diff --git a/digitaleagentur/urls.py b/digitaleagentur/urls.py index 88ce86b..fb97203 100644 --- a/digitaleagentur/urls.py +++ b/digitaleagentur/urls.py @@ -46,8 +46,6 @@ urlpatterns = [ path('getdoc//', GetCryptFileRecover.as_view(), name=FETCH_URL_NAME), path('getdoc/', GetCryptFile.as_view(), name=FETCH_URL_NAME), path('captcha/', include('captcha.urls')), - - ] + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) if settings.DEBUG: urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) diff --git a/recoverdir/views.py b/recoverdir/views.py index 97dc86f..7cdcc4d 100644 --- a/recoverdir/views.py +++ b/recoverdir/views.py @@ -20,9 +20,7 @@ from django.contrib.auth.models import User from django.core.exceptions import ObjectDoesNotExist from django.contrib import messages - ######## HELPER FUNCTIONS - def randomString(stringLength=40): """Generate a random string of fixed length """ letters = string.ascii_lowercase @@ -47,7 +45,6 @@ def randomStringRecoverKey(): ''' def checkForLogin(self): - # Acutal Timestamp now = datetime.now() userloginrdtime = self.request.user.profile.rd_login @@ -66,7 +63,6 @@ def checkForLogin(self): return True ############################################# EXTERNAL ACCESS ############################################ - class LoadExternalDataLogin(FormView): template_name = "recoverdir/rd_external_login.html" form_class = LoginRDExternalForm @@ -94,8 +90,6 @@ class LoadExternalDataLogin(FormView): class CloseExternalData(TemplateView): template_name = "" - - def dispatch(self, *arg, **kwargs): try: settings = RecoverDirSetting.objects.filter(agency_id=kwargs['agpk'])[0] @@ -108,7 +102,6 @@ class CloseExternalData(TemplateView): messages.warning(self.request, f'Externer Zugang erfolgreich geschlossen.') return redirect('load-rd-external') - class LoadExternalData(TemplateView): template_name = "recoverdir/rd_external.html" context_object_name = 'agencydata' @@ -239,10 +232,7 @@ class LoadExternalData(TemplateView): }) return context - ############# VIEWS - -# Create your views here. class RecoverDirManagement(LoginRequiredMixin, ListView): model = PersLetter @@ -389,8 +379,6 @@ def CloseRecoverDir(request): request.user.profile.save() return redirect('recoverdir') - - class RecoverDirLog(FormView): template_name = "recoverdir/rd_elements_forms/rd_mainlogin.html" form_class = LoginRDForm @@ -470,7 +458,6 @@ class RecoverDirUpdateSettings(UpdateView): return redirect('recoverdir-addsettings') return super().form_valid(form) - class RecoverDirAddPL(CreateView): model = PersLetter success_url = reverse_lazy('recoverdir') @@ -478,7 +465,7 @@ class RecoverDirAddPL(CreateView): template_name = "recoverdir/rd_pers_add.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -493,10 +480,8 @@ class RecoverDirAddPL(CreateView): def form_valid(self, form): form.instance.agency = self.request.user.profile.agency form.instance.user = self.request.user - # TASK: Hier Aktualisierung hinzufügen! return super().form_valid(form) - class RecoverDirUpdatePL(UpdateView): model = PersLetter success_url = reverse_lazy('recoverdir') @@ -504,7 +489,7 @@ class RecoverDirUpdatePL(UpdateView): template_name = "recoverdir/rd_pers_update.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -518,7 +503,6 @@ class RecoverDirUpdatePL(UpdateView): # TASK: Hier Aktualisierung hinzufügen! return super().form_valid(form) - # Notfallhilfe ELEMENTE # ABNSCHNITT 1 @@ -529,7 +513,7 @@ class RDAoneAddDoc(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_1_adddoc.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -552,7 +536,6 @@ class RDAoneAddDoc(CreateView): context.update({'active_link' : 'recoverdir'}) return context - # Einzeldokumentenanzeige class RDAoneViewDoc(DetailView): model = Documents @@ -561,7 +544,7 @@ class RDAoneViewDoc(DetailView): context_object_name = 'document' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -573,7 +556,7 @@ class RDAoneDelDoc(DeleteView): context_object_name = 'document' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -590,7 +573,7 @@ class RDAoneUpdateDoc(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_1_adddoc.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -621,7 +604,7 @@ class RDAoneAddHL(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_1_addhl.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -642,7 +625,7 @@ class RDAoneUpdateHL(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_1_addhl.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -660,7 +643,7 @@ class RDAoneAddFC(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_1_addfc.