def put(self, request, pk, format=None):
params = request.query_params if len(
request.data) == 0 else request.data
obj = self.get_object(pk)
if (request.user.role == "ADMIN" or request.user.is_superuser
or request.user == obj.commented_by):
serializer = CommentSerializer(obj, data=params)
if params.get("comment"):
if serializer.is_valid():
serializer.save()
return Response(
{
"error": False,
"message": "Comment Submitted"
},
status=status.HTTP_200_OK,
)
return Response(
{
"error": True,
"errors": serializer.errors
},
status=status.HTTP_400_BAD_REQUEST,
)
else:
return Response(
{
"error": True,
"errors":
"You don't have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
def post(self, request, pk, **kwargs):
params = (
self.request.query_params
if len(self.request.data) == 0
else self.request.data
)
context = {}
self.lead_obj = Lead.objects.get(pk=pk)
if self.lead_obj.org != request.org:
return Response(
{"error": True, "errors": "User company doesnot match with header...."},
status=status.HTTP_403_FORBIDDEN
)
if self.request.profile.role != "ADMIN" and not self.request.user.is_superuser:
if not (
(self.request.profile == self.lead_obj.created_by)
or (self.request.profile in self.lead_obj.assigned_to.all())
):
return Response(
{
"error": True,
"errors": "You do not have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
comment_serializer = CommentSerializer(data=params)
if comment_serializer.is_valid():
if params.get("comment"):
comment_serializer.save(
lead_id=self.lead_obj.id,
commented_by_id=self.request.profile.id,
)
if self.request.FILES.get("lead_attachment"):
attachment = Attachments()
attachment.created_by = self.request.profile
attachment.file_name = self.request.FILES.get(
"lead_attachment").name
attachment.lead = self.lead_obj
attachment.attachment = self.request.FILES.get(
"lead_attachment")
attachment.save()
comments = Comment.objects.filter(
lead__id=self.lead_obj.id).order_by("-id")
attachments = Attachments.objects.filter(lead__id=self.lead_obj.id).order_by(
"-id"
)
context.update(
{
"lead_obj": LeadSerializer(self.lead_obj).data,
"attachments": AttachmentsSerializer(attachments, many=True).data,
"comments": LeadCommentSerializer(comments, many=True).data,
}
)
return Response(context)
class EventSerializer(serializers.ModelSerializer):
created_by = ProfileSerializer()
assigned_to = ProfileSerializer(read_only=True, many=True)
contacts = ContactSerializer(read_only=True, many=True)
teams = TeamsSerializer(read_only=True, many=True)
event_attachment = AttachmentsSerializer(read_only=True, many=True)
event_comments = CommentSerializer(read_only=True, many=True)
org = OrganizationSerializer()
class Meta:
model = Event
fields = (
"id",
"name",
"event_type",
"status",
"is_active",
"disabled",
"start_date",
"start_time",
"end_date",
"end_time",
"description",
"date_of_meeting",
"created_by",
"created_on",
"contacts",
"teams",
"assigned_to",
"event_attachment",
"event_comments",
"org"
)
class TaskSerializer(serializers.ModelSerializer):
created_by = ProfileSerializer()
assigned_to = ProfileSerializer(read_only=True, many=True)
contacts = ContactSerializer(read_only=True, many=True)
teams = TeamsSerializer(read_only=True, many=True)
task_attachment = AttachmentsSerializer(read_only=True, many=True)
task_comments = CommentSerializer(read_only=True, many=True)
class Meta:
model = Task
fields = (
"id",
"title",
"status",
"priority",
"due_date",
"account",
"created_by",
"created_on",
"contacts",
"teams",
"assigned_to",
"task_attachment",
"task_comments",
)
def get_context_data(self, **kwargs):
context = {}
contact_obj = get_object_or_404(Contact, pk=kwargs['pk'])
context["contact_obj"] = ContactSerializer(contact_obj).data
user_assgn_list = [
assigned_to.id for assigned_to in contact_obj.assigned_to.all()
]
user_assigned_accounts = set(
self.request.user.account_assigned_users.values_list("id",
flat=True))
contact_accounts = set(
contact_obj.account_contacts.values_list("id", flat=True))
if user_assigned_accounts.intersection(contact_accounts):
user_assgn_list.append(self.request.user.id)
if self.request.user == contact_obj.created_by:
user_assgn_list.append(self.request.user.id)
