def clean_user_type(self):
user_type = self.cleaned_data['user_type']
if CommonHelpers.is_int_equal(user_type, MyUser.ADMIN):
self.created_by = None
elif CommonHelpers.is_int_equal(user_type, MyUser.EMPLOYEE):
managers = MyUser.objects.filter(assigned_to=self.created_by,
user_type=MyUser.MANAGER)
if managers:
index = random.randint(0, len(managers) - 1)
manager = managers[index]
self.created_by = manager
else:
raise ValidationError('Managers do not exist')
elif CommonHelpers.is_int_equal(
user_type,
MyUser.INDIVIDUAL_USER) or CommonHelpers.is_int_equal(
user_type, MyUser.MERCHANT):
managers = MyUser.objects.filter(assigned_to=self.created_by,
user_type=MyUser.MANAGER)
temp_managers = []
for manager in managers:
employees = MyUser.objects.filter(
assigned_to=manager, user_type=MyUser.EMPLOYEE).count()
if employees > 0:
temp_managers += [manager]
managers = temp_managers
if managers:
index = random.randint(0, len(managers) - 1)
manager = managers[index]
employees = MyUser.objects.filter(assigned_to=manager,
user_type=MyUser.EMPLOYEE)
if employees:
index = random.randint(0, len(employees) - 1)
employee = employees[index]
self.created_by = employee
else:
raise ValidationError('Employees do not exist')
else:
raise ValidationError('Managers do not exist')
return user_type
def get(self, request, user_id):
user = request.user
if CommonHelpers.is_int_equal(user_id, user.id) or user.is_admin():
if not AccountHelpers.is_user_having_account(user_id):
return render(request, 'error.html', {
'err': 'User has no accounts',
})
links = AccountHelpers.get_user_accounts(user_id)
return render(request, 'list_template.html', {
'title': 'User Accounts',
'links': links,
})
elif user.is_employee() or user.is_manager():
if not AccountHelpers.is_user_having_account(user_id):
return render(request, 'error.html', {
'err': 'User has no accounts',
})
links = AccountHelpers.get_user_assigned_accounts(user_id, user)
return render(request, 'list_template.html', {
'title': 'User Accounts',
'links': links,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this.',
})
def get(self, request, user_id, account_id):
user = request.user
if CommonHelpers.is_int_equal(user_id, user.id) or user.is_admin():
account = AccountHelpers.get_account(user_id, account_id)
if account:
form = UserAccountForm(instance=account)
return render(
request, 'form_template.html', {
'title': 'Account',
'form': form,
'hide_btn': True,
'readonly': True,
})
else:
return render(request, 'error.html', {
'err': 'Account does not exist.',
})
elif user.is_employee() or user.is_manager():
account = AccountHelpers.get_assigned_account_details(
user_id, account_id, user)
if account:
form = UserAccountForm(instance=account)
return render(
request, 'form_template.html', {
'title': 'Account',
'form': form,
'hide_btn': True,
'readonly': True,
})
else:
return render(
request, 'error.html', {
'err':
'Account does not exist or You do not have permissions to access it.',
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this.',
})
def post(self, request, user_id):
user = request.user
if CommonHelpers.is_int_equal(user.id,
user_id) and not user.is_internal_user():
form = CreateRequestForm(
data={
'request_type': UserRequest.CREATE,
'model_type': UserRequest.ACCOUNT,
})
if form.is_valid():
user_request = form.save(commit=False)
user_request.from_user = user
user_request.to_user = user.assigned_to
if CommonHelpers.is_request_duplicate(user_request):
messages.warning(request, 'Request Already Sent')
return HttpResponseRedirect(reverse('app:HomeView'))
user_request.save()
messages.success(request,
'Request Sent To %s' % user_request.to_user)
logger.info("Request for new account sent by %s",
str(user.username))
return HttpResponseRedirect(reverse('app:HomeView'))
return render(request, 'form_template.html', {
'title': 'Add Account',
'form': form,
'readonly': True,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
def get(self, request, user_id):
user = request.user
target_user = MyUser.objects.filter(
id=user_id, is_active=True).exclude(username=MyUser.ANON).exclude(
user_type=MyUser.ADMIN).first()
if not target_user:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
if user.has_perm('edit_user',
target_user) or CommonHelpers.is_int_equal(
