def api_get_users(request): """ GET /manage-users/api/users/ Retrieves all users associated with a company """ company = get_company_or_404(request) users = User.objects.select_related('roles').filter(roles__company=company) ctx = {} for user in users: last_invitation = "" if not user.is_verified: invitations = Invitation.objects.filter( invitee_email=user.email).order_by("-invited") if invitations: last_invitation = invitations.first().invited.strftime( "%Y-%m-%d") ctx[user.pk] = { 'email': user.email, 'isVerified': user.is_verified, 'lastInvitation': last_invitation, 'roles': list( user.roles.filter(company=company).values_list('name', flat=True)) } return HttpResponse(json.dumps(ctx), content_type="application/json")
def tag_color(request): if request.method == 'GET': company = get_company_or_404(request) name = request.GET.get('name') colors = list(Tag.objects.filter( company=company, name=name).values_list('hex_color', flat=True)) return HttpResponse(json.dumps(colors))
def wrap(request, *args, **kwargs): #TODO: Remove this logic once feature is rolled out. for the # moment, we only want this decorator factory to work in QC # and Staging. if not settings.DEBUG: return view_func(request, *args, **kwargs) company = get_company_or_404(request) # the app_access we have, determined by the current company company_access = company.app_access.values_list('name', flat=True) user_activities = request.user.roles.values_list( 'activities__name', flat=True) # the app_access we need, determined by the activities passed in required_access = AppAccess.objects.filter( activity__name__in=activities).values_list( 'name', flat=True) # company should have at least the access required by the view if not bool(company_access) or not set(required_access).issubset( company_access): return access_callback() # the user should have at least the activities required by the view elif not bool(user_activities) or not set(activities).issubset( user_activities): return activity_callback() else: return view_func(request, *args, **kwargs)
def old_report_preview(request): company = get_company_or_404(request) report_id = request.GET.get('id', 0) report = get_object_or_404(DynamicReport, pk=report_id) report_type = report.report_data.report_type.report_type if report_type == 'communication-records': driver = ds_json_drivers['comm_records'] ds_filter = driver.build_filter(report.filters) records = driver.ds.filtered_query_set(company, ds_filter) ctx = { 'emails': records.emails, 'calls': records.calls, 'searches': records.searches, 'meetings': records.meetings, 'applications': records.applications, 'interviews': records.interviews, 'hires': records.hires, 'communications': records.communication_activity.count(), 'referrals': records.referrals, 'contacts': list(records.contacts), } return HttpResponse(content_type='application/json', content=json.dumps(ctx)) elif report_type in ['contacts', 'partners']: return HttpResponse(content_type='application/json', content=report.json)
def refresh_report(request): company = get_company_or_404(request) report_id = request.POST['report_id'] report = get_object_or_404(DynamicReport, owner=company, pk=report_id) report.regenerate() return HttpResponse(content_type='application/json', content='{}')
def prm(request): """ Partner Relationship Manager """ company = get_company_or_404(request) partners = filter_partners(request) paginator = add_pagination(request, partners) if partners else None if request.is_ajax(): ctx = {"partners": paginator, "on_page": "prm", "ajax": "true"} response = HttpResponse() html = render_to_response("mypartners/includes/partner_column.html", ctx, RequestContext(request)) response.content = html.content return response ctx = { "has_partners": True if paginator else False, "partners": paginator, "company": company, "user": request.user, "partner_ct": ContentType.objects.get_for_model(Partner).id, "view_name": "PRM", } return render_to_response("mypartners/prm.html", ctx, RequestContext(request))
def get(self, *args, **kwargs): company = get_company_or_404(self.request) if not can_modify(self.request.user, company, kwargs, "update product", "create product"): return MissingActivity() return super(ProductFormView, self).get(*args, **kwargs)
def partner_library(request): company = get_company_or_404(request) if request.is_ajax(): partners = filter_partners(request, True) paginator = add_pagination(request, partners) ctx = { 'partners': paginator, 'on_page': 'partner_library' } response = HttpResponse() html = render_to_response('mypartners/includes/partner_column.html', ctx, RequestContext(request)) response.content = html.content return response partners = filter_partners(request, True) paginator = add_pagination(request, partners) ctx = { 'company': company, 'view_name': 'PRM', 'partners': paginator } return render_to_response('mypartners/partner_library.html', ctx, RequestContext(request))
