def user_edit_action(request):
"""
编辑用户动作
"""
# if not request.POST.has_key('id'):
# raise InvalidPostDataError()
id = request.POST['id']
if not check_permission_allowed(request, id):
raise PermissionDeniedError
user = get_object_or_404(User, id=id)
if request.POST.has_key('password'):
form = UserForm(request.POST, instance=user)
else:
form = UserEditForm(request.POST, instance=user)
if form.is_valid():
# 数据一致性校验
# if not 'update_timestamp' in request.POST or crypt.loads(request.POST["update_timestamp"]) != unicode(
# user.update_datetime):
# raise DataExclusivityError()
if request.user.is_superuser:
role = form.cleaned_data['role']
group = role_manager.get_role(role)
if group:
user.groups.clear()
user.groups.add(group)
user.full_name = form.cleaned_data['full_name']
if not isinstance(form, UserEditForm):
user.set_password(form.cleaned_data['password'])
user.save(update_fields=("full_name", "password",
"update_datetime"))
else:
user.save(update_fields=("full_name", "update_datetime"))
# 员工没有访问list权限,所以这里返回index
if check_role(request, ROLE_STAFF):
return back_to_original_page(request, "/")
return back_to_original_page(request, "/account/list/")
else:
role = form.cleaned_data[
'role'] if 'role' in form.cleaned_data else None
return render(
request,
"account/edit.html",
{
"form": form,
"id": id,
"role": role,
"role_name": ROLES[role] if role in ROLES else "",
# "update_timestamp": crypt.encryt(unicode(user.update_datetime))
})
def user_edit_action(request):
"""
编辑用户动作
"""
# if not request.POST.has_key('id'):
# raise InvalidPostDataError()
id = request.POST['id']
if not check_permission_allowed(request, id):
raise PermissionDeniedError
user = get_object_or_404(User, id=id)
if request.POST.has_key('password'):
form = UserForm(request.POST, instance=user)
else:
form = UserEditForm(request.POST, instance=user)
if form.is_valid():
# 数据一致性校验
# if not 'update_timestamp' in request.POST or crypt.loads(request.POST["update_timestamp"]) != unicode(
# user.update_datetime):
# raise DataExclusivityError()
if request.user.is_superuser:
role = form.cleaned_data['role']
group = role_manager.get_role(role)
if group:
user.groups.clear()
user.groups.add(group)
user.full_name = form.cleaned_data['full_name']
if not isinstance(form, UserEditForm):
user.set_password(form.cleaned_data['password'])
user.save(update_fields=("full_name", "password", "update_datetime"))
else:
user.save(update_fields=("full_name", "update_datetime"))
# 员工没有访问list权限,所以这里返回index
if check_role(request, ROLE_STAFF):
return back_to_original_page(request, "/")
return back_to_original_page(request, "/account/list/")
else:
role = form.cleaned_data['role'] if 'role' in form.cleaned_data else None
return render(request, "account/edit.html", {
"form": form,
"id": id,
"role": role,
"role_name": ROLES[role] if role in ROLES else "",
# "update_timestamp": crypt.encryt(unicode(user.update_datetime))
})
def lend_edit_action(request):
"""
修改支出信息action
:param request:
:return:
"""
# 当前修改的收入信息
id = request.POST['id']
# 当前用户的id
user_id = request.POST['user_id']
lend = get_object_or_404(Lend, id=int(id))
form = LendForm(request.POST, instance=lend)
# 获取用户名保存到数据库
user = User.objects.filter(id=user_id).get()
# 信息登记人
mark_name = user.full_name
if form.is_valid():
# form.instance.user_id = id
form.save()
return back_to_original_page(request, "/income/lend/list/")
else:
return render_to_response("income/lend_edit.html", {
'user_id': user_id,
'id': id,
'form': form,
'username': mark_name,
},
context_instance=RequestContext(request))
def add_lend_action(request, user_id):
"""
添加借出信息action
:param request:
:param user_id:
:return:
"""
# 将登录用户id进行格式化
id = int(user_id)
user = User.objects.filter(id=id).get()
# 获取登录人姓名
username = user.full_name
# 获取前端提交的信息
form = LendForm(request.POST, instance=Lend())
if form.is_valid():
# 将用户id保存到user_id字段
form.instance.user_id = id
form.instance.handler = username
form.save()
return back_to_original_page(request, "/income/lend/list/")
else:
return render(
request, "income/add_lend.html", {