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if self.request.user.id not in user_assgn_list:
raise PermissionDenied
assigned_data = []
for each in contact_obj.assigned_to.all():
assigned_dict = {}
assigned_dict["id"] = each.id
assigned_dict["name"] = each.email
assigned_data.append(assigned_dict)
if self.request.user.is_superuser or self.request.user.role == "ADMIN":
users_mention = list(
User.objects.filter(
is_active=True,
company=self.request.company).values("username"))
elif self.request.user != contact_obj.created_by:
users_mention = [{"username": contact_obj.created_by.username}]
else:
users_mention = list(
contact_obj.assigned_to.all().values("username"))
context.update({
"comments":
CommentSerializer(contact_obj.contact_comments.all(),
many=True).data,
"attachments":
AttachmentsSerializer(contact_obj.contact_attachment.all(),
many=True).data,
"assigned_data":
assigned_data,
"tasks":
TaskSerializer(contact_obj.contacts_tasks.all(), many=True).data,
"users_mention":
users_mention,
})
return context
def post(self, request, pk, **kwargs):
params = (self.request.query_params
if len(self.request.data) == 0 else self.request.data)
context = {}
self.opportunity_obj = Opportunity.objects.get(pk=pk)
if self.opportunity_obj.company != request.company:
return Response({
"error":
True,
"errors":
"User company doesnot match with header...."
})
comment_serializer = CommentSerializer(data=params)
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if not (
(self.request.user == self.opportunity_obj.created_by) or
(self.request.user in self.opportunity_obj.assigned_to.all())):
return Response(
{
"error":
True,
"errors":
"You don't have Permission to perform this action",
},
status=status.HTTP_401_UNAUTHORIZED,
)
if comment_serializer.is_valid():
if params.get("comment"):
comment_serializer.save(
opportunity_id=self.opportunity_obj.id,
commented_by_id=self.request.user.id,
)
if self.request.FILES.get("opportunity_attachment"):
attachment = Attachments()
attachment.created_by = self.request.user
attachment.file_name = self.request.FILES.get(
"opportunity_attachment").name
attachment.opportunity = self.opportunity_obj
attachment.attachment = self.request.FILES.get(
"opportunity_attachment")
attachment.save()
comments = Comment.objects.filter(
opportunity=self.opportunity_obj).order_by("-id")
attachments = Attachments.objects.filter(
opportunity=self.opportunity_obj).order_by("-id")
context.update({
"opportunity_obj":
OpportunitySerializer(self.opportunity_obj).data,
"attachments":
AttachmentsSerializer(attachments, many=True).data,
"comments":
CommentSerializer(comments, many=True).data,
})
return Response(context)
def post(self, request, pk, **kwargs):
params = (self.request.query_params
if len(self.request.data) == 0 else self.request.data)
context = {}
self.cases_obj = Case.objects.get(pk=pk)
comment_serializer = CommentSerializer(data=params)
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if not ((self.request.user == self.cases_obj.created_by) or
(self.request.user in self.cases_obj.assigned_to.all())):
return Response(
{
"error":
True,
"errors":
"You don't have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
if comment_serializer.is_valid():
if params.get("comment"):
comment_serializer.save(
case_id=self.cases_obj.id,
commented_by_id=self.request.user.id,
)
if self.request.FILES.get("case_attachment"):
attachment = Attachments()
attachment.created_by = self.request.user
attachment.file_name = self.request.FILES.get(
"case_attachment").name
attachment.case = self.cases_obj
attachment.attachment = self.request.FILES.get("case_attachment")
attachment.save()
attachments = Attachments.objects.filter(
case=self.cases_obj).order_by("-id")
comments = Comment.objects.filter(case=self.cases_obj).order_by("-id")
context.update({
"cases_obj":
CaseSerializer(self.cases_obj).data,
"attachments":
AttachmentsSerializer(attachments, many=True).data,
"comments":
CommentSerializer(comments, many=True).data,
})
return Response(context)
def get(self, request, pk, format=None):
self.account = self.get_object(pk=pk)
if self.account.org != request.org:
return Response(
{
"error": True,
"errors": "User company doesnot match with header...."
