def user_add_action(request):
"""
增加用户
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = UserForm(request.POST)
if form.is_valid():
role = form.cleaned_data['role']
# 人事用户也能够新建用户,但是只能新建员工
if check_role(request, ROLE_HR) and role != ROLE_STAFF:
msg = u"人事只能新建普通员工。"
form._errors["role"] = form.error_class([msg])
return render(request, "account/add.html", {
"form": form,
})
user = form.save()
user.set_password(form.cleaned_data['password'])
group = role_manager.get_role(role)
if group:
user.groups.add(group)
if not user.is_superuser:
personal = Personal.objects.create()
user.personal_id = personal.id
user.save()
return back_to_original_page(request, "/account/list/")
else:
return render(request, "account/add.html", {
"form": form,
})
def user_add_action(request):
"""
增加用户
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = UserForm(request.POST)
if form.is_valid():
role = form.cleaned_data['role']
# 人事用户也能够新建用户,但是只能新建员工
if check_role(request, ROLE_HR) and role != ROLE_STAFF:
msg = u"人事只能新建普通员工。"
form._errors["role"] = form.error_class([msg])
return render(request, "account/add.html", {"form": form, })
user = form.save()
user.set_password(form.cleaned_data['password'])
group = role_manager.get_role(role)
if group:
user.groups.add(group)
if not user.is_superuser:
personal = Personal.objects.create()
user.personal_id = personal.id
user.save()
return back_to_original_page(request, "/account/list/")
else:
return render(request, "account/add.html", {
"form": form,
})
def user_add_action(request):
"""
增加用户
"""
if check_role(request, ROLE_FAMILY_COMMON_USER):
raise PermissionDeniedError
form = UserForm(request.POST)
if form.is_valid():
# 家庭管理员只能添加家庭普通成员
role = form.cleaned_data['role']
if check_role(
request,
ROLE_FAMILY_SUPER_USER) and role != ROLE_FAMILY_COMMON_USER:
msg = u"家庭管理员只能添加家庭普通成员。"
form._errors["role"] = form.error_class([msg])
return render(request, "user_account/add.html", {
"form": form,
})
user = form.save()
user.set_password(form.cleaned_data['password'])
group = role_manager.get_role(role)
# 添加用户到组
if group:
user.groups.add(group)
user.save() # 保存用户到数据库
return back_to_original_page(request, "/user_account/list/")
else:
return render(request, "user_account/add.html", {
"form": form,
})
def user_list_view(request):
"""
用户一览View
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
# 排除自己,为了避免删除自己的帐号
queryset = User.objects.filter(is_superuser=False).exclude(
is_active=False).exclude(id=request.user.id)
params = get_list_params(request)
order_dict = {
u"un": "username",
u"fn": "full_name",
u"cd": "create_datetime",
u"gr": "groups",
}
# 搜索条件
if params['query']:
queryset = queryset.filter(
Q(username__contains=params['query'])
| Q(full_name__contains=params['query'])
| Q(groups__name__contains=params['query']))
# 如果是经理,权限等同管理员,显示全部
if check_role(request, ROLE_MANAGER):
queryset = queryset
# 如果是人事,只显示员工
elif check_role(request, ROLE_HR):
queryset = queryset.filter(groups__name=ROLES[ROLE_STAFF])
# 排序
if not params['order_field'] or not order_dict.has_key(
params['order_field']):
params['order_field'] = 'un'
params['order_direction'] = ''
queryset = queryset.order_by(
"%s%s" %
(params['order_direction'], order_dict[params['order_field']]))
total_count = queryset.count()
return render(
request, "account/list.html", {
"users": queryset[params['from']:params['to']],
"query_params": params,
"need_pagination": params['limit'] < total_count,
"total_count": total_count,
})
def notice_add_action(request):
"""
增加部门action
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = NoticeForm(request.POST, instance=Notice())
if form.is_valid() and 'dep_id' in request.POST:
dep_id = ','.join(dict(request.POST)['dep_id'])
form.instance.title = request.POST['title']
form.instance.start_date = request.POST['start_date']
form.instance.end_date = request.POST['end_date']
form.instance.content = request.POST['content']
form.instance.dep_id = str(dep_id) + ','
form.save()
return back_to_original_page(request, "/notice/list/")
else:
departments = Department.objects.filter(delete_flg=False)
return render(
request, "notice/add.html", {
"form": form,
"departments": departments,
"departments_need": 'dep_id' in request.POST,
})
def notice_add_action(request):
"""
增加部门action
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = NoticeForm(request.POST, instance=Notice())
if form.is_valid() and 'dep_id' in request.POST:
dep_id = ','.join(dict(request.POST)['dep_id'])
