def company_user_profile(request):
"""Let the company user see and eventually edit its own profile."""
user = request.user
company_user = get_actual_user(request.user)
if request.method == 'POST':
user_form = UserForm(request.POST, instance=user)
company_user_form = CompanyUserForm(request.POST, instance=company_user)
account_adapter = get_adapter(request)
if user_form.is_valid() and company_user_form.is_valid():
with transaction.atomic():
user_form.save()
company_user_form.save()
account_adapter.add_message(
request,
messages.SUCCESS,
'dashboard/messages/profile_update_success.txt'
)
else:
user_form = UserForm(instance=user)
company_user_form = CompanyUserForm(instance=company_user)
context = {
'user_has_usable_password': user.has_usable_password(),
'user_form': user_form,
'company_user_form': company_user_form,
}
return render(request, 'dashboard/user/company/profile.html', context)
def search_in_file(request):
"""Let the user perform a search for text into the specified file."""
user = request.user
# check audio file existence
try:
audio = AudioFile.objects.get(id=request.GET.get('file'))
except AudioFile.DoesNotExist:
get_adapter(request).add_message(
request,
messages.ERROR,
'dashboard/messages/file_does_not_exist.txt'
)
return redirect(reverse('dashboard:list-files'))
# if audio is public no check is required
if not audio.is_public:
# guest users cannot do nothing with non-public files
if user.is_anonymous:
return redirect(reverse('dashboard:forbidden'))
# user is not the uploader
elif user != audio.uploader:
# private and employee users are not allowed to view other users' non-public files
if user.is_private or user.is_employee:
return redirect(reverse('dashboard:forbidden'))
# company user can use its own files and the employees' ones
elif user.is_company and not get_actual_user(user).company.employees.filter(user=audio.uploader).exists():
return redirect(reverse('dashboard:forbidden'))
# user is performing a search
if request.method == 'POST':
query_string = request.POST.get('querystring')
transcriptions = audio.transcriptions\
.filter(text__icontains=query_string)\
.order_by('offset', 'confidence')\
.values_list('offset', 'confidence')
results = [
{
'start_time': offset,
'end_time': offset + settings.MOMENTTRACK_AUDIO_FRAGMENT_DURATION,
'confidence': confidence
}
for offset, confidence in OrderedDict(transcriptions).items()
]
# user is requesting the page without any query string
else:
query_string = ''
results = []
context = {'audio': audio, 'query_string': query_string, 'results': results}
return render(request, 'dashboard/search.html', context)
def employee_company_details(request):
"""Let the employee have information regarding their company"""
employee_user = get_actual_user(request.user)
company = employee_user.company
company_user = company.contact_person
context = {
'company': CompanyForm(model_to_dict(company)),
'contact_person_user': UserForm(model_to_dict(company_user.user)),
'company_contact_person': CompanyUserForm(model_to_dict(company_user)),
}
return render(request, 'dashboard/user/employee/company.html', context)
def company_details(request):
"""Let the company user to see and eventually edit the company's information"""
company_user = get_actual_user(request.user)
company = company_user.company
if request.method == 'POST':
company_form = CompanyForm(request.POST, instance=company)
if company_form.is_valid():
company_form.save()
else:
company_form = CompanyForm(instance=company)
context = {'company_form': company_form}
return render(request, 'dashboard/user/company/company_details.html', context)
def invert_employee_account_active_status(request, employee_id):
"""Let the company user activate/deactivate an employee account"""
status = 'unknown'
got_error = True
if request.method == 'POST':
try:
employee = get_actual_user(request.user).company.employees.get(id=employee_id)
user = employee.user
user.is_active = not user.is_active
user.save()
status = 'active' if user.is_active else 'inactive'
got_error = False
except EmployeeUser.DoesNotExist:
pass
return JsonResponse({'error': got_error, 'status': status})
def company_employees(request):
"""Let the company user see the list of its company's employees and add some more.
Adding an employee automatically sign up the new user with a random password
sent to the employee.
