def status(self, request, pk=None): status_type = request.query_params.get('type', 'activate') resort_id = request.query_params.get('resort_id', '') try: status_user = get_user_model().objects.get(user_id=pk) except: return Response({_("detail"): _("User does not exists")}, status=400) request_user = request.user status_user_resort = get_resort_for_user(status_user) request_user_resort = get_resort_for_user(request_user) if (status_user_resort != request_user_resort) or str( status_user_resort.resort_id) != resort_id: raise exceptions.PermissionDenied if user_has_permission(request_user, request_user_resort, 3) or request.user.is_admin: status_user_resort_map = get_user_resort_map( status_user, status_user_resort) status_user_resort_map.user_status = ARCHIVED if status_type == 'archived' else ACTIVE status_user_resort_map.save() return Response({_("detail"): _("user status updated")}, status=200) else: raise exceptions.PermissionDenied
def devices(self, request, pk=None): user = request.user resort = get_resort_for_user(user) response_data = {} if user_has_permission( request.user, resort, 3) or request.user == user or request.user.is_admin: user = get_user_model().objects.filter(user_id=pk).first() if user is not None: if not user.is_active: return Response( {_("detail"): _("User inactive or deleted.")}, status=403) device_data = get_devices_user(user) response_data['device_count'] = len(device_data) response_data['user_id'] = user.user_id response_data['devices'] = device_data return Response(response_data, status=200) else: return Response({_('detail'): _('user does not exists')}, status=400) else: return Response( { _("detail"): _("You dont have permission to retrieve user device") }, status=403)
def create(self, request): resort = get_resort_for_user(request.user) asset_type_id = request.data.get('asset_type_id', '') location_id = request.data.get('location_id', '') if asset_type_id: try: asset_type = AssetType.objects.get(asset_type_id=asset_type_id) if asset_type.asset_type_status == DELETED: return Response({_('detail'): _('asset_type not found')}, status=400) except: return Response({_('detail'): _('asset_type not found')}, status=400) else: return Response({_('detail'): _('asset_type_id not provided')}, status=400) if location_id: try: location = ResortLocation.objects.get(location_id=location_id) if location.location_status == DELETED: return Response({_('detail'): _('location not found')}, status=400) except: return Response({_('detail'): _('location not found')}, status=400) else: return Response({_('detail'): _('location_id not provided')}, status=400) asset_data = AssetSerializer(data=request.data, fields='asset_name') if asset_data.is_valid(): asset = asset_data.save(location=location, asset_type=asset_type, resort=resort) else: return Response(asset_data.errors, status=400) return Response(AssetSerializer(asset).data, status=200)
def get_param_post(request): resort_id = request.query_params.get('resort_id', None) try: resort = Resort.objects.get(resort_id=resort_id) except: resort = get_resort_for_user(user=request.user) dateFrom = request.query_params.get('datefrom', None) if dateFrom is None or not dateFrom: dateFrom = datetime.today() - timedelta(days=7) dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00") else: dateFrom = (datetime.strptime(dateFrom, "%Y-%m-%d %H:%M:%S")) dateFrom = timezone('UTC').localize(dateFrom) dateFrom = dateFrom.astimezone(timezone(resort.timezone)) dateTo = request.query_params.get('dateto', None) if dateTo is None or not dateTo: dateTo = datetime.today() dateTo = dateTo.strftime("%Y-%m-%d 23:59:59") else: dateTo = (datetime.strptime(dateTo, "%Y-%m-%d %H:%M:%S")) dateTo = timezone('UTC').localize(dateTo) dateTo = dateTo.astimezone(timezone(resort.timezone)) return dateFrom, dateTo, resort
def create(self, request): resort = get_resort_for_user(request.user) area_id = request.data.get('area_id', '') if area_id: try: area = Area.objects.get(area_id=area_id) if area.area_status == DELETED: return Response({_('detail'): _('area not found')}, status=400) except: return Response({_('detail'): _('area not found')}, status=400) else: return Response({_('detail'): _('area_id not provided')}, status=400) location_data = LocationSerializer(data=request.data, fields=('location_name', 'map_lat', 'map_long')) if location_data.is_valid(): location = location_data.save(area=area, resort=resort) else: return Response(location_data.errors, status=400) return Response(LocationSerializer(location).data, status=200)
