates/userpanel.html:24
msgid "Statistics"
msgstr "Statistiken"
#: app/templates/statistics.html:13
msgid "orders / drink"
msgstr "Bestellungen / Getränk"
#: app/templates/statistics.html:16
msgid "drink"
msgstr "Getränk"
#: app/templates/statistics.html:17 app/templates/statistics.html:36
#: app/templates/statistics.html:53
msgid "all"
msgstr "Alle"
#: app/templates/statistics.html:18 app/templates/statistics.html:37
#: app/templates/statistics.html:54
msgid "you"
msgstr "Du"
#: app/templates/statistics.html:32
msgid "orders / month"
msgstr "Bestellungen / Monat"
#: app/templates/statistics.html:35
msgid "month"
msgstr "Monat"
#: app/templates/statistics.html:49
msgid "orders / weekday"
msgstr "Bestellungen / Wochentag"
#: app/templates/statistics.html:52
msgid "day"
msgstr "Tag"
#: app/templates/statistics.html:69
msgid "order sum"
msgstr "Bestellungen"
#: app/templates/statistics.html:72 app/templates/statistics.html:89
msgid "user"
msgstr "Benutzer"
#: app/templates/statistics.html:73 app/templates/statistics.html:90
msgid "sum"
msgstr "Summe"
#: app/templates/statistics.html:86
msgid "deposit sum"
msgstr "Einzahlungen"
#: app/templates/supply.html:7
msgid "Drinks - Supply"
msgstr "Getränke - Beschaffung"
#: app/templates/supply.html:14 app/templates/userpanel.html:30
msgid "Supply"
msgstr "Beschaffung"
#: app/templates/supply.html:16
msgid "Description"
msgstr "Beschreibung"
#: app/templates/supply.html:22
msgid "Price"
msgstr "Preis"
#: app/templates/supply.html:30
msgid "submit"
msgstr "Senden"
#: app/templates/supply.html:37
msgid "You are not allowed to view this site."
msgstr "Dir fehlt die Berechtigung, diese Seite anzuzeigen."
#: app/templates/transfer.html:6
msgid "Drinks - Transfer"
msgstr "Getränke - Geld senden"
#: app/templates/transfer.html:17
msgid "Transfer Money"
msgstr "Geld senden"
#: app/templates/transfer.html:19
msgid "Recipient"
msgstr "Empfänger"
#: app/templates/userpanel.html:10 app/templates/userpanel.html:12
msgid "Balance"
msgstr "Saldo"
#: app/templates/userpanel.html:19
msgid "Logout"
msgstr "Abmelden"
#: app/templates/userpanel.html:28
msgid "Transfer"
msgstr "Geld senden"
#: app/templates/userpanel.html:32
msgid "Change Password"
msgstr "Passwort ändern"
#: app/views.py:42
msgid "Invalid username or password."
msgstr "Benutzername oder Passwort ungĂĽltig."

267
app/migrations/0001_initial.py
View file

@ -1,267 +0,0 @@
# Generated by Django 4.1.6 on 2023-02-11 15:24
from django.conf import settings
import django.contrib.auth.models
import django.contrib.auth.validators
from django.db import migrations, models
import django.db.models.deletion
import django.utils.timezone
class Migration(migrations.Migration):
initial = True
dependencies = [
("auth", "0012_alter_user_first_name_max_length"),
]
operations = [
migrations.CreateModel(
name="User",
fields=[
(
"id",
models.BigAutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
("password", models.CharField(max_length=128, verbose_name="password")),
(
"last_login",
models.DateTimeField(
blank=True, null=True, verbose_name="last login"
),
),
(
"is_superuser",
models.BooleanField(
default=False,
help_text="Designates that this user has all permissions without explicitly assigning them.",
verbose_name="superuser status",
),
),
(
"username",
models.CharField(
error_messages={
"unique": "A user with that username already exists."
},
help_text="Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.",
max_length=150,
unique=True,
validators=[
django.contrib.auth.validators.UnicodeUsernameValidator()
],
verbose_name="username",
),
),
(
"first_name",
models.CharField(
blank=True, max_length=150, verbose_name="first name"
),
),
(
"last_name",
models.CharField(
blank=True, max_length=150, verbose_name="last name"
),
),
(
"email",
models.EmailField(
blank=True, max_length=254, verbose_name="email address"
),
),
(
"is_staff",
models.BooleanField(
default=False,
help_text="Designates whether the user can log into this admin site.",
verbose_name="staff status",
),
),
(
"is_active",
models.BooleanField(
default=True,
help_text="Designates whether this user should be treated as active. Unselect this instead of deleting accounts.",
verbose_name="active",
),
),
(
"date_joined",
models.DateTimeField(
default=django.utils.timezone.now, verbose_name="date joined"
),
),
(
"balance",
models.DecimalField(decimal_places=2, default=0.0, max_digits=8),
),
(
"allow_order_with_negative_balance",
models.BooleanField(default=False),
),
(
"profile_picture_filename",
models.CharField(default="default.svg", max_length=25),
),
("allowed_to_supply", models.BooleanField(default=False)),
(
"groups",
models.ManyToManyField(
blank=True,
help_text="The groups this user belongs to. A user will get all permissions granted to each of their groups.",
related_name="user_set",
related_query_name="user",
to="auth.group",
verbose_name="groups",
),
),
(
"user_permissions",
models.ManyToManyField(
blank=True,
help_text="Specific permissions for this user.",
related_name="user_set",
related_query_name="user",
to="auth.permission",
verbose_name="user permissions",
),
),
],
options={
"verbose_name": "user",
"verbose_name_plural": "users",
"abstract": False,
},
managers=[
("objects", django.contrib.auth.models.UserManager()),
],
),
migrations.CreateModel(
name="Drink",
fields=[
(
"id",
models.BigAutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
("product_name", models.CharField(max_length=64)),
(
"content_litres",
models.DecimalField(decimal_places=3, default=0.5, max_digits=6),
),
(
"price",
models.DecimalField(decimal_places=2, default=0.0, max_digits=6),
),
("available", models.PositiveIntegerField(default=0)),
("deleted", models.BooleanField(default=False)),
("do_not_count", models.BooleanField(default=False)),
],
),
migrations.CreateModel(
name="Global",
fields=[
(
"name",
models.CharField(
max_length=42, primary_key=True, serialize=False, unique=True
),
),
("comment", models.TextField()),
("value_float", models.FloatField(default=0.0)),
("value_string", models.TextField()),
],
),
migrations.CreateModel(
name="RegisterTransaction",
fields=[
(
"id",
models.BigAutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
(
"transaction_sum",
models.DecimalField(decimal_places=2, default=0.0, max_digits=6),
),
(
"old_transaction_sum",
models.DecimalField(decimal_places=2, default=0.0, max_digits=6),
),
("datetime", models.DateTimeField(default=django.utils.timezone.now)),
("is_user_deposit", models.BooleanField(default=False)),
("comment", models.TextField(default=" ")),
(
"user",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to=settings.AUTH_USER_MODEL,
),
),
],
options={
"verbose_name": "transaction",
"verbose_name_plural": "transactions",
},
),
migrations.CreateModel(
name="Order",
fields=[
(
"id",
models.BigAutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
("datetime", models.DateTimeField(default=django.utils.timezone.now)),
("amount", models.PositiveIntegerField(default=1, editable=False)),
("product_name", models.CharField(editable=False, max_length=64)),
(
"price_sum",
models.DecimalField(
decimal_places=2, default=0, editable=False, max_digits=6
),
),
(
"content_litres",
models.DecimalField(
decimal_places=3, default=0, editable=False, max_digits=6
),
),
(
"drink",
models.ForeignKey(
limit_choices_to=models.Q(("available__gt", 0)),
null=True,
on_delete=django.db.models.deletion.SET_NULL,
to="app.drink",
),
),
(
"user",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to=settings.AUTH_USER_MODEL,
),
),
],
),
]

34
app/migrations/0002_setup.py
View file

@ -1,34 +0,0 @@
# GlobalValues Data migration #1
from django.db import migrations
def create_globals(apps, schema_editor):
Global = apps.get_model("app", "Global")
Global(
name="global_message",
comment="Here you can set a global message that will be shown to every user",
value_float=0.0,
value_string="").save()
Global(
name="admin_info",
comment="Here you can set am infotext that will be displayed on the admin panel",
value_float=0.0,
value_string="").save()
class Migration(migrations.Migration):
dependencies = [
('app', '0001_initial'),
]
operations = [
# create globals
migrations.RunPython(create_globals),
# create view for userdeposits
migrations.RunSQL("""
create or replace view app_userdeposits_view as
select * from app_registertransaction
where is_user_deposit = true;""")
]

17
app/migrations/0003_user_hide_from_userlist.py
View file

@ -1,17 +0,0 @@
# Generated by Django 4.1.6 on 2023-04-13 19:12
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("app", "0002_setup"),
]
operations = [
migrations.AddField(
model_name="user",
name="hide_from_userlist",
field=models.BooleanField(default=False),
),
]

17
app/migrations/0004_registertransaction_is_transfer.py
View file

@ -1,17 +0,0 @@
# Generated by Django 4.1.6 on 2023-04-14 20:01
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("app", "0003_user_hide_from_userlist"),
]
operations = [
migrations.AddField(
model_name="registertransaction",
name="is_transfer",
field=models.BooleanField(default=False),
),
]

33
app/templates/deposit.html
View file

@ -1,33 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Deposit" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/simple-keyboard.css">
<link rel="stylesheet" href="/static/css/simple-keyboard_custom.css">
{% endblock %}
{% block content %}
<h1 class="formheading">{% translate "Deposit" %}</h1>
<form id="customform" class="flex flex-column flex-center appform gap-1rem" action="/api/deposit">
{% csrf_token %}
<div class="flex forminput">
<input type="number" name="depositamount" class="keyboard-input depositamount" max="9999.99" min="1.00" step="0.01" placeholder="{% translate 'Amount' %} ({{ currency_suffix }})" autofocus required>
</div>
<!-- Virtual Keyboard -->
<div id="keyboard" class="simple-keyboard" data-layout="numeric"></div>
<script src="/static/js/simple-keyboard.js"></script>
<script src="/static/js/simple-keyboard_configure.js"></script>
<div class="flex-center buttons">
<a href="/" class="button">{% translate "cancel" %}</a>
<input type="submit" id="submitbtn" class="button" value='{% translate "confirm" %}'>
</div>
</form>
<div id="statusinfo"></div>
<script src="/static/js/custom_form.js"></script>
<script src="/static/js/autoreload.js"></script>
{% endblock %}

7
app/templates/footer.html
View file

@ -1,7 +0,0 @@
{% load i18n %}
<footer class="footer-container">
<div class="flex flex-row flex-center flex-wrap footer">
<div>Version {{ app_version }}</div>
<div>Copyright (C) 2021-2025, Julian MĂĽller (ChaoticByte)</div>
</div>
</footer>

5
app/templates/globalmessage.html
View file

@ -1,5 +0,0 @@
{% if global_message != "" %}
<div class="flex flex-center globalmessage text-align-center">
<div>{{ global_message }}</div>
</div>
{% endif %}

28
app/templates/history.html
View file

@ -1,28 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - History" %}
{% endblock %}
{% block content %}
<h1>{% translate "History" %}</h1>
{% if history %}
<table class="history">
<tr>
<th colspan="3">{% translate "last 30 actions" %}</th>
</tr>
{% for h in history %}
<tr>
<td class="text-align-right">{{ h.0 }} {{ currency_suffix }}</td>
<td>{{ h.1 }}</td>
<td>{{ h.2 }}</td>
</tr>
{% endfor %}
</table>
{% else %}
{% translate "No history." %}
{% endif %}
<script src="/static/js/autoreload.js"></script>
{% endblock %}

35
app/templates/index.html
View file

@ -1,35 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Home" %}
{% endblock %}
{% block content %}
<h1>{% translate "Available Drinks" %}</h1>
{% if available_drinks %}
<ul class="flex flex-row flex-wrap gap-1rem drinks-list">
{% for drink in available_drinks %}
{% if drink.do_not_count %}
<li class="flex">
<a class="button flex flex-row flex-center gap-1rem" href="/order/{{ drink.id }}">
<span>{{ drink }}</span>
<span>{% translate "available" %}</span>
</a>
</li>
{% else %}
<li class="flex">
<a class="button flex flex-row flex-center gap-1rem" href="/order/{{ drink.id }}">
<span>{{ drink }}</span>
<span>{{ drink.available }} {% translate "available" %}</span>
</a>
</li>
{% endif %}
{% endfor %}
</ul>
{% else %}
{% translate "No drinks available." %}
{% endif %}
<script src="/static/js/autoreload.js"></script>
{% endblock %}

74
app/templates/order.html
View file

@ -1,74 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% load l10n %}
{% block title %}
{% translate "Drinks - Order" %}
{% endblock %}
{% block content %}
<div class="flex flex-column flex-center">
{% if drink and drink.available > 0 and not drink.deleted %}
{% if user.balance > 0 or user.allow_order_with_negative_balance %}
<h1 class="formheading">{% translate "Order" %}</h1>
<form id="orderform" class="flex flex-column flex-center appform gap-1rem">
{% csrf_token %}
<div class="forminfo">
<span>{% translate "Drink" %}</span>
<span>{{ drink.product_name }}</span>
</div>
<div class="forminfo">
<span>{% translate "Price per Item" %} ({{ currency_suffix }})</span>
<span id="priceperdrink" data-drink-price="{% localize off %}{{ drink.price }}{% endlocalize %}">
{{ drink.price }}
</span>
</div>
{% if not drink.do_not_count %}
<div class="forminfo">
<span>{% translate "Available" %}</span>
<span>{{ drink.available }}</span>
</div>
{% endif %}
<div class="forminfo">
<span>{% translate "Sum" %} ({{ currency_suffix }})</span>
<span id="ordercalculatedsum">{{ drink.price }}</span>
</div>
<div class="flex forminput">
<span>{% translate "Count" %}</span>
<span class="flex flex-row customnumberinput">
<button type="button" class="customnumberinput-minus" id="numberofdrinks-btn-minus">-</button>
{% if drink.do_not_count %}
<input type="number" class="customnumberinput-field" name="numberofdrinks" id="numberofdrinks"
min="1" max="100" value="1">
{% else %}
<input type="number" class="customnumberinput-field" name="numberofdrinks" id="numberofdrinks"
max="{{ drink.available }}" min="1" max="100" value="1">
{% endif %}
<button type="button" class="customnumberinput-plus" id="numberofdrinks-btn-plus">+</button>
</span>
</div>
<input type="hidden" name="drinkid" id="drinkid" value="{{ drink.id }}">
<div class="buttons">
<a href="/" class="button">{% translate "cancel" %}</a>
<input type="submit" id="ordersubmitbtn" class="button" value='{% translate "order" %}'>
</div>
</form>
<div id="statusinfo"></div>
<script src="/static/js/order.js"></script>
<script src="/static/js/custom_number_input.js"></script>
{% else %}
<div class="flex flex-center flex-column">
<p>{% translate "Your balance is too low to order a drink." %}</p>
<a href="/" class="button">{% translate "back" %}</a>
</div>
{% endif %}
{% else %}
<div class="flex flex-center">
<p>{% translate "This drink is not available." %}</p>
<a href="/">{% translate "back" %}</a>
</div>
{% endif %}
<script src="/static/js/autoreload.js"></script>
</div>
{% endblock %}

19
app/templates/registration/logged_out.html
View file

@ -1,19 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Logged Out" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/login.css">
{% endblock %}
{% block content %}
<div class="flex flex-center flex-column gap-1rem">
{% translate "Logged out! You will be redirected shortly." %}
<a href="/">{% translate "Click here if automatic redirection does not work." %}</a>
</div>
<script src="/static/js/logged_out.js"></script>
{% endblock %}

