tandem
/
numerus
2
0
Fork 0
Code Issues 37 Pull Requests Packages Projects 1 Releases 1 Wiki Activity
numerus/pkg/company.go

282 lines
7.8 KiB
Go
Raw Normal View History

Add the company relation and read-only form to edit I do not have more time to update the update to the company today, but i believe this is already a good amount of work for a commit. The company is going to be used for row level security, as users will only have access to the data from companies they are granted access, by virtue of being in the company_user relation. I did not know how add a row level security policy to the company_user because i needed the to select on the same relation and this is not allowed, because it would create an infinite loop. Had to add the vat, pg_libphonenumber, and uri extensions in order to validate VAT identification numbers, phone numbers, and URIs, repectively. These libraries are not in Debian, but i created packages for them all in https://dev.tandem.ws/tandem.
2023-01-24 20:46:07 +00:00
package pkg
import (
"context"
"errors"
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
"html/template"
Add the company relation and read-only form to edit I do not have more time to update the update to the company today, but i believe this is already a good amount of work for a commit. The company is going to be used for row level security, as users will only have access to the data from companies they are granted access, by virtue of being in the company_user relation. I did not know how add a row level security policy to the company_user because i needed the to select on the same relation and this is not allowed, because it would create an infinite loop. Had to add the vat, pg_libphonenumber, and uri extensions in order to validate VAT identification numbers, phone numbers, and URIs, repectively. These libraries are not in Debian, but i created packages for them all in https://dev.tandem.ws/tandem.
2023-01-24 20:46:07 +00:00
"net/http"
"net/url"
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
"strconv"
Add the company relation and read-only form to edit I do not have more time to update the update to the company today, but i believe this is already a good amount of work for a commit. The company is going to be used for row level security, as users will only have access to the data from companies they are granted access, by virtue of being in the company_user relation. I did not know how add a row level security policy to the company_user because i needed the to select on the same relation and this is not allowed, because it would create an infinite loop. Had to add the vat, pg_libphonenumber, and uri extensions in order to validate VAT identification numbers, phone numbers, and URIs, repectively. These libraries are not in Debian, but i created packages for them all in https://dev.tandem.ws/tandem.
2023-01-24 20:46:07 +00:00
"strings"
)
const (
ContextCompanyKey = "numerus-company"
)
type Company struct {
Id int
Slug string
}
func CompanyHandler(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
slug := r.URL.Path
if idx := strings.IndexByte(slug, '/'); idx >= 0 {
slug = slug[:idx]
}
conn := getConn(r)
company := &Company{
Slug: slug,
}
err := conn.QueryRow(r.Context(), "select company_id from company where slug = $1", slug).Scan(&company.Id)
if err != nil {
http.NotFound(w, r)
return
}
ctx := context.WithValue(r.Context(), ContextCompanyKey, company)
r = r.WithContext(ctx)
// Same as StripPrefix
p := strings.TrimPrefix(r.URL.Path, slug)
rp := strings.TrimPrefix(r.URL.RawPath, slug)
if len(p) < len(r.URL.Path) && (r.URL.RawPath == "" || len(rp) < len(r.URL.RawPath)) {
r2 := new(http.Request)
*r2 = *r
r2.URL = new(url.URL)
*r2.URL = *r.URL
if p == "" {
r2.URL.Path = "/"
} else {
r2.URL.Path = p
}
r2.URL.RawPath = rp
next.ServeHTTP(w, r2)
} else {
http.NotFound(w, r)
}
})
}
func getCompany(r *http.Request) *Company {
company := r.Context().Value(ContextCompanyKey)
if company == nil {
return nil
}
return company.(*Company)
}
Add fieldset for currency in tax details page
2023-01-28 11:24:52 +00:00
type CurrencyOption struct {
Code string
Symbol string
}
Use a select for company’s country field At first we thought that a regular text field would do, because we were afraid that a dropdown would be worse from the point of view of user experience, but then we realized that we need the country code for VAT and phone validation, and we can not expect users to input that, of course. I had to add the first “i18n table” to the database with the name of all countries in both Catalan and Spanish and Catalan; English is the default. For now i think i do not need a view that would select the name based on the locale of the current request, because currently i do not plan on adding any other such table —the currency uses the code and the symbol, thus no need for localization. However, now i need the language tag from the locale in order to get the correct translation, and gotext does not give me any way to access the inner language. Thus the need for our Locale type.