form.instance.title = request.POST['title']
form.instance.start_date = request.POST['start_date']
form.instance.end_date = request.POST['end_date']
form.instance.content = request.POST['content']
form.instance.dep_id = str(dep_id) + ','
form.save()
return back_to_original_page(request, "/notice/list/")
else:
departments = Department.objects.filter(delete_flg=False)
return render(request, "notice/add.html", {
"form": form,
"departments": departments,
"departments_need": 'dep_id' in request.POST,
})
def user_list_view(request):
"""
用户一览View
"""
queryset = User.objects.filter(is_superuser=False).exclude(is_active=False)
params = get_list_params(request)
order_dict = {
u"un": "username",
u"fn": "full_name",
u"cd": "create_datetime",
u"gr": "groups",
u"mb": "mobile",
u"em": "email",
}
# 搜索条件
if params['query']:
queryset = queryset.filter(Q(username__contains=params['query']))
# 如果是超级管理员,那么显示所有的用户信息
if check_role(request, ROLE_SYSADMIN):
queryset = queryset
# 如果是家庭管理员,那么只显示家庭普通成员的信息
elif check_role(request, ROLE_FAMILY_SUPER_USER):
queryset = queryset.filter(groups__name=ROLES[ROLE_FAMILY_COMMON_USER])
# 排序
if not params['order_field'] or not order_dict.has_key(
params['order_field']):
params['order_field'] = 'un'
params['order_direction'] = ''
queryset = queryset.order_by(
"%s%s" %
(params['order_direction'], order_dict[params['order_field']]))
total_count = queryset.count()
return render(
request, "user_account/list.html", {
"users": queryset[params['from']:params['to']],
"query_params": params,
"need_pagination": params['limit'] < total_count,
"total_count": total_count,
})
def user_list_view(request):
"""
用户一览View
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
# 排除自己,为了避免删除自己的帐号
queryset = User.objects.filter(is_superuser=False).exclude(is_active=False).exclude(id=request.user.id)
params = get_list_params(request)
order_dict = {
u"un": "username",
u"fn": "full_name",
u"cd": "create_datetime",
u"gr": "groups",
}
# 搜索条件
if params['query']:
queryset = queryset.filter(
Q(username__contains=params['query']) |
Q(full_name__contains=params['query']) |
Q(groups__name__contains=params['query'])
)
# 如果是经理,权限等同管理员,显示全部
if check_role(request, ROLE_MANAGER):
queryset = queryset
# 如果是人事,只显示员工
elif check_role(request, ROLE_HR):
queryset = queryset.filter(groups__name=ROLES[ROLE_STAFF])
# 排序
if not params['order_field'] or not order_dict.has_key(params['order_field']):
params['order_field'] = 'un'
params['order_direction'] = ''
queryset = queryset.order_by("%s%s" % (params['order_direction'], order_dict[params['order_field']]))
total_count = queryset.count()
return render(request, "account/list.html", {
"users": queryset[params['from']:params['to']],
"query_params": params,
"need_pagination": params['limit'] < total_count,
"total_count": total_count,
})
def check_in_all_list_view(request):
"""
所有人考勤记录view
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
params = get_list_params(request)
# queryset = CheckIn.objects.filter().order_by('-date', 'groups', 'full_name')
queryset = CheckIn.objects.order_by('-date')
order_dict = {
u"da": "date",
}
# 搜索条件
if params['query']:
queryset = queryset.filter(
Q(personal_check_in__belong_to__full_name__contains=params['query']) |
Q(personal_check_in__belong_to__groups__name__contains=params['query'])
)
# 如果是经理,权限等同管理员,显示全部
if check_role(request, ROLE_MANAGER):
queryset = queryset
# 如果是人事,只显示员工
elif check_role(request, ROLE_HR):
queryset = queryset.filter(personal_check_in__belong_to__groups__name=ROLES[ROLE_STAFF])
# 排序
if not params['order_field'] or not order_dict.has_key(params['order_field']):
params['order_field'] = 'da'
params['order_direction'] = '-'
queryset = queryset.order_by("%s%s" % (params['order_direction'], order_dict[params['order_field']]))
total_count = queryset.count()
return render(request, "comprehensive/check_in_all_view.html", {
"check_in": queryset[params['from']:params['to']],
"query_params": params,
"need_pagination": params['limit'] < total_count,
"total_count": total_count,
})
def user_edit_action(request):
"""
编辑用户动作
"""
# if not request.POST.has_key('id'):
# raise InvalidPostDataError()
id = request.POST['id']
if not check_permission_allowed(request, id):
raise PermissionDeniedError
user = get_object_or_404(User, id=id)
if request.POST.has_key('password'):
form = UserForm(request.POST, instance=user)
else:
form = UserEditForm(request.POST, instance=user)
if form.is_valid():