def list(self, request, *args, **kwargs): resort = get_resort_for_user(request.user) search = request.query_params.get('search', '') area_id = request.query_params.get('area_id', '') order_by = request.query_params.get('order_by', 'location_name') order_by_direction = request.query_params.get('order_by_direction', 'desc') if order_by_direction == 'desc': order = '-' + order_by elif order_by_direction == 'asc': order = order_by if area_id: query = ResortLocation.objects.filter( location_name__icontains=search, resort=resort, location_status=LIVE, area__area_id=area_id).order_by(order) else: query = ResortLocation.objects.filter( location_name__icontains=search, resort=resort, location_status=LIVE).order_by(order) queryset = self.filter_queryset(query) page = self.paginate_queryset(queryset) if page is not None: serializer = LocationSerializer(page, many=True) return self.get_paginated_response(serializer.data) serializer = self.get_serializer(queryset, many=True) return Response(serializer.data)
def list(self, request, *args, **kwargs): resort = get_resort_for_user(request.user) search = request.query_params.get('search', '') order_by = request.query_params.get('order_by', 'controlled_substance_name') order_by_direction = request.query_params.get('order_by_direction', 'desc') if order_by_direction == 'desc': order = '-' + order_by elif order_by_direction == 'asc': order = order_by query = ControlledSubstances.objects.filter( controlled_substance_name__icontains=search, resort=resort, controlled_substance_status=LIVE).order_by(order) queryset = self.filter_queryset(query) page = self.paginate_queryset(queryset) if page is not None: serializer = ControlledSubstancesSerializer( page, many=True, fields=('controlled_substance_id', 'controlled_substance_name', 'units')) return self.get_paginated_response(serializer.data) serializer = self.get_serializer(queryset, many=True) return Response(serializer.data)
def list(self, request, *args, **kwargs): resort = get_resort_for_user(request.user) search = request.query_params.get('search', '') order_by = request.query_params.get('order_by', 'area_name') order_by_direction = request.query_params.get('order_by_direction', 'desc') if order_by_direction == 'desc': order = '-' + order_by elif order_by_direction == 'asc': order = order_by query = Area.objects.filter(area_name__icontains=search, resort=resort, area_status=LIVE).order_by(order) queryset = self.filter_queryset(query) page = self.paginate_queryset(queryset) if page is not None: serializer = AreaSerializer(page, fields=('area_id', 'area_name'), many=True, context={ 'location_count': True, 'resort': resort }) return self.get_paginated_response(serializer.data) serializer = self.get_serializer(queryset, many=True) return Response(serializer.data)
def retrieve(self, request, pk=None): from apps.custom_user.utils import get_user_resort_status try: user = get_user_model().objects.get(user_id=pk) except: return Response({_("detail"): _("User does not exists")}, status=400) resort = get_resort_for_user(user) if (user_has_permission(request.user, resort, 3) or user_has_permission(request.user, resort, 2) ) or request.user == user or request.user.is_admin: if not user.is_active: return Response({_("detail"): _("User inactive or deleted.")}, status=403) response_data = get_user_resort_combo( user.user_pk, ('resort_id', 'resort_name', 'map_kml', 'map_type', 'report_form', 'unit_format', 'timezone', 'map_lat', 'map_lng', 'resort_logo', 'datetime_format', 'resort_controlled_substances', 'resort_asset_management')) response_data.update( {"user_status": get_user_resort_status(user, resort)}) return Response(response_data, status=200) else: return Response( {_("detail"): _("You dont have permission to retrieve user")}, status=403)
def has_permission(self, request, view): user = request.user resort = get_resort_for_user(user) if resort.resort_asset_management and user.user_asset_management: return True else: return False
def has_permission(self, request, view): user = request.user resort = get_resort_for_user(user) if resort.resort_controlled_substances and user.user_controlled_substances: return True else: return False
def list_report(user): resort = get_resort_for_user(user) with connection.cursor() as cursor: cursor.execute( """SELECT report_id as report_id, (report_config ->> 'label') as label, global_status as global, (report_config ->> 'type') as type FROM reports_report WHERE report_resort = %s AND (report_user = %s OR global_status = 1) ;""", [resort.resort_pk, user.user_pk]) data = dictfetchall(cursor) return data
