v0.10.0 - Add session archive/activate feature with access controls

2026-01-25 02:23:18 -06:00
parent ca368cbbfb
commit 672591c736
8 changed files with 190 additions and 22 deletions
--- a/blueprints/counting.py
+++ b/blueprints/counting.py
@@ -3,6 +3,12 @@ from db import query_db, execute_db, get_db
 from utils import login_required

 counting_bp = Blueprint('counting', __name__)
+def get_active_session(session_id):
+    """Get session if it exists and is not archived. Returns None if invalid."""
+    sess = query_db('SELECT * FROM CountSessions WHERE session_id = ?', [session_id], one=True)
+    if not sess or sess['status'] == 'archived':
+        return None
+    return sess

@counting_bp.route('/count/<int:session_id>')
@login_required
@@ -29,6 +35,10 @@ def my_counts(session_id):
        flash('Session not found', 'danger')
        return redirect(url_for('dashboard'))
    
+    if sess['status'] == 'archived':
+        flash('This session has been archived', 'warning')
+        return redirect(url_for('dashboard'))
+    
    # Get this user's active bins
    active_bins = query_db('''
        SELECT lc.*, 
@@ -65,6 +75,11 @@ def my_counts(session_id):
@login_required
 def start_bin_count(session_id):
    """Start counting a new bin"""
+    sess = get_active_session(session_id)
+    if not sess:
+        flash('Session not found or archived', 'warning')
+        return redirect(url_for('dashboard'))
+    
    location_name = request.form.get('location_name', '').strip().upper()
    
    if not location_name:
@@ -125,7 +140,10 @@ def complete_location(location_count_id):
 def count_location(session_id, location_count_id):
    """Count lots in a specific location"""
    # Get session info to determine type (Cycle Count vs Physical)
-    sess = query_db('SELECT * FROM CountSessions WHERE session_id = ?', [session_id], one=True)
+    sess = get_active_session(session_id)
+    if not sess:
+        flash('Session not found or archived', 'warning')
+        return redirect(url_for('dashboard'))
    
    location = query_db('''
        SELECT * FROM LocationCounts
@@ -181,6 +199,10 @@ def count_location(session_id, location_count_id):
@login_required
 def scan_lot(session_id, location_count_id):
    """Process a lot scan with duplicate detection"""
+    sess = get_active_session(session_id)
+    if not sess:
+        return jsonify({'success': False, 'message': 'Session not found or archived'})
+    
    data = request.get_json()
    lot_number = data.get('lot_number', '').strip()
    weight = data.get('weight')
@@ -586,6 +608,10 @@ def recalculate_duplicate_status(session_id, lot_number, current_location):
@login_required
 def finish_location(session_id, location_count_id):
    """Finish counting a location"""
+    sess = get_active_session(session_id)
+    if not sess:
+        return jsonify({'success': False, 'message': 'Session not found or archived'})
+    
    # Get location info
    location = query_db('SELECT * FROM LocationCounts WHERE location_count_id = ?', 
                       [location_count_id], one=True)