def post(self, *args, **kwargs): company = get_company_or_404(self.request) if not can_modify(self.request.user, company, kwargs, "update job", "create job"): return MissingActivity() return super(JobFormView, self).post(*args, **kwargs)
def view_invoice(request, purchased_product): company = get_company_or_404(request) kwargs = { 'pk': purchased_product, } if 'posting/admin' in request.get_full_path(): kwargs['product__owner'] = company else: kwargs['owner'] = company product = get_object_or_404(PurchasedProduct, **kwargs) invoice = product.invoice data = { 'company': company, 'purchased_product': product, 'invoice': invoice, 'purchases': invoice.invoiced_products.all() } # m is used to render success message. Also, 'm' for shorter url query set. if 'm' in request.GET: data.update({ 'alert': 'success', 'alert_message': '<b>Success!</b> You should receive ' 'this invoice shortly.' }) return render_to_response('postajob/view_invoice.html', data, RequestContext(request))
def tag_color(request): if request.method == "GET": company = get_company_or_404(request) name = request.GET.get("name") data = {"name": name} tag_color = list(Tag.objects.from_search(company, data).values_list("hex_color", flat=True)) return HttpResponse(json.dumps(tag_color))
def delete_prm_item(request): """ Deletes Partners and Contacts """ company = get_company_or_404(request) partner_id = request.REQUEST.get('partner') partner_id = get_int_or_none(partner_id) item_id = request.REQUEST.get('id') contact_id = get_int_or_none(item_id) content_id = request.REQUEST.get('ct') content_id = get_int_or_none(content_id) if content_id == ContentType.objects.get_for_model(Partner).id: partner = get_object_or_404(Partner, id=partner_id, owner=company) log_change(partner, None, request.user, partner, partner.name, action_type=DELETION) partner.archive() return HttpResponseRedirect(reverse('prm') + '?company=' + str(company.id)) elif content_id == ContentType.objects.get_for_model(ContactRecord).id: contact_record = get_object_or_404(ContactRecord, partner=partner_id, id=item_id) partner = get_object_or_404(Partner, id=partner_id, owner=company) # At one point, contacts could be deleted. The previous functionality # at this location couldn't handle that, accessing # contact_record.contact.name directly. Chaining getattr may not be # pretty but it ensures that we will never be accessing nonexistent # attributes. contact_name = getattr(getattr(contact_record, 'contact', None), 'name', '') log_change(contact_record, None, request.user, partner, contact_name, action_type=DELETION) contact_record.archive() return HttpResponseRedirect(reverse('partner_records')+'?company=' + str(company.id)+'&partner=' + str(partner_id)) elif content_id == ContentType.objects.get_for_model(PartnerSavedSearch).id: saved_search = get_object_or_404(PartnerSavedSearch, id=item_id) partner = get_object_or_404(Partner, id=partner_id, owner=company) log_change(saved_search, None, request.user, partner, saved_search.email, action_type=DELETION) saved_search.delete() return HttpResponseRedirect(reverse('partner_searches')+'?company=' + str(company.id)+'&partner=' + str(partner_id)) else: partner = get_object_or_404(Partner, id=partner_id, owner=company) contact = get_object_or_404(Contact, id=contact_id) log_change(contact, None, request.user, partner, contact.name, action_type=DELETION) contact.archive() return HttpResponseRedirect(reverse('partner_details')+'?company=' + str(company.id)+'&partner=' + str(partner_id))
def view_invoice(request, purchased_product): company = get_company_or_404(request) kwargs = { 'pk': purchased_product, } if 'posting/admin' in request.get_full_path(): kwargs['product__owner'] = company else: kwargs['owner'] = company product = get_object_or_404(PurchasedProduct, **kwargs) invoice = product.invoice data = { 'company': company, 'purchased_product': product, 'invoice': invoice, 'purchases': invoice.invoiced_products.all() } # m is used to render success message. Also, 'm' for shorter url query set. if 'm' in request.GET: data.update({'alert': 'success', 'alert_message': '<b>Success!</b> You should receive ' 'this invoice shortly.' }) return render_to_response('postajob/view_invoice.html', data, RequestContext(request))
