from django.shortcuts import render, redirect, reverse from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin from django.contrib.auth.decorators import login_required from django.conf import settings from .usersforms import UsersAddNewUser, UsersAddProfileForm, UsersChangeProfil, AgencyUpdateForm, UsersPermForm from django.views.generic import CreateView, ListView, UpdateView, DetailView, DeleteView, View from django.contrib import messages from django.contrib.auth.models import User from django.db import models from .models import Profile, Agency from django.core.mail import send_mail from django.contrib.auth.models import Permission from django.http import HttpResponseRedirect,HttpResponse, JsonResponse from areas.models import Areas from tasks.models import Tasks from .priomodel import Prio from standards.models import Standards from datetime import datetime from django.utils import formats ''' DASHBOARD-View View nach erfolgreichem Login Dashboard Templates: welcomeusers.html und base.html ''' class AgencyCreateView(CreateView): model = User fields = ['first_name', 'last_name','username', 'email'] success_url = '/register/done' def form_valid(self, form): # Send message to the site messages.success(self.request, f'Agentur erstellt! Es wurde eine E-Mail verschickt mit weitere Infos zur Passworterstellung.') # SAVE OBJECTS TO SIGNALE! agency = Agency() agency.save() form.instance.agency = agency # E-Mail für Passwort-Setzung! send_mail( 'Agenturanmeldung', 'Hallo ' + form.cleaned_data.get('first_name') + ' ' + form.cleaned_data.get('last_name') + '! Bitte setzen sie sich auf https://digitale-agentur.com/password-reset/ ein Passwort. Anschließend können Sie weitere Details Ihrer Agentur eingeben.', 'support@digitale-agentur.com', [form.cleaned_data.get('email')], fail_silently=False, ) return super().form_valid(form) @login_required def dashboard(request): context = { 'active_link' : 'dashboard' } # Adding active_link # Loading only user same agency # Change context and return for template-data # # Get all Users of the Same Agency as logged user standards_of_agency = Standards.objects.filter(agency__pk=request.user.profile.agency.pk).order_by('-last_modified_on')[:10] context.update({'active_link' : 'dashboard', 'standards_of_agency' : standards_of_agency}) #return context return render (request, 'users/dashboard.html', context) class UsersManagement(LoginRequiredMixin, ListView): model = User # Adding active_link # Loading only user same agency # Change context and return for template-data def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) # Get all Users of the Same Agency as logged user users_of_agency = User.objects.filter(profile__agency__pk=self.request.user.profile.agency.pk) context.update({'active_link' : 'usersmanagement', 'users_of_agency':users_of_agency}) return context ''' Class AddNewUser() Erstellt einen neuen Nutzer mit SIGNALS, Profile und Agency (des aktuellen Users mit Rechten) ''' class UsersCreateUser(LoginRequiredMixin, CreateView): model = User fields = ['first_name', 'last_name','username', 'email'] success_url = '/dashboard/usersman/' # Adding active_link def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) context.update({'active_link' : 'usersmanagement'}) return context def form_valid(self, form): # Send message to the site messages.success(self.request, f'Benutzer angelegt!') # SAVE OBJECTS TO SIGNALE! form.instance.agency = self.request.user.profile.agency # E-Mail für Passwort-Setzung! send_mail( self.request.user.profile.agency.name + ' Anmeldung', 'Hallo ' + form.cleaned_data.get('first_name') + ' ' + form.cleaned_data.get('last_name') + '! Bitte setzen sie sich auf https://digitale-agentur.com/password-reset/ ein Passwort.', 'support@digitale-agentur.com', [form.cleaned_data.get('email')], fail_silently=False, ) return super().form_valid(form) # USER muss eingeloggt sein, um diese Seite zu sehen @login_required def profile(request): if request.method == 'POST': u_form = UsersChangeProfil(request.POST, instance=request.user) if u_form.is_valid(): u_form.save() prename = request.user.first_name name = request.user.last_name messages.success(request, f'Daten für {prename} {name} aktualisiert!') # Daten neu laden und nicht die "Mächten sie die Daten speichern...?" return redirect('users-dashboard') else: # Form in Klammern sind die aktuellen Daten :) u_form = UsersChangeProfil(instance=request.user) #p_form = UsersAddProfileForm(instance=request.user.profile) context = { 'u_form' : u_form, #'p_form' : p_form, 'active_link' : 'dashboard' } return render(request, 'users/profile.html', context) # Hier andere Nutzer ändern, wenn man Usersmanagement darf! class UserManagementUpdateForm(LoginRequiredMixin, UpdateView): model = Profile labels = { "phoneland" : "Telefon", "phonemobile" : "Mobil", "compfunc" : "Agenturfunktion", } fields = ['phoneland','phonemobile','compfunc'] # Update der Zugrifssrechte eines Users class UsersPermUpdateView(LoginRequiredMixin, View): template_name = 'users/users_perm.html' form_class = UsersPermForm success_url = '/dashboard/usersman/' # Form wird geladen; Checkboxen werden vorbereitet und hier rausgerendert. def get(self,request,*args, **kwargs): # User ist der hier Aufgerufene, bzw. das Profil! user_tochange = Profile.objects.get(pk=kwargs['pk']).user return render (request, self.template_name, {'form':self.form_class(user_tochange), 'active_link': 'usersmanagement', 