def change_employee_group(request): if request.user.has_perm('staff.change_manager'): if request.POST: uid = request.POST.get('uid') gid = request.POST.get('gid') group_name = request.POST.get('group_name') user = User.objects.get(id=uid) group = Group.objects.get(id=gid) user.groups.clear() user.groups.add(group) pos_dict = { 'Employees': 'Employee', 'Managers': 'Manager', 'Topmanagers': 'Top Manager' } user.profile.position = pos_dict[group_name] user.profile.save() user.save() name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_manager']) chat_message = '<b>' + name_user + '</b> change ' + user.first_name + ' ' + user.last_name + ' position to ' + pos_dict[ group_name] new_system_message(request, chat_message, permissions) return HttpResponse('OK') else: return HttpResponse('You try do unknown action.') else: return HttpResponse( 'Sorry. You don\'t have permissions for this action.')
def delete_storage_item(request): if request.user.has_perm('storage.delete_storage'): if request.POST: i_id = request.POST.get('id') item = Storage.objects.filter( company_id=request.user.profile.company_id).get(id=i_id) StorageHistory.objects.create( user=request.user, company_id=request.user.profile.company_id, message='Delete item <b>' + item.item_name + '</b> amount <b>' + str(item.amount) + '</b>, sell price <b>' + str(item.sell_price) + '</b>') item.delete() name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['delete_storage']) chat_message = '<b>' + name_user + '</b> delete item <b>' + item.item_name + '</b>' new_system_message(request, chat_message, permissions) return JsonResponse({'error': False, 'message': 'OK'}, safe=False) else: return JsonResponse( { 'error': True, 'message': 'You try do undefined action.' }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'Sorry. You don\'t have permissions for this action.' }, safe=False)
def delete_user_emloyee(request): if request.POST: eid = request.POST.get('uid') user = User.objects.get(id=eid) inventory = Equipments.objects.filter(user_id=eid) item_id_list = [] [item_id_list.append(i.storage_item_id) for i in inventory] for i in item_id_list: inv = inventory.get(storage_item_id=i) stor = Storage.objects.get(id=i) stor.amount += float(inv.amount) stor.save() user.profile.hidden = True user.profile.save() name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['delete_staff']) chat_message = '<b>' + name_user + '</b> delete ' + user.profile.position + ': ' + user.first_name + ' ' + user.last_name new_system_message(request, chat_message, permissions) return JsonResponse('OK', safe=False) else: return JsonResponse( 'Sorry. You don\'t have permissions for this action.', status=403, safe=False)
def return_to_storage(request): if request.POST: usr_item = Equipments.objects.filter( storage_item_id=request.POST.get('stor_it_id')) it = usr_item.get(user_id=request.POST.get('u_id')) stor = Storage.objects.get(id=request.POST.get('stor_it_id')) stor.amount += it.amount stor.save() employee = User.objects.get(id=request.POST.get('u_id')) StorageHistory.objects.create( user=request.user, company_id=request.user.profile.company_id, message='Return to storage item <b>' + stor.item_name + '</b> from employee <b>' + employee.first_name + ' ' + employee.last_name + '</b> amount <b>' + str(it.amount) + '</b>. In storage amount <b>' + str(stor.amount) + '</b>') it.delete() return_list = [stor.amount] name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple( ['add_invoice', 'change_invoice', 'delete_invoice']) chat_message = '<b>' + name_user + '</b> return to storage item <b>' + stor.item_name + '</b> from employee <b>' + employee.first_name + ' ' + employee.last_name + '</b> amount <b>' + str( it.amount) + '</b>. In storage amount <b>' + str( stor.amount) + '</b>' new_system_message(request, chat_message, permissions) return JsonResponse(return_list, safe=False) else: return JsonResponse('You try do unknown action', safe=False, status=404)
