add logout logic and wip recap

backend/src/contracts/contracts.py

@@ -2,7 +2,7 @@ from fastapi import APIRouter, Depends, HTTPException, Query
 from fastapi.responses import StreamingResponse
 from src.database import get_session
 from sqlmodel import Session
-from src.contracts.generate_contract import generate_html_contract
+from src.contracts.generate_contract import generate_html_contract, generate_recap
 from src.auth.auth import get_current_user
 import src.models as models
 import src.messages as messages
@@ -79,7 +79,8 @@ async def create_contract(
     occasionals = create_occasional_dict(occasional_contract_products)
     recurrents = list(map(lambda x: {"product": x.product, "quantity": x.quantity}, filter(lambda contract_product: contract_product.product.type == models.ProductType.RECCURENT, new_contract.products)))
     recurrent_price = compute_recurrent_prices(recurrents, len(new_contract.form.shipments))
-    total_price = '{:10.2f}'.format(recurrent_price + compute_occasional_prices(occasionals))
+    price = recurrent_price + compute_occasional_prices(occasionals)
+    total_price = '{:10.2f}'.format(price)
     cheques = list(map(lambda x: {"name": x.name, "value": x.value}, new_contract.cheques))
     # TODO: send contract to referer
 
@@ -94,7 +95,7 @@ async def create_contract(
         )
         pdf_file = io.BytesIO(pdf_bytes)
         contract_id = f'{new_contract.firstname}_{new_contract.lastname}_{new_contract.form.productor.type}_{new_contract.form.season}'
-        service.add_contract_file(session, new_contract.id, pdf_bytes)
+        service.add_contract_file(session, new_contract.id, pdf_bytes, price)
     except Exception as e:
         print(e)
         raise HTTPException(status_code=400, detail=messages.pdferror)
@@ -112,7 +113,7 @@ def get_contracts(
     session: Session = Depends(get_session),
     user: models.User = Depends(get_current_user)
 ):
-    return service.get_all(session, forms)
+    return service.get_all(session, user, forms)
 
 @router.get('/{id}/file')
 def get_contract_file(
@@ -120,6 +121,8 @@ def get_contract_file(
     session: Session = Depends(get_session),
     user: models.User = Depends(get_current_user)
 ):
+    if not service.is_allowed(session, user, id):
+        raise HTTPException(status_code=403, detail=messages.notallowed)
     contract = service.get_one(session, id)
     if contract is None:
         raise HTTPException(status_code=404, detail=messages.notfound)
@@ -138,8 +141,10 @@ def get_contract_files(
     session: Session = Depends(get_session),
     user: models.User = Depends(get_current_user)
 ):
+    if not form_service.is_allowed(session, user, form_id):
+        raise HTTPException(status_code=403, detail=messages.notallowed)
     form = form_service.get_one(session, form_id=form_id)
-    contracts = service.get_all(session, [form.name])
+    contracts = service.get_all(session, user, forms=[form.name])
     zipped_contracts = io.BytesIO()
     with zipfile.ZipFile(zipped_contracts, "a", zipfile.ZIP_DEFLATED, False) as zip_file:
         for contract in contracts:
@@ -155,9 +160,29 @@ def get_contract_files(
         }
     )
 
+@router.get('/{form_id}/recap')
+def get_contract_recap(
+    form_id: int,
+    session: Session = Depends(get_session),
+    user: models.User = Depends(get_current_user)
+):
+    if not form_service.is_allowed(session, user, form_id):
+        raise HTTPException(status_code=403, detail=messages.notallowed)
+    form = form_service.get_one(session, form_id=form_id)
+    contracts = service.get_all(session, user, forms=[form.name])
+    
+    return StreamingResponse(
+        io.BytesIO(generate_recap(contracts, form)),
+        media_type='application/zip',
+        headers={
+            'Content-Disposition': f'attachment; filename=filename.ods'
+        }
+    )
 
 @router.get('/{id}', response_model=models.ContractPublic)
 def get_contract(id: int, session: Session = Depends(get_session), user: models.User = Depends(get_current_user)):
+    if not service.is_allowed(session, user, id):
+        raise HTTPException(status_code=403, detail=messages.notallowed)
     result = service.get_one(session, id)
     if result is None:
         raise HTTPException(status_code=404, detail=messages.notfound)
@@ -165,6 +190,8 @@ def get_contract(id: int, session: Session = Depends(get_session), user: models.
 
 @router.delete('/{id}', response_model=models.ContractPublic)
 def delete_contract(id: int, session: Session = Depends(get_session), user: models.User = Depends(get_current_user)):
+    if not service.is_allowed(session, user, id):
+        raise HTTPException(status_code=403, detail=messages.notallowed)
     result = service.delete_one(session, id)
     if result is None:
         raise HTTPException(status_code=404, detail=messages.notfound)