def api_get_users(request): """ GET /manage-users/api/users/ Retrieves all users associated with a company """ company = get_company_or_404(request) users = User.objects.select_related('roles').filter(roles__company=company) ctx = {} for user in users: last_invitation = "" if not user.is_verified: invitations = Invitation.objects.filter( invitee_email=user.email).order_by("-invited") if invitations: last_invitation = invitations.first().invited.strftime( "%Y-%m-%d") ctx[user.pk] = { 'email': user.email, 'isVerified': user.is_verified, 'lastInvitation': last_invitation, 'roles': list(user.roles.filter(company=company).values_list( 'name', flat=True)) } return HttpResponse(json.dumps(ctx), content_type="application/json")
def prm(request): """ Partner Relationship Manager """ company = get_company_or_404(request) partners = filter_partners(request) paginator = add_pagination(request, partners) if partners else None if request.is_ajax(): ctx = { 'partners': paginator, 'on_page': 'prm', 'ajax': 'true', } response = HttpResponse() html = render_to_response('mypartners/includes/partner_column.html', ctx, RequestContext(request)) response.content = html.content return response ctx = { 'has_partners': True if paginator else False, 'partners': paginator, 'company': company, 'user': request.user, 'partner_ct': ContentType.objects.get_for_model(Partner).id, 'view_name': 'PRM', } return render_to_response('mypartners/prm.html', ctx, RequestContext(request))
def edit_partner_tag(request): company = get_company_or_404(request) if request.POST: data = {'id': request.GET.get('id')} tag = Tag.objects.from_search(company, data).first() form = TagForm(instance=tag, auto_id=False, data=request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse('partner_tagging')) else: ctx = { 'company': company, 'form': form, 'tag': tag } return render_to_response('mypartners/edit_tag.html', ctx, RequestContext(request)) else: data = {'id': request.GET.get('id')} tag = Tag.objects.from_search(company, data).first() form = TagForm(instance=tag, auto_id=False) ctx = { 'company': company, 'tag': tag, 'form': form } return render_to_response('mypartners/edit_tag.html', ctx, RequestContext(request))
def help_api(request): """Get help for a partially filled out field. report_data_id: Report Data ID filter: JSON string with user filter to use field: Name of field to get help for partial: Data entered so far response: [{'value': data, 'display': data to display}] """ company = get_company_or_404(request) request_data = request.POST report_data_id = request_data['report_data_id'] filter_spec = request_data['filter'] field = request_data['field'] partial = request_data['partial'] report_data = ReportTypeDataTypes.objects.get(id=report_data_id) datasource = report_data.report_type.datasource driver = ds_json_drivers[datasource] result = driver.help(company, filter_spec, field, partial) return HttpResponse(content_type="application/json", content=json.dumps(result))
def overview(request): """The Reports app landing page.""" company = get_company_or_404(request) success = 'success' in request.POST reports = Report.objects.filter(owner=company).order_by("-created_on") report_count = reports.count() past_reports = reports[:10] states = OrderedDict( sorted((v, k) for k, v in location_data.states.inv.iteritems())) ctx = { "company": company, "success": success, "states": json.dumps(states), "past_reports": past_reports, "report_count": report_count } if request.is_ajax(): response = HttpResponse() html = render_to_response('myreports/includes/report_overview.html', ctx, RequestContext(request)).content response.content = html return response return render_to_response('myreports/reports.html', ctx, RequestContext(request))
def wrap(request, *args, **kwargs): invalid_user = any([not request.user, not request.user.pk, request.user.is_anonymous()]) if invalid_user: path = request.path qs = request.META.get('QUERY_STRING') next_url = request.get_full_path() return HttpResponseRedirect(reverse('login')+'?next='+next_url) # get_company isn't reliable, see PD-2260 on JIRA company = get_company_or_404(request) # the app_access we need, determined by the activities passed in required_access = Activity.objects.filter( name__in=activities).required_access # company should have at least the access required by the view has_access = set(required_access).issubset(company.enabled_access) # the user should have at least the activities required by the view has_activities = compare( activities, request.user.get_activities(company)) if not has_access: return access_callback(request) elif not has_activities: return activity_callback(request) else: return view_func(request, *args, **kwargs)