62
app/templates/registration/login.html
View file

@ -1,62 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% load static %}
{% block title %}
{% translate "Drinks - Login" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/simple-keyboard.css">
<link rel="stylesheet" href="/static/css/simple-keyboard_custom.css">
{% endblock %}
{% block content %}
{% if error_message %}
<p class="errortext">{{ error_message }}</p>
{% endif %}
<div class="flex flex-column gap-1rem nodisplay" id="passwordoverlay-container">
<div class="passwordoverlay">
<h1 class="formheading">{% translate "Log in" %}</h1>
<form method="post" action="{% url 'login' %}" class="flex flex-center loginform">
{% csrf_token %}
<input type="text" name="username" autofocus="" autocapitalize="none" autocomplete="username" maxlength="150" required="" id="id_username">
<input type="password" name="password" autocomplete="current-password" required="" id="id_password" class="keyboard-input" placeholder='{% translate "Password/PIN" %}'>
<div class="buttons">
<button type="button" id="pwocancel">{% translate "cancel" %}</button>
<input class="button" id="submit_login" type="submit" value='{% translate "login" %}' />
</div>
</form>
</div>
<!-- Virtual Keyboard -->
{% get_current_language as LANGUAGE_CODE %}
<div id="keyboard" class="simple-keyboard" data-layout="{{LANGUAGE_CODE}}"></div>
<script src="/static/js/simple-keyboard.js"></script>
<script src="/static/js/simple-keyboard_configure.js"></script>
</div>
<div class="flex flex-column flex-center userlist-container">
<h1>{% translate "Choose your account" %}</h1>
<ul class="flex flex-center flex-wrap userlist">
{% for user_ in user_list %}
<li class="flex flex-center userlistbutton button" data-username="{{ user_.username }}">
<img src="/profilepictures/{{ user_.profile_picture_filename|urlencode }}">
<div class="flex flex-center">
{% if user_.first_name %}
{% if user_.last_name %}
{{ user_.last_name }},
{% endif %}
{{ user_.first_name }}
{% elif user_.last_name %}
{{ user_.last_name }}
{% else %}
{{ user_.username }}
{% endif %}
</div>
</li>
{% endfor %}
</ul>
</div>
<script src="/static/js/login.js"></script>
{% endblock %}

103
app/templates/statistics.html
View file

@ -1,103 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Statistics" %}
{% endblock %}
{% block content %}
<h1>{% translate "Statistics" %}</h1>
<div class="statistics-container">
<div class="flex flex-column">
<h3>{% translate "orders / drink" %}</h3>
<table>
<tr>
<th>{% translate "drink" %}</th>
<th>{% translate "all" %}</th>
<th>{% translate "you" %}</th>
</tr>
{% for key, values in orders_per_drink.items %}
<tr>
<td>{{ key }}</td>
<td>{{ values.a|default:0 }}</td>
<td>{{ values.b|default:0 }}</td>
</tr>
{% endfor %}
</table>
</div>
</div>
<div class="statistics-container">
<div class="flex flex-column">
<h3>{% translate "orders / month" %}</h3>
<table>
<tr>
<th>{% translate "month" %}</th>
<th>{% translate "all" %}</th>
<th>{% translate "you" %}</th>
</tr>
{% for key, values in orders_per_month.items %}
<tr>
<td>{{ key }}</td>
<td>{{ values.a|default:0 }}</td>
<td>{{ values.b|default:0 }}</td>
</tr>
{% endfor %}
</table>
</div>
<div class="flex flex-column">
<h3>{% translate "orders / weekday" %}</h3>
<table>
<tr>
<th>{% translate "day" %}</th>
<th>{% translate "all" %}</th>
<th>{% translate "you" %}</th>
</tr>
{% for values in orders_per_weekday %}
<tr>
<td>{{ values.0 }}</td>
<td>{{ values.1|default:0 }}</td>
<td>{{ values.2|default:0 }}</td>
</tr>
{% endfor %}
</table>
</div>
</div>
<div class="statistics-container">
{% if user.is_superuser or perms.app.view_order %}
<div class="flex flex-column">
<h3>{% translate "order sum" %}</h3>
<table>
<tr>
<th>{% translate "user" %}</th>
<th>{% translate "sum" %}</th>
</tr>
{% for values in order_sum_per_user %}
<tr>
<td>{{ values.0 }}</td>
<td>{{ values.1|default:0.0 }} {{ currency_suffix }}</td>
</tr>
{% endfor %}
</table>
</div>
{% endif %}
{% if user.is_superuser or perms.app.view_registertransaction %}
<div class="flex flex-column">
<h3>{% translate "deposit sum" %}</h3>
<table>
<tr>
<th>{% translate "user" %}</th>
<th>{% translate "sum" %}</th>
</tr>
{% for values in deposit_sum_per_user %}
<tr>
<td>{{ values.0 }}</td>
<td>{{ values.1|default:0.0 }} {{ currency_suffix }}</td>
</tr>
{% endfor %}
</table>
</div>
{% endif %}
</div>
<script src="/static/js/autoreload.js"></script>
{% endblock %}

36
app/templates/supply.html
View file

@ -1,36 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% load l10n %}
{% block title %}
{% translate "Drinks - Supply" %}
{% endblock %}
{% block content %}
{% if user.is_superuser or user.allowed_to_supply %}
<h1 class="formheading">{% translate "Supply" %}</h1>
<form id="customform" class="flex flex-column flex-center appform gap-1rem" action="/api/supply">
{% csrf_token %}
<div class="flex forminput">
<input type="text" name="supplydescription" placeholder="{% translate 'Description' %}" autofocus required>
</div>
<div class="flex forminput">
<input type="number" name="supplyprice" max="9999.99" min="1.00" step="0.01" placeholder="{% translate 'Price' %} ({{ currency_suffix }})" required>
</div>
<div class="buttons">
<a href="/" class="button">{% translate "cancel" %}</a>
<input type="submit" id="submitbtn" class="button" value='{% translate "submit" %}'>
</div>
</form>
<div id="statusinfo"></div>
<script src="/static/js/custom_form.js"></script>
<script src="/static/js/custom_number_input.js"></script>
{% else %}
<div class="flex flex-center">
<p>{% translate "You are not allowed to view this site." %}</p>
<a href="/">{% translate "back" %}</a>
</div>
{% endif %}
<script src="/static/js/autoreload.js"></script>
{% endblock %}

54
app/templates/transfer.html
View file

@ -1,54 +0,0 @@
{% extends "baselayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Transfer" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/simple-keyboard.css">
<link rel="stylesheet" href="/static/css/simple-keyboard_custom.css">
{% endblock %}
{% block content %}
<h1 class="formheading">{% translate "Transfer Money" %}</h1>
<form id="customform" class="flex flex-column flex-center appform gap-1rem" action="/api/transfer">
{% csrf_token %}
<div class="flex forminput">
<select name="recipientuser" id="transfer-recipient" required>
<option value="" selected disabled>Recipient</option>
{% for user_ in user_list %}
{% if user_.id != user.id %}
<option value="{{user_.id}}">
{% if user_.first_name %}
{% if user_.last_name %}
{{ user_.last_name }},
{% endif %}
{{ user_.first_name }}
{% elif user_.last_name %}
{{ user_.last_name }}
{% else %}
{{ user_.username }}
{% endif %}
{% endif %}
</option>
{% endfor %}
</select>
</div>
<div class="flex forminput">
<input type="number" name="transferamount" class="keyboard-input" max="{{ user.balance }}" min="0.01" step="0.01" placeholder="{% translate 'Amount' %} ({{ currency_suffix }})" autofocus required>
</div>
<!-- Virtual Keyboard -->
<div id="keyboard" class="simple-keyboard" data-layout="numeric"></div>
<script src="/static/js/simple-keyboard.js"></script>
<script src="/static/js/simple-keyboard_configure.js"></script>
<div class="flex-center buttons">
<a href="/" class="button">{% translate "cancel" %}</a>
<input type="submit" id="submitbtn" class="button" value='{% translate "confirm" %}'>
</div>
</form>
<div id="statusinfo"></div>
<script src="/static/js/custom_form.js"></script>
<script src="/static/js/autoreload.js"></script>
{% endblock %}

37
app/templates/userpanel.html
View file

@ -1,37 +0,0 @@
{% load i18n %}
{% load static %}
<div class="flex flex-center userpanel">
<div class="userinfo text-align-center">
<img src="/profilepictures/{{ user.profile_picture_filename|urlencode }}"><span>{% if user.first_name != "" %}
{{ user.first_name }} {{ user.last_name }} ({{ user.username }}){% else %}{{ user.username }}{% endif %}
&nbsp;-&nbsp;
{% if user.balance < 0.01 %}
<span class="userbalancewarn">{% translate "Balance" %}: {{ user.balance }} {{ currency_suffix }}</span>
{% else %}
<span>{% translate "Balance" %}: {{ user.balance }} {{ currency_suffix }}</span>
{% endif %}
</span>
</div>
<div class="flex flex-row flex-center flex-wrap userpanel-buttons">
<a class="button" href="/">Home</a>
<a class="button" href="/deposit">{% translate "Deposit" %}</a>
<a class="button" href="/accounts/logout">{% translate "Logout" %}</a>
<div class="dropdownmenu" id="dropdownmenu">
<div id="dropdownnope"></div>
<button class="dropdownbutton" id="dropdownmenu-button"><img src="/static/material-icons/menu.svg"></button>
<div class="dropdownlist">
<a class="dropdownchoice" href="/history">{% translate "History" %}</a>
<a class="dropdownchoice" href="/statistics">{% translate "Statistics" %}</a>
{% if user.is_superuser or user.is_staff %}
<a class="dropdownchoice" href="/admin/">Admin Panel</a>
{% endif %}
<a class="dropdownchoice" href="/transfer/">{% translate "Transfer" %}</a>
{% if user.is_superuser or user.allowed_to_supply %}
<a class="dropdownchoice" href="/supply/">{% translate "Supply" %}</a>
{% endif %}
<a class="dropdownchoice" href="/accounts/password_change/">{% translate "Change Password" %}</a>
</div>
</div>
</div>
</div>

195
app/views.py
View file

@ -1,195 +0,0 @@
import json
import sys
from pathlib import Path
from django.conf import settings
from django.contrib.auth import authenticate
from django.contrib.auth import get_user_model
from django.contrib.auth import login
from django.contrib.auth.decorators import login_required
from django.contrib.auth.forms import AuthenticationForm
from django.http.response import HttpResponseRedirect
from django.http.response import FileResponse
from django.http.response import HttpResponse
from django.shortcuts import render
from django.utils.translation import gettext as _
from django.utils.formats import decimal
from . import db_queries
from .models import Drink
from .models import Order
from .models import RegisterTransaction
def login_page(request):
userlist = get_user_model().objects.filter(hide_from_userlist=False).filter(is_active=True).order_by("username")
if request.method == "POST":
form = AuthenticationForm(request.POST)
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username,password=password)
if user:
if user.is_active:
login(request, user)
return HttpResponseRedirect("/")
else:
return render(request,'registration/login.html', {
"form": form,
"user_list": userlist,
"error_message": _("Invalid username or password.")
})
else:
if request.user.is_authenticated:
return HttpResponseRedirect("/")
form = AuthenticationForm()
return render(request,'registration/login.html', {
"form": form,
"user_list": userlist
})
@login_required
def index(request):
context = {
"available_drinks": Drink.objects.filter(available__gt=0).filter(deleted=False).order_by('product_name'),
}
return render(request, "index.html", context)
@login_required
def history(request):
context = {
"history": db_queries.select_history(request.user, language_code=request.LANGUAGE_CODE),
}
return render(request, "history.html", context)
@login_required
def order(request, drinkid):
try:
drink_ = Drink.objects.get(pk=drinkid)
context = {"drink": drink_}
return render(request, "order.html", context)
except Drink.DoesNotExist:
return HttpResponseRedirect("/")
@login_required
def deposit(request):
return render(request, "deposit.html", {})
@login_required
def statistics(request):
user = request.user
context = {
"orders_per_month": db_queries.select_orders_per_month(user),
"orders_per_weekday": db_queries.select_orders_per_weekday(user),
"orders_per_drink": db_queries.select_orders_per_drink(user),
}
# Advanced statistics
if user.has_perm("app.view_order") or user.is_superuser:
context["order_sum_per_user"] = db_queries.select_order_sum_per_user_all_users()
if user.has_perm("app.view_registertransaction") or user.is_superuser:
context["deposit_sum_per_user"] = db_queries.select_deposit_sum_per_user_all_users()
return render(request, "statistics.html", context)
@login_required
def transfer(request):
userlist = get_user_model().objects.filter(hide_from_userlist=False).filter(is_active=True).order_by("username")
return render(request, "transfer.html", {"user_list": userlist})
@login_required
def supply(request):
return render(request, "supply.html")
@login_required
def redirect_home(request):
return HttpResponseRedirect("/")
# API for XHR requests #
@login_required
def api_order_drink(request):
# check request -> make order
user = request.user
try:
if user.allow_order_with_negative_balance or user.balance > 0:
drinkid = int(request.POST["drinkid"])
amount = int(request.POST["numberofdrinks"])
drink = Drink.objects.get(pk=drinkid)
if ((drink.do_not_count and drink.available > 0) or (drink.available >= amount)) and not drink.deleted:
Order.objects.create(drink=drink, user=user, amount=amount)
return HttpResponse("success", status=200)
else:
return HttpResponse("notAvailable", status=400)
else: raise Exception("Unexpected input or missing privileges.")
except Exception as e:
print(f"An exception occured while processing an order: User: {user.username} - Exception: {e}", file=sys.stderr)
return HttpResponse(b"", status=500)
@login_required
def api_deposit(request):
# check request -> deposit
user = request.user
try:
amount = decimal.Decimal(request.POST["depositamount"])
if 0.00 < amount < 9999.99:
# create transaction
RegisterTransaction.objects.create(
transaction_sum=amount,
comment=f"User deposit by user {user.username}",
is_user_deposit=True,
user=user)
return HttpResponse("success", status=200)
else: raise Exception("Deposit amount too big or small.")
except Exception as e:
print(f"An exception occured while processing a deposit transaction: User: {user.username} - Exception: {e}", file=sys.stderr)
return HttpResponse(b"", status=500)
@login_required
def api_transfer(request):
# check request -> transfer
user = request.user
try:
recipient = get_user_model().objects.get(id=int(request.POST["recipientuser"]))
if recipient.id == user.id:
raise Exception(f"User {user.username} tried to transfer to themself.")
amount = decimal.Decimal(request.POST["transferamount"])
if 0.00 < amount <= user.balance:
# create transaction
RegisterTransaction.objects.create(
transaction_sum=-amount,
comment=f"Transfer to {recipient.username}",
is_transfer=True,
user=user)
RegisterTransaction.objects.create(
transaction_sum=amount,
comment=f"Transfer from {user.username}",
is_transfer=True,
user=recipient)
return HttpResponse("success", status=200)
else: raise Exception("Transfer amount too big or small.")
except Exception as e:
print(f"An exception occured while processing a transfer transaction: User: {user.username} - Exception: {e}", file=sys.stderr)
return HttpResponse(b"", status=500)
@login_required
def api_supply(request):
# check request -> supply
user = request.user
try:
price = decimal.Decimal(request.POST["supplyprice"])
description = str(request.POST["supplydescription"])
if 0.00 < price < 9999.99 and (user.allowed_to_supply or user.is_superuser):
# create transaction
RegisterTransaction.objects.create(
transaction_sum=-price,
comment=f"Supply: {description}",
is_user_deposit=False,
user=user
)
return HttpResponse("success", status=200)
else: raise Exception("Unexpected input or missing privileges.")
except Exception as e:
print(f"An exception occured while processing a supply transaction: User: {user.username} - Exception: {e}", file=sys.stderr)
return HttpResponse(b"", status=500)

