def delete(request, app, cls, pk, related_field_name=None, related_pk=None): try: _model = apps.get_model(app, cls) except LookupError as e: return page_not_found(request, e, 'error404.html') obj = _model.objects.all(request.user).get(pk=pk) obj._request = request obj._user = request.user if permissions.can_delete(request, obj): if related_field_name: getattr(obj, related_field_name).remove(related_pk) return httprr(request, '..', _('Deletion successfully performed.')) else: title = '{} {}'.format(_('Delete'), str(obj)) form = factory.get_delete_form(request, obj) if form.is_valid(): obj.delete() return httprr(request, '..', _('Action successfully performed.')) return render(request, 'delete.html', locals()) else: return HttpResponseForbidden()
def configure(request): if not request.user.is_superuser: return httprr(request, '/', 'Você não tem permissão para realizar isto!', 'error') title = 'Configurações' form = SettingsForm(request) if form.is_valid(): form.save() return httprr(request, '..', 'Configuração salva com sucesso') return locals()
def configure(request): if not request.user.is_superuser: return httprr(request, '/', _('You do not have permission to access this page!'), 'error') title = _('Settings') form = SettingsForm(request) if form.is_valid(): form.save() return httprr(request, '..', _('Configuration successfully updated.')) return locals()
def listt(request, app, cls, subset=None): try: _model = apps.get_model(app, cls) except LookupError as e: return page_not_found(request, e, 'error404.html') title = get_metadata(_model, 'verbose_name_plural') subsetp = None list_display = None list_filter = None search_fields = None if subset: subset_func = getattr(_model.objects.get_queryset(), subset) can_view = get_metadata(subset_func, 'can_view') list_display = get_metadata(subset_func, 'list_display') list_filter = get_metadata(subset_func, 'list_filter') search_fields = get_metadata(subset_func, 'search_fields') title = '{} - {}'.format(title, get_metadata(subset_func, 'verbose_name')) else: tid = request.GET.get('tid') subsetp = request.GET.get('tab{}'.format(tid)) if tid and subsetp: subset_func = getattr(_model.objects.get_queryset(), subsetp) subset_title = get_metadata(subset_func, 'verbose_name') can_view = get_metadata(subset_func, 'can_view') title = '{} - {}'.format(title, get_metadata(subset_func, 'verbose_name')) if not permissions.check_group_or_permission(request, can_view): return httprr( request, '/admin/login/?next={}'.format(request.get_full_path())) else: permission = '{}.list_{}'.format(app, cls) if not request.user.has_perm(permission): return httprr( request, '/admin/login/?next={}'.format(request.get_full_path())) qs = _model.objects.all(request.user) list_subsets = subset and [subset] or None paginator = Paginator(request, qs, title, list_subsets=list_subsets, is_list_view=True, list_display=list_display, list_filter=list_filter, search_fields=search_fields) paginator.process_request() paginator.load_actions() return render(request, 'default.html', locals())
def password(request, pk, token): title = _('Change Password') user = User.objects.filter(pk=pk, password=signing.loads(token)).first() if user: form = ChangePasswordForm(request, instance=user) if form.is_valid(): form.save() return httprr(request, '/admin/', _('Your password has been successfully changed.')) else: return httprr(request, '/', _('No records found')) return locals()
def logout(request): url = '/' unit_id = request.session.get('unit_id', None) if unit_id: url = '/admin/login/{}/'.format(unit_id) auth.logout(request) return httprr(request, url, 'Logout realizado com sucesso.')
def reset(request): title = _('Reset Password') form = RecoverPassowordForm(request) if form.is_valid(): msg = _('Click on the link sent to your e-mail to reset your password.') return httprr(request, '/admin/login/', msg) return locals()
def logout(request): url = '/' unit_id = request.session.get('unit_id', None) if unit_id: url = '/admin/login/{}/'.format(unit_id) auth.logout(request) return httprr(request, url, _('You have successfully logged out.'))
