From b4c9e8cc8e7d517dc768a578130c211285158f16 Mon Sep 17 00:00:00 2001
From: Sunandar <sunandar@code2lab.co>
Date: Fri, 3 Feb 2017 13:46:59 +0630
Subject: [PATCH] edit ticket controller

---
 app/controllers/api/auth_controller.rb        |  3 +-
 .../api/batch_line_items_controller.rb        | 74 ++++++++++---------
 .../batch_line_items_controller.rb            |  6 +-
 app/controllers/batches_controller.rb         |  2 +
 app/controllers/home_controller.rb            |  1 +
 app/controllers/users_controller.rb           |  3 +-
 app/models/batch_line_item.rb                 | 18 ++---
 app/views/users/_form.html.erb                | 15 +++-
 8 files changed, 67 insertions(+), 55 deletions(-)

diff --git a/app/controllers/api/auth_controller.rb b/app/controllers/api/auth_controller.rb
index 41b58a8..5a79ae5 100644
--- a/app/controllers/api/auth_controller.rb
+++ b/app/controllers/api/auth_controller.rb
@@ -1,9 +1,10 @@
 class Api::AuthController < ApplicationController
 	skip_before_filter  :verify_authenticity_token
 	def login
+ 
 		username = params[:username]
     access = params[:access_code]
-   		 
+
    	member = Member.find_by_email(username)
 		if member && member.valid_password?(access)
 		 	member.session_token = SecureRandom.hex 		 	 
diff --git a/app/controllers/api/batch_line_items_controller.rb b/app/controllers/api/batch_line_items_controller.rb
index 6fb9c80..c62c835 100644
--- a/app/controllers/api/batch_line_items_controller.rb
+++ b/app/controllers/api/batch_line_items_controller.rb
@@ -3,8 +3,7 @@ class Api::BatchLineItemsController < ApplicationController
 	def register
         batch_id=params[:batch_id]
         session_token=params[:session_token]
-        manufacture_uid = params[:card_manufacture]
-        # card_type = params[:card_type]
+        manufacture_uid = params[:card_manufacture] 
         user_id=""      
 
         check_member= Member.authenticate_session_token(session_token)
@@ -15,44 +14,51 @@ class Api::BatchLineItemsController < ApplicationController
                 encrypt_key=find_user.secrect_key
                 user_id=find_user.id
             end
-            if !encrypt_key.nil?
-                serial_no=BatchLineItem.generate_serial_no(user_id.to_s)
-                str="manufacture_uid="+manufacture_uid.to_s+"&serial_no="+serial_no.to_s               
+
+            if !encrypt_key.nil?  
+                check_manufacture = BatchLineItem.find_by_manufacture_uid(manufacture_uid)            
+                if check_manufacture.nil? 
+                    serial_no=BatchLineItem.generate_serial_no(user_id.to_s)
+                    str="manufacture_uid="+manufacture_uid.to_s+"&serial_no="+serial_no.to_s               
                      
-                digest_data= Digest::MD5.hexdigest(str)                 
-                hex_data=digest_data.hex            
-                hex_str=hex_data.to_s
-                wristband_code=hex_str[0..15]
+                    digest_data= Digest::MD5.hexdigest(str)                 
+                    hex_data=digest_data.hex            
+                    hex_str=hex_data.to_s
+                    wristband_code=hex_str[0..15]   
+                    check_wirstband=BatchLineItem.find_by_wristband_code(wristband_code)
+                            
+                    if check_wirstband.nil?
+                            puts  'Check Wristband'
+                        card_type=""           
+                        find_batch= Batch.find_by_id(batch_id)
+                        if !find_batch.nil?
+                            card_type=find_batch.adult_or_child.upcase
+                        end
+                        batchLineItem=BatchLineItem.new
+                        batchLineItem.wristband_code=wristband_code
+                        batchLineItem.serial_no=serial_no
+                        batchLineItem.batch_id=batch_id
+                        batchLineItem.manufacture_uid = manufacture_uid
+                        batchLineItem.card_type = card_type
+          
+                        if batchLineItem.save
+                            lookup=Lookup.find_by_name('generate_serial_no')
+                            max_serail_no=lookup.max_value
+                            lookup.max_value=max_serail_no.to_i+1
+                            lookup.save
 