0
app/__init__.py → application/app/__init__.py
View file

36
app/admin.py → application/app/admin.py
View file

@ -2,7 +2,6 @@
from django.contrib import admin from django.contrib import admin
from django.contrib.auth.admin import UserAdmin from django.contrib.auth.admin import UserAdmin
from django.utils.decorators import method_decorator
from django.views.decorators.cache import never_cache from django.views.decorators.cache import never_cache
from .models import User from .models import User
@ -16,7 +15,6 @@ from .forms import CustomDrinkForm
from .forms import CustomGlobalForm from .forms import CustomGlobalForm
from .forms import CustomRegisterTransactionForm from .forms import CustomRegisterTransactionForm
# Admin Site # Admin Site
class CustomAdminSite(admin.AdminSite): class CustomAdminSite(admin.AdminSite):
@ -24,9 +22,13 @@ class CustomAdminSite(admin.AdminSite):
site_header = "Drinks Administration" site_header = "Drinks Administration"
site_title = "Drinks Administration" site_title = "Drinks Administration"
@method_decorator(never_cache) @never_cache
def index(self, request, extra_context=None): def index(self, request, extra_context=None):
return super().index(request, extra_context={ return super().index(request, extra_context={
"registerBalance": "{:10.2f}".format(
Global.objects.get(name="register_balance").value_float
),
"admin_info": Global.objects.get(name="admin_info").value_string, "admin_info": Global.objects.get(name="admin_info").value_string,
**(extra_context or {}) **(extra_context or {})
}) })
@ -43,24 +45,13 @@ class CustomUserAdmin(UserAdmin):
fieldsets_ = list((*UserAdmin.fieldsets,)) fieldsets_ = list((*UserAdmin.fieldsets,))
fieldsets_.insert(1, ( fieldsets_.insert(1, (
"Visibility", "Balance",
{"fields": ("hide_from_userlist",)}, {"fields": ("balance", "allow_order_with_negative_balance")},
)) )
fieldsets_.insert(2, ( )
"Balance",
{"fields": ("balance", "allow_order_with_negative_balance")},
))
fieldsets_.insert(3, (
"Supply",
{"fields": ("allowed_to_supply",)},
))
fieldsets_.insert(4, (
"Profile Picture",
{"fields": ("profile_picture_filename",)},
))
fieldsets = tuple(fieldsets_) fieldsets = tuple(fieldsets_)
list_display = ["username", "balance", "allow_order_with_negative_balance", "is_active", "hide_from_userlist"] list_display = ["username", "balance", "is_active", "allow_order_with_negative_balance"]
def get_actions(self, request): # remove the "delete_selected" action because it breaks some functionality def get_actions(self, request): # remove the "delete_selected" action because it breaks some functionality
actions = super().get_actions(request) actions = super().get_actions(request)
@ -75,7 +66,7 @@ class CustomDrinkAdmin(admin.ModelAdmin):
model = Drink model = Drink
form = CustomDrinkForm form = CustomDrinkForm
list_display = ["product_name", "content_litres", "price", "available", "do_not_count", "deleted"] list_display = ["product_name", "content_litres", "price", "available", "binary_availability", "deleted"]
adminSite.register(Drink, CustomDrinkAdmin) adminSite.register(Drink, CustomDrinkAdmin)
@ -95,7 +86,9 @@ class CustomRegisterAdmin(admin.ModelAdmin):
return actions return actions
def delete_selected_new(self, request, queryset): def delete_selected_new(self, request, queryset):
#print(queryset)
for supply in queryset: for supply in queryset:
#print(order)
supply.delete() supply.delete()
if queryset.count() < 2: if queryset.count() < 2:
self.message_user(request, f"Revoked {queryset.count()} supply.") self.message_user(request, f"Revoked {queryset.count()} supply.")
@ -103,6 +96,7 @@ class CustomRegisterAdmin(admin.ModelAdmin):
self.message_user(request, f"Revoked {queryset.count()} supplies.") self.message_user(request, f"Revoked {queryset.count()} supplies.")
delete_selected_new.short_description = "Revoke selected transactions" delete_selected_new.short_description = "Revoke selected transactions"
adminSite.register(Register, CustomRegisterAdmin) adminSite.register(Register, CustomRegisterAdmin)
@ -119,7 +113,9 @@ class CustomOrderAdmin(admin.ModelAdmin):
return actions return actions
def delete_selected_new(self, request, queryset): def delete_selected_new(self, request, queryset):
#print(queryset)
for order in queryset: for order in queryset:
#print(order)
order.delete() order.delete()
self.message_user(request, f"Revoked {queryset.count()} order(s).") self.message_user(request, f"Revoked {queryset.count()} order(s).")
delete_selected_new.short_description = "Revoke selected orders" delete_selected_new.short_description = "Revoke selected orders"

7
application/app/apps.py Normal file
View file

@ -0,0 +1,7 @@
from django.apps import AppConfig
from django.contrib.admin.apps import AdminConfig
class DAppConfig(AppConfig):
default_auto_field = 'django.db.models.BigAutoField'
name = 'app'

2
app/context_processors.py → application/app/context_processors.py
View file

@ -2,8 +2,8 @@ from django.conf import settings
from .models import Global from .models import Global
def app_version(request): def app_version(request):
try: try:
global_message = Global.objects.get(pk="global_message").value_string global_message = Global.objects.get(pk="global_message").value_string
except Global.DoesNotExist: except Global.DoesNotExist:

2
app/forms.py → application/app/forms.py
View file

@ -26,7 +26,7 @@ class CustomDrinkForm(forms.ModelForm):
class Meta: class Meta:
model = Drink model = Drink
fields = ("product_name", "content_litres", "price", "do_not_count", "available", "deleted") fields = ("product_name", "content_litres", "price", "binary_availability", "available", "deleted")
class CustomRegisterTransactionForm(forms.ModelForm): class CustomRegisterTransactionForm(forms.ModelForm):

11
application/app/middleware.py Normal file
View file

@ -0,0 +1,11 @@
# Define CSP middleware:
def csp_middleware(get_response):
def middleware(request):
response = get_response(request)
response["content-security-policy"] = "default-src 'self'"
return response
return middleware

63
app/models.py → application/app/models.py
View file

@ -2,18 +2,24 @@
from django.db import models from django.db import models
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import AbstractUser from django.contrib.auth.models import AbstractUser
from django_currentuser.db.models import CurrentUserField
from django.forms import ValidationError from django.forms import ValidationError
from django.utils import timezone from django.utils import timezone
# helper
def make_register_transaction(transaction_sum:float):
regbalance = Global.objects.get(name="register_balance")
regbalance.value_float += float(round(float(transaction_sum), 2))
regbalance.save()
# Custom user model # Custom user model
class User(AbstractUser): class User(AbstractUser):
balance = models.DecimalField(max_digits=8, decimal_places=2, default=0.00) balance = models.DecimalField(max_digits=8, decimal_places=2, default=0.00)
allow_order_with_negative_balance = models.BooleanField(default=False) allow_order_with_negative_balance = models.BooleanField(default=False)
profile_picture_filename = models.CharField(default="default.svg", max_length=25)
allowed_to_supply = models.BooleanField(default=False)
hide_from_userlist = models.BooleanField(default=False)
def delete(self, *args, **kwargs): def delete(self, *args, **kwargs):
self.balance = 0 self.balance = 0
@ -24,6 +30,8 @@ class User(AbstractUser):
self.email = "" self.email = ""
super().save() super().save()
#
class Drink(models.Model): class Drink(models.Model):
@ -33,26 +41,23 @@ class Drink(models.Model):
available = models.PositiveIntegerField(default=0) available = models.PositiveIntegerField(default=0)
deleted = models.BooleanField(default=False) deleted = models.BooleanField(default=False)
# when the following field is true, the amount of drinks will # when the following field is true:
# not change and will not be displayed.
# available > 0 -> there is a indefinetly amount of drinks left # available > 0 -> there is a indefinetly amount of drinks left
# available < 1 -> there are no drinks left # available < 1 -> there are no drinks left
do_not_count = models.BooleanField(default=False) binary_availability = models.BooleanField(default=False)
def delete(self, *args, **kwargs): def delete(self, *args, **kwargs):
# we flag the field as deleted.
self.deleted = True self.deleted = True
super().save() super().save()
def __str__(self): def __str__(self): return f"{self.product_name} ({str(self.content_litres).rstrip('0')}l) - {self.price}{settings.CURRENCY_SUFFIX}"
return f"{self.product_name} ({float(self.content_litres):.2f}l) - {self.price} {settings.CURRENCY_SUFFIX}"
class RegisterTransaction(models.Model): class RegisterTransaction(models.Model):
class Meta: class Meta:
verbose_name = "transaction" verbose_name = "register transaction"
verbose_name_plural = "transactions" verbose_name_plural = "register"
transaction_sum = models.DecimalField(max_digits=6, decimal_places=2, default=0.00) transaction_sum = models.DecimalField(max_digits=6, decimal_places=2, default=0.00)
# the following original_transaction_sum is needed when need to be # the following original_transaction_sum is needed when need to be
@ -60,34 +65,38 @@ class RegisterTransaction(models.Model):
old_transaction_sum = models.DecimalField(max_digits=6, decimal_places=2, default=0.00) old_transaction_sum = models.DecimalField(max_digits=6, decimal_places=2, default=0.00)
datetime = models.DateTimeField(default=timezone.now) datetime = models.DateTimeField(default=timezone.now)
is_user_deposit = models.BooleanField(default=False) is_user_deposit = models.BooleanField(default=False)
is_transfer = models.BooleanField(default=False)
comment = models.TextField(default=" ") comment = models.TextField(default=" ")
user = models.ForeignKey(User, on_delete=models.CASCADE) user = CurrentUserField()
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
if self._state.adding: if self._state.adding:
if self.is_user_deposit or self.is_transfer: # update user balance make_register_transaction(self.transaction_sum)
if self.is_user_deposit == True: # update user balance
self.user.balance += self.transaction_sum self.user.balance += self.transaction_sum
self.user.save() self.user.save()
self.old_transaction_sum = self.transaction_sum self.old_transaction_sum = self.transaction_sum
super().save(*args, **kwargs) super().save(*args, **kwargs)
else: else:
# update user balance
if self.is_user_deposit or self.is_transfer:
self.user.balance += self.transaction_sum - self.old_transaction_sum
self.user.save()
# update register transaction # update register transaction
sum_diff = self.transaction_sum - self.old_transaction_sum
make_register_transaction(sum_diff)
# update user balance
if self.is_user_deposit == True:
ub_sum_diff = self.transaction_sum - self.old_transaction_sum
self.user.balance += ub_sum_diff
self.user.save()
self.old_transaction_sum = self.transaction_sum self.old_transaction_sum = self.transaction_sum
super().save(*args, **kwargs) super().save(*args, **kwargs)
def delete(self, *args, **kwargs): def delete(self, *args, **kwargs):
make_register_transaction(-self.transaction_sum)
# update user deposit # update user deposit
if self.is_user_deposit or self.is_transfer: if self.is_user_deposit:
self.user.balance -= self.transaction_sum self.user.balance -= self.transaction_sum
self.user.save() self.user.save()
super().delete(*args, kwargs) super().delete(*args, kwargs)
def __str__(self): return f"{self.transaction_sum} {settings.CURRENCY_SUFFIX} by {self.user}" def __str__(self): return f"{self.transaction_sum}{settings.CURRENCY_SUFFIX} by {self.user}"
class Order(models.Model): class Order(models.Model):
@ -98,7 +107,7 @@ class Order(models.Model):
null=True, null=True,
limit_choices_to=models.Q(available__gt=0) # Query only those drinks with a availability greater than (gt) 0 limit_choices_to=models.Q(available__gt=0) # Query only those drinks with a availability greater than (gt) 0
) )
user = models.ForeignKey(User, on_delete=models.CASCADE) user = CurrentUserField()
datetime = models.DateTimeField(default=timezone.now) datetime = models.DateTimeField(default=timezone.now)
amount = models.PositiveIntegerField(default=1, editable=False) amount = models.PositiveIntegerField(default=1, editable=False)
@ -108,12 +117,13 @@ class Order(models.Model):
price_sum = models.DecimalField(max_digits=6, decimal_places=2, default=0, editable=False) price_sum = models.DecimalField(max_digits=6, decimal_places=2, default=0, editable=False)
content_litres = models.DecimalField(max_digits=6, decimal_places=3, default=0, editable=False) content_litres = models.DecimalField(max_digits=6, decimal_places=3, default=0, editable=False)
# TODO: Add more comments on how and why the save & delete functions are implemented
# address this in a refactoring issue.
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
# saving this may affect other fields
# so we reimplement the save function
drink = Drink.objects.get(pk=self.drink.pk) drink = Drink.objects.get(pk=self.drink.pk)
if self._state.adding and drink.available > 0: if self._state.adding and drink.available > 0:
if not drink.do_not_count: if not drink.binary_availability:
drink.available -= self.amount drink.available -= self.amount
drink.save() drink.save()
self.product_name = drink.product_name self.product_name = drink.product_name
@ -126,16 +136,15 @@ class Order(models.Model):
raise ValidationError("This entry can't be changed.") raise ValidationError("This entry can't be changed.")
def delete(self, *args, **kwargs): def delete(self, *args, **kwargs):
# when deleting, we affect other fields as well.
self.user.balance += self.price_sum self.user.balance += self.price_sum
self.user.save() self.user.save()
drink = Drink.objects.get(pk=self.drink.pk) drink = Drink.objects.get(pk=self.drink.pk)
if not drink.do_not_count: if not drink.binary_availability:
drink.available += self.amount drink.available += self.amount
drink.save() drink.save()
super().delete(*args, **kwargs) super().delete(*args, **kwargs)
def __str__(self): return f"{self.drink.product_name} ({float(self.drink.content_litres):.2f}l) x {self.amount} - {self.price_sum} {settings.CURRENCY_SUFFIX}" def __str__(self): return f"{self.drink.product_name} ({str(self.drink.content_litres).rstrip('0')}l) x {self.amount} - {self.price_sum}{settings.CURRENCY_SUFFIX}"
class Global(models.Model): class Global(models.Model):

137
application/app/sql_queries.py Normal file
View file

@ -0,0 +1,137 @@
#from datetime import datetime
from django.conf import settings
from django.db import connection
def _select_from_db(sql_select:str):
result = None
with connection.cursor() as cursor:
cursor.execute(sql_select)
result = cursor.fetchall()
return result
def select_history(user, language_code="en") -> list:
# select order history and deposits
user_id = user.pk
result = _select_from_db(f"""
select
concat(
product_name, ' (',
content_litres::real, -- converting to real removes trailing zeros
'l) x ', amount, ' - ', price_sum, '{settings.CURRENCY_SUFFIX}') as "text",
datetime
from app_order
where user_id = {user_id}
union
select
concat('Deposit: +', transaction_sum, '{settings.CURRENCY_SUFFIX}') as "text",
datetime
from app_userdeposits_view
where user_id = {user_id}
order by datetime desc
fetch first 30 rows only;
""")
result = [list(row) for row in result]
if language_code == "de": # reformat for german translation
for row in result:
row[0] = row[0].replace(".", ",")
return result
def select_yopml12m(user) -> list:
# number of orders per month (last 12 months)
# only for the specified user
user_id = user.pk
result = _select_from_db(f"""
-- select the count of the orders per month (last 12 days)
select
to_char(date_trunc('month', datetime), 'YYYY-MM') as "month",
sum(amount) as "count"
from app_order
where user_id = {user_id}
and date_trunc('month', datetime) > date_trunc('month', now() - '12 months'::interval)
group by "month"
order by "month" desc;
""")
return [list(row) for row in result]
def select_aopml12m() -> list:
# number of orders per month (last 12 months)
result = _select_from_db(f"""
-- select the count of the orders per month (last 12 days)
select
to_char(date_trunc('month', datetime), 'YYYY-MM') as "month",
sum(amount) as "count"
from app_order
where date_trunc('month', datetime) > date_trunc('month', now() - '12 months'::interval)
group by "month"
order by "month" desc;
""")
return [list(row) for row in result]
def select_yopwd(user) -> list:
# number of orders per weekday (all time)
# only for the specified user
user_id = user.pk
result = _select_from_db(f"""
-- select the count of the orders per weekday (all time)
select
to_char(datetime, 'Day') as "day",
sum(amount) as "count"
from app_order
where user_id = {user_id}
group by "day"
order by "count" desc;
""")
return [list(row) for row in result]
return []
def select_aopwd() -> list:
# number of orders per weekday (all time)
result = _select_from_db(f"""
-- select the count of the orders per weekday (all time)
select
to_char(datetime, 'Day') as "day",
sum(amount) as "count"
from app_order
group by "day"
order by "count" desc;
""")
return [list(row) for row in result]
return []
def select_noyopd(user) -> list:
# number of orders per drink (all time)
# only for specified user
user_id = user.pk
result = _select_from_db(f"""
select
d.product_name as "label",
sum(o.amount) as "data"
from app_drink d
join app_order o on (d.id = o.drink_id)
where o.user_id = {user_id}
group by d.product_name
order by "data" desc;
""")
return [list(row) for row in result]
def select_noaopd() -> list:
# number of orders per drink (all time)
result = _select_from_db(f"""
select
d.product_name as "label",
sum(o.amount) as "data"
from app_drink d
join app_order o on (d.id = o.drink_id)
group by d.product_name
order by "data" desc;
""")
return [list(row) for row in result]

0
app/templates/admin/base_site.html → application/app/templates/admin/base_site.html
View file

1
app/templates/admin/index.html → application/app/templates/admin/index.html
View file

@ -6,6 +6,7 @@
<div> <div>
<div> <div>
<p>Current Register Balance: {{ registerBalance }}{{ currency_suffix }}</p>
{% if global_message != "" %} {% if global_message != "" %}
<p>Global Message: {{ global_message }}</p> <p>Global Message: {{ global_message }}</p>
{% endif %} {% endif %}

45
app/templates/baselayout.html → application/app/templates/baseLayout.html
View file

