def _admin_delete_user(request, user_id=None):
response_data = {'success': False}
response_data['error_msg'] = "Erro no servidor."
if has_permission_to_user(request.user, user_id):
try:
user = User.objects.get(id=user_id)
cant = user.is_superuser or user.id == request.user.id
if not cant:
for group in user.groups.all():
if not has_permission_to_group(request.user, group.id):
cant = True
break
if cant:
response_data[
'error_msg'] = "Você não pode excluir este usuário."
else:
user.is_active = False
user.save()
GroupManager.objects.filter(user=user).delete()
response_data['success'] = True
except:
response_data[
'error_msg'] = "Voluntário não cadastrado."
return JsonResponse(response_data)
def _treatment_follow(message, treatment):
if treatment.is_closed or treatment.user is None:
raise ClientError("TREATMENT_ACCESS_DENIED")
if not has_permission_to_user(message.user, treatment.user.id):
raise ClientError("TREATMENT_ACCESS_DENIED")
if treatment.id not in message.channel_session['treatments']:
treatment.websocket_group.add(message.reply_channel)
message.channel_session['treatments'].append(treatment.id)
message.reply_channel.send({"text": json.dumps({"action": "following", "volunteer": treatment.user.first_name})})
_send_treatment_messages(message.reply_channel, treatment)
def _admin_get_user(request, user_id):
response_data = {'success': False}
response_data['error_msg'] = "Erro no servidor."
if has_permission_to_user(request.user, user_id):
try:
response_data['user'] = _user_to_data_json(
request, User.objects.get(id=user_id))
response_data['success'] = True
except:
pass
return JsonResponse(response_data)
def _admin_save_user(request, user=None):
response_data = {'success': False}
response_data['error_msg'] = "Erro no servidor."
if has_permission_to_user(request.user,
user.id if user is not None else None):
if 'json_data' in request.POST:
try:
request_json = json.loads(request.POST['json_data'])
name = request_json['name']
username = request_json['username']
email = request_json['email']
groups = request_json['groups']
reset_password = request_json['reset_password']
with transaction.atomic():
if user is None:
user = User()
user.first_name = name
user.username = username
user.email = email
user.save()
if reset_password:
user.set_password(user.username)
if not groups:
groups = []
current_groups = user.groups.all()
for current_group in current_groups:
if current_group.id not in groups:
if has_permission_to_group(request.user,
current_group.id):
user.groups.remove(current_group)
for group in groups:
if has_permission_to_group(request.user, group):
user.groups.add(Group.objects.get(id=group))
user.save()
response_data['success'] = True
except IntegrityError as ie:
response_data[
'error_msg'] = "Já existe um voluntário com este usuário."
return JsonResponse(response_data)
def manager_users(request):
response_data = {}
response_data['users'] = []
users = User.objects.filter(is_active=True).order_by(
'first_name', 'username')
for user in users:
if has_permission_to_user(request.user, user.id):
user_json = {}
user_json['id'] = user.id
user_json['name'] = user.first_name
user_json['username'] = user.username
user_json['email'] = user.email
user_json['groups'] = _get_names_user_groups(
user.groups.all().order_by('name'))
response_data['users'].append(user_json)
return JsonResponse(response_data)