def edit_item(request): """ Contact/Partner Form. If the user reaches this form thorugh the `edit_contact` URL and a valid partner_id is provided, they are presented with the "Add Partner" form. Conversely, if the user reaches this form through the `create_partner` URL, they are presented with "Add Contact" form. If a valid `item_id` is passed, we preload the form with that contact's information. """ try: partner_id = int(request.REQUEST.get("partner") or 0) item_id = int(request.REQUEST.get('id') or 0) content_id = int(request.REQUEST.get('ct') or 0) except ValueError: raise Http404 company = get_company_or_404(request) partners = [] contacts = [] if partner_id and request.path == reverse('edit_contact'): partner = get_object_or_404(company.partner_set.all(), id=partner_id) if item_id: item = get_object_or_404(Contact, partner=partner, pk=item_id) form = ContactForm(instance=item, auto_id=False) else: contacts = list(partner.contact_set.filter( archived_on__isnull=True).values( 'pk', 'name', 'email', 'phone')) form = ContactForm() item = None elif request.path == reverse('create_partner'): partner = None if item_id: item = get_object_or_404(Partner, pk=item_id) form = PartnerForm(instance=item) else: partners = list(company.partner_set.values( 'pk', 'name', 'uri')) item = None form = NewPartnerForm() else: raise Http404 ctx = { 'form': form, 'partner': partner, 'partners': json.dumps(partners), 'company': company, 'contact': item, 'contacts': json.dumps(contacts), 'content_id': content_id, 'view_name': 'PRM', } if item_id: ctx['locations'] = Contact.objects.get(pk=item_id).locations.all() return render_to_response('mypartners/edit_item.html', ctx, RequestContext(request))
def run_dynamic_report(request): """Run a dynamic report. report_data_id: Report Presentation ID name: name of report filter_spec: JSON string with user filter to use response: {'id': new dynamic report id} """ validator = ApiValidator() company = get_company_or_404(request) report_data_id = request.POST['report_data_id'] name = request.POST.get('name', '') if not name: validator.note_field_error("name", "Report name must not be empty.") filter_spec = request.POST.get('filter', '{}') report_data = ReportTypeDataTypes.objects.get(id=report_data_id) if validator.has_errors(): return validator.build_error_response() report = DynamicReport.objects.create(report_data=report_data, filters=filter_spec, name=name, owner=company) report.regenerate() data = {'id': report.id} return HttpResponse(content_type='application/json', content=json.dumps(data))
def run_dynamic_report(request): """Run a dynamic report. report_data_id: Report Presentation ID name: name of report filter_spec: JSON string with user filter to use response: {'id': new dynamic report id} """ validator = ApiValidator() company = get_company_or_404(request) report_data_id = request.POST['report_data_id'] name = request.POST.get('name', '') if not name: validator.note_field_error("name", "Report name must not be empty.") filter_spec = request.POST.get('filter', '{}') report_data = ReportTypeDataTypes.objects.get(id=report_data_id) if validator.has_errors(): return validator.build_error_response() report = DynamicReport.objects.create( report_data=report_data, filters=filter_spec, name=name, owner=company) report.regenerate() data = {'id': report.id} return HttpResponse(content_type='application/json', content=json.dumps(data))
def overview(request): """The Reports app landing page.""" company = get_company_or_404(request) # used to remember version of reporting user last visited reporting_cookie = ('reporting_version', 'classic') success = 'success' in request.POST reports = Report.objects.filter(owner=company).order_by("-created_on") report_count = reports.count() past_reports = reports[:10] states = OrderedDict( sorted((v, k) for k, v in location_data.states.inv.iteritems())) ctx = { "company": company, "success": success, "states": json.dumps(states), "past_reports": past_reports, "report_count": report_count } if request.is_ajax(): response = HttpResponse() response.set_cookie(*reporting_cookie) html = render_to_response('myreports/includes/report_overview.html', ctx, RequestContext(request)).content response.content = html return response return render_to_response('myreports/reports.html', ctx, RequestContext(request))