@ -1,6 +1,9 @@
<!DOCTYPE html> <!DOCTYPE html>
{% load i18n %} {% load i18n %}
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="X-UA-Compatible" content="IE=edge">
@ -10,27 +13,45 @@
<title>{% block title %}{% endblock %}</title> <title>{% block title %}{% endblock %}</title>
{% block headAdditional %}{% endblock %} {% block headAdditional %}{% endblock %}
</head> </head>
<body> <body>
<div class="baselayout flex flex-column">
{% include "globalmessage.html" %} <div class="baseLayout">
{% include "globalMessage.html" %}
{% if user.is_authenticated %} {% if user.is_authenticated %}
{% include "userpanel.html" %}
{% include "userPanel.html" %}
{% endif %} {% endif %}
<main class="flex flex-column">
<main>
{% if user.is_authenticated or "accounts/login/" in request.path or "accounts/logout/" in request.path or "admin/logout/" in request.path %} {% if user.is_authenticated or "accounts/login/" in request.path or "accounts/logout/" in request.path or "admin/logout/" in request.path %}
<div class="content flex flex-column">
{% block content %}{% endblock %} <h1>{% block heading %}{% endblock %}</h1>
</div> <div class="content">
{% block content %}{% endblock %}
</div>
{% else %} {% else %}
<div class="flex flex-center">
{% translate "An error occured. Please log out and log in again." %} <div class="centeringFlex">
<br> {% translate "An error occured. Please log out and log in again." %}
<a class="button" href="/accounts/logout">log out</a> <br>
</div> <a href="/accounts/logout">log out</a>
</div>
{% endif %} {% endif %}
</main> </main>
{% include "footer.html" %} {% include "footer.html" %}
</div> </div>
<script src="/static/js/main.js"></script> <script src="/static/js/main.js"></script>
</body> </body>
</html> </html>

39
application/app/templates/deposit.html Normal file
View file

@ -0,0 +1,39 @@
{% extends "baseLayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Deposit" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/deposit.css">
{% endblock %}
{% block heading %}
{% translate "Deposit" %}
{% endblock %}
{% block content %}
<form id="depositForm">
{% csrf_token %}
<div class="row">
<div class="column">{% translate "Amount" %} {{ currency_suffix }}:</div>
<div class="column"><input type="number" name="depositAmount" id="depositAmount" max="9999.99" min="1.00"
step="0.01" autofocus></div>
</div>
<div id="statusInfo"></div>
<div class="horizontalButtonList">
<a href="/" class="button">{% translate "cancel" %}</a>
<input type="submit" id="depositSubmitBtn" class="button" value='{% translate "confirm" %}'>
</div>
</form>
<script src="/static/js/deposit.js"></script>
{% endblock %}

6
application/app/templates/footer.html Normal file
View file

@ -0,0 +1,6 @@
{% load i18n %}
<div class="footer">
<div>Version {{ app_version }}</div>
<div>Copyright (C) 2021, <a href="https://gitlab.com/W13R">Julian MĂĽller (W13R)</a></div>
</div>

5
application/app/templates/globalMessage.html Normal file
View file

@ -0,0 +1,5 @@
{% if global_message != "" %}
<div class="globalMessage">
<div>{{ global_message }}</div>
</div>
{% endif %}

36
application/app/templates/history.html Normal file
View file

@ -0,0 +1,36 @@
{% extends "baseLayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - History" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/history.css">
{% endblock %}
{% block heading %}
{% translate "History" %}
{% endblock %}
{% block content %}
{% if history %}
<table class="history">
<tr>
<th>{% translate "last 30 actions" %}</th>
<th></th>
</tr>
{% for h in history %}
<tr>
<td>{{ h.0 }}</td>
<td class="historyDate">{{ h.1 }}</td>
</tr>
{% endfor %}
</table>
{% else %}
{% translate "No history." %}
{% endif %}
{% endblock %}

47
application/app/templates/index.html Normal file
View file

@ -0,0 +1,47 @@
{% extends "baseLayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Home" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/index.css">
{% endblock %}
{% block heading %}
{% translate "Available Drinks" %}
{% endblock %}
{% block content %}
{% if available_drinks %}
<ul class="availableDrinksList">
{% for drink in available_drinks %}
{% if drink.binary_availability %}
<li>
<a class="button" href="/order/{{ drink.id }}">
<span>{{ drink }}</span>
<span>{% translate "available" %}</span>
</a>
</li>
{% else %}
<li>
<a class="button" href="/order/{{ drink.id }}">
<span>{{ drink }}</span>
<span>{{ drink.available }} {% translate "available" %}</span>
</a>
</li>
{% endif %}
{% endfor %}
</ul>
{% else %}
{% translate "No drinks available." %}
{% endif %}
{% endblock %}

100
application/app/templates/order.html Normal file
View file

@ -0,0 +1,100 @@
{% extends "baseLayout.html" %}
{% load i18n %}
{% load l10n %}
{% block title %}
{% translate "Drinks - Order" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/order.css">
<link rel="stylesheet" href="/static/css/customNumberInput.css">
{% endblock %}
{% block heading %}
{% translate "Order" %}
{% endblock %}
{% block content %}
{% if drink and drink.available > 0 and not drink.deleted %}
{% if user.balance > 0 or user.allow_order_with_negative_balance %}
<form id="orderForm">
{% csrf_token %}
<div class="row">
<div class="column">{% translate "Drink" %}:</div>
<div class="column">{{ drink.product_name }}</div>
</div>
<div class="row">
<div class="column">{% translate "Price per Item" %} ({{ currency_suffix }}):</div>
<div class="column" id="pricePerDrink" data-drink-price="{% localize off %}{{ drink.price }}{% endlocalize %}">{{ drink.price }}</div>
</div>
{% if not drink.binary_availability %}
<div class="row">
<div class="column">{% translate "Available" %}:</div>
<div class="column">{{ drink.available }}</div>
</div>
{% endif %}
<div class="row">
<div class="column">{% translate "Count" %}:</div>
<div class="column">
<span class="customNumberInput">
<button type="button" class="customNumberInput-minus" id="numberOfDrinksBtnA">-</button>
{% if drink.binary_availability %}
<input type="number" class="customNumberInputField" name="numberOfDrinks" id="numberOfDrinks"
min="1" max="100" value="1">
{% else %}
<input type="number" class="customNumberInputField" name="numberOfDrinks" id="numberOfDrinks"
max="{{ drink.available }}" min="1" max="100" value="1">
{% endif %}
<button type="button" class="customNumberInput-plus" id="numberOfDrinksBtnB">+</button>
</span>
</div>
</div>
<div class="row">
<div class="column">{% translate "Sum" %} ({{ currency_suffix }}):</div>
<div class="column" id="orderCalculatedSum">{{ drink.price }}</div>
</div>
<div id="statusInfo"></div>
<input type="hidden" name="drinkID" id="drinkID" value="{{ drink.id }}">
<div class="horizontalButtonList">
<a href="/" class="button">{% translate "cancel" %}</a>
<input type="submit" id="orderSubmitBtn" class="button" value='{% translate "order" %}'>
</div>
</form>
<script src="/static/js/order.js"></script>
<script src="/static/js/customNumberInput.js"></script>
{% else %}
<div class="centeringFlex">
<p>{% translate "You can't order this, because you have a negative balance." %}</p>
<a href="/">{% translate "back" %}</a>
</div>
{% endif %}
{% else %}
<div class="centeringFlex">
<p>{% translate "This drink is not available." %}</p>
<a href="/">{% translate "back" %}</a>
</div>
{% endif %}
{% endblock %}

24
application/app/templates/registration/logged_out.html Normal file
View file

@ -0,0 +1,24 @@
{% extends "baseLayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Logged Out" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/login.css">
{% endblock %}
{% block content %}
<div class="centeringFlex">
{% translate "Logged out! You will be redirected shortly." %}
<br><br>
<a href="/">{% translate "Click here if automatic redirection does not work." %}</a>
</div>
<script src="/static/js/logged_out.js"></script>
{% endblock %}

91
application/app/templates/registration/login.html Normal file
View file

@ -0,0 +1,91 @@
{% extends "baseLayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Login" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/login.css">
{% endblock %}
{% block content %}
{% if error_message %}
<p class="errorText">{{ error_message }}</p>
{% endif %}
<div class="passwordOverlayContainer nodisplay" id="passwordOverlayContainer">
<div class="passwordOverlay">
<form method="post" action="{% url 'login' %}">
{% csrf_token %}
<h1>{% translate "Log in" %}</h1>
<input type="text" name="username" autofocus="" autocapitalize="none" autocomplete="username" maxlength="150" required="" id="id_username">
<input type="password" name="password" autocomplete="current-password" required="" id="id_password" placeholder='{% translate "Password/PIN" %}'>
<div class="pinpad">
<table>
<tr>
<td><button type="button" class="pinpadBtn" data-btn="1">1</button></td>
<td><button type="button" class="pinpadBtn" data-btn="2">2</button></td>
<td><button type="button" class="pinpadBtn" data-btn="3">3</button></td>
</tr>
<tr>
<td><button type="button" class="pinpadBtn" data-btn="4">4</button></td>
<td><button type="button" class="pinpadBtn" data-btn="5">5</button></td>
<td><button type="button" class="pinpadBtn" data-btn="6">6</button></td>
</tr>
<tr>
<td><button type="button" class="pinpadBtn" data-btn="7">7</button></td>
<td><button type="button" class="pinpadBtn" data-btn="8">8</button></td>
<td><button type="button" class="pinpadBtn" data-btn="9">9</button></td>
</tr>
<tr>
<td><button type="button" class="pinpadBtn" data-btn="0">0</button></td>
<td><button type="button" class="pinpadBtn" data-btn="x">x</button></td>
<td><button type="button" class="pinpadBtn" data-btn="enter">&#9166;</button></td>
</tr>
</table>
</div>
<div class="horizontalButtonList">
<button type="button" id="pwoCancel">{% translate "cancel" %}</button>
<input class="button" id="submit_login" type="submit" value='{% translate "login" %}' />
</div>
</form>
</div>
</div>
<h1>{% translate "Choose your account" %}</h1>
<div class="userlistContainer">
<ul class="userlist">
{% for user_ in user_list %}
<li class="userlistButton button" data-username="{{ user_.username }}">
{% if user_.first_name %}
{{ user_.first_name }}
{% if user_.last_name %}
{{ user_.last_name }}
{% endif %}
{% else %}
{{ user_.username }}
{% endif %}
</li>
{% endfor %}
</ul>
</div>
<script src="/static/js/login.js"></script>
{% endblock %}

179
application/app/templates/statistics.html Normal file
View file

@ -0,0 +1,179 @@
{% extends "baseLayout.html" %}
{% load i18n %}
{% block title %}
{% translate "Drinks - Statistics" %}
{% endblock %}
{% block headAdditional %}
<link rel="stylesheet" href="/static/css/statistics.css">
{% endblock %}
{% block heading %}
{% translate "Statistics" %}
{% endblock %}
{% block content %}
<div class="mainContainer">
<div class="dropDownMenu" id="statisticsDropDownMenu">
<button class="dropDownButton" id="statisticsDropDownMenuButton">
<div>
{% translate "Choose" %}
</div>
</button>
<div class="dropDownList">
<button class="sChoice dropDownChoice" data-statistics_div="noyopd">
{% translate "Your orders per drink" %}
</button>
<button class="sChoice dropDownChoice" data-statistics_div="yopwd">
{% translate "Your orders per weekday" %}
</button>
<button class="sChoice dropDownChoice" data-statistics_div="yopml12m">
{% translate "Your orders per month (last 12 months)" %}
</button>
<button class="sChoice dropDownChoice" data-statistics_div="noaopd">
{% translate "All orders per drink" %}
</button>
<button class="sChoice dropDownChoice" data-statistics_div="aopwd">
{% translate "All orders per weekday" %}
</button>
<button class="sChoice dropDownChoice" data-statistics_div="aopml12m">
{% translate "All orders per month (last 12 months)" %}
</button>
</div>
</div>
<div class="tablesContainer">
<div id="noyopd" class="statisticsTable nodisplay">
<h1>{% translate "Your orders per drink" %}</h1>
{% if noyopd %}
<table>
<tr>
<th>{% translate "drink" %}</th>
<th>{% translate "count" %}</th>
</tr>
{% for row in noyopd %}
<tr>
<td>{{ row.0 }}</td>
<td>{{ row.1 }}</td>
</tr>
{% endfor %}
</table>
{% else %}
<div>{% translate "No history." %}</div>
{% endif %}
</div>
<div id="noaopd" class="statisticsTable nodisplay">
<h1>{% translate "All orders per drink" %}</h1>
{% if noaopd %}
<table>
<tr>
<th>{% translate "drink" %}</th>
<th>{% translate "count" %}</th>
</tr>
{% for row in noaopd %}
<tr>
<td>{{ row.0 }}</td>
<td>{{ row.1 }}</td>
</tr>
{% endfor %}
</table>
{% else %}
<div>{% translate "No history." %}</div>
{% endif %}
</div>
<div id="yopml12m" class="statisticsTable nodisplay">
<h1>{% translate "Your orders per month (last 12 months)" %}</h1>
{% if yopml12m %}
<table>
<tr>
<th>{% translate "month" %}</th>
<th>{% translate "count" %}</th>
</tr>
{% for row in yopml12m %}
<tr>
<td>{{ row.0 }}</td>
<td>{{ row.1 }}</td>
</tr>
{% endfor %}
</table>
{% else %}
<div>{% translate "No history." %}</div>
{% endif %}
</div>
<div id="aopml12m" class="statisticsTable nodisplay">
<h1>{% translate "All orders per month (last 12 months)" %}</h1>
{% if aopml12m %}
<table>
<tr>
<th>{% translate "month" %}</th>
<th>{% translate "count" %}</th>
</tr>
{% for row in aopml12m %}
<tr>
<td>{{ row.0 }}</td>
<td>{{ row.1 }}</td>
</tr>
{% endfor %}
</table>
{% else %}
<div>{% translate "No history." %}</div>
{% endif %}
</div>
<div id="yopwd" class="statisticsTable nodisplay">
<h1>{% translate "Your orders per weekday" %}</h1>
{% if yopwd %}
<table>
<tr>
<th>{% translate "day" %}</th>
<th>{% translate "count" %}</th>
</tr>
{% for row in yopwd %}
<tr>
<td>{{ row.0 }}</td>
<td>{{ row.1 }}</td>
</tr>
{% endfor %}
</table>
{% else %}
<div>{% translate "No history." %}</div>
{% endif %}
</div>
<div id="aopwd" class="statisticsTable nodisplay">
<h1>{% translate "All orders per weekday" %}</h1>
{% if aopwd %}
<table>
<tr>
<th>{% translate "day" %}</th>
<th>{% translate "count" %}</th>
</tr>
{% for row in aopwd %}
<tr>
<td>{{ row.0 }}</td>
<td>{{ row.1 }}</td>
</tr>
{% endfor %}
</table>
{% else %}
<div>{% translate "No history." %}</div>
{% endif %}
</div>
</div>
</div>
<script src="/static/js/statistics.js"></script>
{% endblock %}

36
application/app/templates/userPanel.html Normal file
View file

@ -0,0 +1,36 @@
{% load i18n %}
<div class="userPanel">
<div class="userInfo">
{% if user.first_name != "" %}
{% translate "User" %}: {{ user.first_name }} {{ user.last_name }} ({{ user.username }})
{% else %}
{% translate "User" %}: {{ user.username }}
{% endif %}
&nbsp;-&nbsp;
{% if user.balance < 0.01 %}
<span class="userBalanceWarn">{% translate "Balance" %}: {{ user.balance }}{{ currency_suffix }}</span>
{% else %}
<span>{% translate "Balance" %}: {{ user.balance }}{{ currency_suffix }}</span>
{% endif %}
</div>
<div class="horizontalButtonList">
<a class="button" id="navBarBtnHome" href="/">Home</a>
<a class="button" id="navBarBtnDeposit" href="/deposit">{% translate "Deposit" %}</a>
<div class="dropDownMenu" id="dropDownMenu">
<button class="dropDownButton" id="dropDownMenuButton">
<div>{% translate "Account" %}</div>
</button>
<div class="dropDownList">
<a class="button dropDownChoice" id="navBarBtnHistory" href="/history">{% translate "History" %}</a>
<a class="button dropDownChoice" id="navBarBtnStatistics" href="/statistics">{% translate "Statistics" %}</a>
{% if user.is_superuser %}
<a class="button dropDownChoice" href="/admin/">Admin Panel</a>
{% else %}
<a class="button dropDownChoice" href="/accounts/password_change/">{% translate "Change Password" %}</a>
{% endif %}
<a class="button dropDownChoice" href="/accounts/logout">{% translate "Logout" %}</a>
</div>
</div>
</div>
</div>

3
application/app/tests.py Normal file
View file

@ -0,0 +1,3 @@
from django.test import TestCase
# Create your tests here.