2023-01-27 20:30:14 +00:00
type CountryOption struct {
Code string
Name string
}
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
type Tax struct {
Id int
Name string
Rate int
}
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
type taxDetailsForm struct {
Use a proper struct for the contact’s form Our company is a kind-of contact, although it does not appear in the contact section, thus i could embed the contact form inside the tax details form to reuse all the common fields.
2023-02-01 13:34:40 +00:00
*contactForm
Currency *SelectField
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
}
func newTaxDetailsForm(ctx context.Context, conn *Conn, locale *Locale) *taxDetailsForm {
return &taxDetailsForm{
Use a proper struct for the contact’s form Our company is a kind-of contact, although it does not appear in the contact section, thus i could embed the contact form inside the tax details form to reuse all the common fields.
2023-02-01 13:34:40 +00:00
contactForm: newContactForm(ctx, conn, locale),
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
Currency: &SelectField{
Name: "currency",
Label: pgettext("input", "Currency", locale),
Options: MustGetOptions(ctx, conn, "select currency_code, currency_symbol from currency order by currency_code"),
Selected: "EUR",
},
}
}
func (form *taxDetailsForm) Parse(r *http.Request) error {
Use a proper struct for the contact’s form Our company is a kind-of contact, although it does not appear in the contact section, thus i could embed the contact form inside the tax details form to reuse all the common fields.
2023-02-01 13:34:40 +00:00
if err := form.contactForm.Parse(r); err != nil {
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
return err
}
form.Currency.FillValue(r)
return nil
}
func (form *taxDetailsForm) Validate(ctx context.Context, conn *Conn) bool {
validator := newFormValidator()
validator.CheckValidSelectOption(form.Currency, gettext("Selected currency is not valid.", form.locale))
Use a proper struct for the contact’s form Our company is a kind-of contact, although it does not appear in the contact section, thus i could embed the contact form inside the tax details form to reuse all the common fields.
2023-02-01 13:34:40 +00:00
return form.contactForm.Validate(ctx, conn) && validator.AllOK()
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
}
func (form *taxDetailsForm) mustFillFromDatabase(ctx context.Context, conn *Conn, company *Company) *taxDetailsForm {
err := conn.QueryRow(ctx, "select business_name, substr(vatin::text, 3), trade_name, phone, email, web, address, city, province, postal_code, country_code, currency_code from company where company_id = $1", company.Id).Scan(form.BusinessName, form.VATIN, form.TradeName, form.Phone, form.Email, form.Web, form.Address, form.City, form.Province, form.PostalCode, form.Country, form.Currency)
if err != nil {
panic(err)
}
return form
}
Add the company relation and read-only form to edit I do not have more time to update the update to the company today, but i believe this is already a good amount of work for a commit. The company is going to be used for row level security, as users will only have access to the data from companies they are granted access, by virtue of being in the company_user relation. I did not know how add a row level security policy to the company_user because i needed the to select on the same relation and this is not allowed, because it would create an infinite loop. Had to add the vat, pg_libphonenumber, and uri extensions in order to validate VAT identification numbers, phone numbers, and URIs, repectively. These libraries are not in Debian, but i created packages for them all in https://dev.tandem.ws/tandem.
2023-01-24 20:46:07 +00:00
type TaxDetailsPage struct {
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
DetailsForm *taxDetailsForm
NewTaxForm *newTaxForm
Taxes []*Tax
Add the company relation and read-only form to edit I do not have more time to update the update to the company today, but i believe this is already a good amount of work for a commit. The company is going to be used for row level security, as users will only have access to the data from companies they are granted access, by virtue of being in the company_user relation. I did not know how add a row level security policy to the company_user because i needed the to select on the same relation and this is not allowed, because it would create an infinite loop. Had to add the vat, pg_libphonenumber, and uri extensions in order to validate VAT identification numbers, phone numbers, and URIs, repectively. These libraries are not in Debian, but i created packages for them all in https://dev.tandem.ws/tandem.