},
status=status.HTTP_404_NOT_FOUND,
)
context = {}
context["account_obj"] = AccountSerializer(self.account).data
if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin:
if not ((self.request.profile == self.account.created_by) or
(self.request.profile in self.account.assigned_to.all())):
return Response(
{
"error":
True,
"errors":
"You do not have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
comment_permission = False
if (self.request.profile == self.account.created_by
or self.request.profile.is_admin
or self.request.profile.role == "ADMIN"):
comment_permission = True
if self.request.profile.is_admin or self.request.profile.role == "ADMIN":
users_mention = list(
Profile.objects.filter(
is_active=True,
org=self.request.org).values("user__username"))
elif self.request.profile != self.account.created_by:
if self.account.created_by:
users_mention = [{
"username":
self.account.created_by.user.username
}]
else:
users_mention = []
else:
users_mention = []
context.update({
"attachments":
AttachmentsSerializer(self.account.account_attachment.all(),
many=True).data,
"comments":
CommentSerializer(self.account.accounts_comments.all(),
many=True).data,
"contacts":
ContactSerializer(self.account.contacts.all(), many=True).data,
"opportunity_list":
OpportunitySerializer(
Opportunity.objects.filter(account=self.account),
many=True).data,
"users":
ProfileSerializer(
Profile.objects.filter(
is_active=True,
org=self.request.org).order_by("user__email"),
many=True,
).data,
"cases":
CaseSerializer(self.account.accounts_cases.all(), many=True).data,
"stages":
STAGES,
"sources":
SOURCES,
"countries":
COUNTRIES,
"currencies":
CURRENCY_CODES,
"case_types":
CASE_TYPE,
"case_priority":
PRIORITY_CHOICE,
"case_status":
STATUS_CHOICE,
"comment_permission":
comment_permission,
"tasks":
TaskSerializer(self.account.accounts_tasks.all(), many=True).data,
"invoices":
InvoiceSerailizer(self.account.accounts_invoices.all(),
many=True).data,
"emails":
EmailSerializer(self.account.sent_email.all(), many=True).data,
"users_mention":
users_mention,
})
return Response(context)
def get_context_data(self, **kwargs):
context = {}
user_assgn_list = [
assigned_to.id for assigned_to in self.lead_obj.assigned_to.all()
]
if self.request.user == self.lead_obj.created_by:
user_assgn_list.append(self.request.user.id)
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if self.request.user.id not in user_assgn_list:
raise PermissionDenied
comments = Comment.objects.filter(
lead__id=self.lead_obj.id).order_by("-id")
attachments = Attachments.objects.filter(lead__id=self.lead_obj.id).order_by(
"-id"
)
assigned_data = []
for each in self.lead_obj.assigned_to.all():
assigned_dict = {}
assigned_dict["id"] = each.id
assigned_dict["name"] = each.email
assigned_data.append(assigned_dict)
if self.request.user.is_superuser or self.request.user.role == "ADMIN":
users_mention = list(
User.objects.filter(
is_active=True, company=self.request.company
).values("username")
)
elif self.request.user != self.lead_obj.created_by:
users_mention = [
{"username": self.lead_obj.created_by.username}]
else:
users_mention = list(
self.lead_obj.assigned_to.all().values("username"))
if self.request.user.role == "ADMIN" or self.request.user.is_superuser:
users = User.objects.filter(is_active=True, company=self.request.company).order_by(
"email"
)
else:
users = User.objects.filter(role="ADMIN", company=self.request.company).order_by(
"email"
)
user_assgn_list = [
assigned_to.id for assigned_to in self.lead_obj.get_assigned_users_not_in_teams
]
if self.request.user == self.lead_obj.created_by:
user_assgn_list.append(self.request.user.id)
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if self.request.user.id not in user_assgn_list:
raise PermissionDenied
team_ids = [user.id for user in self.lead_obj.get_team_users]
all_user_ids = [user.id for user in users]
users_excluding_team_id = set(all_user_ids) - set(team_ids)
users_excluding_team = User.objects.filter(
id__in=users_excluding_team_id)
context["users"] = UserSerializer(users, many=True).data
context["users_excluding_team"] = UserSerializer(
users_excluding_team, many=True).data
context["countries"] = COUNTRIES
context["source"] = LEAD_SOURCE
context["teams"] = TeamsSerializer(
Teams.objects.filter(company=self.request.company), many=True).data