-                check_manufacture = BatchLineItem.find_by_manufacture_uid_and_wristband_code(manufacture_uid,wristband_code)            
-                if check_manufacture.nil?    
-                    card_type=""           
-                    find_batch= Batch.find_by_id(batch_id)
-                    if !find_batch.nil?
-                        card_type=find_batch.adult_or_child.upcase
-                    end
-                    batchLineItem=BatchLineItem.new
-                    batchLineItem.wristband_code=wristband_code
-                    batchLineItem.serial_no=serial_no
-                    batchLineItem.batch_id=batch_id
-                    batchLineItem.manufacture_uid = manufacture_uid
-                    batchLineItem.card_type = card_type
-                      
-                    if batchLineItem.save
-                        lookup=Lookup.find_by_name('generate_serial_no')
-                        max_serail_no=lookup.max_value
-                        lookup.max_value=max_serail_no.to_i+1
-                        lookup.save
-
-                        @out = true,batchLineItem.serial_no,batchLineItem.wristband_code
+                            @out = true,batchLineItem.serial_no,batchLineItem.wristband_code
+                        else
+                            @out=false,'Error occurs in registration encoder!'
+                        end 
                     else
-                        @out=false,'Error occurs in registration encoder!'
-                    end 
+                        @out=false,'Wristband  is already registered!'  
+                    end
                 else
-                    @out=false,'Wristband code is already exists!'           
+                    @out=false,'Wristband  is already registered!'           
                 end
             else
-                @out=false,'Invalid Encryption Key!'      
+                @out=false,'Invalid User!'      
             end
          else
             @out=false,'Sorry!Unauthorized user!'
diff --git a/app/controllers/batch_line_items_controller.rb b/app/controllers/batch_line_items_controller.rb
index ebb0b85..7033c6d 100644
--- a/app/controllers/batch_line_items_controller.rb
+++ b/app/controllers/batch_line_items_controller.rb
@@ -6,7 +6,9 @@ class BatchLineItemsController < ApplicationController
 		user_id=current_member.user_id
 
 		@batches=Batch.where('user_id=?',user_id)			 
-		@batchLineItems=BatchLineItem.joins('inner join batches on batches.id=batch_line_items.batch_id').select('batch_line_items.*,batches.order_ref as batch_name').page(params[:page]).per(2)
+		@batchLineItems=BatchLineItem.joins('inner join batches on batches.id=batch_line_items.batch_id')
+									 .where('batches.user_id=?',user_id)
+									 .select('batch_line_items.*,batches.order_ref as batch_name').page(params[:page]).per(2)
 	end	 
 	def export
 		batch_list=params[:batch]
@@ -30,7 +32,7 @@ class BatchLineItemsController < ApplicationController
 			end
 			@batchLineItems = BatchLineItem.all.select('serial_no,wristband_code,batch_id,manufacture_uid,card_type')
 		end 
-	 
+	  
 		respond_to do |format|	 
 			format.html
 		   	format.csv { send_data @batchLineItems.to_csv(user_id), filename: "encoder-#{Date.today}.csv" }
diff --git a/app/controllers/batches_controller.rb b/app/controllers/batches_controller.rb
index 9573273..eab4ec1 100644
--- a/app/controllers/batches_controller.rb
+++ b/app/controllers/batches_controller.rb
@@ -1,4 +1,6 @@
 class BatchesController < ApplicationController    
+	 skip_before_filter  :verify_authenticity_token 
+     before_action :authenticate_member!
     def index
     	@batches=Batch.joins('inner join users on users.id=batches.user_id')
     				  .select('batches.*,users.name as user_name').order('batches.id desc').page(params[:page])
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
index 33d3f51..52f18f1 100644
--- a/app/controllers/home_controller.rb
+++ b/app/controllers/home_controller.rb
@@ -1,5 +1,6 @@
 class HomeController < ApplicationController
   skip_before_filter  :verify_authenticity_token 
+  before_action :authenticate_member!
 