# 数据一致性校验
# if not 'update_timestamp' in request.POST or crypt.loads(request.POST["update_timestamp"]) != unicode(
# user.update_datetime):
# raise DataExclusivityError()
if request.user.is_superuser:
role = form.cleaned_data['role']
group = role_manager.get_role(role)
if group:
user.groups.clear()
user.groups.add(group)
user.full_name = form.cleaned_data['full_name']
if not isinstance(form, UserEditForm):
user.set_password(form.cleaned_data['password'])
user.save(update_fields=("full_name", "password",
"update_datetime"))
else:
user.save(update_fields=("full_name", "update_datetime"))
# 员工没有访问list权限,所以这里返回index
if check_role(request, ROLE_STAFF):
return back_to_original_page(request, "/")
return back_to_original_page(request, "/account/list/")
else:
role = form.cleaned_data[
'role'] if 'role' in form.cleaned_data else None
return render(
request,
"account/edit.html",
{
"form": form,
"id": id,
"role": role,
"role_name": ROLES[role] if role in ROLES else "",
# "update_timestamp": crypt.encryt(unicode(user.update_datetime))
})
def department_add_view(request):
"""
增加部门View
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = DepartmentForm()
return render(request, "comprehensive/department_add.html", {
"form": form,
})
def user_add_view(request):
"""
增加用户View
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = UserForm()
return render(request, "account/add.html", {
"form": form,
})
def user_add_view(request):
"""
增加用户View
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = UserForm()
return render(request, "account/add.html", {
"form": form,
})
def user_edit_action(request):
"""
编辑用户动作
"""
# if not request.POST.has_key('id'):
# raise InvalidPostDataError()
id = request.POST['id']
if not check_permission_allowed(request, id):
raise PermissionDeniedError
user = get_object_or_404(User, id=id)
if request.POST.has_key('password'):
form = UserForm(request.POST, instance=user)
else:
form = UserEditForm(request.POST, instance=user)
if form.is_valid():
# 数据一致性校验
# if not 'update_timestamp' in request.POST or crypt.loads(request.POST["update_timestamp"]) != unicode(
# user.update_datetime):
# raise DataExclusivityError()
if request.user.is_superuser:
role = form.cleaned_data['role']
group = role_manager.get_role(role)
if group:
user.groups.clear()
user.groups.add(group)
user.full_name = form.cleaned_data['full_name']
if not isinstance(form, UserEditForm):
user.set_password(form.cleaned_data['password'])
user.save(update_fields=("full_name", "password", "update_datetime"))
else:
user.save(update_fields=("full_name", "update_datetime"))
# 员工没有访问list权限,所以这里返回index
if check_role(request, ROLE_STAFF):
return back_to_original_page(request, "/")
return back_to_original_page(request, "/account/list/")
else:
role = form.cleaned_data['role'] if 'role' in form.cleaned_data else None
return render(request, "account/edit.html", {
"form": form,
"id": id,
"role": role,
"role_name": ROLES[role] if role in ROLES else "",
# "update_timestamp": crypt.encryt(unicode(user.update_datetime))
})
def notice_add_view(request):
"""
增加公告View
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = NoticeForm()
departments = Department.objects.filter(delete_flg=False)
return render(request, "notice/add.html", {
"form": form,
"departments": departments,
"departments_need": True,
})
def department_set_view(request):
"""
部门配置view
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
user = User.objects.select_related('personal').filter(is_superuser=False).\
exclude(is_active=False).order_by('groups', 'full_name')
params = get_list_params(request)
# 搜索条件
if params['query']:
user = user.filter(
Q(full_name__contains=params['query']) |
Q(groups__name__contains=params['query']) |
Q(personal__department__name__contains=params['query'])
)
# 如果是经理,权限等同管理员,显示全部
if check_role(request, ROLE_MANAGER):
user = user
# 如果是人事,只显示员工
elif check_role(request, ROLE_HR):
user = user.filter(groups__name=ROLES[ROLE_STAFF])
total_count = user.count()
department = Department.objects.filter(delete_flg=False).order_by('name')
return render(request, "comprehensive/department_set.html", {
"form_list": user,
"departments": department,
"query_params": params,
"total_count": total_count,
})
def department_edit_view(request, department_id):
"""
编辑部门视图
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
department = get_object_or_404(Department, id=department_id)
form = DepartmentForm(instance=department)