7
app/urls.py → application/app/urls.py
View file

@ -6,12 +6,10 @@ from .admin import adminSite
urlpatterns = [ urlpatterns = [
path('', views.index), path('', views.index),
path('order/<drinkid>/', views.order), path('order/<drinkID>/', views.order),
path('history/', views.history), path('history/', views.history),
path('deposit/', views.deposit), path('deposit/', views.deposit),
path('statistics/', views.statistics), path('statistics/', views.statistics),
path('transfer/', views.transfer),
path('supply/', views.supply),
path('accounts/login/', views.login_page, name="login"), path('accounts/login/', views.login_page, name="login"),
path('accounts/logout/', auth_views.LogoutView.as_view(), name='logout'), path('accounts/logout/', auth_views.LogoutView.as_view(), name='logout'),
path('accounts/password_change/', auth_views.PasswordChangeView.as_view(), name='password_change'), path('accounts/password_change/', auth_views.PasswordChangeView.as_view(), name='password_change'),
@ -20,6 +18,5 @@ urlpatterns = [
# API # # API #
path('api/order-drink', views.api_order_drink), path('api/order-drink', views.api_order_drink),
path('api/deposit', views.api_deposit), path('api/deposit', views.api_deposit),
path('api/transfer', views.api_transfer), #path('api/get-statistics', views.api_get_statistics)
path('api/supply', views.api_supply)
] ]

167
application/app/views.py Normal file
View file

@ -0,0 +1,167 @@
import json
import sys
from django.contrib.auth import authenticate
from django.contrib.auth import get_user_model
from django.contrib.auth import login
from django.contrib.auth.decorators import login_required
from django.contrib.auth.forms import AuthenticationForm
from django.http.response import HttpResponseRedirect
from django.http.response import HttpResponse
from django.shortcuts import render
from django.utils.translation import gettext as _
from django.utils.formats import decimal
from . import sql_queries
from .models import Drink
from .models import Order
from .models import RegisterTransaction
# login view
def login_page(request):
userlist = get_user_model().objects.filter(is_superuser=False).filter(is_active=True).order_by("username")
if request.method == "POST":
form = AuthenticationForm(request.POST)
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username,password=password)
if user:
if user.is_active:
login(request, user)
return HttpResponseRedirect("/")
else:
return render(request,'registration/login.html', {
"form": form,
"user_list": userlist,
"error_message": _("Invalid username or password.")
})
else:
if request.user.is_authenticated:
return HttpResponseRedirect("/")
form = AuthenticationForm()
return render(request,'registration/login.html', {
"form": form,
"user_list": userlist
})
# actual application
@login_required
def index(request):
context = {
"available_drinks": Drink.objects.filter(available__gt=0).filter(deleted=False).order_by('product_name'),
}
return render(request, "index.html", context)
@login_required
def history(request):
context = {
"history": sql_queries.select_history(request.user, language_code=request.LANGUAGE_CODE),
}
return render(request, "history.html", context)
@login_required
def order(request, drinkID):
try:
drink_ = Drink.objects.get(pk=drinkID)
context = {
"drink": drink_
}
return render(request, "order.html", context)
except Drink.DoesNotExist:
return HttpResponseRedirect("/")
@login_required
def deposit(request):
return render(request, "deposit.html", {})
@login_required
def statistics(request):
context = {
"yopml12m": sql_queries.select_yopml12m(request.user),
"aopml12m": sql_queries.select_aopml12m(),
"yopwd": sql_queries.select_yopwd(request.user),
"aopwd": sql_queries.select_aopwd(),
"noyopd": sql_queries.select_noyopd(request.user),
"noaopd": sql_queries.select_noaopd()
}
return render(request, "statistics.html", context)
@login_required
def redirect_home(request):
return HttpResponseRedirect("/")
# API for XHR requests #
@login_required
def api_order_drink(request):
# check request -> make order
user = request.user
try:
if user.allow_order_with_negative_balance or user.balance > 0:
drinkID = int(request.POST["drinkID"])
amount = int(request.POST["numberOfDrinks"])
drink = Drink.objects.get(pk=drinkID)
if ((drink.binary_availability and drink.available > 0) or (drink.available >= amount)) and not drink.deleted:
Order.objects.create(drink=drink, user=user, amount=amount)
return HttpResponse("success", status=200)
else:
return HttpResponse("notAvailable", status=400)
else: raise Exception("Balance below zero.")
except Exception as e:
print(f"An exception occured while processing an order: User: {user.username} - Exception: {e}", file=sys.stderr)
return HttpResponse(b"", status=500)
@login_required
def api_deposit(request):
# check request -> deposit
user = request.user
try:
amount = decimal.Decimal(request.POST["depositAmount"])
if 0.00 < amount < 9999.99:
# create transaction
RegisterTransaction.objects.create(
transaction_sum=amount,
comment=f"User deposit by user {user.username}",
is_user_deposit=True,
user=user
)
#
return HttpResponse("success", status=200)
else: raise Exception("Deposit amount too big or small.")
except Exception as e:
print(f"An exception occured while processing an transaction: User: {user.username} - Exception: {e}", file=sys.stderr)
return HttpResponse(b"", status=500)

0
app/migrations/__init__.py → application/drinks_manager/__init__.py
View file

6
project/asgi.py → application/drinks_manager/asgi.py
View file

@ -1,16 +1,16 @@
""" """
ASGI config for project project. ASGI config for drinks_manager project.
It exposes the ASGI callable as a module-level variable named ``application``. It exposes the ASGI callable as a module-level variable named ``application``.
For more information on this file, see For more information on this file, see
https://docs.djangoproject.com/en/4.1/howto/deployment/asgi/ https://docs.djangoproject.com/en/3.2/howto/deployment/asgi/
""" """
import os import os
from django.core.asgi import get_asgi_application from django.core.asgi import get_asgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "project.settings") os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'drinks_manager.settings')
application = get_asgi_application() application = get_asgi_application()

177
application/drinks_manager/settings.py Normal file
View file

@ -0,0 +1,177 @@
"""
Django settings for drinks_manager project.
Generated by 'django-admin startproject' using Django 3.2.5.
For more information on this file, see
https://docs.djangoproject.com/en/3.2/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/3.2/ref/settings/
"""
import os
from pathlib import Path
# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key secret!
django_secret_key_absolute_fp = os.environ["DJANGO_SK_ABS_FP"]
with open(django_secret_key_absolute_fp) as secret_key_file:
SECRET_KEY = secret_key_file.read().strip()
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = (os.environ["DJANGO_DEBUG"].lower() == "true")
ALLOWED_HOSTS = [
"*"
]
### ----------------- ###
# Application definition
INSTALLED_APPS = [
"app.apps.DAppConfig",
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
"django.middleware.locale.LocaleMiddleware",
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
"django_currentuser.middleware.ThreadLocalUserMiddleware",
"app.middleware.csp_middleware"
]
ROOT_URLCONF = 'drinks_manager.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
"app.context_processors.app_version"
],
},
},
]
WSGI_APPLICATION = 'drinks_manager.wsgi.application'
# Database
# https://docs.djangoproject.com/en/3.2/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': os.environ["PGDB_DB"],
'USER': os.environ["PGDB_USER"],
'PASSWORD': os.environ["PGDB_PASSWORD"],
'HOST': os.environ["PGDB_HOST"],
'PORT': str(os.environ["PGDB_PORT"])
}
}
CONN_MAX_AGE = 20 # keep database connections alive for n seconds
# Password validation
# https://docs.djangoproject.com/en/3.2/ref/settings/#auth-password-validators
if os.environ["DJANGO_ENABLE_PASSWORD_VALIDATION"].lower() == "true":
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
else:
AUTH_PASSWORD_VALIDATORS = []
AUTH_USER_MODEL = "app.User"
# user will be logged out after x seconds
SESSION_COOKIE_AGE = int(os.environ["DJANGO_SESSION_COOKIE_AGE"])
# more security settings
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True
# Internationalization
# https://docs.djangoproject.com/en/3.2/topics/i18n/
LANGUAGE_CODE = os.environ["DJANGO_LANGUAGE_CODE"] # this is the default and fallback language (currently only de-de and en-us supported)
TIME_ZONE = os.environ["DJANGO_TIME_ZONE"]
USE_I18N = True
USE_L10N = True
USE_TZ = True
LOCALE_PATHS = [
BASE_DIR / "locale"
]
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.2/howto/static-files/
STATIC_URL = '/static/'
STATIC_ROOT = os.environ["STATIC_FILES"]
# Default primary key field type
# https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
#
APP_VERSION = os.environ["APP_VERSION"]
try:
CURRENCY_SUFFIX = os.environ["CURRENCY_SUFFIX"]
except KeyError:
CURRENCY_SUFFIX = "$"

5
project/urls.py → application/drinks_manager/urls.py
View file

@ -1,7 +1,7 @@
"""project URL Configuration """drinks_manager URL Configuration
The `urlpatterns` list routes URLs to views. For more information please see: The `urlpatterns` list routes URLs to views. For more information please see:
https://docs.djangoproject.com/en/4.1/topics/http/urls/ https://docs.djangoproject.com/en/3.2/topics/http/urls/
Examples: Examples:
Function views Function views
1. Add an import: from my_app import views 1. Add an import: from my_app import views
@ -13,6 +13,7 @@ Including another URLconf
1. Import the include() function: from django.urls import include, path 1. Import the include() function: from django.urls import include, path
2. Add a URL to urlpatterns: path('blog/', include('blog.urls')) 2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
""" """
from django.urls import path, include from django.urls import path, include
urlpatterns = [ urlpatterns = [

6
project/wsgi.py → application/drinks_manager/wsgi.py
View file

@ -1,16 +1,16 @@
""" """
WSGI config for project project. WSGI config for drinks_manager project.
It exposes the WSGI callable as a module-level variable named ``application``. It exposes the WSGI callable as a module-level variable named ``application``.
For more information on this file, see For more information on this file, see
https://docs.djangoproject.com/en/4.1/howto/deployment/wsgi/ https://docs.djangoproject.com/en/3.2/howto/deployment/wsgi/
""" """
import os import os
from django.core.wsgi import get_wsgi_application from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "project.settings") os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'drinks_manager.settings')
application = get_wsgi_application() application = get_wsgi_application()

BIN
application/locale/de/LC_MESSAGES/django.mo Normal file
View file

Binary file not shown.

241
application/locale/de/LC_MESSAGES/django.po Normal file
View file

@ -0,0 +1,241 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-12-22 11:07+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: app/templates/admin/base_site.html:7
msgid "Django site admin"
msgstr "Django Administrator"
#: app/templates/admin/base_site.html:15
msgid "Django administration"
msgstr "Django Administration"
#: app/templates/baseLayout.html:43
msgid "An error occured. Please log out and log in again."
msgstr "Ein Fehler ist aufgetreten. Bitte ab- und wieder anmelden."
#: app/templates/deposit.html:6
msgid "Drinks - Deposit"
msgstr "Getränke - Einzahlen"
#: app/templates/deposit.html:14 app/templates/userPanel.html:23
msgid "Deposit"
msgstr "Einzahlen"
#: app/templates/deposit.html:23
msgid "Amount"
msgstr "Summe"
#: app/templates/deposit.html:31 app/templates/order.html:71
#: app/templates/registration/login.html:56
msgid "cancel"
msgstr "Abbrechen"
#: app/templates/deposit.html:32
msgid "confirm"
msgstr "Bestätigen"
#: app/templates/history.html:6
msgid "Drinks - History"
msgstr "Getränke - Verlauf"
#: app/templates/history.html:14 app/templates/userPanel.html:21
msgid "History"
msgstr "Verlauf"
#: app/templates/history.html:22
msgid "last 30 actions"
msgstr "letzte 30 Vorgänge"
#: app/templates/history.html:33 app/templates/statistics.html:69
#: app/templates/statistics.html:89 app/templates/statistics.html:109
#: app/templates/statistics.html:129 app/templates/statistics.html:149
#: app/templates/statistics.html:169
msgid "No history."
msgstr "Kein Verlauf verfĂĽgbar."
#: app/templates/index.html:6
msgid "Drinks - Home"
msgstr "Getränke - Home"
#: app/templates/index.html:14
msgid "Available Drinks"
msgstr "Verfügbare Getränke"
#: app/templates/index.html:27 app/templates/index.html:34
msgid "available"
msgstr "verfĂĽgbar"
#: app/templates/index.html:43
msgid "No drinks available."
msgstr "Es sind gerade keine Getränke verfügbar."
#: app/templates/order.html:6
msgid "Drinks - Order"
msgstr "Getränke - Bestellen"
#: app/templates/order.html:15
msgid "Order"
msgstr "Bestellung"
#: app/templates/order.html:28
msgid "Drink"
msgstr "Getränk"
#: app/templates/order.html:33
msgid "Price per Item"
msgstr "Preis pro Getränk"
#: app/templates/order.html:39
msgid "Available"
msgstr "VerfĂĽgbar"
#: app/templates/order.html:45
msgid "Count"
msgstr "Anzahl"
#: app/templates/order.html:62
msgid "Sum"
msgstr "Summe"
#: app/templates/order.html:72
msgid "order"
msgstr "Bestellen"
#: app/templates/order.html:84
msgid "You can't order this, because you have a negative balance."
msgstr ""
"Sie können momentan keine Bestellungen aufgeben, da Sie einen negativen "
"Saldo haben."
#: app/templates/order.html:85 app/templates/order.html:94
msgid "back"
msgstr "zurĂĽck"
#: app/templates/order.html:93
msgid "This drink is not available."
msgstr "Dieses Getränk ist gerade nicht verfügbar."
#: app/templates/registration/logged_out.html:7
msgid "Drinks - Logged Out"
msgstr "Getränke - Abgemeldet"
#: app/templates/registration/logged_out.html:17
msgid "Logged out! You will be redirected shortly."
msgstr "Sie wurden abgemeldet und werden in KĂĽrze weitergeleitet."
#: app/templates/registration/logged_out.html:19
msgid "Click here if automatic redirection does not work."
msgstr ""
"Bitte klicken Sie hier, wenn die automatische Weiterleitung nicht "
"funktionieren sollte."
#: app/templates/registration/login.html:7
msgid "Drinks - Login"
msgstr "Getränke - Anmeldung"
#: app/templates/registration/login.html:26
msgid "Log in"
msgstr "Anmelden"
#: app/templates/registration/login.html:28
msgid "Password/PIN"
msgstr "Passwort/PIN"
#: app/templates/registration/login.html:57
msgid "login"
msgstr "Anmelden"
#: app/templates/registration/login.html:65
msgid "Choose your account"
msgstr "Bitte wählen Sie Ihren Account"
#: app/templates/statistics.html:6
msgid "Drinks - Statistics"
msgstr "Getränke - Statistiken"
#: app/templates/statistics.html:15 app/templates/userPanel.html:22
msgid "Statistics"
msgstr "Statistiken"
#: app/templates/statistics.html:26
msgid "Choose"
msgstr "Auswählen"
#: app/templates/statistics.html:31 app/templates/statistics.html:54
msgid "Your orders per drink"
msgstr "Deine Bestellungen pro Getränk"
#: app/templates/statistics.html:34 app/templates/statistics.html:134
msgid "Your orders per weekday"
msgstr "Deine Bestellungen pro Wochentag"
#: app/templates/statistics.html:37 app/templates/statistics.html:94
msgid "Your orders per month (last 12 months)"
msgstr "Deine Bestellungen pro Monat (letzte 12 Monate)"
#: app/templates/statistics.html:40 app/templates/statistics.html:74
msgid "All orders per drink"
msgstr "Alle Bestellungen pro Getränk"
#: app/templates/statistics.html:43 app/templates/statistics.html:154
msgid "All orders per weekday"
msgstr "Alle Bestellungen pro Wochentag"
#: app/templates/statistics.html:46 app/templates/statistics.html:114
msgid "All orders per month (last 12 months)"
msgstr "Alle Bestellungen pro Monat (letzte 12 Monate)"
#: app/templates/statistics.html:58 app/templates/statistics.html:78
msgid "drink"
msgstr "Getränk"
#: app/templates/statistics.html:59 app/templates/statistics.html:79
#: app/templates/statistics.html:99 app/templates/statistics.html:119
#: app/templates/statistics.html:139 app/templates/statistics.html:159
msgid "count"
msgstr "Anzahl"
#: app/templates/statistics.html:98 app/templates/statistics.html:118
msgid "month"
msgstr "Monat"
#: app/templates/statistics.html:138 app/templates/statistics.html:158
msgid "day"
msgstr "Tag"
#: app/templates/userPanel.html:7 app/templates/userPanel.html:9
msgid "User"
msgstr "Benutzer"
#: app/templates/userPanel.html:13 app/templates/userPanel.html:15
msgid "Balance"
msgstr "Saldo"
#: app/templates/userPanel.html:27
msgid "Change Password"
msgstr "Passwort ändern"
#: app/templates/userPanel.html:29
msgid "Logout"
msgstr "Abmelden"
#: app/views.py:47
msgid "Invalid username or password."
msgstr "Benutzername oder Passwort ungĂĽltig."