'form': form,
'user_id': id,
'username': username,
'current_now': get_today().strftime(DATE_INPUT_FORMAT_HYPHEN),
})
def add_income_action(request, user_id):
"""
添加收入明细action
:param request:
:return:
"""
id = int(user_id)
form = IncomeForm(request.POST, instance=Income())
# 获取用户名保存到数据库
user = User.objects.filter(id=id).get()
# 信息登记人
mark_name = user.full_name
if form.is_valid():
form.instance.user_id = id
form.save()
return back_to_original_page(request, "/income/list/")
else:
return render_to_response(
"income/add_income.html", {
'user_id': id,
'form': form,
'username': mark_name,
'current_now': get_today().strftime(DATE_INPUT_FORMAT_HYPHEN),
},
context_instance=RequestContext(request))
def month_add_action(request, user_id):
"""
添加借入信息action
:param request:
:param user_id:
:return:
"""
# 将登录用户id进行格式化
id = int(user_id)
user = User.objects.filter(id=id).get()
# 获取登录人姓名
username = user.full_name
# 获取前端提交的信息
form = MonthlyForm(request.POST, instance=Monthly())
if form.is_valid():
# 将用户id保存到user_id字段
form.instance.user_id = id
form.instance.handler = username
form.save()
return back_to_original_page(request, "/plan/month/list/")
else:
return render(request, "plan/add_monthly.html", {
'form': form,
'user_id': id,
'username': username,
'current_now': get_today().strftime(DATE_INPUT_FORMAT_HYPHEN),
})
def user_add_action(request):
"""
增加用户
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = UserForm(request.POST)
if form.is_valid():
role = form.cleaned_data['role']
# 人事用户也能够新建用户,但是只能新建员工
if check_role(request, ROLE_HR) and role != ROLE_STAFF:
msg = u"人事只能新建普通员工。"
form._errors["role"] = form.error_class([msg])
return render(request, "account/add.html", {
"form": form,
})
user = form.save()
user.set_password(form.cleaned_data['password'])
group = role_manager.get_role(role)
if group:
user.groups.add(group)
if not user.is_superuser:
personal = Personal.objects.create()
user.personal_id = personal.id
user.save()
return back_to_original_page(request, "/account/list/")
else:
return render(request, "account/add.html", {
"form": form,
})
def notice_add_action(request):
"""
增加部门action
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = NoticeForm(request.POST, instance=Notice())
if form.is_valid() and 'dep_id' in request.POST:
dep_id = ','.join(dict(request.POST)['dep_id'])
form.instance.title = request.POST['title']
form.instance.start_date = request.POST['start_date']
form.instance.end_date = request.POST['end_date']
form.instance.content = request.POST['content']
form.instance.dep_id = str(dep_id) + ','
form.save()
return back_to_original_page(request, "/notice/list/")
else:
departments = Department.objects.filter(delete_flg=False)
return render(request, "notice/add.html", {
"form": form,
"departments": departments,
"departments_need": 'dep_id' in request.POST,
})
def notice_add_action(request):
"""
增加部门action
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = NoticeForm(request.POST, instance=Notice())
if form.is_valid() and 'dep_id' in request.POST:
dep_id = ','.join(dict(request.POST)['dep_id'])
form.instance.title = request.POST['title']
form.instance.start_date = request.POST['start_date']
form.instance.end_date = request.POST['end_date']
form.instance.content = request.POST['content']
form.instance.dep_id = str(dep_id) + ','
form.save()
return back_to_original_page(request, "/notice/list/")
else:
departments = Department.objects.filter(delete_flg=False)
return render(
request, "notice/add.html", {
"form": form,
"departments": departments,
"departments_need": 'dep_id' in request.POST,
})
def year_edit_action(request):
# 当前修改的收入信息
id = request.POST['id']
# 当前用户的id
user_id = request.POST['user_id']
year = get_object_or_404(Yearly, id=int(id))
form = YearlyForm(request.POST, instance=year)
# 获取用户名保存到数据库
user = User.objects.filter(id=user_id).get()
# 信息登记人
mark_name = user.full_name
if form.is_valid():
# form.instance.user_id = id
form.save()
return back_to_original_page(request, "/plan/year/list/")
else:
return render_to_response("plan/year_edit.html", {
'user_id': user_id,
'id': id,
'form': form,
'username': mark_name,
}, context_instance=RequestContext(request))
def register_action(request):
"""
用户注册
"""
form = UserRegisterForm(request.POST, instance=User())
if form.is_valid():
role = form.cleaned_data['role']
form.instance.username = request.POST['username']
form.instance.password = request.POST['password']
form.instance.full_name = request.POST['full_name']
form.instance.email = request.POST['email']
form.instance.mobile = request.POST['mobile']
user = form.save()
user.set_password(form.instance.password)
group = role_manager.get_role(role)
if group:
user.groups.add(group)
user.save()
return back_to_original_page(request, "/user_account/login/")
else:
return render(request, "user_account/register.html", {
'form': form,
})
def user_add_action(request):
"""
增加用户
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = UserForm(request.POST)
if form.is_valid():
role = form.cleaned_data['role']
# 人事用户也能够新建用户,但是只能新建员工
if check_role(request, ROLE_HR) and role != ROLE_STAFF:
msg = u"人事只能新建普通员工。"
form._errors["role"] = form.error_class([msg])
return render(request, "account/add.html", {"form": form, })
user = form.save()
user.set_password(form.cleaned_data['password'])
group = role_manager.get_role(role)
if group:
user.groups.add(group)
if not user.is_superuser:
personal = Personal.objects.create()
user.personal_id = personal.id
user.save()
return back_to_original_page(request, "/account/list/")
else:
return render(request, "account/add.html", {
"form": form,
})
def user_add_action(request):
"""
增加用户
"""
if check_role(request, ROLE_FAMILY_COMMON_USER):
raise PermissionDeniedError
form = UserForm(request.POST)
if form.is_valid():
# 家庭管理员只能添加家庭普通成员
role = form.cleaned_data['role']
if check_role(
request,
ROLE_FAMILY_SUPER_USER) and role != ROLE_FAMILY_COMMON_USER:
msg = u"家庭管理员只能添加家庭普通成员。"
form._errors["role"] = form.error_class([msg])
return render(request, "user_account/add.html", {
"form": form,
})
user = form.save()
user.set_password(form.cleaned_data['password'])
group = role_manager.get_role(role)
# 添加用户到组
if group:
user.groups.add(group)
user.save() # 保存用户到数据库
return back_to_original_page(request, "/user_account/list/")
else:
return render(request, "user_account/add.html", {
"form": form,
})
def user_edit_action(request):
"""
编辑用户动作
"""
id = request.POST['id']
user = get_object_or_404(User, id=id)
if request.POST.has_key('password'):
form = UserForm(request.POST, instance=user)
else:
form = UserEditForm(request.POST, instance=user)
if form.is_valid():
if request.user.is_superuser:
role = form.cleaned_data['role']
group = role_manager.get_role(role)
if group:
user.groups.clear()
user.groups.add(group)
user.full_name = form.cleaned_data['full_name']
if not isinstance(form, UserEditForm):
user.set_password(form.cleaned_data['password'])
user.save(update_fields=("full_name", "password",
"update_datetime"))
else:
user.save(update_fields=("full_name", "update_datetime"))
if check_role(request, ROLE_FAMILY_COMMON_USER):
return back_to_original_page(request, "/")
return back_to_original_page(request, "/user_account/list/")
else:
role = form.cleaned_data[
'role'] if 'role' in form.cleaned_data else None
return render(
request, "user_account/edit.html", {
"form": form,
"id": id,
"role": role,
"role_name": ROLES[role] if role in ROLES else "",
})
def notice_delete_action(request):
"""
删除公告
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
Notice.objects.filter(id__in=pks).update(delete_flg=True)
return back_to_original_page(request, '/notice/list/')
def user_delete_action(request):
"""
删除用户
"""
if check_role(request, ROLE_FAMILY_COMMON_USER):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
User.objects.filter(id__in=pks).update(is_active=False)
return back_to_original_page(request, '/user_account/list/')
def department_delete_action(request):
"""
删除部门
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
Department.objects.filter(id__in=pks).update(delete_flg=True)