return render(request, "comprehensive/department_edit.html", {
"form": form,
"department_id": department_id,
})
def notice_add_view(request):
"""
增加公告View
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = NoticeForm()
departments = Department.objects.filter(delete_flg=False)
return render(request, "notice/add.html", {
"form": form,
"departments": departments,
"departments_need": True,
})
def department_delete_action(request):
"""
删除部门
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
Department.objects.filter(id__in=pks).update(delete_flg=True)
return back_to_original_page(request, '/comprehensive/department/list/')
def notice_delete_action(request):
"""
删除公告
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
Notice.objects.filter(id__in=pks).update(delete_flg=True)
return back_to_original_page(request, '/notice/list/')
def user_delete_action(request):
"""
删除用户
"""
if check_role(request, ROLE_FAMILY_COMMON_USER):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
User.objects.filter(id__in=pks).update(is_active=False)
return back_to_original_page(request, '/user_account/list/')
def notice_delete_action(request):
"""
删除公告
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
Notice.objects.filter(id__in=pks).update(delete_flg=True)
return back_to_original_page(request, '/notice/list/')
def notice_edit_view(request, notice_id):
"""
编辑公告视图
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
notice = get_object_or_404(Notice, id=notice_id)
form = NoticeForm(instance=notice)
departments = Department.objects.filter(delete_flg=False)
return render(request, "notice/edit.html", {
"form": form,
"notice_id": notice_id,
"departments": departments,
"departments_need": True,
})
def year_delete_action(request):
"""
家庭借入信息删除action
:param request:
:return:
"""
# 如果是家庭普通成员则报错
if check_role(request, ROLE_FAMILY_COMMON_USER):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
if key:
pks.append(int(key))
Yearly.objects.filter(id__in=pks).update(delete_flg=True, update_datetime=datetime.now())
return back_to_original_page(request, '/plan/year/list/')
def user_delete_action(request):
"""
删除用户
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
# if not request.POST.has_key('pk'):
# raise InvalidPostDataError()
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
User.objects.filter(id__in=pks).update(is_active=False)
return back_to_original_page(request, '/account/list/')
def user_delete_action(request):
"""
删除用户
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
# if not request.POST.has_key('pk'):
# raise InvalidPostDataError()
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
User.objects.filter(id__in=pks).update(is_active=False)
return back_to_original_page(request, '/account/list/')
def notice_edit_view(request, notice_id):
"""
编辑公告视图
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
notice = get_object_or_404(Notice, id=notice_id)
form = NoticeForm(instance=notice)
departments = Department.objects.filter(delete_flg=False)
return render(
request, "notice/edit.html", {
"form": form,
"notice_id": notice_id,
"departments": departments,
"departments_need": True,
})
def lend_delete_action(request):
"""
家庭借入信息删除action
:param request:
:return:
"""
# 如果是家庭普通成员则报错
if check_role(request, ROLE_FAMILY_COMMON_USER):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
if key:
pks.append(int(key))
Lend.objects.filter(id__in=pks).update(delete_flg=True,
update_datetime=datetime.now())
return back_to_original_page(request, '/income/lend/list/')
def department_add_action(request):
"""
增加部门action
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = DepartmentForm(request.POST)
if form.is_valid():
form.instance.name = request.POST['name']
if request.POST['description']:
form.instance.description = request.POST['description']
form.save()
return back_to_original_page(request, "/comprehensive/department/list/")
else:
return render(request, "comprehensive/department_add.html", {
"form": form,
})
def user_edit_action(request):
"""
编辑用户动作
"""
id = request.POST['id']
user = get_object_or_404(User, id=id)
if request.POST.has_key('password'):
form = UserForm(request.POST, instance=user)
else:
form = UserEditForm(request.POST, instance=user)
if form.is_valid():
if request.user.is_superuser:
role = form.cleaned_data['role']
group = role_manager.get_role(role)
if group:
user.groups.clear()
user.groups.add(group)
user.full_name = form.cleaned_data['full_name']
if not isinstance(form, UserEditForm):