def add_user_equipment(request): user = auth.get_user(request) if request.user.has_perm('storage.add_equipments'): if request.POST: uids = request.POST.getlist('user_id') if len(uids) > 0: for u in uids: test = Equipments.objects.filter( storage_item_id=request.POST.get( 'storage_item_id')).filter(user_id=u) if not test: Equipments.objects.create( user_id=u, storage_item_id=request.POST.get( 'storage_item_id'), amount=request.POST.get('amount')) else: test[0].amount += float(request.POST.get('amount')) test[0].save() minus = Storage.objects.get( id=request.POST.get('storage_item_id')) minus.amount -= float(request.POST.get('amount')) minus.save() employee = User.objects.get(id=u) StorageHistory.objects.create( user=request.user, company_id=request.user.profile.company_id, message='Add equipment <b>' + minus.item_name + '</b>, amount <b>' + str(request.POST.get('amount')) + '</b> to employee <b>' + employee.first_name + ' ' + employee.last_name + '</b> in storage <b>' + str(minus.amount) + '<b>') name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['add_equipments']) chat_message = '<b>' + name_user + '</b> add equipment <b>' + minus.item_name + '</b>, to employee <b>' + employee.first_name + ' ' + employee.last_name + '</b> ' new_system_message(request, chat_message, permissions) return JsonResponse({'error': False, 'message': 'OK'}, safe=False) else: return JsonResponse( { 'error': True, 'message': 'You try do undefined action.' }, safe=False) else: return render_to_response('add_equip.html', { 'access_denied': True, 'user': user, 'error': True })
def edit_storage_item(request): if request.user.has_perm('storage.change_storage'): item_id = request.POST.get('item-id', '') try: storage_item = Storage.objects.filter( company_id=request.user.profile.company_id).get( id=int(item_id)) except ObjectDoesNotExist: return JsonResponse( { 'error': True, 'message': 'Storage item does not exist' }, safe=False) amount = request.POST.get('amount', '') history_message = 'Change item: <b>' + storage_item.item_name + '</b>' if amount != '': storage_item.amount = float(amount) history_message += ', amount = <b>' + str( storage_item.amount) + '</b>' sell_price = request.POST.get('sell-price', '') if sell_price != '': storage_item.sell_price = float(sell_price) history_message += ', sell_price = <b>' + str( storage_item.sell_price) + '</b>' item_name = request.POST.get('item-name', '') if item_name != '': storage_item.item_name = item_name history_message += ', item name to <b>' + storage_item.item_name + '</b>' storage_item.save() StorageHistory.objects.create( user=request.user, message=history_message + ' ' + request.POST.get('comment', ''), company_id=request.user.profile.company_id) name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_storage']) chat_message = '<b>' + name_user + '</b> change storage item: ' + storage_item.item_name new_system_message(request, chat_message, permissions) return JsonResponse({'error': False, 'message': 'OK'}, safe=False) else: return JsonResponse( { 'error': True, 'message': 'You don\'t have permissons for this action.' }, safe=False)
def add_amount(request): if request.user.has_perm('storage.change_storage'): if request.POST: item_id = int(request.POST.get('storage_item_id')) amount = float(request.POST.get('amount')) storage_item = Storage.objects.get(id=item_id) old_amount = storage_item.amount storage_item.amount = old_amount + amount storage_item.save() StorageHistory.objects.create( user=request.user, company_id=request.user.profile.company_id, message='Add item <b>' + storage_item.item_name + '</b> amount: previous value <b>' + str(old_amount) + '</b>, amount <b>' + str(amount) + '</b>, new value <b>' + str(storage_item.amount) + '</b>') name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_storage']) chat_message = '<b>' + name_user + '</b> add item <b>' + storage_item.item_name + '</b>' new_system_message(request, chat_message, permissions) return JsonResponse( { 'error': False, 'message': 'OK', 'amount': storage_item.amount }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'You try do unknown action.', }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'You don\'t have permissions for this acton.', }, safe=False)
