[IMP] point_of_sale: track session logins

the pos session now keeps track of the session logins, and that number is included in in the order reference. This prevents orders generated in parallely created sessions from having the same reference, and also helps reduce fraud.
2014-08-20 15:07:56 +02:00 · 2014-08-20 15:07:56 +02:00 · d421f9a365
parent 6c5cde609e
commit d421f9a365
3 changed files with 23 additions and 9 deletions
--- a/addons/point_of_sale/controllers/main.py
+++ b/addons/point_of_sale/controllers/main.py
@ -15,12 +15,17 @@ _logger = logging.getLogger(__name__)

 class PosController(http.Controller):

-    @http.route('/pos/web', type='http', auth='none')
+    @http.route('/pos/web', type='http', auth='user')
    def a(self, debug=False, **k):
+        cr, uid, context, session = request.cr, request.uid, request.context, request.session

-        if not request.session.uid:
+        if not session.uid:
            return login_redirect()

+        PosSession = request.registry['pos.session']
+        pos_session_ids = PosSession.search(cr, uid, [('state','=','opened'),('user_id','=',session.uid)], context=context)
+        PosSession.login(cr,uid,pos_session_ids,context=context)
+        
        modules =  simplejson.dumps(module_boot(request.db))
        init =  """
                 var wc = new s.web.WebClient();
@ -31,7 +36,7 @@ class PosController(http.Controller):
                 wc.start();
                 """

-        html = request.registry.get('ir.ui.view').render(request.cr, request.session.uid,'point_of_sale.index',{
+        html = request.registry.get('ir.ui.view').render(cr, session.uid,'point_of_sale.index',{
            'modules': modules,
            'init': init,
        })
--- a/addons/point_of_sale/point_of_sale.py
+++ b/addons/point_of_sale/point_of_sale.py
@ -239,7 +239,8 @@ class pos_session(osv.osv):
                required=True, readonly=True,
                select=1, copy=False),
        
-        'sequence_number': fields.integer('Order Sequence Number'),
+        'sequence_number': fields.integer('Order Sequence Number', help='A sequence number that is incremented with each order'),
+        'login_number':  fields.integer('Login Sequence Number', help='A sequence number that is incremented each time a user resumes the pos session'),

        'cash_control' : fields.function(_compute_cash_all,
                                         multi='cash',
@ -303,6 +304,7 @@ class pos_session(osv.osv):
        'user_id' : lambda obj, cr, uid, context: uid,
        'state' : 'opening_control',
        'sequence_number': 1,
+        'login_number': 0,
    }

    _sql_constraints = [
@ -396,7 +398,6 @@ class pos_session(osv.osv):
                statement.unlink(context=context)
        return super(pos_session, self).unlink(cr, uid, ids, context=context)

-
    def open_cb(self, cr, uid, ids, context=None):
        """
        call the Point Of Sale interface and set the pos.session to 'opened' (in progress)
@ -418,6 +419,12 @@ class pos_session(osv.osv):
            'target': 'self',
        }

+    def login(self, cr, uid, ids, context=None):
+        this_record = self.browse(cr, uid, ids[0], context=context)
+        this_record.write({
+            'login_number': this_record.login_number+1,
+        })
+
    def wkf_action_open(self, cr, uid, ids, context=None):
        # second browse because we need to refetch the data from the DB for cash_register_id
        for record in self.browse(cr, uid, ids, context=context):
--- a/addons/point_of_sale/static/src/js/models.js
+++ b/addons/point_of_sale/static/src/js/models.js
@ -172,7 +172,7 @@ function openerp_pos_models(instance, module){ //module is instance.point_of_sal
            loaded: function(self,taxes){ self.taxes = taxes; },
        },{
            model:  'pos.session',
-            fields: ['id', 'journal_ids','name','user_id','config_id','start_at','stop_at','sequence_number'],
+            fields: ['id', 'journal_ids','name','user_id','config_id','start_at','stop_at','sequence_number','login_number'],
            domain: function(self){ return [['state','=','opened'],['user_id','=',self.session.uid]]; },
            loaded: function(self,pos_sessions){
                self.pos_session = pos_sessions[0]; 
@ -885,7 +885,7 @@ function openerp_pos_models(instance, module){ //module is instance.point_of_sal
                creationDate:   new Date(),
                orderLines:     new module.OrderlineCollection(),
                paymentLines:   new module.PaymentlineCollection(),
-                name:           "Order " + this.uid,
+                name:           _t("Order ") + this.uid,
                client:         null,
            });
            this.selected_orderline   = undefined;
@ -900,7 +900,7 @@ function openerp_pos_models(instance, module){ //module is instance.point_of_sal
        },
        // Generates a public identification number for the order.
        // The generated number must be unique and sequential. They are made 12 digit long
-        // to fit into EAN-13 barcodes. 
+        // to fit into EAN-13 barcodes, should it be needed 
        generateUniqueId: function() {
            function zero_pad(num,size){
                var s = ""+num;
@ -909,7 +909,9 @@ function openerp_pos_models(instance, module){ //module is instance.point_of_sal
                }
                return s;
            }
-            return zero_pad(this.pos.pos_session_id,6) + zero_pad(this.sequence_number,6);
+            return zero_pad(this.pos.pos_session_id,5) +'-'+
+                   zero_pad(this.pos.pos_session.login_number,3) +'-'+
+                   zero_pad(this.sequence_number,4);
        },
        addOrderline: function(line){
            if(line.order){