2023-01-24 20:46:07 +00:00
}
func CompanyTaxDetailsHandler() http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
locale := getLocale(r)
conn := getConn(r)
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
page := &TaxDetailsPage{
DetailsForm: newTaxDetailsForm(r.Context(), conn, locale),
NewTaxForm: newNewTaxForm(locale),
}
company := mustGetCompany(r)
Allow users update their tax details
2023-01-27 00:08:03 +00:00
if r.Method == "POST" {
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
if err := page.DetailsForm.Parse(r); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
Allow users update their tax details
2023-01-27 00:08:03 +00:00
}
Add cross-request forgery detection I use the ten first digits of the cookie’s hash, that i believe it is not a problem, has the advantage of not expiring until the user logs out, and using a per user session token is explicitly allowed by OWASP[0]. [0]: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern
2023-02-02 10:39:34 +00:00
if err := verifyCsrfTokenValid(r); err != nil {
http.Error(w, err.Error(), http.StatusForbidden)
return
}
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
if ok := page.DetailsForm.Validate(r.Context(), conn); ok {
form := page.DetailsForm
conn.MustExec(r.Context(), "update company set business_name = $1, vatin = ($11 || $2)::vatin, trade_name = $3, phone = parse_packed_phone_number($4, $11), email = $5, web = $6, address = $7, city = $8, province = $9, postal_code = $10, country_code = $11, currency_code = $12 where company_id = $13", form.BusinessName, form.VATIN, form.TradeName, form.Phone, form.Email, form.Web, form.Address, form.City, form.Province, form.PostalCode, form.Country, form.Currency, company.Id)
http.Redirect(w, r, "/company/"+company.Slug+"/tax-details", http.StatusSeeOther)
return
}
w.WriteHeader(http.StatusUnprocessableEntity)
} else {
page.DetailsForm.mustFillFromDatabase(r.Context(), conn, company)
Add the company relation and read-only form to edit I do not have more time to update the update to the company today, but i believe this is already a good amount of work for a commit. The company is going to be used for row level security, as users will only have access to the data from companies they are granted access, by virtue of being in the company_user relation. I did not know how add a row level security policy to the company_user because i needed the to select on the same relation and this is not allowed, because it would create an infinite loop. Had to add the vat, pg_libphonenumber, and uri extensions in order to validate VAT identification numbers, phone numbers, and URIs, repectively. These libraries are not in Debian, but i created packages for them all in https://dev.tandem.ws/tandem.
2023-01-24 20:46:07 +00:00
}
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
page.Taxes = mustGetTaxes(r.Context(), conn, company)
Rename extension of templates to .gohtml Apparently, there are tools that only know how to use that extensions when referring to Go templates.
2023-01-30 15:48:21 +00:00
mustRenderAppTemplate(w, r, "tax-details.gohtml", page)
Allow users update their tax details
2023-01-27 00:08:03 +00:00
})
Add the company relation and read-only form to edit I do not have more time to update the update to the company today, but i believe this is already a good amount of work for a commit. The company is going to be used for row level security, as users will only have access to the data from companies they are granted access, by virtue of being in the company_user relation. I did not know how add a row level security policy to the company_user because i needed the to select on the same relation and this is not allowed, because it would create an infinite loop. Had to add the vat, pg_libphonenumber, and uri extensions in order to validate VAT identification numbers, phone numbers, and URIs, repectively. These libraries are not in Debian, but i created packages for them all in https://dev.tandem.ws/tandem.
2023-01-24 20:46:07 +00:00
}
func mustGetCompany(r *http.Request) *Company {
company := getCompany(r)
if company == nil {
panic(errors.New("company: required but not found"))
}
Allow users update their tax details
2023-01-27 00:08:03 +00:00
return company
Add the company relation and read-only form to edit I do not have more time to update the update to the company today, but i believe this is already a good amount of work for a commit. The company is going to be used for row level security, as users will only have access to the data from companies they are granted access, by virtue of being in the company_user relation. I did not know how add a row level security policy to the company_user because i needed the to select on the same relation and this is not allowed, because it would create an infinite loop. Had to add the vat, pg_libphonenumber, and uri extensions in order to validate VAT identification numbers, phone numbers, and URIs, repectively. These libraries are not in Debian, but i created packages for them all in https://dev.tandem.ws/tandem.
