def asset_detail(request, asset_id): the_asset = [] errors = [] asset_form = [] #check asset exists the_asset = get_object_or_404(Asset, pk=asset_id) # check if the user is allowed to view this asset my_id = request.user is_linked = check_user_linked_to_asset(request.user, asset_id) if is_linked == False: errors.append("You do not have permission to view this page") is_an_owner = assets_extras.is_user_also_owner(request.user, asset_id) if is_an_owner == False: errors.append("Access restricted") return render(request, "assets/asset_detail.html", { "asset": the_asset, "errors": errors })
def asset_exception_detail2(request, asset_id, the_year=0, the_month=0, the_day=0): the_asset = get_object_or_404(Asset, id=asset_id) errors = [] user_ok = False the_year = 2020 the_month = 6 the_day = 17 if check_user_linked_to_asset(request.user, asset_id): if assets_extras.is_user_also_owner(request.user, asset_id): user_ok = True else: errors.append("Restricted Access") messages.add_message(request, messages.ERROR, "Restricted Access") user_ok = False else: errors.append("You are not authorised to view this page") messages.add_message(request, messages.ERROR, "You are not authorised to view this page") user_ok = False if user_ok: True return render(request, "assets/asset_exception_date.html", { "the_asset": the_asset, "errors": errors, 'user_ok': user_ok })
def print_bookings(request, **kwargs): asset_id = 0 my_id = request.user.id is_owner = False is_linked = False time_period = "future" selected_date = "" year = 0 month = 0 day = 0 #prepare the query if 'the_year' in kwargs: year = kwargs['the_year'] print(year) if 'the_month' in kwargs: month = kwargs['the_month'] print(month) if 'the_day' in kwargs: day = kwargs['the_day'] print(day) check = year + month + day print(check) if check > 0: selected_date = datetime.date(year, month, day) time_period = "" print("date is:") print(selected_date) #prepare the query if 'asset_id' in kwargs: asset_id = kwargs['asset_id'] #prepare the query if 'time_period' in kwargs: time_period = kwargs['time_period'] #can only print if an owner is_owner = is_user_also_owner(my_id, asset_id) #is the requestor linked to this asset? is_linked = check_user_linked_to_asset(my_id, asset_id) #format file name now = datetime.datetime.now() format_now_date = now.strftime("%d-%b-%y") format_now_time_in_file = now.strftime("%H:%M:%S") format_now_time_filename = now.strftime("_%H%M%S") format_file_name = "bookings_as_of_" + format_now_date + format_now_time_filename + ".csv" if is_owner and is_linked: the_output = get_bookings(asset_id=asset_id, time_period=time_period, selected_date=selected_date) response = HttpResponse(content_type='text/csv') response[ 'Content-Disposition'] = 'attachment; filename=' + format_file_name writer = csv.writer(response) writer.writerow([ 'Venue', 'Booking Date', ' Booking Time', 'First Name', 'Surname', 'Membership Number', 'Swipe ID' ]) for item in the_output: if not type(item.requested_date) is datetime.date: print("its not a date") format_date = item.requested_date.strftime("%d-%b-%y") format_time = item.requested_start_time.strftime("%H:%M") user_membership_ID = assets_extras.get_membership_id( item.requested_by_user_ID, item.asset_ID) user_swipe_ID = assets_extras.get_swipe_id( item.requested_by_user_ID, item.asset_ID) writer.writerow([ item.asset_ID.asset_display_name, format_date, format_time, item.requested_by_user_ID.first_name, item.requested_by_user_ID.last_name, user_membership_ID, user_swipe_ID ]) writer.writerow([]) writer.writerow([]) writer.writerow(['Printed:', format_now_date]) writer.writerow(['At:', format_now_time_in_file]) return response
def venue_calendar_admin(request, asset_id): the_asset = get_object_or_404(Asset, id=asset_id) errors = [] user_ok = False cal_data = {} dates_to_show = set() if check_user_linked_to_asset(request.user, asset_id): if is_user_also_owner(request.user, asset_id): user_ok = True else: errors.append("Restricted Access") messages.add_message(request, messages.ERROR, "Restricted Access") user_ok = False else: errors.append("You are not authorised to view this page") messages.add_message(request, messages.ERROR, "You are not authorised to view this page") user_ok = False if user_ok: #remove any selected dates/times from the session in case they exist already #empty session variables booking_extras.clear_exception_date_from_session # each day there are bookings, the calendar shows "Bookings <the number>" # and a link with "add an exception" # if the date is already in the exception table, the link will say "edit exception" (or something like that) # unlike the calendar for users (make_a_booking view), there are no modals on this calendar - each item on the date will be a separate link # create the object that the calendar needs (cal_data) # this