Spam click on invalidity button is no longer possible

This commit is contained in:
Yohann D'ANELLO 2020-08-13 17:04:10 +02:00
parent c466715e8a
commit bb2704323a
6 changed files with 42 additions and 17 deletions

View File

@ -19,5 +19,5 @@ class ChangelogViewSet(ReadOnlyProtectedModelViewSet):
serializer_class = ChangelogSerializer
filter_backends = [DjangoFilterBackend, OrderingFilter]
filterset_fields = ['model', 'action', "instance_pk", 'user', 'ip', ]
ordering_fields = ['timestamp', ]
ordering = ['-timestamp', ]
ordering_fields = ['timestamp', 'id', ]
ordering = ['-id', ]

View File

@ -81,19 +81,27 @@ def save_object(sender, instance, **kwargs):
if instance.last_login != previous.last_login:
return
# On crée notre propre sérialiseur JSON pour pouvoir sauvegarder les modèles
fields = '__all__'
if previous:
# On ne garde que les champs modifiés
changed_fields = []
for field in instance._meta.fields:
if getattr(instance, field.name) != getattr(previous, field.name):
changed_fields.append(field.name)
if len(changed_fields) == 0:
# Pas de log s'il n'y a pas de modification
return
# On crée notre propre sérialiseur JSON pour pouvoir sauvegarder les modèles avec uniquement les champs modifiés
class CustomSerializer(ModelSerializer):
class Meta:
model = instance.__class__
fields = '__all__'
fields = changed_fields
previous_json = JSONRenderer().render(CustomSerializer(previous).data).decode("UTF-8") if previous else None
instance_json = JSONRenderer().render(CustomSerializer(instance).data).decode("UTF-8")
if previous_json == instance_json:
# Pas de log s'il n'y a pas de modification
return
Changelog.objects.create(user=user,
ip=ip,
model=ContentType.objects.get_for_model(instance),

View File

@ -167,26 +167,35 @@ class Transaction(PolymorphicModel):
previous_source_balance = self.source.balance
previous_dest_balance = self.destination.balance
source_balance = self.source.balance
dest_balance = self.destination.balance
created = self.pk is None
to_transfer = self.amount * self.quantity
if not created:
# Revert old transaction
old_transaction = Transaction.objects.get(pk=self.pk)
# Check that nothing important changed
for field_name in ["source_id", "destination_id", "quantity", "amount"]:
if getattr(self, field_name) != getattr(old_transaction, field_name):
raise ValidationError(_("You can't update the {field} on a Transaction. "
"Please invalidate it and create one other.").format(field=field_name))
if old_transaction.valid == self.valid:
# Don't change anything
return 0, 0
if old_transaction.valid:
self.source.balance += to_transfer
self.destination.balance -= to_transfer
source_balance += to_transfer
dest_balance -= to_transfer
if self.valid:
self.source.balance -= to_transfer
self.destination.balance += to_transfer
source_balance -= to_transfer
dest_balance += to_transfer
# When a transaction is declared valid, we ensure that the invalidity reason is null, if it was
# previously invalid
self.invalidity_reason = None
source_balance = self.source.balance
dest_balance = self.destination.balance
if source_balance > 2147483647 or source_balance < -2147483648\
or dest_balance > 2147483647 or dest_balance < -2147483648:
raise ValidationError(_("The note balances must be between - 21 474 836.47 € and 21 474 836.47 €."))

View File

@ -2456,7 +2456,7 @@
47,
49,
50,
140
141
]
}
},

View File

@ -46,6 +46,7 @@ INSTALLED_APPS = [
'django.contrib.messages',
'django.contrib.staticfiles',
'django.forms',
'django_filters',
# API
'rest_framework',

View File

@ -349,8 +349,15 @@ function autoCompleteNote(field_id, note_list_id, notes, notes_display, alias_pr
// When a validate button is clicked, we switch the validation status
function de_validate(id, validated) {
let validate_obj = $("#validate_" + id);
if (validate_obj.data("pending"))
// The button is already clicked
return;
let invalidity_reason = $("#invalidity_reason_" + id).val();
$("#validate_" + id).html("<strong style=\"font-size: 16pt;\">⟳</strong>");
validate_obj.html("<strong style=\"font-size: 16pt;\">⟳</strong>");
validate_obj.data("pending", true);
// Perform a PATCH request to the API in order to update the transaction
// If the user has insufficient rights, an error message will appear