diff --git a/la_chariotte/order/templates/order/grouped_order_overview.html b/la_chariotte/order/templates/order/grouped_order_overview.html index f608fe6..b601140 100644 --- a/la_chariotte/order/templates/order/grouped_order_overview.html +++ b/la_chariotte/order/templates/order/grouped_order_overview.html @@ -128,6 +128,9 @@
+
+ Liste des mails +

Liste des commandes

{% if grouped_order.order_set.all %} diff --git a/la_chariotte/order/tests/test_views.py b/la_chariotte/order/tests/test_views.py index 2889d42..4754898 100644 --- a/la_chariotte/order/tests/test_views.py +++ b/la_chariotte/order/tests/test_views.py @@ -24,7 +24,7 @@ def create_grouped_order( def order_items_in_grouped_order(grouped_order): - """Creates 2 OrderedItems and orders for those items in the given grouped order""" + """Creates 2 OrderedItems and orders in the given grouped order. Returns the order""" item_1 = grouped_order.item_set.create(name="test item", price="2") item_2 = grouped_order.item_set.create(name="test item 2", price="9") author = models.OrderAuthor.objects.create( @@ -1208,3 +1208,72 @@ class TestGroupedOrderSheetView: assert response.context["items"].count() == 2 assert response.context["orders_dict"][order] == [3, 2] assert response.context["total_price"] == 24 + + +class TestExportGroupedOrderEmailAddressesToCSVView: + def test_user_not_logged_redirect(self, client, other_user): + """ + A user that is not logged access the email list. They get redirected to the login view + """ + grouped_order = create_grouped_order( + days_before_delivery_date=5, + days_before_deadline=2, + name="gr order test", + orga_user=other_user, + ) + email_list_view_url = reverse( + "order:email_list", + kwargs={ + "grouped_order_id": grouped_order.pk, + }, + ) + assert auth.get_user(client).is_anonymous + response = client.get(email_list_view_url) + assert response.status_code == 302 + assert response.url.startswith(reverse("accounts:login")) + assert response.url.endswith(email_list_view_url) + + def test_user_not_orga_forbidden(self, client_log, other_user): + """ + A user that is not orga cannot access the email list. + They get a 403 forbidden error + """ + grouped_order = create_grouped_order( + days_before_delivery_date=5, + days_before_deadline=2, + name="gr order test", + orga_user=other_user, + ) + email_list_view_url = reverse( + "order:email_list", + kwargs={ + "grouped_order_id": grouped_order.pk, + }, + ) + response = client_log.get(email_list_view_url) + assert response.status_code == 403 + + def test_email_addresses(self, client_log, other_user): + """ + The grouped order orga accesses the email addresses list + """ + grouped_order = create_grouped_order( + days_before_delivery_date=5, + days_before_deadline=2, + name="gr order test", + orga_user=auth.get_user(client_log), + ) + email_list_view_url = reverse( + "order:email_list", + kwargs={ + "grouped_order_id": grouped_order.pk, + }, + ) + response = client_log.get(email_list_view_url) + assert response.status_code == 200 + assert response.content.decode() == "\r\n" + + email = order_items_in_grouped_order(grouped_order).author.email + response = client_log.get(email_list_view_url) + assert response.status_code == 200 + assert email in response.content.decode() diff --git a/la_chariotte/order/urls.py b/la_chariotte/order/urls.py index 11df9b9..2f06177 100644 --- a/la_chariotte/order/urls.py +++ b/la_chariotte/order/urls.py @@ -40,4 +40,9 @@ urlpatterns = [ views.GroupedOrderSheetView.as_view(), name="grouped_order_sheet", ), + path( + "/gerer/liste-mails", + views.ExportGroupedOrderEmailAddressesToCSVView.as_view(), + name="email_list", + ), ] diff --git a/la_chariotte/order/views.py b/la_chariotte/order/views.py index 95fca89..49a4f01 100644 --- a/la_chariotte/order/views.py +++ b/la_chariotte/order/views.py @@ -1,3 +1,4 @@ +import csv from io import BytesIO from django import http @@ -319,3 +320,46 @@ class GroupedOrderSheetView(GroupedOrderOverview, GroupedOrderSheetMixin): result = BytesIO() pdf = pisa.pisaDocument(BytesIO(html.encode("UTF-8")), result) return http.HttpResponse(result.getvalue(), content_type="application/pdf") + + +class ExportGroupedOrderEmailAddressesToCSVView(UserPassesTestMixin, generic.View): + # grouped_order_id = self.kwargs.get("grouped_order_id") + # grouped_order = get_object_or_404(GroupedOrder, pk=grouped_order_id) + + def test_func(self): + """Accessible only if the requesting user is the grouped order organizer""" + grouped_order_id = self.kwargs.get("grouped_order_id") + return GroupedOrder.objects.get(pk=grouped_order_id).orga == self.request.user + + def get(self, request, *args, **kwargs): + grouped_order_id = self.kwargs.get("grouped_order_id") + grouped_order = get_object_or_404(GroupedOrder, pk=grouped_order_id) + participants = OrderAuthor.objects.filter( + order__in=grouped_order.order_set.all() + ) + + response = http.HttpResponse( + content_type="text/csv", + headers={ + "Content-Disposition": f'attachment; filename="{ grouped_order.name }-mails.csv"' + }, + ) + writer = csv.writer(response) + row = [participant.email for participant in participants] + writer.writerow(row) + return response + + +# def export_grouped_order_email_addresses_to_csv(request, grouped_order_id): +# """Exports a csv list of participants email addresses - only for the organizer""" + +# # Check if the user is orga +# if request.user +# grouped_order = get_object_or_404(GroupedOrder, pk=grouped_order_id) +# participants = OrderAuthor.objects.filter(order__in=grouped_order.order_set.all()) + +# response = http.HttpResponse(content_type="text/csv", headers={'Content-Disposition': f'attachment; filename="{ grouped_order.name }-mails.csv"'},) +# writer = csv.writer(response) +# row = [participant.email for participant in participants] +# writer.writerow(row) +# return response