is a series of dates and links #distict query below is not allowed in sqlite3 so will get individual dates by populating a set() which can only have unique values #dates_to_show = Bookings.objects.all().filter(asset_ID = the_asset.id, requested_date__gte=datetime.date.today()).order_by('requested_date').distinct('asset_ID', 'requested_date') #there will be multiple bookings per date so to get individual dates put into a set() all_future_bookings = Booking.objects.all().filter( asset_ID=the_asset.id, requested_date__gte=datetime.date.today()) if all_future_bookings: for item in all_future_bookings: # print(item.requested_date) dates_to_show.add(item.requested_date) if dates_to_show: for item in dates_to_show: num_future_bookings = get_total_bookings_venue( the_asset.id, selected_date=item) todays_date = datetime.date(datetime.datetime.now().year, datetime.datetime.now().month, datetime.datetime.now().day) is_exception_date = assets_extras.is_date_in_exception_table( the_asset.id, item) entry_date_str = item.strftime("%m-%d-%Y") if is_exception_date: click_link = onclick = 'UpdateExceptionDate(this," + str(entry_date.day) + "," + the_asset.id + ")' href_link = "%s%s/" % ("/asset/exception/", asset_id) exception_link = "<a style='background-color:#f44336; font-size:12px;border-radius: 25px;padding:4px 6px 4px 6px;' href='" + href_link + "'>View Exception Details</a>" else: exception_link = "" if num_future_bookings == 1: text_desc = "Booking" else: text_desc = "Bookings" cal_data[ entry_date_str] = "<div>%s %s</div> <div>%s</div>" % ( num_future_bookings, text_desc, exception_link) print(cal_data) else: #no dates to show, so empty calendar! messages.add_message(request, messages.INFO, "Click on any date to add an exception") return render( request, "booking/booking_calendar_venue.html", { "the_asset": the_asset, "errors": errors, "cal_data": cal_data, 'user_ok': user_ok })
def my_venue_bookings(request, asset_id, **kwargs): #set all initial values regardless of kwargs errors = [] is_owner = False time_period = "future" #assume always future future_bookings = [] past_bookings = [] num_bookings_future = 0 num_bookings_past = 0 the_asset = [] first_future_date = "" first_past_date = "" #start with who has requested this page #all bookings are returned for the venue provided #so the requestor should only be an OWNER #does asset exist? the_asset = get_object_or_404(Asset, id=asset_id) my_id = request.user.id # used in query - search for all bookings past or future from now # time period can be either: 'past' or 'future' if 'time_period' in kwargs: time_period = kwargs['time_period'] is_owner = is_user_also_owner(my_id, asset_id) if not is_owner: errors.append("You are not authorised to view this Bookings page") if len(errors) == 0: # if no time_period is provided then this view must return two record sets (past AND future) # if time_period is 'past' or 'future', then this view returns just one record set if time_period == "future": # this is all FUTURE bookings (>=today and >current time) future_bookings = get_bookings(time_period=time_period, asset_id=asset_id) num_bookings_future = len(future_bookings) first_future_date = get_first_date_in_booking_list(future_bookings) elif time_period == "past": # this is all PAST bookings (<=today and <current_time) past_bookings = get_bookings(time_period=time_period, asset_id=asset_id) num_bookings_past = len(past_bookings) first_past_date = get_first_date_in_booking_list(past_bookings) else: #this is ALL bookings (but still in separate past/future objects) future_bookings = get_bookings(time_period="future", asset_id=asset_id) num_bookings_future = len(future_bookings) first_future_date = get_first_date_in_booking_list(future_bookings) past_bookings = get_bookings(time_period="past", asset_id=asset_id) num_bookings_past = len(past_bookings) first_past_date = get_first_date_in_booking_list(past_bookings) return render( request, "booking/bookings.html", { "future_bookings": future_bookings, "num_bookings_future": num_bookings_future, "past_bookings": past_bookings, "num_bookings_past": num_bookings_past, "first_future_date": first_future_date, "first_past_date": first_past_date, "is_owner": is_owner, "the_asset": the_asset })