def wrap(request, *args, **kwargs): invalid_user = any([ not request.user, not request.user.pk, request.user.is_anonymous() ]) if invalid_user: path = request.path qs = request.META.get('QUERY_STRING') next_url = request.get_full_path() return HttpResponseRedirect( reverse('login') + '?next=' + next_url) # get_company isn't reliable, see PD-2260 on JIRA company = get_company_or_404(request) # the app_access we need, determined by the activities passed in required_access = Activity.objects.filter( name__in=activities).required_access # company should have at least the access required by the view has_access = set(required_access).issubset(company.enabled_access) # the user should have at least the activities required by the view has_activities = compare(activities, request.user.get_activities(company)) if not has_access: return access_callback(request) elif not has_activities: return activity_callback(request) else: return view_func(request, *args, **kwargs)
def delete_partner_tag(request): company = get_company_or_404(request) pk = request.GET.get('id') tag = Tag.objects.filter(pk=pk).first() tag.delete() return HttpResponseRedirect(reverse('partner_tagging'))
def get_default_report_name(request): validator = ApiValidator() get_company_or_404(request) # We don't actually need this but it seems like it will be important # if we ever start picking meaningful names. rp_id = request.POST.get('report_presentation_id', None) if not rp_id: validator.note_field_error( "report_presentation_id", "Report presentation id must not be empty.") if validator.has_errors(): return validator.build_error_response() data = {'name': str(datetime.now())} return HttpResponse(content_type='application/json', content=json.dumps(data))
def post(self, *args, **kwargs): company = get_company_or_404(self.request) if not can_modify(self.request.user, company, kwargs, "update offline purchase", "create offline purchase"): return MissingActivity() return super(OfflinePurchaseFormView, self).post(*args, **kwargs)
def delete_partner_tag(request): company = get_company_or_404(request) data = {'id': request.GET.get('id')} tag = Tag.objects.from_search(company, data).first() tag.delete() return HttpResponseRedirect(reverse('partner_tagging'))
def partner_tagging(request): company = get_company_or_404(request) tags = Tag.objects.from_search(company).order_by("name") ctx = {"company": company, "tags": tags} return render_to_response("mypartners/partner_tagging.html", ctx, RequestContext(request))
def tag_names(request): if request.method == "GET": company = get_company_or_404(request) value = request.GET.get("value") data = {"name": value} tag_names = list(Tag.objects.from_search(company, data).values_list("name", flat=True)) tag_names = sorted(tag_names, key=lambda x: x if not x.startswith(value) else "-" + x) return HttpResponse(json.dumps(tag_names))
def get_queryset(self): if self.request.user.is_superuser: # If this is on the admin site or the user is a superuser, # get all sites for the current company. sites = SeoSite.objects.all() else: company = get_company_or_404(self.request) sites = company.get_seo_sites() return sites
def set_object(self, *args, **kwargs): """ Every add is actually an edit. """ company = get_company_or_404(self.request) kwargs = {'company': company} self.object, _ = self.model.objects.get_or_create(**kwargs) return self.object
def partner_tagging(request): company = get_company_or_404(request) tags = Tag.objects.from_search(company).order_by('name') ctx = {'company': company, 'tags': tags} return render_to_response('mypartners/partner_tagging.html', ctx, RequestContext(request))
def edit_item(request): """ Contact/Partner Form. If the user reaches this form thorugh the `edit_contact` URL and a valid partner_id is provided, they are presented with the "Add Partner" form. Conversely, if the user reaches this form through the `create_partner` URL, they are presented with "Add Contact" form. If a valid `item_id` is passed, we preload the form with that contact's information. """ try: partner_id = int(request.REQUEST.get("partner") or 0) item_id = int(request.REQUEST.get("id") or 0) content_id = int(request.REQUEST.get("ct") or 0) except ValueError: raise Http404 company = get_company_or_404(request) partners = [] contacts = [] if partner_id and request.path == reverse("edit_contact"): partner = get_object_or_404(company.partner_set.all(), id=partner_id) if item_id: item = get_object_or_404(Contact, partner=partner, pk=item_id) form = ContactForm(instance=item, auto_id=False) else: contacts = list(partner.contact_set.filter(archived_on__isnull=True).values("pk", "name", "email", "phone")) form = ContactForm() item = None elif request.path == reverse("create_partner"): partner = None if item_id: item = get_object_or_404(Partner, pk=item_id) form = PartnerForm(instance=item) else: partners = list(company.partner_set.values("pk", "name", "uri")) item = None form = NewPartnerForm() else: raise Http404 ctx = { "form": form, "partner": partner, "partners": json.dumps(partners), "company": company, "contact": item, "contacts": json.dumps(contacts), "content_id": content_id, "view_name": "PRM", } if item_id: ctx["locations"] = Contact.objects.get(pk=item_id).locations.all() return render_to_response("mypartners/edit_item.html", ctx, RequestContext(request))