user.set_password(form.cleaned_data['password'])
user.save(update_fields=("full_name", "password",
"update_datetime"))
else:
user.save(update_fields=("full_name", "update_datetime"))
if check_role(request, ROLE_FAMILY_COMMON_USER):
return back_to_original_page(request, "/")
return back_to_original_page(request, "/user_account/list/")
else:
role = form.cleaned_data[
'role'] if 'role' in form.cleaned_data else None
return render(
request, "user_account/edit.html", {
"form": form,
"id": id,
"role": role,
"role_name": ROLES[role] if role in ROLES else "",
})
def department_list_view(request):
"""
部门一览View
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
queryset = Department.objects.filter(delete_flg=False).order_by('name')
params = get_list_params(request)
# 搜索条件
if params['query']:
queryset = queryset.filter(name__contains=params['query'])
total_count = queryset.count()
return render(request, "comprehensive/department_list.html", {
"departments": queryset,
"query_params": params,
"total_count": total_count,
})
def status_set_edit_action(request):
"""
状态配置
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
response_data = {}
# 取得请求的人员信息id
pk = request.POST['pk']
# 取得请求的状态
value = request.POST['value']
# 取得人员
queryset = Personal.objects.filter(id=pk, delete_flg=False)
personal = queryset.get()
# 更新人员状态
personal.status = value
personal.save()
return HttpResponse(json.dumps(response_data), mimetype="application/json")
def notice_list_view(request):
"""
公告一览view
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
queryset = Notice.objects.filter().exclude(delete_flg=True)
params = get_list_params(request)
order_dict = {
u"sd": "start_date",
u"ed": "end_date",
}
# 搜索条件
if params['query']:
queryset = queryset.filter(
Q(content__contains=params['query'])
| Q(title__contains=params['query']))
# 排序
if not params['order_field'] or not order_dict.has_key(
params['order_field']):
params['order_field'] = 'sd'
params['order_direction'] = ''
queryset = queryset.order_by(
"%s%s" %
(params['order_direction'], order_dict[params['order_field']]))
total_count = queryset.count()
return render(
request, "notice/list.html", {
"notices": queryset[params['from']:params['to']],
"query_params": params,
"need_pagination": params['limit'] < total_count,
"total_count": total_count,
})
def department_edit_action(request):
"""
编辑部门动作
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
department_id = request.POST['department_id']
department = get_object_or_404(Department, id=department_id)
form = DepartmentForm(request.POST, instance=department)
if form.is_valid():
form.instance.name = request.POST['name']
if request.POST['description']:
form.instance.description = request.POST['description']
form.save()
return back_to_original_page(request, "/comprehensive/department/list/")
else:
return render(request, "comprehensive/department_edit.html", {
"form": form,
"department_id": department_id,
})
def notice_list_view(request):
"""
公告一览view
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
queryset = Notice.objects.filter().exclude(delete_flg=True)
params = get_list_params(request)
order_dict = {
u"sd": "start_date",
u"ed": "end_date",
}
# 搜索条件
if params['query']:
queryset = queryset.filter(
Q(content__contains=params['query']) |
Q(title__contains=params['query'])
)
# 排序
if not params['order_field'] or not order_dict.has_key(params['order_field']):
params['order_field'] = 'sd'
params['order_direction'] = ''
queryset = queryset.order_by("%s%s" % (params['order_direction'], order_dict[params['order_field']]))
total_count = queryset.count()
return render(request, "notice/list.html", {
"notices": queryset[params['from']:params['to']],
"query_params": params,
"need_pagination": params['limit'] < total_count,
"total_count": total_count,
})
def department_set_edit_action(request):
"""
部门配置
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
response_data = {}
personal_id = request.POST.get('personal_id')
department_id = request.POST.get('department_id')
queryset = Personal.objects.filter(id=personal_id).get()
form = PersonalDepartmentForm(request.POST, instance=queryset)
if form.is_valid():
form.instance.department_id = department_id
form.save()
response_data['validation'] = True
return HttpResponse(json.dumps(response_data), mimetype="application/json")
else:
response_data['validation'] = False
return HttpResponse(json.dumps(response_data), mimetype="application/json")