def has_permission(self, request, view): user = request.user resort = get_resort_for_user(user) user_resor_map = get_user_resort_map(user, resort) if user_resor_map.user_status == ACTIVE: return True else: return False
def post(self, request, *args, **kwargs): user = request.user resort = get_resort_for_user(user) operation = request.GET.get('operation', 'generate') # Only manager has the permission to access the resource if resort is not None: role = get_roleid_user(resort=resort, user=user) if role != 3: return Response( {_('detail'): _('you do not have permission to resource')}, status=400) else: return Response({_('detail'): _('no resort associated with user')}, status=400) if operation == 'generate': # If oauth app already exists then return existing credential try: app = ResortOauthApp.objects.get(resort=resort, is_active=True) app = app.oauth_app except: app = Application( user=user, authorization_grant_type='client-credentials', client_type='confidential', name=resort.resort_name) app.save() resort_oauth = ResortOauthApp(resort=resort, oauth_app=app) resort_oauth.save() elif operation == 'regenerate': try: app = ResortOauthApp.objects.get(resort=resort, is_active=True) oauth_app = app.oauth_app oauth_app.delete() except: pass app = Application(user=user, authorization_grant_type='client-credentials', client_type='confidential', name=resort.resort_name) app.save() resort_oauth = ResortOauthApp(resort=resort, oauth_app=app) resort_oauth.save() return Response( { 'client_id': app.client_id, 'client_secret': app.client_secret }, status=200)
def create(self, request): resort = get_resort_for_user(request.user) area_data = AreaSerializer(data=request.data, fields=('area_name', )) if area_data.is_valid(): area = area_data.save(resort=resort) else: return Response(area_data.errors, status=400) return Response(AreaSerializer(area, fields=('area_id', 'area_name')).data, status=200)
def list(self, request, *args, **kwargs): resort = get_resort_for_user(request.user) search = request.query_params.get('search', '') location_id = request.query_params.get('area_id', '') asset_type_id = request.query_params.get('asset_type_id', '') order_by = request.query_params.get('order_by', 'asset_name') order_by_direction = request.query_params.get('order_by_direction', 'desc') if order_by_direction == 'desc': order = '-' + order_by elif order_by_direction == 'asc': order = order_by if asset_type_id: try: asset_type = AssetType.objects.get(asset_type_id=asset_type_id) if asset_type.asset_type_status == DELETED: return Response({_('detail'): _('asset_type not found')}, status=400) except: return Response({_('detail'): _('asset_type not found')}, status=400) if location_id: try: location = ResortLocation.objects.get(location_id=location_id) if location.location_status == DELETED: return Response({_('detail'): _('location not found')}, status=400) except: return Response({_('detail'): _('location not found')}, status=400) if location_id and asset_type_id: query = Assets.objects.filter(asset_name__icontains=search, resort=resort, asset_status=LIVE, asset_type=asset_type, location=location).order_by(order) elif location_id: query = Assets.objects.filter(asset_name__icontains=search, resort=resort, asset_status=LIVE, location=location).order_by(order) elif asset_type_id: query = Assets.objects.filter(asset_name__icontains=search, resort=resort, asset_status=LIVE, asset_type=asset_type).order_by(order) else: query = Assets.objects.filter(asset_name__icontains=search, resort=resort, asset_status=LIVE) \ .order_by(order) queryset = self.filter_queryset(query) page = self.paginate_queryset(queryset) if page is not None: serializer = AssetSerializer(page, many=True) return self.get_paginated_response(serializer.data) serializer = self.get_serializer(queryset, many=True) return Response(serializer.data)
def retrieve(self, request, pk=None): resort = get_resort_for_user(request.user) try: area = Area.objects.get(area_id=pk) if area.area_status == DELETED: return Response({_('detail'): _('area not found')}, status=400) except: return Response({_('detail'): _('area not found')}, status=400) return Response(AreaSerializer(area, fields=('area_id', 'area_name'), context={ 'location_count': True, 'resort': resort }).data, status=200)
