订单审批

apps/account/serializers.py

@@ -38,12 +38,13 @@ class JWTSerializer(JSONWebTokenSerializer):
                     'token': jwt_encode_handler(payload),
                     'user_id': user.id,
                     'username': user.username,
+                    'name': user.name,
                 }
             else:
                 msg = u'账号或者密码错误!'
                 raise serializers.ValidationError(msg)
         else:
-            msg = u'必须包含“{username field}”和“password.'
+            msg = u'登录参数错误.'
             msg = msg.format(username_field=self.username_field)
             raise serializers.ValidationError(msg)
 

apps/order/__init__.py

@@ -1,26 +1,26 @@
 # coding=utf-8
 
-ZERO = 0
-ONE = 1
-TOW = 2
-THREE = 3
-FOUR = 4
-FIVE = 5
-SIX = 6
-SEVEN = 7
-EIGHT = 8
-NINE = 9
-TEN = 10
-TEN1 = 11
-TEN2 = 12
-TEN3 = 13
-TEN4 = 14
-TEN5 = 15
-TEN6 = 16
-TEN7 = 17
-TEN8 = 18
-TEN9 = 19
-TEN10 = 20
+ZERO = 1
+ONE = 2
+TOW = 3
+THREE = 4
+FOUR = 5
+FIVE = 6
+SIX = 7
+SEVEN = 8
+EIGHT = 9
+NINE = 10
+TEN = 11
+TEN1 = 12
+TEN2 = 13
+TEN3 = 14
+TEN4 = 15
+TEN5 = 16
+TEN6 = 17
+TEN7 = 18
+TEN8 = 19
+TEN9 = 20
+TEN10 = 21
 
 CATEGORY_CHOICES = (
     (ZERO, u'草稿'),

apps/order/models.py

@@ -72,9 +72,9 @@ class Order(models.Model):
     upkeep = models.CharField(max_length=10, verbose_name=u"保养", null=True)
     dpratio = models.CharField(max_length=10, verbose_name=u"首付比例", null=True)
     lamount = models.CharField(max_length=10, verbose_name=u"申请贷款金额", null=True)
-    laompany = models.ForeignKey(Product, verbose_name=u'贷款产品', on_delete=models.PROTECT, null=True)
+    laompany = models.ForeignKey(Product, verbose_name=u'贷款产品', on_delete=models.PROTECT)
 
-    name = models.CharField(max_length=10, verbose_name=u"姓名", null=True)
+    name = models.CharField(max_length=10, verbose_name=u"姓名")
     sex = models.PositiveSmallIntegerField(choices=order.GENDER_CHOICES, verbose_name=u"性别", default=order.ZERO)
     bdate = models.DateField(verbose_name=u"出生日期", null=True)
     rpr = models.PositiveSmallIntegerField(choices=order.HUKOU_CHOICES, verbose_name=u"户口", default=order.ZERO)
@@ -90,7 +90,7 @@ class Order(models.Model):
     email = models.CharField(max_length=100, verbose_name=u"电子邮箱", null=True)
     wx = models.CharField(max_length=100, verbose_name=u"微信号", null=True)
     phone = models.CharField(max_length=15, verbose_name=u"住宅固定电话", null=True)
-    tel = models.CharField(max_length=11, verbose_name=u"手机号", null=True)
+    tel = models.CharField(max_length=11, verbose_name=u"手机号")
     wname = models.CharField(max_length=100, verbose_name=u"现工作单位名称", null=True)
     wphone = models.CharField(max_length=15, verbose_name=u"单位电话", null=True)
     waddress = models.CharField(max_length=100, verbose_name=u"现工作单位地址", null=True)

apps/order/serializers.py

@@ -69,6 +69,7 @@ class OrderSerializer(serializers.ModelSerializer):
     laompany_text = serializers.CharField(source='laompany.name', label='产品名称', read_only=True)
     create_time_f = serializers.DateTimeField(source='create_time', format=settings.SHORT_DATETIME_FORMAT,
                                               read_only=True)
+    seller_text = serializers.CharField(source='seller.name', read_only=True)
     status_text = serializers.CharField(source='get_status_display', read_only=True)
     category_text = serializers.CharField(source='get_category_display', read_only=True)
     sex_text = serializers.CharField(source='get_sex_display', label='性别', read_only=True)
@@ -93,7 +94,8 @@ class OrderSerializer(serializers.ModelSerializer):
         fields = '__all__'
 