 	def index		
       redirect_to new_member_session_path
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 055a779..bd5958e 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,5 +1,6 @@
 class UsersController < ApplicationController
   skip_before_filter  :verify_authenticity_token 
+  before_action :authenticate_member!
   before_action :set_user, only: [:show, :edit, :update, :destroy]
 
   # GET /users
@@ -32,7 +33,7 @@ class UsersController < ApplicationController
     key=cipher.random_key
     secrect_key= Base64.encode64(key)
     @user.secrect_key=secrect_key      
-
+    @email=email
     respond_to do |format|
       if @user.save
         member_id= current_member.id
diff --git a/app/models/batch_line_item.rb b/app/models/batch_line_item.rb
index 6a09370..6a5500b 100644
--- a/app/models/batch_line_item.rb
+++ b/app/models/batch_line_item.rb
@@ -24,13 +24,12 @@ class BatchLineItem < ApplicationRecord
 	    find_lookup=Lookup.find_by_name('generate_serial_no')
 	    if !find_lookup.nil?
 	    	max_value=find_lookup.max_value
+	    	max_value=max_value +1
 	    	prefix=find_lookup.prefix
-	    	max_length=find_lookup.max_length	
-
-	    	max_value=max_value +1	    	
+	    	max_length=find_lookup.max_length	    	
 	    	sufix_len=max_length-prefix.length 
 	    	sufix_str="0" * sufix_len	      
-	     	 
+	    	value_len= max_value.to_s.length	 
 	    	start=0
 	    	ends=sufix_len-value_len-1
 	    	sufix_str= sufix_str[start..ends]
@@ -38,14 +37,7 @@ class BatchLineItem < ApplicationRecord
 	    	prefix_str=prefix.to_s + user_id.to_s
 
 	    	serial_no=prefix_str.to_s+sufix_str+max_value.to_s	    	
-	    	return serial_no
-	    else
-	    	lookup= Lookup.new
-		  	lookup.name="generate_serial_no"
-		  	lookup.max_value=0
-		  	lookup.prefix='0000'
-		  	lookup.max_length=16
-		  	lookup.save	
+	    	return serial_no	   
 	    end
 	end
 	def self.to_csv(user_id)
@@ -68,7 +60,7 @@ class BatchLineItem < ApplicationRecord
 	      	end
 	    end
   	end
-  	def self.encrypted(message,encrypt_key)  		 
+  	def self.encrypted(message,encrypt_key)  
   		cipher = OpenSSL::Cipher::Cipher.new("aes-128-cbc")
   		cipher.encrypt
 
diff --git a/app/views/users/_form.html.erb b/app/views/users/_form.html.erb
index 74ce388..6ae1731 100644
--- a/app/views/users/_form.html.erb
+++ b/app/views/users/_form.html.erb
@@ -17,7 +17,7 @@
         <div class="col-md-5" >
             <div class="form-group">
                 <label for="email" class="string optional control-label">Registered Email:</label>
-                <input type="text" id="registered_email" name="registered_email" class="form-control" placeholder="Please enter member mail">          
+                <input type="text" id="registered_email" name="registered_email" class="form-control" placeholder="Please enter member mail" value="<%= @email %>">          
             </div> 
         </div>
         <div class="col-md-1">  
@@ -65,14 +65,21 @@
       </div>
   </div>   
 </div>
+
 <% end %>
 <script >
-$(document).ready(function() {    
-    status='disabled'    
+$(document).ready(function() {  
+    error_count="<%= @user.errors.count %>"  
+    if (error_count>0){
+      status='' 
+    }else{
+      status='disabled' 
+    }
+       
     name=$("#user_name").val()
     if (name.trim() !=""){        
         status=''
-    }  
+    }      
     enable_control(status)
     
     $("#check_email").click(function(){