def update_employee_perm(request): if request.POST: user = User.objects.get(id=request.POST.get('uid')) user.user_permissions.clear() user.save() astr = request.POST.get('astr').split(',') new_list_perm = [] [ new_list_perm.append(Permission.objects.get(id=i)) for i in astr if i != '' ] user.user_permissions = new_list_perm user.save() name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_manager']) chat_message = '<b>' + name_user + '</b> change permissions to ' + user.profile.position + ': ' + user.first_name + ' ' + user.last_name new_system_message(request, chat_message, permissions) return HttpResponse('OK')
def change_price(request): if request.user.has_perm('storage.change_storage'): if request.POST: item_id = request.POST.get('item_id') price = float(request.POST.get('price')) storage_item = Storage.objects.get(id=item_id) history_message = 'Change item <b>' + storage_item.item_name + '</b> price: previous price <b>' + str( storage_item.sell_price) + '</b>' storage_item.sell_price = price storage_item.save() StorageHistory.objects.create( user=request.user, company_id=request.user.profile.company_id, message=history_message + ', new price <b>' + str(storage_item.sell_price) + '</b>') name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_storage']) chat_message = '<b>' + name_user + '</b> change price item: <b>' + storage_item.item_name + '</b>' new_system_message(request, chat_message, permissions) return JsonResponse({ 'error': False, 'message': 'OK', }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'You try do unknown action.', }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'Sorry. You don\'t have permissions for this action.', }, safe=False)
def cancel_equipment_amount(request): if request.user.has_perm('storage.change_equipments'): uid = request.POST.get('uid', '') sid = request.POST.get('sid', '') message = request.POST.get('comment', '') amount = float(request.POST.get('amount', 0)) equipment_item = Equipments.objects.filter(user_id=uid).get( storage_item_id=sid) inner_message = 'Cancel equipment <b>' + equipment_item.storage_item.item_name + '</b>, amount <b>' + str( amount) employee = equipment_item.user if equipment_item.amount == amount: equipment_item.delete() left_amount = 0 elif equipment_item.amount > amount: equipment_item.amount -= amount left_amount = equipment_item.amount equipment_item.save() StorageHistory.objects.create( user=request.user, company_id=request.user.profile.company_id, message=inner_message + '</b> employee <b>' + employee.first_name + ' ' + employee.last_name + '</b>. Left in employee <b>' + str(left_amount) + '.</b> ' + message) name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_equipments']) chat_message = '<b>' + name_user + '</b> ' + inner_message + '</b> employee <b>' + employee.first_name + ' ' + employee.last_name + '</b>. Left in employee <b>' + str( left_amount) + '.</b>' new_system_message(request, chat_message, permissions) return JsonResponse({'error': False}, safe=False) else: return JsonResponse( { 'error': True, 'message': 'Sorry. You don\'t have permissions for this action.' }, safe=False)
def change_user_profile_info(request): user = auth.get_user(request) args = {} args.update(csrf(request)) list_perms = [] [list_perms.append(i) for i in user.get_all_permissions()] args['user_perms'] = list_perms args['user'] = user args['company'] = CompanyReg.objects.get(user=user.profile.company_id) if user.has_perm('staff.change_employee'): if request.POST: uid = request.POST.get('uid') user_profile = User.objects.get(id=uid) user_profile.first_name = request.POST.get('first_name') user_profile.last_name = request.POST.get('last_name') user_profile.profile.phone = request.POST.get('phone') user_profile.profile.another_phone = request.POST.get( 'another_phone') #user_profile.email = request.POST.get('email') #user_profile.username = request.POST.get('email') if request.POST.get('date_of_birth') != '': user_profile.profile.date_of_birth = request.POST.get( 'date_of_birth') user_profile.profile.save() user_profile.save() name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_employee']) chat_message = '<b>' + name_user + '</b> cahnge iformation ' + user_profile.profile.position + ': ' + user_profile.first_name + ' ' + user_profile.last_name new_system_message(request, chat_message, permissions) return redirect('/staff/employees_list/') else: err_update = 'Sorry Cannot update information.' return render_to_response('user_profile.html', {'error': err_update}) else: args['access_denied'] = True return render_to_response('user_profile.html', args)
