from bluechips.lib.base import *
from pylons import request, app_globals as g
-from pylons.decorators.rest import dispatch_on
from pylons.decorators import validate
+from pylons.decorators.secure import authenticate_form
from pylons.controllers.util import abort
from formencode import validators, Schema
pre_validators = [NestedVariables()]
spender_id = validators.Int(not_empty=True)
amount = model.types.CurrencyValidator(not_empty=True)
- description = validators.UnicodeString()
+ description = validators.UnicodeString(not_empty=True)
date = validators.DateConverter()
shares = ForEach(ShareSchema)
chained_validators = [ValidateNotAllZero]
return render('/spend/index.mako')
@redirect_on_get('edit')
+ @authenticate_form
@validate(schema=ExpenditureSchema(), form='edit', variable_decode=True)
def update(self, id=None):
# Either create a new object, or, if we're editing, get the
g.handle_notification(involved_users, show, body)
return h.redirect_to('/')
+
+ def delete(self, id):
+ c.title = 'Delete an Expenditure'
+ c.expenditure = meta.Session.query(model.Expenditure).get(id)
+ if c.expenditure is None:
+ abort(404)
+
+ return render('/spend/delete.mako')
+
+ @redirect_on_get('delete')
+ @authenticate_form
+ def destroy(self, id):
+ e = meta.Session.query(model.Expenditure).get(id)
+ if e is None:
+ abort(404)
+
+ if 'delete' in request.params:
+ meta.Session.delete(e)
+
+ meta.Session.commit()
+ show = ("Expenditure of %s paid for by %s deleted." %
+ (e.amount, e.spender))
+ h.flash(show)
+
+ involved_users = set(sp.user for sp in e.splits if sp.share != 0)
+ involved_users.add(e.spender)
+ body = render('/emails/expenditure.txt',
+ extra_vars={'expenditure': e,
+ 'op': 'deleted'})
+ g.handle_notification(involved_users, show, body)
+
+ return h.redirect_to('/')