context.update(
{
"attachments": AttachmentsSerializer(attachments, many=True).data,
"comments": CommentSerializer(comments, many=True).data,
"status": LEAD_STATUS,
"countries": COUNTRIES,
"users_mention": users_mention,
"assigned_data": assigned_data,
'lead_obj': LeadSerializer(self.lead_obj).data
}
)
return context
def get_context_data(self, **kwargs):
context = {}
user_assgn_list = [
assigned_to.id for assigned_to in self.task_obj.assigned_to.all()
]
if self.request.user == self.task_obj.created_by:
user_assgn_list.append(self.request.user.id)
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if self.request.user.id not in user_assgn_list:
return Response(
{
"error":
True,
"errors":
"You don't have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
comments = Comment.objects.filter(task=self.task_obj).order_by("-id")
attachments = Attachments.objects.filter(
task=self.task_obj).order_by("-id")
assigned_data = self.task_obj.assigned_to.values("id", "email")
if self.request.user.is_superuser or self.request.user.role == "ADMIN":
users_mention = list(
User.objects.filter(is_active=True, ).values("username"))
elif self.request.user != self.task_obj.created_by:
users_mention = [{"username": self.task_obj.created_by.username}]
else:
users_mention = list(
self.task_obj.assigned_to.all().values("username"))
if self.request.user.role == "ADMIN" or self.request.user.is_superuser:
users = User.objects.filter(is_active=True, ).order_by("email")
else:
users = User.objects.filter(role="ADMIN", ).order_by("email")
if self.request.user == self.task_obj.created_by:
user_assgn_list.append(self.request.user.id)
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if self.request.user.id not in user_assgn_list:
return Response(
{
"error":
True,
"errors":
"You don't have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
team_ids = [user.id for user in self.task_obj.get_team_users]
all_user_ids = users.values_list("id", flat=True)
users_excluding_team_id = set(all_user_ids) - set(team_ids)
users_excluding_team = User.objects.filter(
id__in=users_excluding_team_id)
context.update({
"task_obj":
TaskSerializer(self.task_obj).data,
"attachments":
AttachmentsSerializer(attachments, many=True).data,
"comments":
CommentSerializer(comments, many=True).data,
"users_mention":
users_mention,
"assigned_data":
assigned_data,
})
context["users"] = UserSerializer(users, many=True).data
context["users_excluding_team"] = UserSerializer(users_excluding_team,
many=True).data
context["teams"] = TeamsSerializer(Teams.objects.all(), many=True).data
return context
def get(self, request, pk, format=None):
context = {}
contact_obj = self.get_object(pk)
context["contact_obj"] = ContactSerializer(contact_obj).data
user_assgn_list = [
assigned_to.id for assigned_to in contact_obj.assigned_to.all()
]
user_assigned_accounts = set(
self.request.user.account_assigned_users.values_list(
"id", flat=True)
)
contact_accounts = set(
contact_obj.account_contacts.values_list("id", flat=True)
)
if user_assigned_accounts.intersection(contact_accounts):
user_assgn_list.append(self.request.user.id)
if self.request.user == contact_obj.created_by:
user_assgn_list.append(self.request.user.id)
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if self.request.user.id not in user_assgn_list:
raise PermissionDenied
assigned_data = []
for each in contact_obj.assigned_to.all():
assigned_dict = {}
assigned_dict["id"] = each.id
assigned_dict["name"] = each.email
assigned_data.append(assigned_dict)
if self.request.user.is_superuser or self.request.user.role == "ADMIN":
users_mention = list(
User.objects.filter(
is_active=True, company=self.request.company
).values("username")
)
elif self.request.user != contact_obj.created_by:
users_mention = [
{"username": contact_obj.created_by.username}]
else:
users_mention = list(
contact_obj.assigned_to.all().values("username"))
if self.request.user.role == "ADMIN" or self.request.user.is_superuser:
self.users = User.objects.filter(
is_active=True, company=self.request.company).order_by("email")
else:
self.users = User.objects.filter(
role="ADMIN", company=self.request.company).order_by("email")
if request.user == contact_obj.created_by:
user_assgn_list.append(self.request.user.id)
context["address_obj"] = BillingAddressSerializer(
contact_obj.address).data