     def create(self, validated_data):
-        validated_data['create_user'] = self.context['request'].user
+        if self.context['request'].user.is_authenticated:
+            validated_data['create_user'] = self.context['request'].user
         instance = super(OrderSerializer, self).create(validated_data)
         instance.save()
         return instance

apps/order/urls.py

@@ -9,6 +9,9 @@ urlpatterns = [
     url(r'productDict/$', ProductView.as_view()),
     url(r'productList/$', ProductListView.as_view()), # 小程序首页，获取产品列表
     url(r'list/$', OrderListView.as_view()),
+    url(r'new/$', OrderCreatView.as_view()), # 匿名用户申报
+    url(r'newUpload/$', OrderUploadView.as_view()), # 匿名用户上传图片
+    url(r'deleteImg/$', OrderDeleteImgView.as_view()), # 匿名用户删除图片
 ]
 
 router = SimpleRouter()

apps/order/views.py

@@ -4,7 +4,7 @@ from django.db.models import Sum, F
 from django.db import transaction
 from django.db.models import Q
 from rest_framework.views import APIView
-from rest_framework.generics import ListAPIView
+from rest_framework.generics import ListAPIView, CreateAPIView
 from utils.custom_modelviewset import CustomModelViewSet
 from .serializers import *
 from .filters import *
@@ -20,7 +20,6 @@ from utils.format import strftime
 
 
 class ProductView(APIView):
-    permission_classes = [isLogin, ]
 
     def get(self, request):
         data = []
@@ -141,13 +140,118 @@ class OrderListView(ListAPIView):
         f = OrderFilter(self.request.GET, queryset=queryset)
         return f.qs
 
+class OrderCreatView(CreateAPIView):
+    # 匿名用户申报
+    queryset = Order.objects.filter()
+    serializer_class = OrderSerializer
+
+    def post(self, request, *args, **kwargs):
+        seller_tel = request.POST.get('seller_tel')
+        try:
+            with transaction.atomic():
+                serializer = self.get_serializer(data=request.data)
+                if serializer.is_valid(raise_exception=True):
+                    instance = serializer.save()
+                    seller = User.objects.filter(username=seller_tel).first()
+                    if seller:
+                        instance.seller = seller
+                        instance.save()
+                    else:
+                        raise CustomError('请填写正确的业务人员电话')
+                    BizLog.objects.addnew(None, BizLog.INSERT,
+                                          u'添加订单[%s]，id=%d' % (instance.name, instance.id), request.data)
+                    return response_ok(instance.id)
+        except CustomError as e:
+            return response_error(e.get_error_msg())
+        except Exception as e:
+            return response_error(str(e))
+
+class OrderUploadView(CreateAPIView):
+    # 匿名用户申报上传图片
+    queryset = Order.objects.filter()
+    serializer_class = OrderSerializer
+
+    def post(self, request, *args, **kwargs):
+        file = self.request.FILES.get('file')
+        id = self.request.POST.get('id')
+        type = self.request.POST.get('type')
+        # 上传图片，order_id必填。更新图片时，upload_id必填
+        # / order / 2 / upload_image /
+        # post
+        # file
+        # type 0身份证, 1驾驶证, 2收入类, 3流水类, 4营业执照, 5挂靠协议
+        # order_id 订单id
+        # upload_id 图片id
+        try:
+            instance = Order.objects.filter(id=id).first()
+            if not instance:
+                raise CustomError('客户信息错误')
+            if instance.status == order.ONE:
+                raise CustomError('该客户信息已审核通过，禁止操作')
+            elif instance.status == order.THREE:
+                raise CustomError('该客户信息被拒绝审批，禁止操作')
+            with transaction.atomic():
+                if type:
+                    # 上传图片时，把不在使用的同类别图片删除。
+                    images = OrderImages.objects.filter(order=instance, type=type, enable=False)
+                    for image in images:
+                        image.image.del_images()
+                        image.delete()
+                upload = Upload.objects._addnew(file, 'user_image')
+                if upload:
+                    OrderImages.objects.create(order=instance, type=type, image=upload, )
+                    edit = OrderDetailEdit.objects.filter(type=OrderDetailEdit.ONE, order=instance,
+                                                          value=type).first()
+                    if edit:
+                        edit.edit_time = datetime.datetime.now()
+                        edit.save()
+                    dict = {
+                        'id': upload.id,
+                        'path': upload.get_path(),
+                    }
+                    return response_ok(dict)
+                return response_error('上传失败，请重新上传！')
+        except CustomError as e:
+            return response_error(e.get_error_msg())
+        except Exception as e:
+            return response_error(str(e))
+
+class OrderDeleteImgView(CreateAPIView):
+    # 匿名用户申报上传图片
+    queryset = Order.objects.filter()
+    serializer_class = OrderSerializer
+
+    def post(self, request, *args, **kwargs):
+        order_id = request.POST.get('order_id')
+        upload_id = request.POST.get('upload_id')
+        try:
+            instance = Order.objects.filter(id=order_id).first()
+            if not instance:
+                raise CustomError('客户信息错误')
+            if instance.status == order.ONE:
+                raise CustomError('该客户信息已审核通过，禁止操作')
+            if instance.status == order.THREE:
+                raise CustomError('该客户信息被拒绝审批，禁止操作')
+            with transaction.atomic():
+                if upload_id:
+                    upload = Upload.objects.filter(id=upload_id).first()
+                    if upload:
+                        OrderImages.objects.filter(order=instance, image_id=upload_id).delete()
+                        upload.del_images()
+                        return response_ok()
+                return response_error('图片参数错误，删除失败')
+        except CustomError as e:
+            return response_error(e.get_error_msg())
+        except Exception as e:
+            return response_error(str(e))
 