user_id, user.id) or user.is_admin():
form = EditUserProfileForm(instance=target_user, user_id=user_id)
return render(request, 'form_template.html', {
'title': 'Edit User Profile',
'form': form,
})
elif user.is_internal_user() and not target_user.is_internal_user():
send_request_to = user.assigned_to
form = RequestForm(
initial={
'to_user': send_request_to,
'request_type': UserRequest.UPDATE,
'model_type': UserRequest.USER,
'for_url': request.build_absolute_uri(),
})
return render(request, 'form_template.html', {
'title': 'Request For Access',
'form': form,
'readonly': True,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
def get(self, request, user_id):
user = request.user
if CommonHelpers.is_int_equal(user.id,
user_id) and not user.is_internal_user():
form = CreateRequestForm(
initial={
'request_type': UserRequest.CREATE,
'model_type': UserRequest.ACCOUNT,
})
return render(request, 'form_template.html', {
'title': 'Add Account',
'form': form,
'readonly': True,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
def get(self, request, user_id):
user = request.user
target_user = MyUser.objects.filter(
id=user_id,
is_active=True).filter(user_type=MyUser.INDIVIDUAL_USER).exclude(
username=MyUser.ANON).first()
if not target_user:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
value = PII.objects.filter(user=target_user).first()
if CommonHelpers.is_int_equal(user_id, user.id):
if value:
form = TransactionForms.VerifyOTPForm()
return render(
request, 'form_template.html', {
'title': 'Confirm OTP',
'form': form,
'form_virtual_keyboard': True,
})
else:
form = PiiForm()
return render(request, 'form_template.html', {
'title': 'PII',
'form': form,
})
elif user.has_perm('read_pii', value):
remove_perm('read_pii', user, value)
# Update login time to invalidate link
update_last_login(None, user)
if value:
form = PiiForm(instance=value)
return render(
request, 'form_template.html', {
'title': 'PII',
'form': form,
'readonly': True,
'hide_btn': True,
})
else:
return render(request, 'error.html', {
'err': 'User has not entered PII.',
})
elif user.is_admin():
if value:
form = RequestForm(
initial={
'to_user': '******',
'request_type': UserRequest.READ,
'model_type': UserRequest.PII_ACCESS,
'for_url': request.build_absolute_uri(),
})
return render(
request, 'form_template.html', {
'title': 'Request For Access',
'form': form,
'readonly': True,
})
else:
return render(request, 'error.html', {
'err': 'User has not entered PII.',
})
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
def post(self, request, user_id):
user = request.user
target_user = MyUser.objects.filter(
id=user_id,
is_active=True).filter(user_type=MyUser.INDIVIDUAL_USER).exclude(
username=MyUser.ANON).first()
if not target_user:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
value = PII.objects.filter(user=target_user).first()
if CommonHelpers.is_int_equal(user_id, user.id):
if value:
form = TransactionForms.VerifyOTPForm(request,
data=request.POST)
if form.is_valid():
form = PiiForm(instance=value)
return render(
request, 'form_template.html', {
'title': 'PII',
'form': form,
'readonly': True,
'hide_btn': True,
})
messages.error(request, 'Incorrect OTP')
return HttpResponseRedirect(reverse('app:HomeView'))
else:
form = PiiForm(data=request.POST)
if form.is_valid():
instance = form.save(commit=False)
instance.user = user
instance.save()
messages.success(request, 'PII Submitted')
logger.info("PII added by %s", str(target_user.username))
return HttpResponseRedirect(reverse('app:HomeView'))
return render(request, 'form_template.html', {
'title': 'PII',
'form': form,
})
elif user.is_admin():
if value:
CommonHelpers.send_pii_request_mail(user, target_user, value)
messages.success(request, 'Request Sent To Government')
logger.info("PII request for %s sent by %s",
str(target_user.username), str(user.username))
return HttpResponseRedirect(reverse('app:HomeView'))
else:
return render(request, 'error.html', {
'err': 'User has not entered PII.',
})
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
def get(self, request, user_id):
user = request.user
target_user = MyUser.objects.filter(
id=user_id, is_active=True).exclude(username=MyUser.ANON).first()
if not target_user:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