context["users"] = UserSerializer(self.users, many=True).data
context["countries"] = COUNTRIES
context["teams"] = TeamsSerializer(
Teams.objects.filter(company=request.company), many=True).data
context.update(
{
"comments": CommentSerializer(
contact_obj.contact_comments.all(), many=True).data,
"attachments": AttachmentsSerializer(
contact_obj.contact_attachment.all(), many=True).data,
"assigned_data": assigned_data,
"tasks": TaskSerializer(
contact_obj.contacts_tasks.all(), many=True).data,
"users_mention": users_mention,
}
)
return Response(context)
def get(self, request, pk, format=None):
self.cases = self.get_object(pk=pk)
if self.cases.org != request.org:
return Response(
{"error": True, "errors": "User company doesnot match with header...."},
status=status.HTTP_403_FORBIDDEN,
)
context = {}
context["cases_obj"] = CaseSerializer(self.cases).data
if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin:
if not (
(self.request.profile == self.cases.created_by)
or (self.request.profile in self.cases.assigned_to.all())
):
return Response(
{
"error": True,
"errors": "You don't have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
comment_permission = False
if (
self.request.profile == self.cases.created_by
or self.request.profile.is_admin
or self.request.profile.role == "ADMIN"
):
comment_permission = True
if self.request.profile.is_admin or self.request.profile.role == "ADMIN":
users_mention = list(
Profile.objects.filter(
is_active=True, org=self.request.org
).values("user__username")
)
elif self.request.profile != self.cases.created_by:
if self.cases.created_by:
users_mention = [
{"username": self.cases.created_by.user.username}]
else:
users_mention = []
else:
users_mention = []
attachments = Attachments.objects.filter(
case=self.cases).order_by("-id")
comments = Comment.objects.filter(case=self.cases).order_by("-id")
context.update(
{
"attachments": AttachmentsSerializer(attachments, many=True).data,
"comments": CommentSerializer(comments, many=True).data,
"contacts": ContactSerializer(
self.cases.contacts.all(), many=True
).data,
"status": STATUS_CHOICE,
"priority": PRIORITY_CHOICE,
"type_of_case": CASE_TYPE,
"comment_permission": comment_permission,
"users_mention": users_mention,
}
)
return Response(context)
def get(self, request, pk, format=None):
self.opportunity = self.get_object(pk=pk)
context = {}
context["opportunity_obj"] = OpportunitySerializer(
self.opportunity).data
if self.opportunity.org != request.org:
return Response(
{
"error": True,
"errors": "User company doesnot match with header...."
},
status=status.HTTP_403_FORBIDDEN,
)
if self.request.profile.role != "ADMIN" and not self.request.user.is_superuser:
if not (
(self.request.profile == self.opportunity.created_by) or
(self.request.profile in self.opportunity.assigned_to.all())):
return Response(
{
"error":
True,
"errors":
"You don't have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
comment_permission = False
if (self.request.profile == self.opportunity.created_by
or self.request.user.is_superuser
or self.request.profile.role == "ADMIN"):
comment_permission = True
if self.request.user.is_superuser or self.request.profile.role == "ADMIN":
users_mention = list(
Profile.objects.filter(
is_active=True,
org=self.request.org).values("user__username"))
elif self.request.profile != self.opportunity.created_by:
if self.opportunity.created_by:
users_mention = [{
"username":
self.opportunity.created_by.user.username
}]
else:
users_mention = []
else:
users_mention = []
context.update({
"comments":
CommentSerializer(self.opportunity.opportunity_comments.all(),
many=True).data,
"attachments":
AttachmentsSerializer(
self.opportunity.opportunity_attachment.all(), many=True).data,
"contacts":
ContactSerializer(self.opportunity.contacts.all(), many=True).data,
"users":
ProfileSerializer(
Profile.objects.filter(
is_active=True,
org=self.request.org).order_by("user__email"),
many=True,
).data,
"stage":
STAGES,
"lead_source":
SOURCES,
"currency":
CURRENCY_CODES,
"comment_permission":
comment_permission,
"users_mention":
users_mention,
})
return Response(context)
def get(self, request, pk, format=None):
self.invoice = self.get_object(pk=pk)
if self.invoice.company != request.company:
return Response(
{
"error": True,
"errors": "User company doesnot match with header...."