def asset_detail_edit(request, asset_id): #to edit a venue/asset, must be the owner (staff) #check asset exists the_asset = get_object_or_404(Asset, pk=asset_id) errors = 0 the_asset_form = [] the_asset_detail = [] # check if the user is allowed to view this asset my_id = request.user is_an_owner = assets_extras.is_user_also_owner(my_id, asset_id) if is_an_owner == False: messages.add_message(request, messages.ERROR, "You are not authorised to view this page") errors += errors else: the_asset_detail = Asset.objects.get(id=asset_id) #this is the only data an owner can edit themselves initial_data = { 'asset_display_name': the_asset_detail.asset_display_name, 'asset_max_bookings': the_asset_detail.asset_max_bookings, 'num_days_display_to_users': the_asset_detail.num_days_display_to_users } if errors == 0: #no errors if request.method == "POST": form = AssetForm(request.POST, initial=initial_data) if form.is_valid(): cd = form.cleaned_data if form.has_changed(): if 'is_owner' in form.changed_data: #check various things here like: # if changing opening days...are there already bookings made on those days? # if changing closing/opening times...are there already bookings made at those times? # if changing max_bookings allowed per slot...is it more/less than before and is it over-booked now? changed = True else: asset_display_name = cd['asset_display_name'] asset_max_bookings = cd['asset_max_bookings'] num_days_display_to_users = cd[ 'num_days_display_to_users'] try: Asset.objects.filter(id=asset_id).update( asset_display_name=asset_display_name, asset_max_bookings=asset_max_bookings, num_days_display_to_users= num_days_display_to_users) code_message = the_asset_detail.asset_display_name + " has been edited" messages.add_message(request, messages.INFO, code_message) #send back to Membership page return redirect( reverse_lazy('asset_detail', kwargs={"asset_id": asset_id})) except Error: code_message = "There was a problem, can you please try that again?" messages.add_message(request, messages.ERROR, code_message) return redirect( reverse_lazy('asset_detail', kwargs={"asset_id": asset_id})) else: print(form.errors) else: #not POST the_asset_form = AssetForm(initial=initial_data) else: #there are errors the_asset_form = [] return render(request, "assets/asset_detail_edit.html", { "asset": the_asset_detail, "form": the_asset_form })
def asset_exception_detail(request, asset_id): # this function is called when user wants to add or edit an exception on the date provided # the exception date (year, month, day) should be in the session # if not then send the user back to re-select the_asset = [] the_exception = [] errors = [] asset_exception_form = [] user_ok = False the_values = "" exception_date = "" is_a_weekday = False #check asset exists the_asset = get_object_or_404(Asset, pk=asset_id) # check if the user is allowed to view this asset my_id = request.user if check_user_linked_to_asset(request.user, asset_id): if assets_extras.is_user_also_owner(request.user, asset_id): user_ok = True else: errors.append("Access restricted") user_ok = False else: errors.append("You do not have permission to view this page") user_ok = False if user_ok: #sessions variables must exist #variables from the session if 'exception_year_cal' in request.session: year = (request.session['exception_year_cal']) if 'exception_month_cal' in request.session: month = (request.session['exception_month_cal']) if 'exception_day_cal' in request.session: day = (request.session['exception_day_cal']) try: #create the datetime object from the given parameters the_values = "%s - %s - %s" % (year, month, day) exception_date = datetime.date(int(year), int(month), int(day)) show_date_format = exception_date.strftime("%A, %d %B") is_a_weekday = booking_extras.is_date_a_weekday(exception_date) except: code_message = "There was a problem with the date. Please re-select from the calendar and try again." + the_values messages.add_message(request, messages.ERROR, code_message) return redirect( reverse_lazy('venue_calendar_admin', kwargs={"asset_id": the_asset.id})) else: #check if the exception exists exception_record = assets_extras.get_exception_record( the_asset.id, exception_date) if request.method == "POST": if exception_record: #include initial data so new content can be checked #against existing bookings form = AssetExceptionForm(request.POST, initial=exception_record) else: #no initial data so brand new exception form = AssetExceptionForm(request.POST) if form.is_valid(): cd = form.cleaned_data pass else: if exception_record: form = AssetExceptionForm(inital=exception_record) else: form = AssetExceptionForm( initial={ 'the_date': show_date_format, 'day': day, 'year': year, 'month': month }) return render( request, "assets/asset_exception_date.html", { "asset": the_asset, "errors": errors, "user_ok": user_ok, "form": form, "the_date": show_date_format, "is_a_weekday": is_a_weekday })