def plus(request): if request.POST: storage_item = Storage.objects.get(id=request.POST.get('stor_it_id')) item = Equipments.objects.filter( storage_item_id=request.POST.get('stor_it_id')).filter( user_id=request.POST.get('u_id')) it = item.get(user_id=request.POST.get('u_id')) it.amount += float(request.POST.get('amount')) it.save() storage_item.amount -= float(request.POST.get('amount')) storage_item.save() employee = User.objects.get(id=request.POST.get('u_id')) StorageHistory.objects.create( user=request.user, company_id=request.user.profile.company_id, message='Add equipment <b>' + storage_item.item_name + '</b>, amount <b>' + str(request.POST.get('amount')) + '</b> to employee <b>' + employee.first_name + ' ' + employee.last_name + '</b> in storage <b>' + str(storage_item.amount) + "</b>") name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_equipments']) chat_message = '<b>' + name_user + '</b> add equipment <b>' + storage_item.item_name + '</b>, amount <b>' + str( request.POST.get('amount')) chat_message += '</b> to employee <b>' + employee.first_name + ' ' + employee.last_name + '</b> in storage <b>' + str( storage_item.amount) + "</b>" new_system_message(request, chat_message, permissions) ret_list = [] ret_list.append(it.amount) ret_list.append(storage_item.amount) return JsonResponse(ret_list, safe=False) else: return JsonResponse('You try do unknown action', safe=False, status=404)
def new_storage_item(request): if request.user.has_perm('storage.add_storage'): if request.POST: user_plan = UserPlan.objects.get( user=request.user.profile.company_id) code_name = CodeName.objects.get(name='storage') try: storage_count = user_plan.plan.options.get( code_name=code_name.id).amount except ObjectDoesNotExist: return JsonResponse( { 'error': True, 'message': 'Sorry. In you plan don\'t have this option.' }, safe=False) else: count_stor = Storage.objects.filter( company_id=request.user.profile.company_id).count() if count_stor < storage_count or storage_count == -1: item_name = request.POST.get('item_name', '') amount_str = request.POST.get('amount', '') if amount_str != '': amount = float(amount_str) else: amount = 0 sell_price_str = request.POST.get('sell_price', '') if sell_price_str != '': sell_price = float(sell_price_str) else: sell_price = 0 company_id = request.user.profile.company_id st_item = Storage.objects.create(item_name=item_name, amount=amount, sell_price=sell_price, company_id=company_id) StorageHistory.objects.create( user=request.user, message='Created new item: <b>' + st_item.item_name + '</b>, amount = <b>' + str(st_item.amount) + '</b>, sell price = <b>' + str(st_item.sell_price) + '</b>', company_id=request.user.profile.company_id) name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['add_storage']) chat_message = '<b>' + name_user + '</b> create storage item: ' + item_name new_system_message(request, chat_message, permissions) return JsonResponse({ 'error': False, 'id': st_item.id }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'Sorry. You don\'t have longer create storage item.' }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'You try do unknown action.' }, safe=False, status=404) else: return JsonResponse( { 'error': True, 'message': 'Sorry. You don\'t have permissions for this action.' }, safe=False, status=403)