def manage_users(request): """ View for manage users """ company = get_company_or_404(request) ctx = {"company": company} return render_to_response('manageusers/index.html', ctx, RequestContext(request))
def tag_names(request): if request.method == 'GET': company = get_company_or_404(request) value = request.GET.get('value') names = list(Tag.objects.filter( company=company, name__icontains=value).values_list( 'name', flat=True)) names = sorted( names, key=lambda x: x if not x.startswith(value) else "-" + x) return HttpResponse(json.dumps(names))
def blocked_user_management(request): """ Displays blocked users (if any) for the current company as well as an unblock link. """ company = get_company_or_404(request) profile = CompanyProfile.objects.get_or_create(company=company)[0] blocked_users = profile.blocked_users.all() data = {'company': company, 'blocked_users': blocked_users} return render_to_response('postajob/blocked_user_management.html', data, RequestContext(request))
def get_company_buids(request): """ retrieve a list of buids for a given company :param request: :return: buids (list) """ user_company = get_company_or_404(request) job_sources = user_company.job_source_ids.all() return [job_source.id for job_source in job_sources]
def report_archive(request): """Archive of previously run reports.""" if request.is_ajax(): company = get_company_or_404(request) reports = Report.objects.filter(owner=company).order_by("-created_on") ctx = {"reports": reports} response = HttpResponse() html = render_to_response('myreports/includes/report-archive.html', ctx, RequestContext(request)) response.content = html.content return response
def __init__(self, *args, **kwargs): request = kwargs.pop('request') company = get_company_or_404(request) self.sites = SeoSite.objects.filter(canonical_company=company) super(EmailDomainForm, self).__init__(*args, **kwargs) for site in self.sites: field_kwargs = { 'widget': forms.Select(), 'choices': site.email_domain_choices(), 'initial': site.email_domain, 'label': 'Email Domain For %s' % site.domain, } self.fields[str(site.pk)] = forms.ChoiceField(**field_kwargs) autofocus_input(self)
def purchasedproducts_overview(request): company = get_company_or_404(request) sites = settings.SITE.postajob_site_list() products = PurchasedProduct.objects.filter_by_sites(sites) jobs = PurchasedJob.objects.filter_by_sites(sites) products = products.filter(owner=company, owner__role__user=request.user).distinct() data = { 'company': settings.SITE.canonical_company, 'jobs': jobs.filter(owner=company, owner__role__user=request.user), 'active_products': products.filter(expiration_date__gte=date.today()), 'expired_products': products.filter(expiration_date__lt=date.today()), } return render_to_response('postajob/purchasedproducts_overview.html', data, RequestContext(request))
def view_records(request, app="mypartners", model="contactrecord"): """ Returns records as JSON. Inputs: :request: Request object to inspect for search parameters. :app: Application to query. :model: Model to query. Query String Parameters: :filters: A JSON string representing th exact query to be run. :values: The fields to include in the output. :order_by: The field to order the results by. Prefix with a '-' to indiciate descending order. Output: A JSON response containing the records queried for. """ if request.is_ajax() and request.method == 'POST': company = get_company_or_404(request) filters = request.POST.get("filters") values = request.POST.getlist("values") order_by = request.POST.get("order_by", None) records = get_model(app, model).objects.from_search( company, filters) if values: if not hasattr(values, '__iter__'): values = [values] records = records.values(*values) if order_by: if not hasattr(order_by, '__iter__'): order_by = [order_by] records = records.order_by(*order_by) ctx = serialize('json', records, values=values) response = HttpResponse( ctx, content_type='application/json; charset=utf-8') return response else: raise Http404("This view is only reachable via an AJAX GET request.")