6
manage.py → application/manage.py
View file

@ -1,4 +1,4 @@
#!./venv/bin/python3 #!/usr/bin/env python3
"""Django's command-line utility for administrative tasks.""" """Django's command-line utility for administrative tasks."""
import os import os
import sys import sys
@ -6,7 +6,7 @@ import sys
def main(): def main():
"""Run administrative tasks.""" """Run administrative tasks."""
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "project.settings") os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'drinks_manager.settings')
try: try:
from django.core.management import execute_from_command_line from django.core.management import execute_from_command_line
except ImportError as exc: except ImportError as exc:
@ -18,5 +18,5 @@ def main():
execute_from_command_line(sys.argv) execute_from_command_line(sys.argv)
if __name__ == "__main__": if __name__ == '__main__':
main() main()

0
data/archive/.gitkeep → archive/.gitkeep
View file

39
config/Caddyfile Normal file
View file

@ -0,0 +1,39 @@
{
# disable admin backend
admin off
# define the ports by the environment variables
http_port {$HTTP_PORT}
https_port {$HTTPS_PORT}
}
https:// {
# the tls certificates
tls ./config/tls/server.pem ./config/tls/server-key.pem
route {
# static files
file_server /static/* {
root {$STATIC_FILES}/..
}
# favicon
redir /favicon.ico /static/favicon.ico
# reverse proxy to the (django) application
reverse_proxy localhost:{$DJANGO_PORT}
}
# use compression
encode gzip
# logging
log {
output file {$CADDY_ACCESS_LOG}
format filter {
wrap console
fields {
common_log delete
request>headers delete
request>tls delete
user_id delete
resp_headers delete
}
}
level INFO
}
}

31
config/config.sample.sh Normal file
View file

@ -0,0 +1,31 @@
# environment variables
export HTTP_PORT=80 # required by caddy, will be redirected to https
export HTTPS_PORT=443 # actual port for webinterface
export DJANGO_PORT=8001 # caddy's http port (should be blocked by the firewall)
export DJANGO_SESSION_COOKIE_AGE=600 # auto-logout, in seconds
export SESSION_CLEAR_INTERVAL=120 # interval for automatic session clearing, in minutes
export DJANGO_LANGUAGE_CODE="en" # the default and fallback language. Currently only de and en are supported.
export DJANGO_TIME_ZONE="CET"
export CURRENCY_SUFFIX="$" # if you have another currency symbol, you can specify it here
# Do you want to enable password validation?
# (numeric PINs as Password will not be seen as valid)
export DJANGO_ENABLE_PASSWORD_VALIDATION="true"
# database connection (postgresql)
export PGDB_DB="" # The name of the databae
export PGDB_USER="" # The database user
export PGDB_PASSWORD='' # The password for the database user
export PGDB_HOST="" # The hostname of your database (e.g. example.org or 127.0.0.1)
export PGDB_PORT=5432 # The port your database is listening on
# log files
# only change if you know what you are doing
export CADDY_ACCESS_LOG="$(pwd)/logs/http-access.log"
export CADDY_LOG="$(pwd)/logs/caddy.log"
export APPLICATION_LOG="$(pwd)/logs/application.log"

0
data/logs/.gitkeep → config/tls/.gitkeep
View file

54
data/Caddyfile
View file

@ -1,54 +0,0 @@
{
# disable unwanted stuff
admin off
skip_install_trust
# define the ports by the environment variables
http_port {$HTTP_PORT}
https_port {$HTTPS_PORT}
}
{$CADDY_HOSTS} {
# the tls certificates
# tls {$DATADIR}/tls/server.pem {$DATADIR}/tls/server-key.pem
tls internal
route {
# profile pictures
file_server /profilepictures/* {
root {$DATADIR}/profilepictures/..
}
# static files
file_server /static/* {
root {$ROOTDIR}
}
# django static files
file_server /django_static/* {
root {$DATADIR}/django_static/..
}
# favicon
redir /favicon.ico /static/favicon.ico
# reverse proxy to the (django) application
reverse_proxy localhost:{$APPLICATION_PORT}
# set additional security headers
header Content-Security-Policy "default-src 'self'"
}
# use compression
encode gzip
# logging
log {
output file {$ACCESS_LOG}
format filter {
wrap json {
time_format rfc3339
}
fields {
request>headers delete
request>tls delete
request>remote_ip hash
request>remote_port delete
user_id delete
resp_headers delete
}
}
level INFO
}
}

40
data/config.example.yml
View file

@ -1,40 +0,0 @@
---
app:
# The secret key, used for security protections
# This MUST be a secret, very long (40+ characters), random string
secret_key: "!!!insert random data!!!"
# The port for the asgi application
# This should be blocked by the firewall
application_port: 8001
# Used for auto-logout, in seconds
session_cookie_age: 600
# Interval for automatic session clearing, in minutes
session_clear_interval: 120
# The default and fallback language, currently only de and en are supported.
language_code: "en"
# Your timezone
timezone: "CET"
# Specify the suffix for your currency
currency_suffix: "$"
# Enable/Disable password validation
# (numeric PINs are NOT valid when this is set to true)
password_validation: true
db:
# Database configuration
database: "drinks"
user: "drinks"
password: "insert password"
host: "127.0.0.1"
port: 5432
caddy:
# Webserver settings
hosts:
- "localhost"
- "127.0.0.1"
http_port: 80
https_port: 443
logs:
# Logfile paths
caddy: "./data/logs/caddy.log"
http_access: "./data/logs/http-access.log"
application: "./data/logs/application.log"

1
data/profilepictures/default.svg
View file

@ -1 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" fill="#fff" height="48" viewBox="0 96 960 960" width="48"><path d="M222 801q63-40 124.5-60.5T480 720q72 0 134 20.5T739 801q44-54 62.5-109T820 576q0-145-97.5-242.5T480 236q-145 0-242.5 97.5T140 576q0 61 19 116t63 109Zm257.814-195Q422 606 382.5 566.314q-39.5-39.686-39.5-97.5t39.686-97.314q39.686-39.5 97.5-39.5t97.314 39.686q39.5 39.686 39.5 97.5T577.314 566.5q-39.686 39.5-97.5 39.5Zm-.219 370q-83.146 0-156.275-31.5t-127.225-86Q142 804 111 731.159 80 658.319 80 575.5q0-82.819 31.5-155.659Q143 347 197.5 293t127.341-85.5Q397.681 176 480.5 176q82.819 0 155.659 31.5Q709 239 763 293t85.5 127Q880 493 880 575.734q0 82.734-31.5 155.5T763 858.5q-54 54.5-127.129 86T479.595 976Z"/></svg>
Side by side

Before

Width:  |  Height:  |  Size: 722 B

81
docs/Commands.md Normal file
View file

@ -0,0 +1,81 @@
# Commands
You run a command with
```
./run.sh <command>
```
## Available Commands
---
### `server`
This starts the application (a caddy instance, uvicorn with the Django application and a scheduler that automatically removes expired session data).
Log files will be written.
---
### `setup`
This sets up some database tables, views, and more, generates a secret key for the application and lets you create an admin user.
---
### `create-admin`
Lets you create an admin user
---
### `generate-secret-key`
Generate a new random secret key for Django.
This will overwrite the old one.
Warning: After running this, current sessions will be invalid, and the users have to relogin. Don't run this command while the server is running.
---
### `clear-sessions`
manually remove all expired sessions from the database
---
### `force-db-upgrade`
force a database migration and -upgrade.
This is mainly used in development.
---
### `archive-tables`
archive (copy & delete) all entries in app_order and app_registertransaction.
Use this to archive old orders or transactions (e.g. when the database gets too big).
---
### `development-server`
This starts a caddy instance, the Django development server with DEBUGGING enabled and the session-clear-scheduler.
Only the HTTP-Access-Log will be written to its logfile, other logs will be written to the console.
---
### `shell`
Start a Django shell.
---
### `help`
Show a help text
---
## Examples
Run the production server:
```
./run.sh server
```
Create a new admin:
```
./run.sh create-admin
```

14
docs/Configuration.md Normal file
View file

@ -0,0 +1,14 @@
# Configuration
## Main Configuration
`./config/config.sh`
There is no default configuration available, only a sample configuration with explanations.
## Caddy Server Configuration
`./config/Caddyfile`
The default configuration should work out of the box, don't edit this file unless you know what you're doing.

105
docs/Setup.md Normal file
View file

@ -0,0 +1,105 @@
# Setup
## I. Dependencies
Before the actual setup, you have to satisfy the following dependencies:
### System
- `pg_config`
- Fedora/RHEL/Ubuntu: `libpq-dev`
- `Caddy` 2.4.3+ (HTTP Reverse Proxy & Static File Server)
- `gcc`, `gettext`
- `Python` 3.9 with pip
- `Python` header files
- Fedora/RHEL: `python3-devel`
- Ubuntu: `python3-dev`
### Python Packages (pip)
All required python packages are listed `in pip-dependencies.txt`
You can install the required python packages with
```bash
./install-pip-dependencies.sh
```
## II.A Installation
You can get the latest version with git:
```
git clone --branch release-x.x https://gitlab.com/W13R/drinks-manager.git
```
(replace x.x with the latest version)
Alternatively, you can download the [latest release](https://gitlab.com/W13R/drinks-manager/-/releases) and extract the files to your prefered destination.
<u>**Warning:**</u>
Make shure that you set the correct file permissions, especially for the config files !!
The following should be sufficient:
```bash
chmod -R u+rw,g+r,g-w,o-rwx <drinks_manager_directory>
```
## II.B Update
If you installed the application with git, you can run the following in the drinks-manager directory to update to the new version:
```
git fetch
git checkout x.x
```
(replace x.x with the new version)
If you downloaded the application from the releases page, you can download the new release in the same manner, and overwrite the old files with the new ones.
You have to restart the application server to apply the changes.
WARNING: The auto-upgrade mechanism may expect you to input information. Therefore, you should start the application from the command-line the first time after an update.
Further upgrading-instructions may be provided in the Release Notes on the Releases Page of this Project (Deployments -> Releases).
## III. Database
This project is using PostgreSQL. You have to set up a database by yourself.
The database must have the schema `public` (exists on a new database). Make shure that you create a database user with the necessary privileges to write to and read from the database (SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, CREATE, CONNECT):
```sql
-- connected to target database
grant SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES on all tables in schema public to <dbuser>;
grant CREATE, CONNECT on database <dbname> to <dbuser>;
```
You can configure your database connection in `config/config.sh`.
## IV. HTTPS & TLS Certificates
A TLS/SSL certificate and key is required.
Filepaths:
- `config/tls/server.pem` for the certificate
- `config/tls/server-key.pem` for the key
You can set another filepath for those files in your caddy configuration at `config/Caddyfile`.
## V. Configuration
see [Configuration](Configuration.md)
## VI. Run Setup Command
run `./run.sh setup`
This will automatically set up database tables, views and entries, set up Django and let you create a admin user.
After this, start the server with `./run.sh server` and navigate to `https://your.ip.add.ress:port/admin/`.

7
install-pip-dependencies.sh Executable file
View file

@ -0,0 +1,7 @@
#!/usr/bin/env bash
# install the required python packages
wd=$(dirname $0)
pip3 install -r "$wd/pip-dependencies.txt" -t "$wd/packages"

6
lib/activate-devel-env.sh Executable file
View file

@ -0,0 +1,6 @@
#!/usr/bin/env bash
source ./lib/env.sh
source ./config/config.sh
export DJANGO_DEBUG=true
export PYTHONPATH="./packages"

75
lib/archive-tables.py Normal file
View file

@ -0,0 +1,75 @@
#!/usr/bin/env python3
import os, sys
from datetime import datetime
from pathlib import Path
from psycopg2 import connect
# archive (copy & delete) all entries in app_order and app_registertransaction
timestamp = datetime.now().strftime("%Y-%m-%d-%H%M%S")
archive_folder = Path("./archive")
orders_archive_path = archive_folder / ("orders-archive-" + timestamp + ".csv")
transactions_archive_path = archive_folder / ("transactions-archive-" + timestamp + ".csv")
if __name__ == "__main__":
exit_code = 0
try:
print(f"Starting archiving to {orders_archive_path.__str__()} and {transactions_archive_path.__str__()}...")
connection = connect(
user = os.environ["PGDB_USER"],
password = os.environ["PGDB_PASSWORD"],
host = os.environ["PGDB_HOST"],
port = os.environ["PGDB_PORT"],
database = os.environ["PGDB_DB"]
)
cur = connection.cursor()
# # # # #
# copy
with orders_archive_path.open("w") as of:
cur.copy_expert(
"copy (select * from app_order) to STDOUT with csv delimiter ';'",
of
)
with transactions_archive_path.open("w") as tf:
cur.copy_expert(
"copy (select * from app_registertransaction) to STDOUT with csv delimiter ';'",
tf
)
# delete
cur.execute("delete from app_order;")
cur.execute("delete from app_registertransaction;")
connection.commit()
# # # # #
print("done.")
except (Error, Exception) as err:
connection.rollback()
print(f"An error occured while upgrading the database at {os.environ['PGDB_HOST']}:\n{err}")
exit_code = 1
finally:
cur.close()
connection.close()
exit(exit_code)

16
lib/auto-upgrade-db.sh Normal file
View file

@ -0,0 +1,16 @@
#!/usr/bin/env bash
echo -e "Checking if database needs an upgrade..."
if python3 $(pwd)/lib/verify-db-app-version.py; then
echo -e "No database upgrade needed."
else
echo -e "Starting automatic database upgrade..."
source "$(pwd)/lib/db-migrations.sh"
python3 $(pwd)/lib/upgrade-db.py
fi

157
lib/bootstrap.py Normal file
View file

@ -0,0 +1,157 @@
#!/usr/bin/env python3
from os import environ
from os import getcwd
from shlex import quote
from signal import SIGINT
from subprocess import run
from subprocess import Popen
from sys import argv
from sys import stdout
from sys import stderr
# some vars
devel = False
caddy_process = None
scs_process = None
app_process = None
def stop():
print("\n\nStopping services.\n\n")
caddy_process.send_signal(SIGINT)
scs_process.send_signal(SIGINT)
app_process.send_signal(SIGINT)
print(f"Caddy stopped with exit code {caddy_process.wait()}.")
print(f"session-clear-scheduler stopped with exit code {scs_process.wait()}.")
if devel:
print(f"Django stopped with exit code {app_process.wait()}.")
else:
print(f"Django/Uvicorn stopped with exit code {app_process.wait()}.")
if caddy_process.returncode != 0 or scs_process.returncode != 0 or app_process.returncode !=0:
exit(1)
else:
exit(0)
if __name__ == "__main__":
# development or production environment?
try:
if argv[1] == "devel":
devel = True
except IndexError:
pass
# vars
pwd = getcwd()
APPLICATION_LOG = environ["APPLICATION_LOG"]
CADDY_ACCESS_LOG = environ["CADDY_ACCESS_LOG"]
CADDY_LOG = environ["CADDY_LOG"]
DJANGO_PORT = environ["DJANGO_PORT"]
HTTPS_PORT = environ["HTTPS_PORT"]
if devel:
environ["DJANGO_DEBUG"] = "true"
else:
environ["DJANGO_DEBUG"] = "false"
# info
print(f"\n\nStarting server on port {HTTPS_PORT}...\nYou should be able to access the application locally at https://localhost:{HTTPS_PORT}/\n\nPress Ctrl+C to stop all services.\n\n")
if not devel:
print(f"All further messages will be written to {APPLICATION_LOG} and {CADDY_LOG}")
print(f"HTTP Access Log will be written to {CADDY_ACCESS_LOG}")
try:
# start django/uvicorn
if devel:
run(
["python3", f"{pwd}/application/manage.py", "collectstatic", "--noinput"],
stdout=stdout,
stderr=stderr,
env=environ
)
app_process = Popen(
["python3", f"{pwd}/application/manage.py", "runserver", f"localhost:{DJANGO_PORT}"],
stdout=stdout,
stderr=stderr,
env=environ
)
else:
application_log_file = open(APPLICATION_LOG, "a")
run(
["python3", f"{pwd}/application/manage.py", "collectstatic", "--noinput"],
stdout=application_log_file,
stderr=application_log_file,
env=environ
)
app_process = Popen(
[
"python3", "-m", "uvicorn",
"--host", "localhost",
"--port", quote(DJANGO_PORT),
"drinks_manager.asgi:application"
],
stdout=application_log_file,
stderr=application_log_file,
cwd=f"{pwd}/application/",
env=environ
)
# start caddy
if devel:
caddy_log_file = stdout
caddy_log_file_stderr = stderr
else:
caddy_log_file = caddy_log_file_stderr = open(CADDY_LOG, "a")
caddy_process = Popen(
["caddy", "run", "--config", f"{pwd}/config/Caddyfile"],
stdout=caddy_log_file,
stderr=caddy_log_file_stderr,
env=environ
)
# start session-clear-scheduler
if devel:
clear_sched_log_file = stdout
clear_sched_log_file_stderr = stderr
else:
clear_sched_log_file = clear_sched_log_file_stderr = open(APPLICATION_LOG, "a")
scs_process = Popen(
["python3", f"{pwd}/lib/session-clear-scheduler.py"],
stdout=clear_sched_log_file,
stderr=clear_sched_log_file_stderr
)
caddy_process.wait()
scs_process.wait()
app_process.wait()
except KeyboardInterrupt:
stop()

7
lib/clear-expired-sessions.sh Normal file
View file

@ -0,0 +1,7 @@
#!/usr/bin/env bash
# enable debugging for this command
export DJANGO_DEBUG="true"
# make migrations & migrate
python3 $(pwd)/application/manage.py clearsessions

10
lib/create-admin.sh Normal file
View file

@ -0,0 +1,10 @@
#!/usr/bin/env bash
# enable debugging for this command
export DJANGO_DEBUG="true"
# make migrations & migrate
python3 $(pwd)/application/manage.py createsuperuser
echo -e "done."