2023-01-24 20:46:07 +00:00
}
Use a select for company’s country field At first we thought that a regular text field would do, because we were afraid that a dropdown would be worse from the point of view of user experience, but then we realized that we need the country code for VAT and phone validation, and we can not expect users to input that, of course. I had to add the first “i18n table” to the database with the name of all countries in both Catalan and Spanish and Catalan; English is the default. For now i think i do not need a view that would select the name based on the locale of the current request, because currently i do not plan on adding any other such table —the currency uses the code and the symbol, thus no need for localization. However, now i need the language tag from the locale in order to get the correct translation, and gotext does not give me any way to access the inner language. Thus the need for our Locale type.
2023-01-27 20:30:14 +00:00
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
func mustGetTaxes(ctx context.Context, conn *Conn, company *Company) []*Tax {
rows, err := conn.Query(ctx, "select tax_id, name, (rate * 100)::integer from tax where company_id = $1 order by rate, name", company.Id)
Use a select for company’s country field At first we thought that a regular text field would do, because we were afraid that a dropdown would be worse from the point of view of user experience, but then we realized that we need the country code for VAT and phone validation, and we can not expect users to input that, of course. I had to add the first “i18n table” to the database with the name of all countries in both Catalan and Spanish and Catalan; English is the default. For now i think i do not need a view that would select the name based on the locale of the current request, because currently i do not plan on adding any other such table —the currency uses the code and the symbol, thus no need for localization. However, now i need the language tag from the locale in order to get the correct translation, and gotext does not give me any way to access the inner language. Thus the need for our Locale type.
2023-01-27 20:30:14 +00:00
if err != nil {
panic(err)
}
defer rows.Close()
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
var taxes []*Tax
Use a select for company’s country field At first we thought that a regular text field would do, because we were afraid that a dropdown would be worse from the point of view of user experience, but then we realized that we need the country code for VAT and phone validation, and we can not expect users to input that, of course. I had to add the first “i18n table” to the database with the name of all countries in both Catalan and Spanish and Catalan; English is the default. For now i think i do not need a view that would select the name based on the locale of the current request, because currently i do not plan on adding any other such table —the currency uses the code and the symbol, thus no need for localization. However, now i need the language tag from the locale in order to get the correct translation, and gotext does not give me any way to access the inner language. Thus the need for our Locale type.
2023-01-27 20:30:14 +00:00
for rows.Next() {
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
tax := &Tax{}
err = rows.Scan(&tax.Id, &tax.Name, &tax.Rate)
Use a select for company’s country field At first we thought that a regular text field would do, because we were afraid that a dropdown would be worse from the point of view of user experience, but then we realized that we need the country code for VAT and phone validation, and we can not expect users to input that, of course. I had to add the first “i18n table” to the database with the name of all countries in both Catalan and Spanish and Catalan; English is the default. For now i think i do not need a view that would select the name based on the locale of the current request, because currently i do not plan on adding any other such table —the currency uses the code and the symbol, thus no need for localization. However, now i need the language tag from the locale in order to get the correct translation, and gotext does not give me any way to access the inner language. Thus the need for our Locale type.
2023-01-27 20:30:14 +00:00
if err != nil {
panic(err)
}
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
taxes = append(taxes, tax)
Use a select for company’s country field At first we thought that a regular text field would do, because we were afraid that a dropdown would be worse from the point of view of user experience, but then we realized that we need the country code for VAT and phone validation, and we can not expect users to input that, of course. I had to add the first “i18n table” to the database with the name of all countries in both Catalan and Spanish and Catalan; English is the default. For now i think i do not need a view that would select the name based on the locale of the current request, because currently i do not plan on adding any other such table —the currency uses the code and the symbol, thus no need for localization. However, now i need the language tag from the locale in order to get the correct translation, and gotext does not give me any way to access the inner language. Thus the need for our Locale type.
2023-01-27 20:30:14 +00:00
}
if rows.Err() != nil {
panic(rows.Err())
}
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
return taxes
Use a select for company’s country field At first we thought that a regular text field would do, because we were afraid that a dropdown would be worse from the point of view of user experience, but then we realized that we need the country code for VAT and phone validation, and we can not expect users to input that, of course. I had to add the first “i18n table” to the database with the name of all countries in both Catalan and Spanish and Catalan; English is the default. For now i think i do not need a view that would select the name based on the locale of the current request, because currently i do not plan on adding any other such table —the currency uses the code and the symbol, thus no need for localization. However, now i need the language tag from the locale in order to get the correct translation, and gotext does not give me any way to access the inner language. Thus the need for our Locale type.