edit_link = ('Edit',
reverse('app:UserProfileEdit',
kwargs={
'user_id': target_user.id,
}))
if CommonHelpers.is_int_equal(
user_id,
user.id) or user.is_admin() and not target_user.is_admin():
form = UserProfileForm(instance=target_user, user_id=user_id)
return render(
request, 'form_template.html', {
'title': 'User Profile',
'form': form,
'hide_btn': True,
'readonly': True,
'link': edit_link,
})
elif user.has_perm('read_user', target_user) or user.has_perm(
'edit_user', target_user):
remove_perm('read_user', user, target_user)
form = UserProfileForm(instance=target_user, user_id=user_id)
return render(
request, 'form_template.html', {
'title': 'User Profile',
'form': form,
'hide_btn': True,
'readonly': True,
'link': edit_link,
})
elif user.is_internal_user() and not target_user.is_internal_user():
send_request_to = user.assigned_to
form = RequestForm(
initial={
'to_user': send_request_to,
'request_type': UserRequest.READ,
'model_type': UserRequest.USER,
'for_url': request.build_absolute_uri(),
})
return render(request, 'form_template.html', {
'title': 'Request For Access',
'form': form,
'readonly': True,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
def post(self, request, user_id):
user = request.user
target_user = MyUser.objects.filter(
id=user_id, is_active=True).exclude(username=MyUser.ANON).exclude(
user_type=MyUser.ADMIN).first()
if not target_user:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
if user.is_admin():
form = EditUserProfileForm(data=request.POST, user_id=user_id)
if form.is_valid():
edit_user = form.save(commit=False)
edit_user.user = target_user
edit_user.save()
UserHelpers.update_user_from_edited_version(edit_user)
messages.success(request, 'User Successfully Updated')
logger.info("User Profile Edited by %s for %s",
str(user.username), str(target_user.username))
return HttpResponseRedirect(reverse('app:HomeView'))
return render(request, 'form_template.html', {
'title': 'Edit User Profile',
'form': form,
})
elif user.has_perm('edit_user',
target_user) or CommonHelpers.is_int_equal(
user_id, user.id):
remove_perm('edit_user', user, target_user)
form = EditUserProfileForm(data=request.POST, user_id=user_id)
if form.is_valid():
edit_user = form.save(commit=False)
edit_user.user = target_user
edit_user.save()
send_request_to = user.get_assigned_admin()
form = RequestForm(
data={
'to_user': send_request_to.id,
'request_type': UserRequest.COMPLETE_UPDATE,
'model_type': UserRequest.USER,
'for_url': request.build_absolute_uri(),
})
if form.is_valid():
user_request = form.save(commit=False)
user_request.from_user = user
user_request.user_obj = target_user
if CommonHelpers.is_request_duplicate(user_request):
messages.warning(request, 'Request Already Sent')
return HttpResponseRedirect(reverse('app:HomeView'))
user_request.save()
messages.success(
request, 'Request Sent To %s' % user_request.to_user)
logger.info(
"User Profile Edit Request sent by %s for %s to %s",
str(user.username), str(target_user.username),
str(user_request.to_user))
return HttpResponseRedirect(reverse('app:HomeView'))
return render(request, 'form_template.html', {
'title': 'Edit User Profile',
'form': form,
})
elif user.is_internal_user() and not target_user.is_internal_user():
send_request_to = user.assigned_to
form = RequestForm(
data={
'to_user': send_request_to.id,
'request_type': UserRequest.UPDATE,
'model_type': UserRequest.USER,
'for_url': request.build_absolute_uri(),
})
if form.is_valid():
user_request = form.save(commit=False)
user_request.from_user = user
user_request.user_obj = target_user
if CommonHelpers.is_request_duplicate(user_request):
messages.warning(request, 'Request Already Sent')
return HttpResponseRedirect(reverse('app:HomeView'))
user_request.save()
messages.success(request,
'Request Sent To %s' % user_request.to_user)
logger.info(
"User Profile Edit Access Request sent by %s for %s to %s",
str(user.username), str(target_user.username),
str(user_request.to_user))
return HttpResponseRedirect(reverse('app:HomeView'))
return render(request, 'form_template.html', {
'title': 'Request For Access',
'form': form,
'readonly': True,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this',
})