12
lib/db-migrations.sh Normal file
View file

@ -0,0 +1,12 @@
#!/usr/bin/env bash
# enable debugging for this command
export DJANGO_DEBUG="true"
# make migrations & migrate
python3 $(pwd)/application/manage.py makemigrations
python3 $(pwd)/application/manage.py makemigrations app
python3 $(pwd)/application/manage.py migrate
echo -e "done with db migration."

6
lib/env.sh Normal file
View file

@ -0,0 +1,6 @@
#!/usr/bin/env bash
export DJANGO_SK_ABS_FP="$(pwd)/config/secret_key.txt"
export STATIC_FILES="$(pwd)/static/"
export APP_VERSION="5.0"
export PYTHONPATH="$(pwd)/packages/"

30
lib/generate-secret-key.py Normal file
View file

@ -0,0 +1,30 @@
#!/usr/bin/env python3
import sys
from pathlib import Path
from secrets import token_bytes
from base64 import b85encode
#
override = False
if len(sys.argv) > 1:
if sys.argv[1] == "--override":
override = True
random_token_length = 128
secret_key_fp = Path("config/secret_key.txt")
#
if secret_key_fp.exists() and not override:
print(f"Warning: secret_key.txt already exists in directory {secret_key_fp.absolute()}. Won't override.", file=sys.stderr)
exit(1)
else:
print("Generating random secret key...")
random_key = b85encode(token_bytes(random_token_length))
with secret_key_fp.open("wb") as secret_key_f:
secret_key_f.write(random_key)
print("done.")

47
lib/session-clear-scheduler.py Normal file
View file

@ -0,0 +1,47 @@
#!/usr/bin/env python3
# This script clears expired sessions in a regular interval
# The interval is defined (in minutes) by config.sh (SESSION_CLEAR_INTERVAL)
import os
from pathlib import Path
from subprocess import run
from time import sleep
from datetime import datetime
try:
exiting = False
clear_running = False
print("[session-clear-scheduler] Starting session-clear-scheduler.")
session_clear_script_fp = Path("lib/clear-expired-sessions.sh")
clear_interval_seconds = int(os.environ["SESSION_CLEAR_INTERVAL"]) * 60
sleep(10) # wait some seconds before the first session clean-up
while True:
clear_running = True
run(["/bin/sh", session_clear_script_fp.absolute()])
clear_running = False
print(f"[session-clear-scheduler: {datetime.now()}] Cleared expired sessions.")
if exiting:
break
sleep(clear_interval_seconds)
except KeyboardInterrupt:
exiting = True
if clear_running:
print(f"[session-clear-scheduler: {datetime.now()}] Received SIGINT. Waiting for current clear process to finish.")
sleep(20) # wait some time
print(f"[session-clear-scheduler: {datetime.now()}] Exiting")
exit(0)

16
lib/setup-application.sh Normal file
View file

@ -0,0 +1,16 @@
#!/usr/bin/env bash
# enable debugging for this command
export DJANGO_DEBUG="true"
python3 "$(pwd)/lib/generate-secret-key.py"
source "$(pwd)/lib/db-migrations.sh"
python3 $(pwd)/lib/upgrade-db.py
echo -e "\nCreate admin account. Email is optional.\n"
source "$(pwd)/lib/create-admin.sh"
python3 $(pwd)/application/manage.py collectstatic --noinput

12
lib/start-django-shell.sh Normal file
View file

@ -0,0 +1,12 @@
#!/usr/bin/env bash
# start a django shell
export DJANGO_DEBUG="true"
oldcwd="$(pwd)"
echo "Starting a django shell..."
echo -e "--------------------------------------------------------------------------------\n"
"$(pwd)/application/manage.py" shell
echo -e "\n--------------------------------------------------------------------------------"
cd "$oldcwd"

160
lib/upgrade-db.py Normal file
View file

@ -0,0 +1,160 @@
#!/usr/bin/env python3
import os, sys
from pathlib import Path
from psycopg2 import connect
from psycopg2._psycopg import cursor as _cursor
from psycopg2._psycopg import connection as _connection
from psycopg2 import Error
from psycopg2 import IntegrityError
from psycopg2 import errorcodes
# setup or upgrade the database
def log(s, error=False):
if error:
print(f"{s}", file=sys.stderr)
else:
print(f"{s}", file=sys.stdout)
def execute_sql_statement(cursor:_cursor, connection:_connection, sql_statement):
try:
cursor.execute(sql_statement)
connection.commit()
except IntegrityError as ie:
if ie.pgcode == errorcodes.UNIQUE_VIOLATION:
log("Skipping one row that already exists.")
connection.rollback()
else:
log(f"An integrity error occured:\n{ie}\nRolling back...", error=True)
connection.rollback()
except Error as e:
log(f"An SQL statement failed while upgrading the database at {os.environ['PGDB_HOST']}:\n{e}", error=True)
connection.rollback()
if __name__ == "__main__":
exit_code = 0
try:
log("\nSetting up/upgrading database...")
conn = connect(
user = os.environ["PGDB_USER"],
password = os.environ["PGDB_PASSWORD"],
host = os.environ["PGDB_HOST"],
port = os.environ["PGDB_PORT"],
database = os.environ["PGDB_DB"]
)
cur = conn.cursor()
# # # # #
execute_sql_statement(cur, conn, """
insert into app_global
values ('register_balance', 'This is the current balance of the register.', 0.0, '');
""")
execute_sql_statement(cur, conn, """
insert into app_global
values ('global_message', 'Here you can set a global message that will be shown to every user.', 0.0, '');
""")
execute_sql_statement(cur, conn, """
insert into app_global
values ('admin_info', 'Here you can set am infotext that will be displayed on the admin panel.', 0.0, '');
""")
execute_sql_statement(cur, conn, """
create or replace view app_userdeposits_view as
select * from app_registertransaction
where is_user_deposit = true;
""")
# # # # #
# set app_version in file and database
# database
try:
cur.execute("""
select value from application_info
where key = 'app_version';
""")
result = cur.fetchone()
if result == None:
cur.execute(f"""
insert into application_info values ('app_version', '{os.environ['APP_VERSION']}');
""")
conn.commit()
else:
cur.execute(f"""
update application_info set value = '{os.environ['APP_VERSION']}' where key = 'app_version';
""")
conn.commit()
except Error as err:
if err.pgcode == errorcodes.UNDEFINED_TABLE:
try:
conn.rollback()
cur.execute("""
create table application_info (
key varchar(32) primary key,
value text
);
""")
cur.execute(f"""
insert into application_info values ('app_version', '{os.environ['APP_VERSION']}');
""")
conn.commit()
except Error as err2:
log(f"An error occurred while setting app_version in table application_info: {err}", error=True)
exit_code = 1
else:
log(f"An error occurred while setting app_version in table application_info: {err}", error=True)
exit_code = 1
# file
Path("./config/db_app_version.txt").write_text(os.environ["APP_VERSION"])
log("done with db setup/upgrade.")
except (Error, Exception) as err:
log(f"An error occured while upgrading the database at {os.environ['PGDB_HOST']}:\n{err}", error=True)
exit_code = 1
finally:
cur.close()
conn.close()
exit(exit_code)

105
lib/verify-db-app-version.py Normal file
View file

@ -0,0 +1,105 @@
#!/usr/bin/env python3
from os import environ
from pathlib import Path
from psycopg2 import connect
from psycopg2._psycopg import cursor
from psycopg2 import Error
from psycopg2 import errorcodes
# verify if the installation
# exit code 0 -> no database update is necessary
# exit code 1 -> database update is necessary
def check_file():
db_app_version_file = Path("./config/db_app_version.txt")
if not db_app_version_file.exists():
exit(1)
if not db_app_version_file.is_file():
exit(1)
if not db_app_version_file.read_text().strip(" ").strip("\n") == environ["APP_VERSION"]:
exit(1)
def check_database():
try:
connection = connect(
user = environ["PGDB_USER"],
password = environ["PGDB_PASSWORD"],
host = environ["PGDB_HOST"],
port = environ["PGDB_PORT"],
database = environ["PGDB_DB"]
)
cur = connection.cursor()
# check application version in db
cur.execute("""
select value from application_info
where key = 'app_version';
""")
appinfo_result = list(cur.fetchone())[0]
if appinfo_result == None:
cur.close()
connection.close()
exit(1)
if appinfo_result != environ["APP_VERSION"]:
cur.close()
connection.close()
exit(1)
# check rows in app_global
required_rows = [
"global_message",
"register_balance",
"admin_info"
]
cur.execute("""
select name from app_global;
""")
table_global_result = list(cur.fetchall())
cur.close()
connection.close()
existing_rows = [list(row)[0] for row in table_global_result]
for r in required_rows:
if not r in existing_rows:
exit(1)
except Error:
cur.close()
connection.close()
exit(1)
except Exception as e:
print(f"An exception occured: {e}")
cur.close()
connection.close()
exit(1)
if __name__ == "__main__":
check_file()
check_database()
exit(0)

0
data/tls/.gitkeep → logs/.gitkeep
View file

11
misc/drinks-manager.service → misc/drinks-manager.service.sample
View file

@ -6,15 +6,15 @@ Requires=network-online.target
Description=Drinks Manager Description=Drinks Manager
[Service] [Service]
User=drinks User=drinks-manager
Group=drinks Group=drinks-manager
WorkingDirectory=/srv/drinks-manager/ WorkingDirectory=/srv/drinks-manager/
# start the server: # start the server:
ExecStart=/usr/bin/bash -c "/srv/drinks-manager/start.sh" ExecStart=/usr/bin/bash -c "/srv/drinks-manager/run.sh server"
# stop the process with a SIGINT: # stop the process with a SIGINT:
ExecStop=/usr/bin/bash -c "/bin/kill -2 $MAINPID;" ExecStop=/usr/bin/bash -c "/bin/kill -2 $MAINPID; /usr/bin/sleep 10"
Restart=on-failure Restart=on-failure
TimeoutStopSec=15s TimeoutStopSec=40s
LimitNPROC=512 LimitNPROC=512
LimitNOFILE=1048576 LimitNOFILE=1048576
AmbientCapabilities=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE
@ -23,4 +23,3 @@ ProtectSystem=full
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

2
misc/icons/drinksmanager-icon.src.svg
View file

@ -104,7 +104,7 @@
rdf:about=""> rdf:about="">
<dc:creator> <dc:creator>
<cc:Agent> <cc:Agent>
<dc:title>Julian MĂĽller (ChaoticByte)</dc:title> <dc:title>Julian MĂĽller (W13R)</dc:title>
</cc:Agent> </cc:Agent>
</dc:creator> </dc:creator>
</cc:Work> </cc:Work>

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.9 KiB

After

Width:  |  Height:  |  Size: 3.9 KiB

Before After
Before After

0
project/__init__.py → packages/.gitkeep
View file

4
pip-dependencies.txt Normal file
View file

@ -0,0 +1,4 @@
django~=3.2.7
django-currentuser==0.5.3
psycopg2~=2.9.1
uvicorn~=0.17.6

167
project/settings.py
View file

@ -1,167 +0,0 @@
"""
Django settings for project project.
Generated by 'django-admin startproject' using Django 4.1.6.
For more information on this file, see
https://docs.djangoproject.com/en/4.1/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/4.1/ref/settings/
"""
import os
from pathlib import Path
from yaml import safe_load
# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent
# Load configuration file
with Path(BASE_DIR / "data" / "config.yml").open("r") as f:
config = safe_load(f)
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/4.1/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = config["app"]["secret_key"]
if SECRET_KEY == "!!!replace this with random data!!!" or len(SECRET_KEY) < 40:
print(
"WARNING: You didn't provide a secure secret_key in the configuration file!",
"This is a security risk!!!")
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
if "APP_PROD" in os.environ:
DEBUG = not os.environ["APP_PROD"]
# ALLOWED_HOSTS can be wildcarded,
# because caddy already handles requests
ALLOWED_HOSTS = ["*"]
# Application definition
INSTALLED_APPS = [
"app.apps.AppConfig",
"django.contrib.admin",
"django.contrib.auth",
"django.contrib.contenttypes",
"django.contrib.sessions",
"django.contrib.messages",
"django.contrib.staticfiles",
]
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.locale.LocaleMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
]
ROOT_URLCONF = "project.urls"
TEMPLATES = [
{
"BACKEND": "django.template.backends.django.DjangoTemplates",
"DIRS": [],
"APP_DIRS": True,
"OPTIONS": {
"context_processors": [
"django.template.context_processors.debug",
"django.template.context_processors.request",
"django.contrib.auth.context_processors.auth",
"django.contrib.messages.context_processors.messages",
"app.context_processors.app_version"
],
},
},
]
WSGI_APPLICATION = "project.wsgi.application"
# Database
# https://docs.djangoproject.com/en/4.1/ref/settings/#databases
DATABASES = {
"default": {
"ENGINE": 'django.db.backends.postgresql',
"NAME": config["db"]["database"],
"USER": config["db"]["user"],
"PASSWORD": config["db"]["password"],
"HOST": config["db"]["host"],
"PORT": str(config["db"]["port"]),
}
}
# Password validation
# https://docs.djangoproject.com/en/4.1/ref/settings/#auth-password-validators
if config["app"]["password_validation"]:
AUTH_PASSWORD_VALIDATORS = [
{
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
},
{
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
},
{
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
},
{
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
},
]
else:
AUTH_PASSWORD_VALIDATORS = []
# Security settings
AUTH_USER_MODEL = "app.User"
SESSION_COOKIE_AGE = int(config["app"]["session_cookie_age"])
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True
CSRF_TRUSTED_ORIGINS = []
for host in config['caddy']['hosts']:
CSRF_TRUSTED_ORIGINS.append(f"http://{host}")
CSRF_TRUSTED_ORIGINS.append(f"https://{host}")
CSRF_TRUSTED_ORIGINS.append(f"http://{host}:{config['caddy']['https_port']}")
CSRF_TRUSTED_ORIGINS.append(f"https://{host}:{config['caddy']['https_port']}")
# Internationalization
# https://docs.djangoproject.com/en/4.1/topics/i18n/
LANGUAGE_CODE = config["app"]["language_code"]
TIME_ZONE = config["app"]["timezone"]
USE_I18N = True
USE_L10N = True
USE_TZ = True
LOCALE_PATHS = [
BASE_DIR / "app" / "locales"
]
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/4.1/howto/static-files/
STATIC_URL = "django_static/"
STATIC_ROOT = BASE_DIR / "data" / "django_static"
# Default primary key field type
# https://docs.djangoproject.com/en/4.1/ref/settings/#default-auto-field
DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
# Additional settings
if "APP_VERSION" in os.environ:
APP_VERSION = os.environ["APP_VERSION"]
else:
APP_VERSION = "unknown"
CURRENCY_SUFFIX = config["app"]["currency_suffix"]