def list(self, request, *args, **kwargs): resort = get_resort_for_user(request.user) order_by = request.query_params.get('order_by', 'dt_added') order_by_direction = request.query_params.get('order_by_direction', 'desc') if order_by_direction == 'desc': order = '-' + order_by elif order_by_direction == 'asc': order = order_by dateFrom = request.GET.get('date_from', None) if dateFrom is None: dateFrom = datetime.datetime.today() - datetime.timedelta(days=30) else: dateFrom = (datetime.datetime.strptime(dateFrom, "%Y-%m-%d %H:%M:%S")) dateTo = request.GET.get('date_to', None) if dateTo is None: dateTo = datetime.datetime.today() else: dateTo = datetime.datetime.strptime(dateTo, "%Y-%m-%d %H:%M:%S") query = AuditLog.objects.filter(resort=resort, dt_added__gte=dateFrom, dt_added__lte=dateTo).order_by(order) queryset = self.filter_queryset(query) page = self.paginate_queryset(queryset) if page is not None: serializer = AuditLogSerializer( page, many=True, fields=('controlled_substance_audit_log_id', 'log_entry', 'dt_added', 'added_by_user')) return self.get_paginated_response(serializer.data) serializer = self.get_serializer( queryset, many=True, fields=('controlled_substance_audit_log_id', 'log_entry', 'dt_added', 'added_by_user')) return Response(serializer.data)
def create(self, request): response = {} if request.user.user_connected == 0: return Response( { _('detail'): _('you do not have permission to create report') }, status=403) resort = get_resort_for_user(request.user) response_data = create_report(request.data.get('global', 0), request.user, request.data, resort) response.update(response_data['report_config']) response.update({"report_id": response_data['report_id']}) return Response(response)
def create(self, request): resort = get_resort_for_user(request.user) units = request.data.get('units', '') controlledsubstances_data = ControlledSubstancesSerializer( data=request.data, fields=('controlled_substance_name', 'units')) if controlledsubstances_data.is_valid(): controlledsubstances = controlledsubstances_data.save( resort=resort) else: return Response(controlledsubstances_data.errors, status=400) return Response(ControlledSubstancesSerializer( controlledsubstances, fields=('controlled_substance_id', 'controlled_substance_name', 'units')).data, status=200)
def create(self, request): resort = get_resort_for_user(request.user) user = request.user log_entry = request.data.get('log_entry', '') if log_entry: audit_log = AuditLog(log_entry=log_entry, resort=resort, added_by_user=user) audit_log.save() else: return Response({_('detail'): _('log_entry can not be empty')}, status=400) return Response(AuditLogSerializer( audit_log, fields=('controlled_substance_audit_log_id', 'log_entry', 'dt_added', 'added_by_user')).data, status=200)
def create(self, request): incoming_data = request.data incoming_data.pop('dateTimeFormat', None) user = request.user resort = get_resort_for_user(user) incoming_data, validation_error, missing_fields_with_data = validate_incident_data(incoming_data, resort) if validation_error: return Response(validation_error, status=400) logger.info("Create Incident", extra={'request': request, 'tags': {'user': user.email}, 'data': {"data": request.data}}) status = IncidentStatus.objects.get(pk=1) if resort.use_sequential_incident_id == 1 and user.user_connected == 1: incident_sequence = get_incident_sequence(resort) else: incident_sequence = 0 try: new_incident = Incident(resort=resort, assigned_to=user, incident_status=status, incident_sequence=incident_sequence) new_incident.save() data_key = get_data_key(resort) incident_json = update_patient(incoming_data, new_incident.incident_pk, True, data_key) except: return Response({_('detail'): _('invalid incident information provided')}, status=400) notes = incident_note(incident_json, user, new_incident) if notes: new_incident.incident_json['notes'] = notes new_incident.save() audit_incident(new_incident, resort, user, user, user, incident_json) status_history(new_incident, status, user) return Response({"incident_id": new_incident.incident_id, "incident_pk": new_incident.incident_sequence if resort.use_sequential_incident_id == 1 else new_incident.incident_pk}, status=200)
def list(self, request, *args, **kwargs): resort = get_resort_for_user(request.user) search = request.query_params.get('search', '') order_by = request.query_params.get('order_by', 'asset_type_name') order_by_direction = request.query_params.get('order_by_direction', 'desc') if order_by_direction == 'desc': order = '-' + order_by elif order_by_direction == 'asc': order = order_by query = AssetType.objects.filter(asset_type_name__icontains=search, resort=resort, asset_type_status=LIVE) \ .order_by(order) queryset = self.filter_queryset(query) page = self.paginate_queryset(queryset) if page is not None: serializer = AssetTypeSerializer(page, many=True) return self.get_paginated_response(serializer.data) serializer = self.get_serializer(queryset, many=True) return Response(serializer.data)