2023-01-27 20:30:14 +00:00
}
Add fieldset for currency in tax details page
2023-01-28 11:24:52 +00:00
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
type newTaxForm struct {
locale *Locale
Name *InputField
Rate *InputField
}
Add fieldset for currency in tax details page
2023-01-28 11:24:52 +00:00
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
func newNewTaxForm(locale *Locale) *newTaxForm {
return &newTaxForm{
locale: locale,
Name: &InputField{
Name: "tax_name",
Label: pgettext("input", "Tax name", locale),
Type: "text",
Required: true,
},
Rate: &InputField{
Name: "tax_rate",
Label: pgettext("input", "Rate (%)", locale),
Type: "number",
Required: true,
Attributes: []template.HTMLAttr{
"min=-99",
"max=99",
},
},
Add fieldset for currency in tax details page
2023-01-28 11:24:52 +00:00
}
}
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
func (form *newTaxForm) Parse(r *http.Request) error {
if err := r.ParseForm(); err != nil {
return err
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
}
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
form.Name.FillValue(r)
form.Rate.FillValue(r)
return nil
}
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
func (form *newTaxForm) Validate() bool {
validator := newFormValidator()
validator.CheckRequiredInput(form.Name, gettext("Tax name can not be empty.", form.locale))
if validator.CheckRequiredInput(form.Rate, gettext("Tax rate can not be empty.", form.locale)) {
validator.CheckValidInteger(form.Rate, -99, 99, gettext("Tax rate must be an integer between -99 and 99.", form.locale))
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
}
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
return validator.AllOK()
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
}
func CompanyTaxHandler() http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
param := r.URL.Path
if idx := strings.LastIndexByte(param, '/'); idx >= 0 {
param = param[idx+1:]
}
conn := getConn(r)
company := mustGetCompany(r)
if taxId, err := strconv.Atoi(param); err == nil {
Add cross-request forgery detection I use the ten first digits of the cookie’s hash, that i believe it is not a problem, has the advantage of not expiring until the user logs out, and using a per user session token is explicitly allowed by OWASP[0]. [0]: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern
2023-02-02 10:39:34 +00:00
if err := verifyCsrfTokenValid(r); err != nil {
http.Error(w, err.Error(), http.StatusForbidden)
return
}
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
conn.MustExec(r.Context(), "delete from tax where tax_id = $1", taxId)
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
http.Redirect(w, r, "/company/"+company.Slug+"/tax-details", http.StatusSeeOther)
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
} else {
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
locale := getLocale(r)
form := newNewTaxForm(locale)
if err := form.Parse(r); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
Add cross-request forgery detection I use the ten first digits of the cookie’s hash, that i believe it is not a problem, has the advantage of not expiring until the user logs out, and using a per user session token is explicitly allowed by OWASP[0]. [0]: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern
2023-02-02 10:39:34 +00:00
if err := verifyCsrfTokenValid(r); err != nil {
http.Error(w, err.Error(), http.StatusForbidden)
return
}
Handle tax details and new tax forms with structs and validation I implemented the Valuer and Scanner interfaces to InputField and SelectField for better passing values between the database and Go. I had a conflict with the Value name and renamed the struct member to Val. I also had to change the attributes array to be of type template.HTMLAttr or html/template would replace `form="newtax"` attribute to `zgotmplz="newtax"` because it deems it “unsafe”. I do not like having to use template.HTMLAttr when assigning values, but i do not know what else i can do now.
2023-02-01 13:15:02 +00:00
if form.Validate() {
conn.MustExec(r.Context(), "insert into tax (company_id, name, rate) values ($1, $2, $3 / 100::decimal)", company.Id, form.Name, form.Rate.Integer())
http.Redirect(w, r, "/company/"+company.Slug+"/tax-details", http.StatusSeeOther)
} else {
w.WriteHeader(http.StatusUnprocessableEntity)
}
page := &TaxDetailsPage{
DetailsForm: newTaxDetailsForm(r.Context(), conn, locale).mustFillFromDatabase(r.Context(), conn, company),
NewTaxForm: form,
Taxes: mustGetTaxes(r.Context(), conn, company),
}
mustRenderAppTemplate(w, r, "tax-details.gohtml", page)
Add the tax relation with very rough form and handler
2023-01-28 13:18:58 +00:00
}
})
}