4
requirements.txt
View file

@ -1,4 +0,0 @@
Django~=4.2
psycopg2~=2.9
uvicorn[standard]~=0.27
PyYAML~=6.0

94
run.sh Executable file
View file

@ -0,0 +1,94 @@
#!/usr/bin/env bash
function show_dm_help { # $1 = exit code
echo -e "Usage:\t./run.sh <command>\n"
echo -e "\nCommands:\n"
echo -e " server\t\tstart server"
echo -e " setup\t\t\tset up the application"
echo -e " create-admin\t\tcreate an admin account"
echo -e " generate-secret-key\tgenerate a new random secret key for Django"
echo -e " clear-sessions\tmanually remove all expired sessions from the database"
echo -e " force-db-upgrade\tforce a database migration & upgrade"
echo -e " archive-tables\tarchive (copy & delete) all entries in app_order and app_registertransaction"
echo -e " development-server\tstart Django development server and enable debugging"
echo -e " shell\t\t\tstart a Django shell"
echo -e " help\t\t\tShow this help text\n"
echo -e "\nExamples:\n"
echo -e " ./run.sh server"
echo -e " ./run.sh create-admin"
echo ""
exit $1
}
# set current working directory
cd $(dirname "$0")
source "$(pwd)/lib/env.sh"
echo -e "\n## Drinks Manager"
echo -e "## version $APP_VERSION\n"
if [ -z $1 ]; then
show_dm_help 1
else
source "$(pwd)/config/config.sh"
if [ $1 = 'server' ]; then
source "$(pwd)/lib/auto-upgrade-db.sh"
python3 "$(pwd)/lib/bootstrap.py"
elif [ $1 = 'development-server' ]; then
source "$(pwd)/lib/auto-upgrade-db.sh"
python3 "$(pwd)/lib/bootstrap.py" devel
elif [ $1 = 'setup' ]; then
source "$(pwd)/lib/setup-application.sh"
elif [ $1 = 'generate-secret-key' ]; then
python3 "$(pwd)/lib/generate-secret-key.py" --override
elif [ $1 = 'force-db-upgrade' ]; then
source "$(pwd)/lib/db-migrations.sh"
python3 "$(pwd)/lib/upgrade-db.py"
elif [ $1 = 'create-admin' ]; then
source "$(pwd)/lib/create-admin.sh"
elif [ $1 = 'clear-sessions' ]; then
source "$(pwd)/lib/clear-expired-sessions.sh"
echo -e "done."
elif [ $1 = 'archive-tables' ]; then
python3 "$(pwd)/lib/archive-tables.py"
elif [ $1 = 'shell' ]; then
source "$(pwd)/lib/start-django-shell.sh"
elif [ $1 = 'help' ]; then
show_dm_help 0
else
show_dm_help 1
fi
fi

190
scripts/_bootstrap.py
View file

@ -1,190 +0,0 @@
#!./venv/bin/python3
# Copyright 2023 Julian MĂĽller (ChaoticByte)
import os
from argparse import ArgumentParser
from atexit import register as register_exithandler
from pathlib import Path
from signal import SIGINT
from subprocess import Popen
from sys import stdout, stderr
from time import sleep
from yaml import safe_load
banner = r""" ___ _ _
| \ _ _ (_) _ _ | |__ ___ ___
| |) || '_|| || ' \ | / /(_-< |___|
|___/ |_| |_||_||_||_\_\/__/
__ __ Version {version}
| \/ | __ _ _ _ __ _ __ _ ___ _ _
| |\/| |/ _` || ' \ / _` |/ _` |/ -_)| '_|
|_| |_|\__,_||_||_|\__,_|\__, |\___||_|
|___/
"""
base_directory = Path(__file__).parent.parent
data_directory = base_directory / "data"
logfile_directory = data_directory / "logs"
configuration_file = data_directory / "config.yml"
caddyfile = data_directory / "Caddyfile"
logfile_caddy = logfile_directory / "caddy.log"
logfile_app = logfile_directory / "app.log"
logfile_sessioncleanup = logfile_directory / "session-cleanup.log"
class MonitoredSubprocess:
def __init__(
self,
name: str,
commandline: list,
logfile: Path,
environment: dict = os.environ,
max_tries: int = 5,
):
self.name = name
self.commandline = commandline
self.logfile = logfile
self.environment = environment
self.max_tries = max_tries
self.s = None # the subprocess object
self._tries = 0
self._stopped = False
def try_start(self):
if self._tries < self.max_tries:
self._tries += 1
print(f"Starting {self.name}...")
if self.logfile is None:
self.s = Popen(
self.commandline,
stdout=stdout.buffer,
stderr=stderr.buffer,
env=self.environment)
else:
with self.logfile.open("ab") as l:
self.s = Popen(
self.commandline,
stdout=l,
stderr=l,
env=self.environment)
return True
else:
print(f"Max. tries exceeded ({self.name})!")
# the process must already be stopped at this
# point, so we can set the variable accordingly
self._stopped = True
return False
def stop(self):
if not self._stopped:
print(f"Stopping {self.name}...")
self.s.terminate()
self._stopped = True
def cleanup_procs(processes):
for p in processes:
p.stop()
def start_and_monitor(monitored_subprocesses: list):
# display banner
print(banner.format(version=os.environ["APP_VERSION"]))
# start processes
for p in monitored_subprocesses:
p.try_start()
register_exithandler(cleanup_procs, monitored_subprocesses)
# monitor processes
try:
while True:
sleep(1)
for p in monitored_subprocesses:
returncode = p.s.poll()
if returncode is None:
continue
else:
print(f"{p.name} stopped with exit code {returncode}.")
if p.try_start() is False:
# stop everything if the process
# has exceeded max. tries
exit()
except KeyboardInterrupt:
print("Received KeyboardInterrupt, exiting...")
exit()
if __name__ == "__main__":
argp = ArgumentParser()
argp.add_argument("--devel", help="Start development server", action="store_true")
args = argp.parse_args()
# Load configuration
with configuration_file.open("r") as f:
config = safe_load(f)
# Prepare
os.chdir(str(base_directory))
Popen(
["./venv/bin/python3", "./manage.py", "collectstatic", "--noinput"], env=os.environ).wait()
Popen(
["./venv/bin/python3", "./manage.py", "migrate", "--noinput"], env=os.environ).wait()
# Caddy configuration via env
environment_caddy = os.environ
environment_caddy["ROOTDIR"] = str(base_directory.absolute())
environment_caddy["DATADIR"] = str(data_directory.absolute())
environment_caddy["CADDY_HOSTS"] = ", ".join(config["caddy"]["hosts"])
environment_caddy["HTTP_PORT"] = str(config["caddy"]["http_port"])
environment_caddy["HTTPS_PORT"] = str(config["caddy"]["https_port"])
environment_caddy["APPLICATION_PORT"] = str(config["app"]["application_port"])
environment_caddy["ACCESS_LOG"] = config["logs"]["http_access"]
# Start
if args.devel:
procs = [
MonitoredSubprocess(
"Caddy Webserver",
["caddy", "run", "--config", str(caddyfile)],
None,
environment=environment_caddy),
MonitoredSubprocess(
"Django Development Server",
["./venv/bin/python3", "./manage.py", "runserver", str(config["app"]["application_port"])],
None),
MonitoredSubprocess(
"Session Autocleaner",
["./scripts/_session-autocleaner.py", str(config["app"]["session_clear_interval"])],
None)
]
start_and_monitor(procs)
else:
# Application configuration via env
environment_app = os.environ
environment_app["APP_PROD"] = "1"
print("\nRunning in production mode.\n")
# define processes
procs = [
MonitoredSubprocess(
"Caddy Webserver",
["caddy", "run", "--config", str(caddyfile)],
logfile_caddy,
environment=environment_caddy),
MonitoredSubprocess(
"Drinks-Manager",
[
"./venv/bin/python3",
"-m",
"uvicorn",
"--host",
"127.0.0.1",
"--port",
str(config["app"]["application_port"]),
"project.asgi:application",
],
logfile_app,
environment=environment_app),
MonitoredSubprocess(
"Session Autocleaner",
["./scripts/_session-autocleaner.py", str(config["app"]["session_clear_interval"])],
logfile_sessioncleanup)
]
start_and_monitor(procs)

55
scripts/_session-autocleaner.py
View file

@ -1,55 +0,0 @@
#!./venv/bin/python3
# This script clears expired sessions in a regular interval
import os
from argparse import ArgumentParser
from atexit import register as register_exithandler
from pathlib import Path
from subprocess import Popen
from time import sleep
from datetime import datetime
current_proc = None
def exithandler():
if current_proc is not None:
seconds_waited = 0
while current_proc.poll() is None:
# wait for 10 seconds to quit session cleaner
if seconds_waited >= 10:
current_proc.terminate()
break
# is still running
sleep(1)
seconds_waited += 1
print("Stopped session-autocleaner.")
if __name__ == "__main__":
try:
argp = ArgumentParser()
argp.add_argument("interval", help="The interval in minutes", type=int)
args = argp.parse_args()
os.chdir(str(Path(__file__).parent.parent))
print(f"Started session-autocleaner with an interval of {args.interval} minute(s)")
interval = args.interval * 60
# register exithandler that cleans up stuff
register_exithandler(exithandler)
# main loop
while True:
if current_proc is not None:
# wait for last iteration
while current_proc.poll() is None:
# is still running
print("Last cleanup is still running, waiting before clearing sessions...")
sleep(1)
print(f"Clearing expired sessions at {datetime.now()}...")
current_proc = Popen(
["./manage.py", "clearsessions"])
sleep(interval)
except KeyboardInterrupt:
exit()

57
scripts/archive.py
View file

@ -1,57 +0,0 @@
#!/usr/bin/env python3
from datetime import datetime
from pathlib import Path
from psycopg2 import connect
from yaml import safe_load
base_directory = Path(__file__).parent.parent
data_directory = base_directory / "data"
configuration_file = data_directory / "config.yml"
archive_directory = data_directory / "archive"
if __name__ == "__main__":
exit_code = 0
try:
# read config
with configuration_file.open("r") as f:
config = safe_load(f)
# connect to database
connection = connect(
user = config["db"]["user"],
password = config["db"]["password"],
host = config["db"]["host"],
port = config["db"]["port"],
database = config["db"]["database"]
)
cur = connection.cursor()
# copy data from database
timestamp = datetime.now().strftime("%Y-%m-%d-%H%M%S")
orders_archive_path = archive_directory / f"orders-archive-{timestamp}.csv"
transactions_archive_path = archive_directory / f"transactions-archive-{timestamp}.csv"
print(f"Copying data...")
with orders_archive_path.open("w") as of:
cur.copy_expert(
"copy (select * from app_order) to STDOUT with csv delimiter ';'", of)
print(str(orders_archive_path))
with transactions_archive_path.open("w") as tf:
cur.copy_expert(
"copy (select * from app_registertransaction) to STDOUT with csv delimiter ';'", tf)
print(str(transactions_archive_path))
# delete data from database
print("Deleting data from database...")
cur.execute("delete from app_order;")
cur.execute("delete from app_registertransaction;")
connection.commit()
print("done.")
except (Error, Exception) as err:
connection.rollback()
print(f"An error occured while upgrading the database at {os.environ['PGDB_HOST']}:\n{err}")
exit_code = 1
finally:
cur.close()
connection.close()
exit(exit_code)

19
scripts/create-admin.sh
View file

@ -1,19 +0,0 @@
#!/usr/bin/env bash
# Copyright 2023 Julian MĂĽller (ChaoticByte)
# change to correct directory, if necessary
script_absolute=$(realpath "$0")
script_directory=$(dirname "$script_absolute")
desired_directory=$(realpath "$script_directory"/..)
if [ "$PWD" != "$desired_directory" ]; then
echo "Changing to project directory..."
cd "$desired_directory"
fi
echo "Activating venv..."
source ./venv/bin/activate
echo "Applying migrations..."
./manage.py migrate
./manage.py createsuperuser

20
scripts/setup-env.sh
View file

@ -1,20 +0,0 @@
#!/usr/bin/env bash
# Copyright 2023 Julian MĂĽller (ChaoticByte)
# change to correct directory, if necessary
script_absolute=$(realpath "$0")
script_directory=$(dirname "$script_absolute")
desired_directory=$(realpath "$script_directory"/..)
if [ "$PWD" != "$desired_directory" ]; then
echo "Changing to project directory..."
cd "$desired_directory"
fi
echo "Creating venv..."
python3 -m venv ./venv
echo "Activating venv..."
source ./venv/bin/activate
echo "Installing dependencies..."
python3 -m pip install -r requirements.txt

16
start.sh
View file

@ -1,16 +0,0 @@
#!/usr/bin/env bash
basedir=$(dirname "$0")
basedir=$(realpath $basedir)
cd "$basedir"
# Set file permissions
chmod -c -R g-w,o-rwx *
chmod -c -R g-w,o-rwx .git/
chmod -c -R g-w,o-rwx .gitignore
export PYTHONPATH="$basedir"
export DJANGO_SETTINGS_MODULE="project.settings"
export APP_VERSION="22"
exec ./scripts/_bootstrap.py "$@"

40
static/css/customNumberInput.css Normal file
View file

@ -0,0 +1,40 @@
/* custom number input */
.customNumberInput {
display: flex;
flex-direction: row;
height: 2.2rem;
width: 100% !important;
}
.customNumberInput button {
min-width: 2.5rem !important;
width: 2.5rem !important;
padding: 0;
margin: 0;
height: 100%;
}
.customNumberInput-minus {
border-bottom-right-radius: 0;
border-top-right-radius: 0;
z-index: 10;
}
.customNumberInput-plus {
border-bottom-left-radius: 0;
border-top-left-radius: 0;
z-index: 10;
}
.customNumberInput input[type="number"] {
max-height: 100%;
width: 5rem;
padding: 0;
margin: 0;
font-size: .9rem;
color: var(--color);
text-align: center;
background: var(--glass-bg-color2);
outline: none;
border: none;
border-radius: 0 !important;
-webkit-appearance: textfield;
-moz-appearance: textfield;
appearance: textfield;
}

3
static/css/deposit.css Normal file
View file

@ -0,0 +1,3 @@
#depositAmount {
width: 10rem;
}

23
static/css/history.css Normal file
View file

@ -0,0 +1,23 @@
.history {
margin: 0;
padding: 0;
width: 40%;
min-width: 30rem;
}
.history td {
padding-top: .4rem !important;
padding-bottom: .4rem !important;
font-size: .95rem;
}
.history .historyDate {
margin-left: auto;
text-align: right;
font-size: .8rem !important;
}
/* mobile devices */
@media only screen and (max-width: 700px) {
.history {
width: 90%;
min-width: 90%;
}
}

45
static/css/index.css Normal file
View file

@ -0,0 +1,45 @@
.availableDrinksList {
width: 50%;
max-width: 45rem;
list-style: none;
margin: 0;
padding: 0;
display: flex;
flex-direction: column;
justify-content: start;
align-items: center;
}
.availableDrinksList li {
display: flex;
width: 100%;
height: fit-content;
margin-bottom: .6rem;
}
.availableDrinksList li a {
display: flex;
width: 100%;
align-items: center;
justify-content: start;
color: var(--color);
padding: .8rem 1.1rem;
text-decoration: none;
font-size: 1rem;
}
.availableDrinksList li a span:first-child {
margin-right: 1rem !important;
}
.availableDrinksList li a span:last-child {
margin-left: auto;
text-align: right;
font-size: 1rem;
}
/* mobile devices */
@media only screen and (max-width: 700px) {
.availableDrinksList {
width: 95%;
}
.availableDrinksList li a {
width: calc(100vw - (2 * .8rem)) !important;
padding: .8rem !important;
}
}

116
static/css/login.css Normal file
View file

@ -0,0 +1,116 @@
/* login page */
body.overflowHidden {
overflow-y: hidden !important;
overflow-x: hidden !important;
}
main {
margin-top: 2vh;
}
main > h1 {
display: none;
}
.userlistContainer {
display: flex;
flex-direction: column;
align-items: center;
justify-content: start;
}
.userlist {
width: 50vw;
list-style: none;
margin: 0;
padding: 0;
display: flex;
flex-direction: column;
justify-content: center;
align-items: center;
}
.userlist li {
display: flex;
width: 100%;
align-items: center;
justify-content: center;
padding: .8rem 1.1rem;
margin-bottom: .5rem;
text-align: center;
}
.userlistButton {
font-size: 1.1rem;
}
.passwordOverlayContainer {
position: absolute;
top: 0;
width: 100vw;
height: 100vh;
display: flex;
flex-direction: column;
align-items: center;
justify-content: start;
background: var(--page-background);
z-index: 40;
}
.passwordOverlay {
display: flex;
flex-direction: column;
justify-content: start;
align-items: center;
}
.passwordOverlay > form {
min-width: unset;
width: fit-content;
}
.passwordOverlay > form > h1 {
margin-top: 3rem;
margin-bottom: 3rem;
}
form input[type="password"], form input[type="text"] {
width: 94%;
padding-top: .5rem;
padding-bottom: .5rem;
font-size: 1rem;
margin: .1rem 0;
}
.pinpad {
margin-top: 3rem;
margin-bottom: 2rem;
display: flex;
flex-direction: column;
align-items: center;
justify-content: center;
max-width: 30vw;
}
.pinpad table {
box-shadow: none !important;
}
.pinpad table tr, .pinpad td {
padding: unset;
background: unset;
}
.pinpad tr td button {
height: 4.0rem;
width: 4.1rem;
font-size: 1.16rem;
margin: .2rem !important;
}
@media only screen and (max-width: 700px) {
.userlistContainer {
width: 95vw;
}
.userlist {
width: 100%;
}
.userlist li {
width: 100%;
padding-left: 0;
padding-right: 0;
}
.pinpad table tr td button {
height: 4.2rem;
width: 4.2rem;
font-size: 1.16rem;
margin: .2rem;
}
.passwordOverlay {
margin-top: 2rem;
}
}

Some files were not shown because too many files have changed in this diff Show more