'user_tochange': user_tochange}) # Handle POST GTTP requests def post(self, request, *args, **kwargs): permissions_loaded = dict(request.POST.lists()) user_tochange = Profile.objects.get(pk=kwargs['pk']).user # ITERATION Über alle Elemente gehen und Rechte entziehen (nicht vorhanden) oder adden (wenn vorhanden) # Hat ein user ein Recht NICHT, ist es NICHT in permissions # LOAD PERMISSIONS temprof = Profile for ele in temprof._meta.permissions: tempperm = Permission.objects.get(codename=ele[0]) if ele[0] in permissions_loaded: user_tochange.user_permissions.add(tempperm) else: # Eingeloggter User darf sich nicht selbst die Userverwaltungsrechte entziehen if user_tochange == request.user and ele[0]=='users_usermanagement': messages.warning(request, f'Benutzerverwaltungsrechte für {user_tochange.first_name} {user_tochange.last_name} kann nicht entfernt werden.') else: user_tochange.user_permissions.remove(tempperm) user_tochange.save() messages.success(request, f'Berechtigungen für {user_tochange.first_name} {user_tochange.last_name} aktualisiert!') return HttpResponseRedirect('/dashboard/usersman/') # Benutzerprofil wird aktualisiert class ProfileUpdateView(LoginRequiredMixin, UpdateView): model = Profile form_class = UsersAddProfileForm template_name = 'users/profile_update.html' success_url = '/dashboard/usersman/' def get_context_data(self, **kwargs): context = super(ProfileUpdateView, self).get_context_data(**kwargs) context['active_link'] = 'usersmanagement' return context # Delete a user! class ProfileDeleteView(LoginRequiredMixin, DeleteView): model = User success_url = '/dashboard/usersman' template_name = 'users/user_confirm_delete.html' def test_func(self): tempuser = self.get_object() todel_name = self.get_object().first_name + " " + self.get_object().last_name # self request user ist der aktuell user messages.success(self.request, f'Benutzer {todel_name} entfernet!') if self.request.user == tempuser: return False return True @login_required def agency(request): context = { 'active_link' : 'agencyinfo' } return render(request, 'users/agency.html', context) class AgencyUpdateView(LoginRequiredMixin, UpdateView): model = Agency form_class = AgencyUpdateForm template_name = 'users/agency_update.html' success_url = '/dashboard/agencyinfo' def get_context_data(self, **kwargs): context = super(AgencyUpdateView, self).get_context_data(**kwargs) context['active_link'] = 'agencyinfo' return context # PRIORISIERUNG ''' Es werden alle Aufgabenbereiche den Bereichen der Agentur zugeordnet und ausgegeben. ''' def UsersPrio(request, pk): user = User.objects.get(pk=pk) if(user.profile.agency.pk != request.user.profile.agency.pk): return HttpResponseRedirect('users-dashboard') else: prios = Prio.objects.filter(user__pk=pk) areas = Areas.objects.filter(agency__pk=request.user.profile.agency.pk) user_first_name = user.first_name user_last_name = user.last_name user_id = user.pk context = { 'active_link' : '', 'areas' : areas, 'user_first_name' : user_first_name, 'user_last_name' : user_last_name, 'user_id' : user_id, 'prios' : prios } return render(request, 'users/users_prio.html', context) def UsersPrioUpdate(request): tempuser = User.objects.get(pk=request.GET['userid']) if request.method == 'GET' and tempuser.profile.agency.pk == request.user.profile.agency.pk: prio = Prio.objects.filter(user__pk=request.GET['userid']).filter(task__pk=request.GET['taskid']) prio = list(prio)[0] prio.prio = request.GET['value'] prio.save() return HttpResponse("udated...") else: return HttpResponse("Request method is not a GET") import re def cleanhtml(raw_html): cleanr = re.compile('<.*?>') cleantext = re.sub(cleanr, '', raw_html) return cleantext # Searxh for Standards by name, content, creator - standards needs to be public! def GlobalSearch(request): if request.method == 'GET': searchfor = request.GET['searchstring'] results = {} ag = request.user.profile.agency.pk results = Standards.objects.filter(agency__pk=ag, public=True).filter(name__icontains=searchfor) | Standards.objects.filter(agency__pk=ag, public=True).filter(content__contains=searchfor) | Standards.objects.filter(agency__pk=ag, public=True).filter(area__name__icontains=searchfor) | Standards.objects.filter(agency__pk=ag, public=True).filter(task__name__icontains=searchfor) | Standards.objects.filter(agency__pk=ag, public=True).filter(created_standard_by__last_name__icontains=searchfor)|Standards.objects.filter(agency__pk=ag, public=True).filter(created_standard_by__first_name__icontains=searchfor) results = list(results) final_results = [] i = 0 for ele in results: tempele = {} tempele['id'] = ele.pk tempele['name'] = ele.name # First 100 chars of the Content tempele['content'] = cleanhtml(ele.content[:100]) tempele['first_name'] = ele.created_standard_by.first_name tempele['last_name'] = ele.created_standard_by.last_name tempele['first_name_mod'] = ele.last_modified_by.first_name tempele['last_name_mod'] = ele.last_modified_by.last_name tempele['created'] = formats.date_format(ele.created_standard_date, "d.m.Y") tempele['last_modified_on'] = formats.date_format(ele.last_modified_on, "d.m.Y") final_results.append(tempele) i += 1 return JsonResponse({'res' : final_results}) else: return HttpResponse("Request method is not a GET") def searchStandardRouter(request): if request.method == 'GET': return redirect('/standards/standard/'+request.GET['s_id']+'/single') else: return redirect('dashboard')