def destroy(self, request, pk=None): try: user = get_user_model().objects.get(user_id=pk) except: return Response({_("detail"): _("User does not exists")}, status=400) resort = get_resort_for_user(user) response_data = {} if user_has_permission(request.user, resort, 3) or request.user.is_admin: user_resort_map_combo = get_user_resort_map(user, resort) user_resort_map_combo.user_status = USER_DELETED user_resort_map_combo.save() if not user.is_active: return Response({_("detail"): _("User inactive or deleted.")}, status=403) user.is_active = False user.save() response_data['user_id'] = user.user_id response_data['status'] = 'deleted' # Deletes all the device associated with user Devices.objects.filter(device_user=user).delete() inject_patroller(resort, user, 'remove') return Response(response_data, status=200) else: return Response( {_("detail"): _("You dont have permission to delete user")}, status=403)
def get_param(request): dateFrom = request.GET.get('datefrom', None) if dateFrom is None: dateFrom = datetime.today() dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00") else: dateFrom = (datetime.strptime(str(dateFrom), "%Y-%m-%d %H:%M:%S")) dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00") dateTo = request.GET.get('dateto', None) if dateTo is None or not dateTo: dateTo = datetime.today() dateTo = dateTo.strftime("%Y-%m-%d 23:59:59") else: dateTo = (datetime.strptime(dateTo, "%Y-%m-%d %H:%M:%S")) dateTo = dateTo.strftime("%Y-%m-%d 23:59:59") resort_id = request.GET.get('resort_id', None) try: resort = Resort.objects.get(resort_id=resort_id) except: resort = get_resort_for_user(user=request.user) return dateFrom, dateTo, resort
def pie(self, request): if request.user.user_connected == 0: return Response( {_('detail'): _('you do not have access to report')}, status=403) response_data = [] output_format = request.query_params.get('output_format', 'json') resort = get_resort_for_user(request.user) b = incident_template_field_type_mapping(resort.incident_template) datetime_object = extract_date_chart(request.data, resort) dateFrom = datetime_object[0]['dateFrom'] dateTo = datetime_object[0]['dateTo'] for idx, value in enumerate(request.data): dateFrom, dateTo = datetime_object[idx][ 'dateFrom'], datetime_object[idx]['dateTo'] key = b[value['data'].keys()[0]] for id, val in enumerate(key['data']): inner_join = '' from_query = '' select_query = '' where_query = '' where_parameter = [] select_query += "%s as name ,COUNT(*) as count" where_parameter.append(val[val.keys()[0]]) if key['main_type'] == 'gender' or key['key'] == 'country': inner_join += " INNER JOIN incidents_patients on incidents_patients.incident_id = incidents_incident.incident_pk" where_query += " AND incidents_patients.%s = %s" % ( key['key'], '%s') where_parameter.append(val.keys()[0]) elif key['type'] in ['text']: where_query += " AND (incident_data ->> '%s') = %s" % ( key['key'], '%s') where_parameter.append(val.keys()[0]) elif key['type'] == 'array': from_query += ", json_array_elements(incidents_incident.incident_data -> '%s') as table0" % ( key['key']) where_query += " AND CAST(table0 AS TEXT) = %s" % ('%s') where_parameter.append('"' + val.keys()[0] + '"') elif 'repeating' in key['type']: from_query += ", CAST(json_array_elements(incidents_incident.incident_data -> '%s') AS JSON) as table0" % ( key['key']) where_query += " AND (table0 ->> '%s') = %s" % ( key['sub_key'], '%s') where_parameter.append(val.keys()[0]) with connection.cursor() as cursor: query = """SELECT %s FROM incidents_incident INNER JOIN custom_user_users ON assigned_to_id = custom_user_users.user_pk INNER JOIN incidents_incidentstatus ON (incidents_incident.incident_status_id = incidents_incidentstatus.incident_status_id)%s%s WHERE resort_id = %d AND custom_user_users.user_connected = 1 AND dt_created IS NOT NULL AND dt_created >= '%s' AND dt_created <= '%s' AND incidents_incidentstatus.order IN (1,2,3,4,5,6,7,8)%s;""" % ( select_query, inner_join, from_query, resort.resort_pk, dateFrom, dateTo, where_query) cursor.execute('BEGIN;') cursor.execute("SET LOCAL TIME ZONE %s;", [resort.timezone]) cursor.execute(query, where_parameter) data = dictfetchall(cursor) cursor.execute('END;') response_data.append(data[0]) cursor = connection.cursor() query = """SELECT COUNT(*) as count FROM incidents_incident INNER JOIN custom_user_users ON assigned_to_id = custom_user_users.user_pk INNER JOIN incidents_incidentstatus ON (incidents_incident.incident_status_id = incidents_incidentstatus.incident_status_id) WHERE resort_id = %d AND custom_user_users.user_connected = 1 AND dt_created IS NOT NULL AND dt_created >= '%s' AND dt_created <= '%s' AND incidents_incidentstatus.order IN (1,2,3,4,5,6,7,8);""" % ( resort.resort_pk, dateFrom, dateTo) cursor.execute(query) total_data = dictfetchall(cursor) final_data = process_pie_chart_data(response_data, total_data[0]['count']) if output_format == 'csv': return sendfile(request, settings.MEDIA_ROOT + dict_to_csv_report(final_data), attachment=True) return Response(final_data)