def get(self, request, transaction_id):
user = request.user
transaction = TransactionHelpers.get_transaction(transaction_id)
if user.is_internal_user():
if transaction:
form = TransactionForms.InternalRequestForm(user=user, instance=transaction)
# Not already approved
if not transaction.is_approved:
# PKI
user_encrypted_data, server_encrypted_data = PKIHelpers.get_encrypted_token(user)
if user_encrypted_data is None or server_encrypted_data is None:
return render(request, 'error.html', {
'err': 'PKI has not been configured. Set it up to perform transactions.',
})
request.session[self.INTERNAL_PKI_TOKEN] = server_encrypted_data
use_pki = PKIHelpers.get_pki_dictionary(user_encrypted_data)
extra_form = TransactionForms.VerifyOTPForm()
if transaction.is_risky():
if transaction.created_by.get_assigned_manager() == user or user.is_admin():
return render(request, 'form_template.html', {
'title': 'Approve Transaction',
'form': form,
'readonly': True,
'btn_title': 'Approve',
'extra_btn_title': 'Decline',
'use_pki': use_pki,
'extra_form': extra_form,
'extra_form_virtual_keyboard': True,
'extra_form_readonly': False,
})
elif transaction.created_by.assigned_to == user or user.is_admin():
return render(request, 'form_template.html', {
'title': 'Approve Transaction',
'form': form,
'readonly': True,
'btn_title': 'Approve',
'extra_btn_title': 'Decline',
'use_pki': use_pki,
'extra_form': extra_form,
'extra_form_virtual_keyboard': True,
'extra_form_readonly': False,
})
elif transaction.created_by.get_assigned_manager() == user and user.has_perm('read_transaction', transaction):
return render(request, 'form_template.html', {
'title': 'Approve Transaction',
'form': form,
'readonly': True,
'btn_title': 'Approve',
'extra_btn_title': 'Decline',
'use_pki': use_pki,
'extra_form': extra_form,
'extra_form_virtual_keyboard': True,
'extra_form_readonly': False,
})
elif transaction.created_by == user:
return render(request, 'form_template.html', {
'title': 'Transaction',
'form': form,
'readonly': True,
'hide_btn': True,
})
elif transaction.created_by.get_assigned_manager() == user:
send_request_to = transaction.created_by
form = RequestForm(initial={
'to_user': send_request_to,
'request_type': UserRequest.READ,
'model_type': UserRequest.TRANSACTION,
'for_url': request.build_absolute_uri(),
})
return render(request, 'form_template.html', {
'title': 'Request For Access',
'form': form,
'readonly': True,
'extra_btn_title': 'Request Admin',
})
return render(request, 'error.html', {
'err': 'You do not have permissions to view or approve this transaction.'
})
else:
if user.is_admin():
return render(request, 'form_template.html', {
'title': 'Transaction',
'form': form,
'hide_btn': True,
'readonly': True,
})
elif transaction.created_by == user or transaction.approved_by == user:
return render(request, 'form_template.html', {
'title': 'Transaction',
'form': form,
'hide_btn': True,
'readonly': True,
})
elif user.has_perm('read_transaction', transaction):
remove_perm('read_transaction', user, transaction)
return render(request, 'form_template.html', {
'title': 'Transaction',
'form': form,
'readonly': True,
'hide_btn': True,
})
else:
send_request_to = transaction.created_by
form = RequestForm(initial={
'to_user': send_request_to,
'request_type': UserRequest.READ,
'model_type': UserRequest.TRANSACTION,
'for_url': request.build_absolute_uri(),
})
return render(request, 'form_template.html', {
'title': 'Request For Access',
'form': form,
'readonly': True,
'extra_btn_title': 'Request Admin',
})
else:
if transaction:
from_user_id = -1
to_user_id = -1
if transaction.from_account:
from_user = transaction.from_account.user
from_user_id = from_user.id
if transaction.to_account:
to_user = transaction.to_account.user
to_user_id = to_user.id
if CommonHelpers.is_int_equal(user.id, from_user_id) or CommonHelpers.is_int_equal(user.id, to_user_id):
form = TransactionForms.ExternalRequestForm(user=user, instance=transaction)
return render(request, 'form_template.html', {
'title': 'Transaction',
'form': form,
'hide_btn': True,
'readonly': True,
})
return render(request, 'error.html', {
'err': 'You do not have permission to view this.',
})
# Does not exist
return render(request, 'error.html', {
'err': 'Transaction does not exist.',
})