},
status=status.HTTP_404_NOT_FOUND,
)
context = {}
context["invoice_obj"] = InvoiceSerailizer(self.invoice).data
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if not ((self.request.user == self.invoice.created_by) or
(self.request.user in self.invoice.assigned_to.all())):
return Response({
"error":
True,
"errors":
"You don't have Permission to perform this action",
})
comment_permission = (True if
(self.request.user == self.invoice.created_by
or self.request.user.is_superuser or
self.request.user.role == "ADMIN") else False)
if self.request.user.is_superuser or self.request.user.role == "ADMIN":
users_mention = list(
User.objects.filter(
is_active=True,
company=self.request.company,
).values("username"))
elif self.request.user != self.invoice.created_by:
if self.invoice.created_by:
users_mention = [{
"username": self.invoice.created_by.username
}]
else:
users_mention = []
else:
users_mention = []
attachments = Attachments.objects.filter(
invoice=self.invoice).order_by("-id")
comments = Comment.objects.filter(invoice=self.invoice).order_by("-id")
context.update({
"attachments":
AttachmentsSerializer(attachments, many=True).data,
"comments":
CommentSerializer(comments, many=True).data,
"invoice_history":
InvoiceHistorySerializer(self.invoice.invoice_history.all(),
many=True).data,
"accounts":
AccountSerializer(self.invoice.accounts.all(), many=True).data,
"users":
UserSerializer(
User.objects.filter(
is_active=True,
company=self.request.company,
).order_by("email"),
many=True,
).data,
"comment_permission":
comment_permission,
"users_mention":
users_mention,
"status":
INVOICE_STATUS,
"currency":
CURRENCY_CODES,
"countries":
COUNTRIES,
})
return Response(context)
def get(self, request, pk, format=None):
context = {}
context["account_obj"] = AccountSerializer(self.account).data
if self.request.user.role != "ADMIN" and not self.request.user.is_superuser:
if not ((self.request.user == self.account.created_by) or
(self.request.user in self.account.assigned_to.all())):
raise PermissionDenied
comment_permission = (True if
(self.request.user == self.account.created_by
or self.request.user.is_superuser or
self.request.user.role == "ADMIN") else False)
if self.request.user.is_superuser or self.request.user.role == "ADMIN":
users_mention = list(
User.objects.filter(
is_active=True,
company=self.request.company,
).values("username"))
elif self.request.user != self.account.created_by:
if self.account.created_by:
users_mention = [{
"username": self.account.created_by.username
}]
else:
users_mention = []
else:
users_mention = []
context.update({
"comments":
CommentSerializer(self.account.accounts_comments.all(),
many=True).data,
"attachments":
AttachmentsSerializer(self.account.account_attachment.all(),
many=True).data,
"opportunity_list":
OpportunitySerializer(
Opportunity.objects.filter(account=self.account),
many=True).data,
"contacts":
ContactSerializer(self.account.contacts.all(), many=True).data,
"users":
UserSerializer(
User.objects.filter(
is_active=True,
company=self.request.company,
).order_by("email"),
many=True,
).data,
"cases":
CaseSerializer(Case.objects.filter(account=self.account),
many=True).data,
"stages":
STAGES,
"sources":
SOURCES,
"countries":
COUNTRIES,
"currencies":
CURRENCY_CODES,
"case_types":
CASE_TYPE,
"case_priority":
PRIORITY_CHOICE,
"case_status":
STATUS_CHOICE,
"comment_permission":
comment_permission,
"tasks":
TaskSerializer(self.account.accounts_tasks.all(), many=True).data,
"invoices":
InvoiceSerailizer(self.account.accounts_invoices.all(),
many=True).data,
"emails":
EmailSerailizer(self.account.sent_email.all(), many=True).data,
"users_mention":
users_mention,
})
return Response(context)
def get(self, request, pk, format=None):
context = {}
contact_obj = self.get_object(pk)
context["contact_obj"] = ContactSerializer(contact_obj).data
user_assgn_list = [
assigned_to.id for assigned_to in contact_obj.assigned_to.all()
]
user_assigned_accounts = set(
self.request.profile.account_assigned_users.values_list("id",
flat=True))
contact_accounts = set(
contact_obj.account_contacts.values_list("id", flat=True))
if user_assigned_accounts.intersection(contact_accounts):