return back_to_original_page(request, '/comprehensive/department/list/')
def notice_delete_action(request):
"""
删除公告
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
Notice.objects.filter(id__in=pks).update(delete_flg=True)
return back_to_original_page(request, '/notice/list/')
def year_delete_action(request):
"""
家庭借入信息删除action
:param request:
:return:
"""
# 如果是家庭普通成员则报错
if check_role(request, ROLE_FAMILY_COMMON_USER):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
if key:
pks.append(int(key))
Yearly.objects.filter(id__in=pks).update(delete_flg=True, update_datetime=datetime.now())
return back_to_original_page(request, '/plan/year/list/')
def user_delete_action(request):
"""
删除用户
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
# if not request.POST.has_key('pk'):
# raise InvalidPostDataError()
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
User.objects.filter(id__in=pks).update(is_active=False)
return back_to_original_page(request, '/account/list/')
def user_delete_action(request):
"""
删除用户
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
# if not request.POST.has_key('pk'):
# raise InvalidPostDataError()
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
# if key and is_int(key):
if key:
pks.append(int(key))
User.objects.filter(id__in=pks).update(is_active=False)
return back_to_original_page(request, '/account/list/')
def lend_delete_action(request):
"""
家庭借入信息删除action
:param request:
:return:
"""
# 如果是家庭普通成员则报错
if check_role(request, ROLE_FAMILY_COMMON_USER):
raise PermissionDeniedError
pk = request.POST["pk"]
pks = []
for key in pk.split(','):
if key:
pks.append(int(key))
Lend.objects.filter(id__in=pks).update(delete_flg=True,
update_datetime=datetime.now())
return back_to_original_page(request, '/income/lend/list/')
def department_add_action(request):
"""
增加部门action
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
form = DepartmentForm(request.POST)
if form.is_valid():
form.instance.name = request.POST['name']
if request.POST['description']:
form.instance.description = request.POST['description']
form.save()
return back_to_original_page(request, "/comprehensive/department/list/")
else:
return render(request, "comprehensive/department_add.html", {
"form": form,
})
def login_action(request):
"""
登录动作
"""
form = UserLoginForm(request.POST)
if form.is_valid():
cleaned_data = form.cleaned_data
if cleaned_data.has_key('needRemember') and cleaned_data['needRemember']:
request.session.set_expiry(2678400) # session保持一个月
username = cleaned_data['username']
password = cleaned_data['password']
user = authenticate(username=username, password=password)
login(request, user)
# Return an 'invalid login' error message.
return back_to_original_page(request, "/")
return render(request, "account/login.html", {
"form": form,
})
def login_action(request):
"""
登录动作
"""
form = UserLoginForm(request.POST)
if form.is_valid():
cleaned_data = form.cleaned_data
if cleaned_data.has_key(
'needRemember') and cleaned_data['needRemember']:
request.session.set_expiry(2678400) # session保持一个月
username = cleaned_data['username']
password = cleaned_data['password']
user = authenticate(username=username, password=password)
login(request, user)
# Return an 'invalid login' error message.
return back_to_original_page(request, "/")
return render(request, "account/login.html", {
"form": form,
})
def department_edit_action(request):
"""
编辑部门动作
"""
if check_role(request, ROLE_STAFF):
raise PermissionDeniedError
department_id = request.POST['department_id']
department = get_object_or_404(Department, id=department_id)
form = DepartmentForm(request.POST, instance=department)
if form.is_valid():
form.instance.name = request.POST['name']
if request.POST['description']:
form.instance.description = request.POST['description']
form.save()
return back_to_original_page(request, "/comprehensive/department/list/")
else:
return render(request, "comprehensive/department_edit.html", {
"form": form,
"department_id": department_id,
})