def unblock_user(request, pk): """ Unblocks a given user that has previously been blocked from posting jobs. Inputs: :pk: ID of user that has been blocked """ company = get_company_or_404(request) profile = company.companyprofile if profile: try: user = User.objects.get(pk=pk) except User.DoesNotExist: pass else: profile.blocked_users.remove(user) return redirect(reverse('blocked_user_management'))
def view_job(request, purchased_product, pk, admin): http404_view = 'postajob.views.view_job' company = get_company_or_404(request) purchased_product = PurchasedProduct.objects.get(pk=purchased_product) if admin and purchased_product.product.owner != company: raise Http404("{view}: Current company and product owner do not " "match".format(view=http404_view)) elif not admin and purchased_product.owner != company: raise Http404("{view}: Current company and purchased product owner do " "not match".format(view=http404_view)) data = { 'admin': admin, 'company': company, 'purchased_product': purchased_product, 'job': PurchasedJob.objects.get(pk=pk) } return render_to_response('postajob/view_job.html', data, RequestContext(request))
def api_edit_user(request, user_id=0): """ GET /manage-users/api/users/NUMBER Retrieves specific user """ company = get_company_or_404(request) user = User.objects.filter(pk=user_id).first() add = request.POST.getlist('add') remove = request.POST.getlist('remove') new_roles = [] is_last_admin = False ctx = {'errors': []} if user: current_roles = list(user.roles.values_list('name', flat=True)) new_roles = set(current_roles + add) - set(remove) is_last_admin = list(company.admins) == [user] else: ctx['errors'].append('User does not exist.') if not ctx['errors'] and not new_roles: # Somehow, the API caused all roles to be removed from a user, which in # effect removes that user from the company ctx['errors'].append('Operation failed, as completing it would have ' 'removed the user from the company. Is another ' 'Admin also editing users?') # Since new_roles is empty, if there is only one admin, we'd be # removing them from the company, which would prevent anyone from # modifying users for the company if is_last_admin and 'Admin' not in new_roles: ctx['errors'].append('Operation failed, as completing it would have ' 'removed the last Admin from the company. Is ' 'another Admin also editing users?') if user and not ctx['errors']: ctx['added'] = add ctx['removed'] = remove user.roles = Role.objects.filter(company=company, name__in=new_roles) return HttpResponse(json.dumps(ctx), content_type="application/json")
def get_dynamic_report_info(request): company = get_company_or_404(request) validator = ApiValidator() report_id = request.GET.get('report_id') if report_id is None: validator.note_field_error('report_id', 'Missing report id.') if validator.has_errors(): return validator.build_error_response() report_list = list(DynamicReport.objects.filter(id=report_id)) if len(report_list) < 1: validator.note_field_error('report_id', 'Unknown report id.') if validator.has_errors(): return validator.build_error_response() report = report_list[0] # Guessing here. Many to many makes this ambiguous. reporting_type = ( report.report_data.report_type.reportingtype_set.all()[0] .reporting_type) report_type = ( report.report_data.report_type.report_type) data_type = ( report.report_data.data_type.data_type) driver = ds_json_drivers[report.report_data.report_type.datasource] adorned_filter = driver.adorn_filter(company, report.filters) response = { 'report_details': { 'id': report.pk, 'report_data_id': report.report_data.pk, 'reporting_type': reporting_type, 'report_type': report_type, 'data_type': data_type, 'name': report.name, 'filter': adorned_filter, } } return HttpResponse(content_type='application/json', content=driver.serialize_filterlike(response))
def api_delete_role(request, role_id=0): """ POST /manage-users/api/roles/delete/NUMBER Deletes a role Inputs: :role_id: id of role Returns: :success: boolean """ ctx = {} if request.method != "DELETE": ctx["success"] = "false" ctx["message"] = "DELETE method required." return HttpResponse(json.dumps(ctx), content_type="application/json") else: company = get_company_or_404(request) # Check if role exists if Role.objects.filter(id=role_id).exists() is False: ctx["success"] = "false" return HttpResponse(json.dumps(ctx), content_type="application/json") # Check that company manages this role and can therefore delete it company_id_to_delete = Role.objects.filter(id=role_id)[0].company.id if company.id != company_id_to_delete: ctx["success"] = "false" return HttpResponse(json.dumps(ctx), content_type="application/json") Role.objects.filter(id=role_id).delete() if Role.objects.filter(id=32).exists() is False: ctx["success"] = "true" return HttpResponse(json.dumps(ctx), content_type="application/json") ctx["success"] = "false" ctx["message"] = "Role not deleted." return HttpResponse(json.dumps(ctx), content_type="application/json")