def bar(self, request): tempdata = [] output_format = request.query_params.get('output_format', 'json') if request.user.user_connected == 0: return Response( {_('detail'): _('you do not have access to report')}, status=403) resort = get_resort_for_user(request.user) text_data_key = get_data_key(resort) b = incident_template_field_type_mapping(resort.incident_template) datetime_object = extract_date_chart(request.data, resort) for idx, value in enumerate(request.data): from_query = '' where_query = '' inner_join = '' cross_join = '' table_no = 0 inner_patient = False inner_note = False where_parameter = [] group_by_query = '' order_by_query = '' dateFrom, dateTo = datetime_object[idx][ 'dateFrom'], datetime_object[idx]['dateTo'] scale = scale_mapping[value.get('scale', 'date')] if scale == 'date': column_query = 'incidents_incident.dt_created::TIMESTAMP::DATE as columndetail' else: if scale in ["hour", "dow"]: column_query = 'extract( ' + scale + ' FROM incidents_incident.dt_created::TIMESTAMP) + 1 as columndetail' elif scale == 'hdow': column_query = "extract(DOW FROM incidents_incident.dt_created::TIMESTAMP) + 1 as columndetail, extract( HOUR FROM incidents_incident.dt_created::TIMESTAMP) + 1 as columndetail1" group_by_query = ',columndetail1' order_by_query = ',columndetail1' else: column_query = 'extract( ' + scale + ' FROM incidents_incident.dt_created::TIMESTAMP) as columndetail' for data_key, data_value in value['data'].iteritems(): if data_key == 'total_incident': pass elif data_key in patient_fields: if not inner_patient: inner_join += ' INNER JOIN incidents_patients ON incidents_patients.incident_id = incidents_incident.incident_pk' cross_join += """CROSS JOIN (SELECT '%s' As datakey) As keys""" % ( text_data_key) inner_patient = True for id, value in enumerate(data_value): if data_key in encrypted_fields: where_query += " AND pgp_sym_decrypt(incidents_patients.%s, keys.datakey) ILIKE %s" % ( data_key, '%s') where_parameter.append("%" + data_value[id] + "%") elif data_key == 'sex': where_query += " AND incidents_patients.%s = %s" % ( 'sex', '%s') where_parameter.append(data_value[id].lower()) else: where_query += " AND incidents_patients.%s = %s" % ( data_key, '%s') where_parameter.append(data_value[id]) elif data_key in note_fields: if not inner_note: inner_join += ' INNER JOIN incidents_incidentnotes ON incidents_incidentnotes.incident_id = incidents_incident.incident_pk' inner_note = True for id, value in enumerate(data_value): where_query += " AND incidents_incidentnotes.%s = %s" % ( note_field_map[data_key], '%s') where_parameter.append(data_value[id]) elif data_key in location_field: if not 'field_52ca456962ba8' in from_query: from_query += ", CAST((incidents_incident.incident_data -> 'field_52ca456962ba8') AS JSON) as location_json" for id, value in enumerate(data_value): where_query += " AND (location_json ->> '%s') = %s" % ( data_key.split('____')[1], '%s') where_parameter.append(data_value[id]) elif b[data_key]['type'] == 'text' or b[data_key][ 'type'] == 'int': for id, value in enumerate(data_value): where_query += " AND (incident_data ->> '%s') = %s" % ( b[data_key]['key'], '%s') where_parameter.append(data_value[id]) elif b[data_key]['type'] == 'array': if not b[data_key]['key'] in from_query: from_query += ", json_array_elements(incidents_incident.incident_data -> '%s') as table%d" % ( b[data_key]['key'], table_no) for id, value in enumerate(data_value): where_query += " AND CAST(table%d AS TEXT) = %s" % ( table_no, '%s') where_parameter.append('"' + data_value[id] + '"') table_no += 1 elif 'repeating' in b[data_key]['type']: if not b[data_key]['key'] in from_query: from_query += ", CAST(json_array_elements(incidents_incident.incident_data -> '%s') AS JSON) as table%d" % ( b[data_key]['key'], table_no) for id, value in enumerate(data_value): where_query += " AND (table%d ->> '%s') = %s" % ( table_no, b[data_key]['sub_key'], '%s') where_parameter.append(data_value[id]) with connection.cursor() as cursor: query = """SELECT %d as field, %s , count(*) count FROM incidents_incident INNER JOIN custom_user_users ON assigned_to_id = custom_user_users.user_pk INNER JOIN