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -681,7 +664,7 @@ class RDAoneUpdateContact(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_1_addfc.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -691,7 +674,6 @@ class RDAoneUpdateContact(UpdateView): context.update({'active_link' : 'recoverdir'}) return context - class RDAoneViewContact(DetailView): model = RDContact success_url = reverse_lazy('recoverdir') @@ -699,7 +681,7 @@ class RDAoneViewContact(DetailView): context_object_name = 'contact' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -711,7 +693,7 @@ class RDAoneDelContact(DeleteView): context_object_name = 'contact' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -721,7 +703,6 @@ class RDAoneDelContact(DeleteView): context.update({'active_link' : 'recoverdir'}) return context - # VERTRAUENSPERSON class RDAoneViewTrust(DetailView): model = RDTrustPerson @@ -730,7 +711,7 @@ class RDAoneViewTrust(DetailView): context_object_name = 'contact' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -742,7 +723,7 @@ class RDAoneDelTrust(DeleteView): context_object_name = 'contact' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -759,7 +740,7 @@ class RDAoneAddTrust(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_1_addtrust.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -780,7 +761,7 @@ class RDAoneUpdateTrust(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_1_addtrust.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -799,7 +780,7 @@ class RDAtwoAddHLFV(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_2_addhlvf.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -820,7 +801,7 @@ class RDAtwoUpdateFV(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_2_addhlvf.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -830,7 +811,6 @@ class RDAtwoUpdateFV(UpdateView): context.update({'active_link' : 'recoverdir'}) return context - # Banken usw. class RDAtwoViewdeposit(DetailView): model = DepositVollmacht @@ -839,7 +819,7 @@ class RDAtwoViewdeposit(DetailView): context_object_name = 'deposit' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -851,7 +831,7 @@ class RDAtwoDeldeposit(DeleteView): context_object_name = 'deposit' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -868,7 +848,7 @@ class RDAtwoAdddeposit(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_2_adddeposit.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -897,7 +877,7 @@ class RDAtwoUpdatedeposit(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_2_adddeposit.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -919,7 +899,7 @@ class RDAtwoViewergo(DetailView): context_object_name = 'ergo' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -931,7 +911,7 @@ class RDAtwoDelergo(DeleteView): context_object_name = 'ergo' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -948,7 +928,7 @@ class RDAtwoAddergo(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_2_addergo.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -969,7 +949,7 @@ class RDAtwoUpdateergo(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_2_addergo.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -991,7 +971,7 @@ class RDAtwoViewonlinebank(DetailView): context_object_name = 'onlinebank' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1003,7 +983,7 @@ class RDAtwoDelonlinebank(DeleteView): context_object_name = 'onlinebank' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1020,7 +1000,7 @@ class RDAtwoAddonlinebank(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_2_addonlinebank.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1050,7 +1030,7 @@ class RDAtwoUpdateonlinebank(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_2_addonlinebank.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1079,7 +1059,7 @@ class RDAthreeViewstreaming(DetailView): context_object_name = 'streaming' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1091,7 +1071,7 @@ class RDAthreeDelstreaming(DeleteView): context_object_name = 'streaming' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1108,7 +1088,7 @@ class RDAthreeAddstreaming(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_3_addstreamingabo.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1137,7 +1117,7 @@ class RDAthreeUpdatestreaming(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_3_addstreamingabo.