def list_dynamic_reports(request): """Get a list of dynamic report runs for this user.""" company = get_company_or_404(request) # report_data == NULL should not happen in production data # Checking for it here to catch a situtation that happened due to a # migration before the first release. reports = (DynamicReport.objects.filter( owner=company, report_data__isnull=False).order_by('-pk')) data = [ { 'id': r.id, 'name': r.name, # report_type is only needed here for old_report_preview 'report_type': r.report_data.report_type.report_type, } for r in reports ] return HttpResponse(content_type='application/json', content=json.dumps({'reports': data}))
def api_get_activities(request): """ GET /manage-users/api/activities/ Retrieves all activities """ company = get_company_or_404(request) # group activities by their app access activities = defaultdict(list) for activity in company.activities.order_by('app_access__pk'): activities[activity.app_access.name].append({ 'id': activity.pk, 'name': unicode(activity), 'description': activity.description }) return HttpResponse(json.dumps(activities), mimetype='application/json')
def post(self, request, app='mypartners', model='contactrecords'): """ Create a report by querying on a specific model. The request's POST data is parsed for parameters to pass to the model's `from_search` method. Inputs: :app: The app to which the model belongs. :model: The model to query on Query String Parameters: :csrfmiddlewaretoken: Used to prevent Cross Site Request Forgery. :report_name: What to name the report. Spaces are converted to underscores. :filters: A JSON string representing th exact query to be run. :values: Fields to include in report output. Outputs: An HttpResponse indicating success or failure of report creation. """ company = get_company_or_404(request) name = request.POST.get('report_name', str(datetime.now())) filters = request.POST.get('filters', "{}") records = get_model(app, model).objects.from_search(company, filters) contents = serialize('json', records) results = ContentFile(contents) report, _ = Report.objects.get_or_create(name=name, created_by=request.user, owner=company, app=app, model=model, filters=filters) report.results.save('%s-%s.json' % (name, report.pk), results) return HttpResponse(name, content_type='text/plain')
def api_remove_user(request, user_id=0): """ DELETE /manage-users/api/users/delete/NUMBER Removes user from roles managed by current company Inputs: :user_id: id of user """ company = get_company_or_404(request) user = User.objects.filter(pk=user_id).first() ctx = {'errors': []} if list(company.admins) == [user]: ctx['errors'].append('Operation failed, as completing it would ' 'have removed the last Admin from the ' 'company. Is another Admin also editing ' 'users?') else: user.roles.remove(*user.roles.filter(company=company)) return HttpResponse(json.dumps(ctx), mimetype='application/json')
def api_add_user(request): """ POST /manage-users/api/user/add/ Creates a new user Inputs: :email: user email :roles: roles assigned to this user """ company = get_company_or_404(request) email = request.POST.get('email') roles = request.POST.getlist('roles') user = User.objects.get_email_owner(email=email) ctx = {'errors': []} if roles: if user: new_roles = set(roles) - set( user.roles.filter(company=company).values_list('name', flat=True)) user.roles.add( *Role.objects.filter(company=company, name__in=new_roles)) else: new_roles = roles for role in new_roles: request.user.send_invite(email, company, role) ctx['roles'] = list(new_roles) ctx['invited'] = bool(new_roles) else: ctx['invited'] = False ctx['errors'].append( "Each user must be assigned to at least one role.") return HttpResponse(json.dumps(ctx), mimetype='application/json')
def run_trial_dynamic_report(request): """Run a dynamic report. report_data_id: Report Presentation ID name: name of report filter_spec: JSON string with user filter to use response: {'id': new dynamic report id} """ company = get_company_or_404(request) report_data_id = request.POST['report_data_id'] filter_spec = request.POST.get('filter', '{}') values_spec = request.POST.get('values', '[]') report_data = ReportTypeDataTypes.objects.get(id=report_data_id) data_type = report_data.data_type driver = ds_json_drivers[report_data.report_type.datasource] data_type_name = data_type.data_type data = driver.run(data_type_name, company, filter_spec, values_spec) contents = json.dumps(data, cls=ReportJsonEncoder) return HttpResponse(content_type='application/json', content=contents)