incidents_incidentstatus ON (incidents_incident.incident_status_id = incidents_incidentstatus.incident_status_id)%s %s %s WHERE resort_id = %d AND custom_user_users.user_connected = 1 AND dt_created IS NOT NULL AND dt_created >= '%s' AND dt_created <= '%s' AND incidents_incidentstatus.order IN (1,2,3,4,5,6,7,8) %s GROUP BY columndetail %s ORDER BY columndetail%s;""" % \ ( idx + 1, column_query, inner_join, from_query, cross_join, resort.resort_pk, dateFrom, dateTo, where_query, group_by_query, order_by_query) cursor.execute('BEGIN;') cursor.execute("SET LOCAL TIME ZONE %s;", [resort.timezone]) cursor.execute(query, where_parameter) data = dictfetchall(cursor) cursor.execute('END;') tempdata.append( add_missing_data(data, idx + 1, dateFrom, dateTo, scale)) final_data = merge_compare_data(tempdata) if output_format == 'csv': scale = scale_mapping[request.data[0].get('scale', 'date')] return sendfile(request, settings.MEDIA_ROOT + dict_to_csv_report(final_data, 'bar', scale), attachment=True) return Response(final_data)
def report(self, request): resort = get_resort_for_user(request.user) order_by = request.query_params.get( 'order_by', 'controlled_substance__controlled_substance_name') order_by_direction = request.query_params.get('order_by_direction', 'desc') current_status = request.query_params.get('current_status', '') location_id = request.query_params.get('location_id', '') controlled_substance_id = request.query_params.get( 'controlled_substance_id', '') if order_by_direction == 'desc': order = '-' + order_by elif order_by_direction == 'asc': order = order_by if current_status == 'used': where_query = "" try: if location_id: location = ResortLocation.objects.get( location_id=location_id) else: location = None except: return Response({_('detail'): _('location not found')}) try: if controlled_substance_id: controlled_substance = ControlledSubstances.objects.get( controlled_substance_id=controlled_substance_id) else: controlled_substance = None except: return Response( {_('detail'): _('controlled_substance not found')}) # Create extended where query if location is not None: where_query += ' AND controlled_substance_stock.location = ' + str( location.location_pk) if controlled_substance is not None: where_query += ' AND controlled_substance_controlledsubstances.controlled_substance_pk = ' + str( controlled_substance.controlled_substance_pk) dateFrom = request.GET.get('date_from', None) if dateFrom is None: dateFrom = datetime.datetime.today() - datetime.timedelta( days=30) dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00") else: dateFrom = (datetime.datetime.strptime(dateFrom, "%Y-%m-%d %H:%M:%S")) dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00") dateTo = request.GET.get('date_to', None) if dateTo is None: dateTo = datetime.datetime.today() dateTo = dateTo.strftime("%Y-%m-%d 23:59:59") else: dateTo = (datetime.datetime.strptime(dateTo, "%Y-%m-%d %H:%M:%S")) dateTo = dateTo.strftime("%Y-%m-%d 23:59:59") with connection.cursor() as cursor: cursor.execute( """SELECT array_agg(controlled_substance_stockassignment.controlled_substance_stock) as pk FROM controlled_substance_stockassignment INNER JOIN controlled_substance_stock ON controlled_substance_stockassignment.controlled_substance_stock = controlled_substance_stock.controlled_substance_stock_pk INNER JOIN controlled_substance_controlledsubstances ON controlled_substance_stock.controlled_substance = controlled_substance_controlledsubstances.controlled_substance_pk WHERE controlled_substance_controlledsubstances.resort = %d AND controlled_substance_stockassignment.dt_used >= '%s' AND controlled_substance_stockassignment.dt_used <= '%s' AND controlled_substance_stockassignment.controlled_substance_stock_assignment_status = 2%s;""" % (resort.resort_pk, dateFrom, dateTo, where_query)) data = dictfetchall(cursor) query = Stock.objects.filter( controlled_substance_stock_pk__in=data[0]['pk'] if data[0]['pk'] is not None else []).exclude( current_status=DISPOSED).order_by(order) else: extra_conditions = {} if current_status: extra_conditions.update( {"current_status": STATUS[current_status]}) if location_id: extra_conditions.update({"location__location_id": location_id}) if controlled_substance_id: extra_conditions.update({ "controlled_substance__controlled_substance_id": controlled_substance_id }) query = Stock.objects.filter( controlled_substance__resort=resort, **extra_conditions).exclude( current_status=DISPOSED).order_by(order) queryset = self.filter_queryset(query) page = self.paginate_queryset(queryset) if page is not None: stocks = Stock.objects.filter( controlled_substance__resort=resort, controlled_substance__controlled_substance_id= controlled_substance_id).exclude(current_status=DISPOSED) stock_status = stock_status_count(stocks) serializer = StockReportSerializer( page, many=True, fields=('controlled_substance_stock_pk', 'controlled_substance_stock_id', 'controlled_substance', 'location', 'volume', 'dt_expiry', 'added_by_user', 'disposed_by_user')) response = self.get_paginated_response(serializer.data) response.data.update({"summary": stock_status}) return response