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1166,7 +1146,7 @@ class RDAfourViewdigitalaccount(DetailView): context_object_name = 'account' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1179,7 +1159,7 @@ class RDAfourDeldigitalaccount(DeleteView): def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1196,7 +1176,7 @@ class RDAfourAdddigitalaccount(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_4_adddigitalaccount.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1226,7 +1206,7 @@ class RDAfourUpdatedigitalaccount(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_4_adddigitalaccount.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1255,7 +1235,7 @@ class RDAfiveViewpersonal(DetailView): context_object_name = 'personal' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1267,7 +1247,7 @@ class RDAfiveDelpersonal(DeleteView): context_object_name = 'personal' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1284,7 +1264,7 @@ class RDAfiveAddpersonal(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_5_addpersonal.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1306,7 +1286,7 @@ class RDAfiveUpdatepersonal(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_5_addpersonal.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1320,7 +1300,6 @@ class RDAfiveUpdatepersonal(UpdateView): context.update({'active_link' : 'recoverdir'}) return context - # RDElse class RDAnineViewelse(DetailView): model = RDElse @@ -1329,7 +1308,7 @@ class RDAnineViewelse(DetailView): context_object_name = 'else' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1341,7 +1320,7 @@ class RDAnineDelelse(DeleteView): context_object_name = 'ele' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1358,7 +1337,7 @@ class RDAnineAddelse(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_9_addelse.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1380,7 +1359,7 @@ class RDAnineUpdateelse(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_9_addelse.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1402,7 +1381,7 @@ class RDAsevenViewcontract(DetailView): context_object_name = 'contract' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1414,7 +1393,7 @@ class RDAsevenDelcontract(DeleteView): context_object_name = 'ele' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1431,7 +1410,7 @@ class RDAsevenAddcontract(CreateView): template_name = "recoverdir/rd_elements_forms/rd_area_7_addcontract.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1452,7 +1431,7 @@ class RDAsevenUpdatecontract(UpdateView): template_name = "recoverdir/rd_elements_forms/rd_area_7_addcontract.html" def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1468,7 +1447,6 @@ class RDAsevenUpdatecontract(UpdateView): ################################################## HISTORY ELEMENT VIEW ########################################## - # Persönliches Schreiben class PLSingleHistory(DetailView): model = PersLetter @@ -1476,7 +1454,7 @@ class PLSingleHistory(DetailView): context_object_name = 'persletter' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1503,7 +1481,7 @@ class HLSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_1_hl_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1532,7 +1510,7 @@ class HLVFSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_2_hl_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1555,14 +1533,13 @@ class HLVFSingleHistory(DetailView): }) return context - # CONTACT class ContactSingleHistory(DetailView): model = RDContact template_name = 'recoverdir/rd_elements_forms/rd_area_1_contact_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1591,7 +1568,7 @@ class TrustSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_1_trust_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1620,7 +1597,7 @@ class DepositSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_2_deposit_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1649,7 +1626,7 @@ class DocumentSingleHistory(DetailView): template_name = 'recoverdir/rd_doc_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1678,7 +1655,7 @@ class ErgoSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_2_ergo_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1707,7 +1684,7 @@ class OnlinebankSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_2_onlinebank_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1736,7 +1713,7 @@ class StreamingSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_3_streamingabo_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1765,7 +1742,7 @@ class DigitalAccountSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_4_digitalaccount_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1794,7 +1771,7 @@ class PersonalSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_5_personal_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1823,7 +1800,7 @@ class ContractSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_7_contract_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') @@ -1852,7 +1829,7 @@ class ElseSingleHistory(DetailView): template_name = 'recoverdir/rd_elements_forms/rd_area_9_else_single.html' def dispatch(self, *args, **kwargs): - if(checkForLogin(self)): + if(checkForLogin(self) and self.instance.agency == self.request.user.profile.agency): return super().dispatch(*args, **kwargs) else: return redirect('recoverdir-login') diff --git a/timemanagement/views.py b/timemanagement/views.py index 860a106..d717c5c 100644 --- a/timemanagement/views.py +++ b/timemanagement/views.py @@ -55,76 +55,80 @@ def get_datetime_range(year, month): @login_required def AbsenceUpdate(request, pk): - if request.method == "GET": absence = Absence.objects.get(pk=pk) - timeinfo_thisyear = list(UserYearAbsenceInfo.objects.filter(year=absence.start.year, user=absence.user))[0] - try: - timeinfo_nextyear = list(UserYearAbsenceInfo.objects.filter(year=absence.start.year+1, user=absence.user))[0] - except: - timeinfo_nextyear = False + if(absence.agency == request.user.profile.agency and request.user.has_perm("users.absencemanager")): + timeinfo_thisyear = list(UserYearAbsenceInfo.objects.filter(year=absence.start.year, user=absence.user))[0] + try: + timeinfo_nextyear = list(UserYearAbsenceInfo.objects.filter(year=absence.start.year+1, user=absence.user))[0] + except: + timeinfo_nextyear = False - context = { - "active_link" : "abscence", - "form" : UpdateAbsence(instance=request.user), - "absence" : absence, - "timeinfo_thisyear" : timeinfo_thisyear, - "timeinfo_nextyear" : timeinfo_nextyear, - "start" : absence.start.strftime("%d.%m.%Y"), - "end" : absence.end.strftime("%d.%m.%Y"), - } - return render(request, 'timemanagement/tm_ab_update.html', context) + context = { + "active_link" : "abscence", + "form" : UpdateAbsence(instance=request.user), + "absence" : absence, + "timeinfo_thisyear" : timeinfo_thisyear, + "timeinfo_nextyear" : timeinfo_nextyear, + "start" : absence.start.strftime("%d.%m.%Y"), + "end" : absence.end.strftime("%d.%m.%Y"), + } + return render(request, 'timemanagement/tm_ab_update.html', context) + else: + return redirect("login") elif request.method == "POST": absence = Absence.objects.get(pk=pk) - formtocheck = UpdateAbsence(request.POST, instance=request.user) - if(formtocheck.is_valid()): + if(absence.agency == request.user.profile.agency): + formtocheck = UpdateAbsence(request.POST, instance=request.user) + if(formtocheck.is_valid()): + abinfo = list(UserYearAbsenceInfo.objects.filter(user=absence.user, year=absence.start.year))[0] + abinfo_lastyear = "" + abinfo_nextyear = "" - abinfo = list(UserYearAbsenceInfo.objects.filter(user=absence.user, year=absence.start.year))[0] - abinfo_lastyear = "" - abinfo_nextyear = "" + is_lastyear = False - is_lastyear = False + abinfo_lastyear = list(UserYearAbsenceInfo.objects.filter(user=absence.user, year=absence.start.year-1)) + if(len(abinfo_lastyear) > 0): + is_lastyear = True + abinfo_lastyear = abinfo_lastyear[0] - abinfo_lastyear = list(UserYearAbsenceInfo.objects.filter(user=absence.user, year=absence.start.year-1)) - if(len(abinfo_lastyear) > 0): - is_lastyear = True - abinfo_lastyear = abinfo_lastyear[0] + is_nextyear = False + abinfo_nextyear = list(UserYearAbsenceInfo.objects.filter(user=absence.user, year=absence.start.year+1)) + if(len(abinfo_nextyear) > 0): + is_nextyear = True + abinfo_nextyear = abinfo_nextyear[0] - is_nextyear = False - abinfo_nextyear = list(UserYearAbsenceInfo.objects.filter(user=absence.user, year=absence.start.year+1)) - if(len(abinfo_nextyear) > 0): - is_nextyear = True - abinfo_nextyear = abinfo_nextyear[0] + abinfo.days_inuse -= formtocheck.cleaned_data["holidays_normal"] + abinfo.restdays -= formtocheck.cleaned_data["holidays_rest"] + abinfo.save() - abinfo.days_inuse -= formtocheck.cleaned_data["holidays_normal"] - abinfo.restdays -= formtocheck.cleaned_data["holidays_rest"] - abinfo.save() + abinfo_nextyear.days_inuse -= formtocheck.cleaned_data["holidays_normal_next"] + abinfo_nextyear.restdays -= formtocheck.cleaned_data["holidays_rest_next"] + abinfo_nextyear.save() - abinfo_nextyear.days_inuse -= formtocheck.cleaned_data["holidays_normal_next"] - abinfo_nextyear.restdays -= formtocheck.cleaned_data["holidays_rest_next"] - abinfo_nextyear.save() + absence.start = formtocheck.cleaned_data["start"] + absence.end = formtocheck.cleaned_data["end"] + absence.startday_info = str(formtocheck.cleaned_data["startday_info"]) + absence.endday_info = str(formtocheck.cleaned_data["endday_info"]) + absence.reason = formtocheck.cleaned_data["reason"] + #absence.info = formtocheck.cleaned_data["info"] + absence.confirm_info = formtocheck.cleaned_data["confirm_info"] - absence.start = formtocheck.cleaned_data["start"] - absence.end = formtocheck.cleaned_data["end"] - absence.startday_info = str(formtocheck.cleaned_data["startday_info"]) - absence.endday_info = str(formtocheck.cleaned_data["endday_info"]) - absence.reason = formtocheck.cleaned_data["reason"] - #absence.info = formtocheck.cleaned_data["info"] - absence.confirm_info = formtocheck.cleaned_data["confirm_info"] - - rep = None - if(formtocheck.cleaned_data["representator"] != None): - rep = User.objects.get(pk=formtocheck.cleaned_data["representator"].pk) - - absence.representator = rep - absence.holidays_normal = 0.0 - absence.holidays_rest = 0.0 - absence.holidays_normal_next = 0.0 - absence.holidays_rest_next = 0.0 - absence.save() - messages.success(request, f'Abwesenheit aktualisiert!') + rep = None + if(formtocheck.cleaned_data["representator"] != None): + rep = User.objects.get(pk=formtocheck.cleaned_data["representator"].pk) + + absence.representator = rep + absence.holidays_normal = 0.0 + absence.holidays_rest = 0.0 + absence.holidays_normal_next = 0.0 + absence.holidays_rest_next = 0.0 + absence.save() + messages.success(request, f'Abwesenheit aktualisiert!') + else: + messages.success(request, f'Fehler bei Abwesenheitsaktualisierung!') else: - messages.success(request, f'Fehler bei Abwesenheitsaktualisierung!') + return redirect("login") context = { "active_link" : "abscence", } @@ -132,7 +136,6 @@ def AbsenceUpdate(request, pk): @login_required def AbsenceManagmenet(request, activemonth=False, activeyear=False): - # NEW ABSENCE if(request.method == "POST"): ''' @@ -248,9 +251,7 @@ def AbsenceManagmenet(request, activemonth=False, activeyear=False): except: pass - # ABSENCE AUFLISTUNG NACH GRUND - allreasons = AbsenceReason.objects.filter(agency=request.user.profile.agency).order_by("name") final_reasons = [] for ar in allreasons: @@ -414,41 +415,43 @@ def TimeManagement(request, activemonth=False, activeyear=False): def TimeUpdate(request, pk, team=0): workday = Workday.objects.get(pk=pk) user = workday.user + if(request.user.profile.agency == workday.agency and request.user.has_perm('users.usermanager')): + if(request.method == "POST"): + if(team == 0): + form = UpdateWorkdayForm(request.POST, instance=request.user) + else: + form = UpdateWorkdayForm(request.POST, instance=user) - if(request.method == "POST"): - if(team == 0): - form = UpdateWorkdayForm(request.POST, instance=request.user) + start = datetime.datetime(int(workday.start.year), int(workday.start.month), int(workday.start.day), int(((str(form["start"].value()).split(":"))[0])), int(((str(form["start"].value()).split(":"))[1]))) + + end = datetime.datetime(int(workday.end.year), int(workday.end.month), int(workday.end.day), int(((str(form["end"].value()).split(":"))[0])), int(((str(form["end"].value()).split(":"))[1]))) + + workday.start = start + workday.end = end + workday.freefield = form["freefield"].value() + workday.target = form["target"].value() + + # Speichern, das jemand den Arbeitstag bearbeitet hat + workday.lastManualChangeUser = request.user + workday.lastManualChangeDate = datetime.datetime.now() + + workday.save() + messages.success(request, f'Arbeitstag aktualisiert') + if(team == 1): + return redirect('tm-team-single', user.pk, workday.start.month, workday.start.year) + else: + return redirect('tm-management') else: - form = UpdateWorkdayForm(request.POST, instance=user) - - start = datetime.datetime(int(workday.start.year), int(workday.start.month), int(workday.start.day), int(((str(form["start"].value()).split(":"))[0])), int(((str(form["start"].value()).split(":"))[1]))) - - end = datetime.datetime(int(workday.end.year), int(workday.end.month), int(workday.end.day), int(((str(form["end"].value()).split(":"))[0])), int(((str(form["end"].value()).split(":"))[1]))) - - workday.start = start - workday.end = end - workday.freefield = form["freefield"].value() - workday.target = form["target"].value() - - # Speichern, das jemand den Arbeitstag bearbeitet hat - workday.lastManualChangeUser = request.user - workday.lastManualChangeDate = datetime.datetime.now() - - workday.save() - messages.success(request, f'Arbeitstag