"""
# if this is a POST request we need to process the form data
# otherwise we just create a blank employee signup form
if request.method == 'POST':
employee_signup_form = EmployeeSignupForm(request.POST)
if employee_signup_form.is_valid():
with transaction.atomic():
user = employee_signup_form.save(request)
signals.user_signed_up.send(sender=user.__class__, user=user)
# Automatically verify email
email = EmailAddress.objects.get_primary(user=user)
email.verified = True
email.save()
signals.email_confirmed.send(sender=user.__class__, email_address=user.email)
# we need the account adapter to send email using allauth workflow
account_adapter = get_adapter()
# create a random password for the user
# N.B: user already has a password, but it is not accessible
# anymore because of crypt, so we create a new one and
# send it to the user email
random_password = get_user_model().objects.make_random_password()
user.set_password(raw_password=random_password)
user.save()
signals.password_changed.send(sender=user.__class__, request=request, user=user)
employee = get_actual_user(user)
current_site = get_current_site(request)
company = employee.company
account_adapter.send_mail(
'account/email/employee_password',
employee.email,
{
'current_site': current_site,
'company': company,
'password': random_password
}
)
account_adapter.send_mail(
'account/email/employee_added',
company.contact_person.email,
{
'current_site': current_site,
'company': company,
'employee': employee
}
)
# send a notification as another confirmation message
account_adapter.add_message(
request,
messages.SUCCESS,
'account/messages/employee_added.txt',
{
'company': company,
'employee': employee
}
)
# If this is a GET (or any other methods) request, create a blank form
else:
employee_signup_form = EmployeeSignupForm()
company_user = get_actual_user(request.user)
company = company_user.company
employees = EmployeeUser.objects.filter(company=company)
context = {
'employee_signup_form': employee_signup_form,
'employees': employees,
}
return render(request, 'dashboard/user/company/employees.html', context)
def list_files(request):
"""Let the user have a list of uploaded files available for searching
and/or editing.
The list is different from user type to user type:
* `guest user`, can see only public files
* `private user`, can see all of its own files and the other users' public files
* `employee user`, can see all of its own files and the other users' public files
* `company user`, can see all of its own files, the other users' public files and
his/her company's employees public and private files
"""
requested_user_id = request.GET.get('uploader')
user = request.user
actual_user = get_actual_user(user)
try:
requested_user = User.objects.get(id=requested_user_id)
except User.DoesNotExist:
requested_user = None
# user is guest
if user.is_anonymous:
# no specific user requested, show all public files
if requested_user is None:
title = _("Public files")
files = AudioFile.objects.filter(is_public=True)
# specific user requested, show its own public files only
else:
# requested user exists
if requested_user is not None:
title = _("%s's public files" % user_displayable_name(requested_user))
files = AudioFile.objects.filter(uploader=requested_user, is_public=True)
# requested user does not exist
else:
title = _("Requested user does not exist")
files = AudioFile.objects.none()
# user is authenticated
else:
# if no specific user requested
if requested_user_id is None:
# company user will see all the company's files
if user.is_company:
title = _("%s's files" % actual_user.company.name)
company_staff = [employee_id for employee_id in actual_user.company.employees.values_list('user__id', flat=True)]
company_staff.append(user.id)
files = AudioFile.objects.filter(uploader__in=company_staff)
# private and employees will see their own files
else:
title = _("Your files")
files = AudioFile.objects.filter(uploader=user)
# specific user requested
else:
# user asks for its own files, show them
if user.id == requested_user.id:
title = _("Your files")
files = AudioFile.objects.filter(uploader=user)
# user is company and asks for employee's files, show them
elif user.is_company and actual_user.company.employees.filter(user__id=requested_user.id).exists():
title = _("Employee %s's files" % user_displayable_name(requested_user))
files = AudioFile.objects.filter(uploader=requested_user)
# user asks for other user files, show the public ones only
else:
title = _("%s's public files" % user_displayable_name(requested_user))
files = AudioFile.objects.filter(uploader=requested_user, is_public=True)
context = {
'files': files.order_by('-upload_datetime'),
'title': title,
'user': user
}
return render(request, 'dashboard/list_files.html', context)