def member_detail(request, asset_id, **kwargs): #if user_id provided, then show this member #otherwise show all members the_asset = [] errors = [] member_id = 0 the_member_detail = [] code_message = "" is_activated = True if 'member_id' in kwargs: member_id = kwargs['member_id'] if 'activated' in kwargs: is_activated = kwargs['activated'] #check asset exists the_asset = get_object_or_404(Asset, id=asset_id) #check that the person requesting this is the owner of the asset_id is_an_owner = assets_extras.is_user_also_owner(request.user, asset_id) if is_an_owner == False: code_message = "You are not authorised to view this page" messages.add_message(request, messages.ERROR, code_message) if member_id > 0: print("member detail is:") print(member_id) #check user_id provided is actually linked to the asset_id provided # use filter (rather than GET) so that it returns an iterable object for the html page the_member_detail = Asset_User_Mapping.objects.all().filter( user_ID=member_id, asset_ID=asset_id) if not the_member_detail: code_message = "This is not a valid Membership number" messages.add_message(request, messages.ERROR, code_message) else: #all members the_member_detail = Asset_User_Mapping.objects.all().filter( asset_ID=asset_id, is_activated=is_activated).order_by('user_ID_id__last_name') if not the_member_detail: code_message = "There are no Members signed up yet" messages.add_message(request, messages.ERROR, code_message) if code_message: #don't show any details print("the code_message is: " + code_message) the_member_detail = [] return render(request, "assets/asset_user_mapping_detail.html", { "asset": the_asset, "members": the_member_detail, "errors": errors })
def member_detail_edit(request, asset_id, member_id): #to edit a member, must be the owner of the asset #check asset exists the_asset = get_object_or_404(Asset, pk=asset_id) errors = [] the_member_form = [] the_member_detail = [] initial_data = "" # check if the user is allowed to view this asset my_id = request.user is_an_owner = assets_extras.is_user_also_owner(my_id, asset_id) if is_an_owner == False: messages.add_message(request, messages.ERROR, "You are not authorised to view this page") errors.append("You are not authorised to view this page") else: #check validity of the member they want to edit is_linked = check_user_linked_to_asset(member_id, asset_id) if is_linked == False: messages.add_message(request, messages.ERROR, "That is not a valid Member ID") errors.append("That is not a valid Member ID") else: the_member_detail = Asset_User_Mapping.objects.get( asset_ID=asset_id, user_ID=member_id) initial_data = { 'is_activated': the_member_detail.is_activated, 'is_owner': the_member_detail.is_owner, 'asset_membership_ID': the_member_detail.asset_membership_ID, 'asset_swipe_ID': the_member_detail.asset_swipe_ID, 'admin_notes': the_member_detail.admin_notes } #for validation after form is POSTED, will need to know if the user_id submitting is the same as the member_id if my_id == the_member_detail.user_ID: owner_user_same_person = True else: owner_user_same_person = False if len(errors) == 0: #no errors if request.method == "POST": form = AssetMemberForm(request.POST, initial=initial_data) if form.is_valid(): cd = form.cleaned_data is_staff = cd['is_owner'] is_activated = cd['is_activated'] membership_ID = cd['asset_membership_ID'] swipe_ID = cd['asset_swipe_ID'] notes = cd['admin_notes'] if form.has_changed(): if ('is_owner' in form.changed_data or 'is_activated' in form.changed_data ) and owner_user_same_person: # check that the current user hasn't changed their own is_staff status to False # if they have send back a warning (or else they will not be able to view the Owner pages) code_message = "You cannot edit your own staff status. Another staff member must do this on your behalf." messages.add_message(request, messages.WARNING, code_message) return redirect( reverse_lazy('member_detail', kwargs={"asset_id": asset_id})) elif is_staff and not is_activated: code_message = "To deactivate a staff member, you must first remove their staff status" messages.add_message(request, messages.WARNING, code_message) errors.append(code_message) return redirect( reverse_lazy('member_detail', kwargs={"asset_id": asset_id})) else: try: Asset_User_Mapping.objects.filter( user_ID=member_id, asset_ID=asset_id).update( is_owner=is_staff, is_activated=is_activated, asset_membership_ID=membership_ID, asset_swipe_ID=swipe_ID, admin_notes=notes) code_message = "Member " + the_member_detail.user_ID.first_name + " " + the_member_detail.user_ID.last_name + " has been edited" messages.add_message(request, messages.INFO, code_message) #send back to Membership page return redirect( reverse_lazy('member_detail', kwargs={"asset_id": asset_id})) except Error: code_message = "There was a problem, can you please try that again?" messages.add_message(request, messages.ERROR, code_message) return redirect( reverse_lazy('member_detail', kwargs={"asset_id": asset_id})) else: print(form.errors) else: #not POST the_member_form = AssetMemberForm(initial=initial_data) else: #there are errors the_member_form = [] return render( request, "assets/asset_user_mapping_detail_edit.html", { "asset": the_asset, "form": the_member_form, "member": the_member_detail, "errors": errors })