def relocate(self, request): resort = get_resort_for_user(request.user) controlled_substance_stock_id = request.data.get( 'controlled_substance_stock_id', '') location_id = request.data.get('location_id', '') if not controlled_substance_stock_id: return Response( { _('detail'): _('controlled_substances_stock_id not provided') }, status=400) try: stock = Stock.objects.get( controlled_substance_stock_id=controlled_substance_stock_id) controlled_substance = stock.controlled_substance except: return Response( {_('detail'): _('controlled_substance_stock not found')}, status=400) if not location_id: return Response({_('detail'): _('location_id not provided')}, status=400) try: location = ResortLocation.objects.get(location_id=location_id) except: return Response({_('detail'): _('location not found')}, status=400) if stock.current_status == DISPOSED: return Response( { _('detail'): _('this item has been disposed and can not be relocated') }, status=400) elif stock.current_status == IN: stock.location = location stock.save() elif stock.current_status == OUT: return Response( { _('detail'): _('this item is checked out. Must be checked in for relocation' ) }, status=400) elif stock.current_status == USED: return Response( { _('detail'): _('this item has been used and cannot be relocated') }, status=400) log_entry = 'Item ' + str(stock.controlled_substance_stock_pk) + ': ' + \ str(stock.volume) + ' ' + controlled_substance.units + ' of ' + \ controlled_substance.controlled_substance_name + ' ' + 'relocated to ' + location.location_name add_log(log_entry=log_entry, resort=resort, user=request.user) return Response(StockSerializer( stock, fields=('controlled_substance_stock_pk', 'controlled_substance_stock_id', 'controlled_substance', 'location', 'volume', 'dt_expiry', 'added_by_user', 'disposed_by_user', 'dt_disposed', 'dt_added')).data, status=200)
def checkin(self, request): resort = get_resort_for_user(request.user) controlled_substance_stock_assignment_id = request.data.get( 'controlled_substance_stock_assignment_id', '') location_id = request.data.get('location_id', '') if not controlled_substance_stock_assignment_id: return Response( { _('detail'): _('controlled_substances_stock_assignment_id not provided') }, status=400) try: stock_assignment = StockAssignment.objects.get( controlled_substance_stock_assignment_id= controlled_substance_stock_assignment_id) stock = stock_assignment.controlled_substance_stock controlled_substance = stock.controlled_substance except: return Response( {_('detail'): _('controlled_substance_stock not found')}, status=400) location = None if location_id: try: location = ResortLocation.objects.get(location_id=location_id) except: return Response({_('detail'): _('location not found')}, status=400) if stock.current_status == DISPOSED: return Response( { _('detail'): _('this item has been disposed and can not be checked in') }, status=400) elif stock.current_status == IN: return Response( {_('detail'): _('this item is already checked in')}, status=400) elif stock.current_status == OUT: stock.current_status = IN if location is not None: stock.location = location stock.save() stock_assignment.controlled_substance_stock_assignment_status = IN stock_assignment.save() elif stock.current_status == USED: return Response( { _('detail'): _('this item has been used and cannot be checked in') }, status=400) # Remove stock entry from the config status, message = remove_stock_entry_from_config(resort, stock) if not status: return Response({_('detail'): _(message)}, status=400) log_entry = 'Item ' + str(stock.controlled_substance_stock_pk) + ': ' + \ str(stock.volume) + ' ' + controlled_substance.units + ' of ' + \ controlled_substance.controlled_substance_name + ' ' + 'was checked-in to ' + \ stock.location.location_name + ' from ' + stock_assignment.user.name add_log(log_entry=log_entry, resort=resort, user=request.user) return Response(StockAssignmentSerializer( stock_assignment, fields=('controlled_substance_stock_assignment_id', 'controlled_substance_stock_assignment_status')).data, status=200)