def new_employee(request): perm_str = 'staff.add_' if request.POST: user_plan = UserPlan.objects.get(user=request.user.profile.company_id) code_name = CodeName.objects.get(name='employees') try: employees_count = user_plan.plan.options.get( code_name=code_name.id).amount except ObjectDoesNotExist: return JsonResponse( { 'error': True, 'message': 'Sorry. In you plan don\'t have this option.' }, safe=False) else: user_count = auth.get_user(request) count_emp = User.objects.all().filter( profile__company_id=user_count.profile.company_id).filter( profile__hidden=False).count() if count_emp <= employees_count or employees_count == -1: perm_str += request.POST.get('class') if request.user.has_perm(perm_str): group_name = request.POST.get('position') + 's' username = request.POST.get('email') first_name = request.POST.get('first_name') last_name = request.POST.get('last_name') email = request.POST.get('email') phone = request.POST.get('phone') another_phone = request.POST.get('another_phone') date_of_birth = request.POST.get('date_of_birth') password = request.POST.get('password') group = Group.objects.get(name=group_name) user = User.objects.create(username=username, email=email) user.set_password(password) user.first_name = first_name user.last_name = last_name user.is_active = True user.groups.add(group) user.save() profile = Profile.objects.create(user=user, phone=phone) profile.another_phone = another_phone if date_of_birth == '': date_of_birth = None profile.date_of_birth = date_of_birth profile.position = request.POST.get('position') profile.company_id = auth.get_user( request).profile.company_id profile.save() uid = user.id list_perms = [] list_perms.append(uid) #[list_perms.append(i) for i in request.user.get_all_permissions()] name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple([ 'add_staf', 'add_manager', 'add_topmanager', 'add_employee' ]) chat_message = '<b>' + name_user + '</b> create ' + profile.position + ': ' + first_name + ' ' + last_name new_system_message(request, chat_message, permissions) return JsonResponse({ 'error': False, 'id': uid }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'Sorry. You don\'t have permission for this action.' }, status=403, safe=False) else: return JsonResponse( { 'error': True, 'message': 'Sorry. You don\'t have longer create staff.' }, safe=False) else: return JsonResponse( { 'error': True, 'message': 'Sorry. You try do unknown action.' }, status=404, safe=False)
def add_equip_user(request): if request.POST: perm = False if request.user.has_perm('storage.add_equipments'): perm = True storage_item_id = int(request.POST.get('stor_it_id', -1)) amount = request.POST.get('amount', '') if amount == '': item_amount = 0 else: item_amount = float(amount) if item_amount > 0: user_id = int(request.POST.get('u_id', -1)) stor_it = Storage.objects.get(id=storage_item_id) stor_it.amount -= item_amount stor_it.save() try: equip = Equipments.objects.filter( storage_item_id=storage_item_id).get(user_id=user_id) except ObjectDoesNotExist: equip = Equipments.objects.create( amount=item_amount, storage_item_id=storage_item_id, user_id=user_id) equip.save() list_equip = [ equip.storage_item_id, float(stor_it.amount), equip.id ] return JsonResponse( { 'data': json.dumps(list_equip), 'perm': perm }, safe=False) equip.amount += item_amount equip.save() employee = User.objects.get(id=request.POST.get('u_id')) stor = Storage.objects.get(id=storage_item_id) StorageHistory.objects.create( user=request.user, company_id=request.user.profile.company_id, message='Add item to equipment <b>' + stor.item_name + '</b> to employee <b>' + employee.first_name + ' ' + employee.last_name + '</b> amount <b>' + str(item_amount) + '</b>. In storage amount <b>' + str(stor.amount) + '</b>') name_user = request.user.first_name + ' ' + request.user.last_name if len(name_user) < 3: name_user = request.user.profile.position permissions = tuple(['change_equipments', 'add_equipments']) chat_message = '<b>' + name_user + '</b> add item to equipment <b>' + stor.item_name + '</b> to employee <b>' + employee.first_name + ' ' + employee.last_name + '</b> amount <b>' + str( item_amount) + '</b>. In storage amount <b>' + str( stor.amount) + '</b>' new_system_message(request, chat_message, permissions) list_equip = [ equip.storage_item_id, float(stor_it.amount), equip.id ] return JsonResponse({ 'data': json.dumps(list_equip), 'perm': perm }, safe=False) else: return JsonResponse(json.dumps([0, 0, 0]), safe=False) else: return JsonResponse('You try do unknown action', safe=False, status=404)