 class OrderViewSet(CustomModelViewSet):
     permission_classes = [isLogin, ]
     queryset = Order.objects.filter()
     serializer_class = OrderSerializer
 
-    def filter_queryset(self, queryset):
+    def filter_queryset(self, queryset, ):
+        # 非管理者，只能查看自己的客户
         if self.request.user.type != User.EMPLOYEE:
             queryset = queryset.filter(Q(create_user=self.request.user) | Q(seller=self.request.user))
         f = OrderFilter(self.request.GET, queryset=queryset)
@@ -262,6 +366,8 @@ class OrderViewSet(CustomModelViewSet):
         status = request.GET.get('statu')
 
         try:
+            if request.user.type != User.EMPLOYEE:
+                raise CustomError('当前用户无权限，禁止操作')
             instance = self.get_object()
             if instance.status == order.ONE:
                 raise CustomError('该客户信息已审核通过，禁止操作')

apps/upload/models.py

@@ -30,8 +30,8 @@ class UploadManager(models.Manager):
 
         instance = self.model(
             picture="%s%s" % (settings.MEDIA_URL, filename),
-            width=width,
-            height=height,
+            width=width or 0,
+            height=height or 0,
             file_size="%.2f" % (float(size) / 1024),
         )
         instance.save()

uis/views/account/login.html

@@ -120,10 +120,6 @@
             key: 'permissions'
             ,value: res.data.permissions
           });
-          layui.data(setter.tableName, {
-            key: 'manager_stores'
-            ,value: res.data.manager_stores
-          });
 
           //登入成功的提示与跳转
           layer.msg('登入成功', {

uis/views/order/index.html

@@ -102,15 +102,15 @@
         </div>
         <div class="seach_items">
             <input type="text" name="name" autocomplete="off" class="layui-input"
-                   placeholder="电话"/>
+                   placeholder="姓名"/>
         </div>
         <div class="seach_items">
             <select name="status" style="width: 40px;">
                 <option value="">请选择状态</option>
-                <option value="0">待审核</option>
-                <option value="1">已通过</option>
-                <option value="2">退回修改</option>
-                <option value="3">拒绝审批</option>
+                <option value="1">待审核</option>
+                <option value="2">已通过</option>
+                <option value="3">退回修改</option>
+                <option value="4">拒绝审批</option>
             </select>
         </div>
         <div class="seach_items">
@@ -136,7 +136,7 @@
 
         table.render({
             elem: '#datagrid'
-            , url: '/order/?category=1'
+            , url: '/order/?category=2'
             , toolbar: '#toolbarDemo'
             , title: '用户订单' //标题
             , totalRow: true

utils/permission.py

@@ -11,6 +11,14 @@ class isLogin(permissions.BasePermission):
             return False
         return True
 
+class isAdmin(permissions.BasePermission):
+    def has_permission(self, request, view):
+        if not request.user or not request.user.is_authenticated:
+            return False
+        if request.user.type == 1:
+            return True
+        return False
+
 def check_permission(request, perm):
     if not request.user or not request.user.is_authenticated:
         raise CustomError(u"身份认证失败，请重新登录！")