100 lines
3.4 KiB
Python
Executable File
100 lines
3.4 KiB
Python
Executable File
import logging
|
|
from flask import request
|
|
|
|
from app.search import search
|
|
from app import db
|
|
from app.common.responses import success_response
|
|
from sqlalchemy import or_
|
|
from app.classes.customer import Customer_Customer, Customer_Customer_schema
|
|
from app.classes.delivery import Delivery_Delivery, Delivery_Delivery_schema
|
|
from flask_login import login_required
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
def escape_like(value: str) -> str:
|
|
"""Escape special LIKE characters to prevent LIKE injection."""
|
|
if value is None:
|
|
return ""
|
|
return value.replace("\\", "\\\\").replace("%", "\\%").replace("_", "\\_")
|
|
|
|
|
|
@search.route("/customer", methods=["GET"])
|
|
@login_required
|
|
def search_customers():
|
|
"""
|
|
|
|
"""
|
|
keyword = request.args.get('q')
|
|
logger.info(f"GET /search/customer - Searching customers with keyword: {keyword}")
|
|
search = "%{}%".format(escape_like(keyword))
|
|
search_type = (search[1])
|
|
search = search.replace("!", "")
|
|
search = search.replace("#", "")
|
|
search = search.replace("@", "")
|
|
search = search.replace("$", "")
|
|
# search by last name
|
|
if search_type == '@':
|
|
search = search[1:]
|
|
customer_list = (db.session
|
|
.query(Customer_Customer)
|
|
.filter(Customer_Customer.customer_last_name.ilike(search))
|
|
.all())
|
|
# Customer Address
|
|
elif search_type == '!':
|
|
|
|
search = search[::1]
|
|
customer_list = (db.session
|
|
.query(Customer_Customer)
|
|
.filter(Customer_Customer.customer_address.ilike(search))
|
|
.all())
|
|
# Phone Number
|
|
elif search_type == '#':
|
|
search = search[::1]
|
|
customer_list = (db.session
|
|
.query(Customer_Customer)
|
|
.filter(Customer_Customer.customer_phone_number.ilike(search))
|
|
.all())
|
|
# Account Number
|
|
elif search_type == '$':
|
|
search = search[::1]
|
|
|
|
customer_list = (db.session
|
|
.query(Customer_Customer)
|
|
.filter(Customer_Customer.account_number.ilike(search))
|
|
.order_by(Customer_Customer.account_number.asc())
|
|
.all())
|
|
|
|
else:
|
|
customer_list = (db.session
|
|
.query(Customer_Customer)
|
|
.filter(or_(Customer_Customer.customer_last_name.ilike(search),
|
|
Customer_Customer.customer_first_name.ilike(search),
|
|
Customer_Customer.customer_address.ilike(search)))
|
|
.all())
|
|
|
|
|
|
customer_schema = Customer_Customer_schema(many=True)
|
|
return success_response({"customers": customer_schema.dump(customer_list)})
|
|
|
|
|
|
@search.route("/delivery", methods=["GET"])
|
|
@login_required
|
|
def search_delivery():
|
|
"""
|
|
pagination all customers
|
|
"""
|
|
keyword = request.args.get('q')
|
|
logger.info(f"GET /search/delivery - Searching deliveries with keyword: {keyword}")
|
|
search = "%{}%".format(escape_like(keyword))
|
|
search_type = (search[1])
|
|
|
|
delivery_ticket = (db.session
|
|
.query(Delivery_Delivery)
|
|
.filter(Delivery_Delivery.id.ilike(search))
|
|
.all())
|
|
|
|
|
|
delivery_schema = Delivery_Delivery_schema(many=True)
|
|
return success_response({"deliveries": delivery_schema.dump(delivery_ticket)})
|