aktualisiert') - if(team == 1): - return redirect('tm-team-single', user.pk, workday.start.month, workday.start.year) - else: - return redirect('tm-management') + context = { + "active_link" : "timemanagement", + "workday" : Workday.objects.get(pk=pk), + "form" : UpdateWorkdayForm(instance= Workday.objects.get(pk=pk)), + "team" : team, + "user" : workday.user + } + return render(request, 'timemanagement/timemanagement_update.html', context) else: - context = { - "active_link" : "timemanagement", - "workday" : Workday.objects.get(pk=pk), - "form" : UpdateWorkdayForm(instance= Workday.objects.get(pk=pk)), - "team" : team, - "user" : workday.user - } - return render(request, 'timemanagement/timemanagement_update.html', context) + return redirect("login") @login_required def TimeAdd(request, team=0, pk=0): @@ -529,43 +532,46 @@ def TimeAdd(request, team=0, pk=0): def AddBreak(request, pk, team=0): workday = Workday.objects.get(pk=pk) user = workday.user - if(request.method == "POST"): - if(team == 0): - form = AddBreakForm(request.POST, instance=request.user) + if(workday.agency == user.profile.agency): + if(request.method == "POST"): + if(team == 0): + form = AddBreakForm(request.POST, instance=request.user) + else: + form = AddBreakForm(request.POST, instance=user) + + start = datetime.datetime(int(workday.start.year), int(workday.start.month), int(workday.start.day), int(((str(form["start"].value()).split(":"))[0])), int(((str(form["start"].value()).split(":"))[1]))) + + end = datetime.datetime(int(workday.end.year), int(workday.end.month), int(workday.end.day), int(((str(form["end"].value()).split(":"))[0])), int(((str(form["end"].value()).split(":"))[1]))) + + if(team == 0): + newbreak = Breaks.objects.create(workday=workday, user=request.user, agency=request.user.profile.agency, start=start, end=end) + else: + newbreak = Breaks.objects.create(workday=workday, user=user, agency=user.profile.agency, start=start, end=end) + + workday.breaks.add(newbreak) + workday.save() + messages.success(request, f'Pause hinzugefügt') + + if(team == 0): + return redirect('tm-update', pk=pk) + else: + return redirect('tm-team-single', user.pk, workday.start.month, workday.start.year) else: - form = AddBreakForm(request.POST, instance=user) - - start = datetime.datetime(int(workday.start.year), int(workday.start.month), int(workday.start.day), int(((str(form["start"].value()).split(":"))[0])), int(((str(form["start"].value()).split(":"))[1]))) - - end = datetime.datetime(int(workday.end.year), int(workday.end.month), int(workday.end.day), int(((str(form["end"].value()).split(":"))[0])), int(((str(form["end"].value()).split(":"))[1]))) - - if(team == 0): - newbreak = Breaks.objects.create(workday=workday, user=request.user, agency=request.user.profile.agency, start=start, end=end) - else: - newbreak = Breaks.objects.create(workday=workday, user=user, agency=user.profile.agency, start=start, end=end) - - workday.breaks.add(newbreak) - workday.save() - messages.success(request, f'Pause hinzugefügt') - - if(team == 0): - return redirect('tm-update', pk=pk) - else: - return redirect('tm-team-single', user.pk, workday.start.month, workday.start.year) + if(team == 0): + context = { + "active_link" : "timemanagement", + "workday" : Workday.objects.get(pk=pk), + "form" : AddBreakForm(instance=request.user) + } + else: + context = { + "active_link" : "timemanagement", + "workday" : Workday.objects.get(pk=pk), + "form" : AddBreakForm(instance=user) + } + return render(request, 'timemanagement/timemanagement_break.html', context) else: - if(team == 0): - context = { - "active_link" : "timemanagement", - "workday" : Workday.objects.get(pk=pk), - "form" : AddBreakForm(instance=request.user) - } - else: - context = { - "active_link" : "timemanagement", - "workday" : Workday.objects.get(pk=pk), - "form" : AddBreakForm(instance=user) - } - return render(request, 'timemanagement/timemanagement_break.html', context) + return redirect('login') @login_required def TimeAjax(request): diff --git a/users/.DS_Store b/users/.DS_Store index 073fc41..8d23c85 100644 Binary files a/users/.DS_Store and b/users/.DS_Store differ diff --git a/users/static/.DS_Store b/users/static/.DS_Store index 9e7fc3a..adc1891 100644 Binary files a/users/static/.DS_Store and b/users/static/.DS_Store differ diff --git a/users/static/users/.DS_Store b/users/static/users/.DS_Store index 679ff0e..9fafb8d 100644 Binary files a/users/static/users/.DS_Store and b/users/static/users/.DS_Store differ