user_assgn_list.append(self.request.profile.id)
if self.request.profile == contact_obj.created_by:
user_assgn_list.append(self.request.profile.id)
if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin:
if self.request.profile.id not in user_assgn_list:
return Response(
{
"error":
True,
"errors":
"You do not have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
assigned_data = []
for each in contact_obj.assigned_to.all():
assigned_dict = {}
assigned_dict["id"] = each.id
assigned_dict["name"] = each.email
assigned_data.append(assigned_dict)
if self.request.profile.is_admin or self.request.profile.role == "ADMIN":
users_mention = list(
Profile.objects.filter(
is_active=True, org=request.org).values("user__username"))
elif self.request.profile != contact_obj.created_by:
users_mention = [{
"username": contact_obj.created_by.user.username
}]
else:
users_mention = list(
contact_obj.assigned_to.all().values("username"))
if request.profile == contact_obj.created_by:
user_assgn_list.append(self.request.profile.id)
context["address_obj"] = BillingAddressSerializer(
contact_obj.address).data
context["countries"] = COUNTRIES
context.update({
"comments":
CommentSerializer(contact_obj.contact_comments.all(),
many=True).data,
"attachments":
AttachmentsSerializer(contact_obj.contact_attachment.all(),
many=True).data,
"assigned_data":
assigned_data,
"tasks":
TaskSerializer(contact_obj.contacts_tasks.all(), many=True).data,
"users_mention":
users_mention,
})
return Response(context)
def get_context_data(self, **kwargs):
context = {}
user_assgn_list = [
assigned_to.id for assigned_to in self.event_obj.assigned_to.all()
]
if self.request.profile == self.event_obj.created_by:
user_assgn_list.append(self.request.profile.id)
if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin:
if self.request.profile.id not in user_assgn_list:
return Response(
{
"error":
True,
"errors":
"You don't have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
comments = Comment.objects.filter(event=self.event_obj).order_by("-id")
attachments = Attachments.objects.filter(
event=self.event_obj).order_by("-id")
assigned_data = self.event_obj.assigned_to.values("id", "user__email")
if self.request.profile.is_admin or self.request.profile.role == "ADMIN":
users_mention = list(
Profile.objects.filter(
is_active=True, ).values("user__username"))
elif self.request.profile != self.event_obj.created_by:
users_mention = [{
"username":
self.event_obj.created_by.user.username
}]
else:
users_mention = list(
self.event_obj.assigned_to.all().values("user__username"))
profile_list = Profile.objects.filter(is_active=True,
org=self.request.org)
if self.request.profile.role == "ADMIN" or self.request.profile.is_admin:
profiles = profile_list.order_by("user__email")
else:
profiles = profile_list.filter(
role="ADMIN").order_by("user__email")
if self.request.profile == self.event_obj.created_by:
user_assgn_list.append(self.request.profile.id)
if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin:
if self.request.profile.id not in user_assgn_list:
return Response(
{
"error":
True,
"errors":
"You don't have Permission to perform this action",
},
status=status.HTTP_403_FORBIDDEN,
)
team_ids = [user.id for user in self.event_obj.get_team_users]
all_user_ids = profiles.values_list("id", flat=True)
users_excluding_team_id = set(all_user_ids) - set(team_ids)
users_excluding_team = Profile.objects.filter(
id__in=users_excluding_team_id)
selected_recurring_days = Event.objects.filter(
name=self.event_obj.name).values_list("date_of_meeting", flat=True)
selected_recurring_days = set(
[day.strftime("%A") for day in selected_recurring_days])
context.update({
"event_obj":
EventSerializer(self.event_obj).data,
"attachments":
AttachmentsSerializer(attachments, many=True).data,
"comments":
CommentSerializer(comments, many=True).data,
"selected_recurring_days":
selected_recurring_days,
"users_mention":
users_mention,
"assigned_data":
assigned_data,
})
context["users"] = ProfileSerializer(profiles, many=True).data
context["users_excluding_team"] = ProfileSerializer(
users_excluding_team, many=True).data
context["teams"] = TeamsSerializer(Teams.objects.all(), many=True).data
return context