def password(request, pk, token): title = 'Alterar Senha' user = User.objects.get(pk=pk, password=decrypt(token)) form = ChangePasswordForm(request, instance=user) if form.is_valid(): form.save() return httprr(request, '/admin/', 'Parabéns! Sua senha foi alterada com sucesso.') return locals()
def password(request, pk, token): title = _('Change Password') user = User.objects.get(pk=pk, password=decrypt(token)) form = ChangePasswordForm(request, instance=user) if form.is_valid(): form.save() return httprr(request, '/admin/', _('Your password has been successfully changed.')) return locals()
def view(request, app, cls, pk, tab=None): if not request.user.is_authenticated: return httprr(request, '/admin/login/?next={}'.format(request.get_full_path())) try: _model = apps.get_model(app, cls) except LookupError as e: return page_not_found(request, e, 'error404.html') obj = _model.objects.all(request.user).filter(pk=pk).first() obj.request = request obj._user = request.user if 'one_to_many_count' in request.GET: # TODO create a specific view for this purpose return HttpResponse(getattr2(obj, request.GET['one_to_many_count'])) if not permissions.can_view(request, obj): return HttpResponseForbidden() title = str(obj) parent = request.GET.get('parent', None) printable = get_metadata(_model, 'pdf', False) widget_panel = ModelDashboard(request, obj, tab, parent, printable=printable) widget_panel.process_request() if widget_panel.model_panel.message: return httprr(request, request.get_full_path(), widget_panel.model_panel.message) log_data = get_metadata(obj.__class__, 'log', False) if log_data and request.user.is_superuser and request.user.has_perm( 'admin.list_log'): url = '/log/{}/{}/'.format(app, cls) widget_panel.model_panel.drop_down.add_action( '{} {}'.format(_('View'), _('Log')), url, 'ajax', 'fa fa-history') return render(request, 'default.html', locals())
def _proccess_request(self, func, _action, ignore_pdf): form = None f_return = None redirect_url = None if count_parameters_names(func) > 0: form = factory.get_class_action_form(self.request, self.qs.model, _action, func) if form.is_valid(): params = [] for param in get_parameters_names(func): if param in form.cleaned_data: params.append(form.cleaned_data[param]) try: f_return = func(*params) ignore_pdf = False if f_return is None: redirect_url = '..' except ValidationError as e: form.add_error(None, str(e.message)) else: f_return = func() ignore_pdf = False if f_return is None: redirect_url = '.' if redirect_url: self.request.GET._mutable = True if 'ids' in self.request.GET: del self.request.GET['ids'] del self.request.GET[_action['view_name']] self.request.GET._mutable = False raise ComponentHasResponseException( httprr(self.request, redirect_url, _action['message'])) else: action_style = _action['style'] if f_return is None: f_return = dict(form=form) template_name = 'default.html' else: template_name = '{}.html'.format(_action['view_name']) return_response(f_return, self.request, None, action_style, template_name, raise_response=True, ignore_pdf=ignore_pdf)
def log(request, app, cls, pk=None): if not request.user.is_authenticated: return httprr(request, '/admin/login/?next={}'.format(request.get_full_path())) try: _model = apps.get_model(app, cls) except LookupError as e: return page_not_found(request, e, 'error404.html') if pk: obj = _model.objects.get(pk=pk) qs = obj.get_logs() title = 'Log - {}'.format(obj) else: content_type = ContentType.objects.get_for_model(_model) qs = content_type.log_set.all() title = 'Logs - {}'.format(get_metadata(_model, 'verbose_name_plural')) paginator = Paginator(request, qs, 'Log') return render(request, 'default.html', locals())
def add(request, app, cls, pk=None, related_field_name=None, related_pk=None): if not request.user.is_authenticated: return httprr(request, '/admin/login/?next={}'.format(request.get_full_path())) try: _model = apps.get_model(app, cls) except LookupError as e: return page_not_found(request, e, 'error404.html') obj = pk and _model.objects.all( request.user).filter(pk=pk).first() or _model() obj.request = request obj._user = request.user title = pk and str(obj) or get_metadata(_model, 'verbose_name') if related_field_name is None: if obj.pk: if not permissions.has_edit_permission( request, _model) or not permissions.can_edit(request, obj): return HttpResponseForbidden() else: if not permissions.has_add_permission( request, _model) or not permissions.can_add(request, obj): return HttpResponseForbidden() form = factory.get_register_form(request, obj) title = form.title elif is_one_to_many(_model, related_field_name): if not permissions.can_add(request, obj) and not permissions.can_edit( request, obj): return HttpResponseForbidden() form = factory.get_one_to_many_form(request, obj, related_field_name) elif is_many_to_many(_model, related_field_name): if not permissions.can_add(request, obj) and not permissions.can_edit( request, obj): return HttpResponseForbidden() form = factory.get_many_to_many_form(request, obj, related_field_name, related_pk) elif is_one_to_many_reverse(_model, related_field_name): form = factory.get_many_to_many_reverse_form(request, obj, related_field_name) elif is_one_to_one(_model, related_field_name): if not permissions.can_add(request, obj) and not permissions.can_edit( request, obj): return HttpResponseForbidden() form = factory.get_one_to_one_form(request, obj, related_field_name, related_pk) else: # many to one for rel in list_related_objects(_model): if hasattr(rel, 'get_accessor_name'): if rel.get_accessor_name() in ( '{}_set'.format(related_field_name), related_field_name): related_queryset = rel.related_model.objects.all( request.user) related_obj = related_pk and related_queryset.get( pk=related_pk) or rel.related_model() related_obj.request = request setattr(related_obj, rel.field.name, obj) setattr(related_obj, '{}_id'.format(rel.field.name), obj.pk) if related_pk: if not permissions.has_edit_permission( request, rel.related_model) or not permissions.can_edit( request, related_obj): return HttpResponseForbidden() else: if not permissions.has_add_permission( request, rel.related_model) or not permissions.can_add( request, related_obj): return HttpResponseForbidden() form = factory.get_many_to_one_form( request, obj, rel.get_accessor_name(), related_obj) title = form.title if form.is_valid(): is_editing = form.instance.pk is not None try: form.save() obj = form.instance if 'select' in request.GET: return HttpResponse('{}|{}|{}'.format(obj.pk, obj, request.GET['select'])) elif related_field_name: message = 'Ação realizada com sucesso' url = '..' else: message = get_metadata(form.instance.__class__, 'add_message') if message and not is_editing: if hasattr(obj, 'get_absolute_url'): url = obj.get_absolute_url() else: url = '/view/{}/{}/{}/'.format( get_metadata(obj.__class__, 'app_label'), obj.__class__.__name__.lower(), obj.pk) else: url = '..' if is_editing: message = message or 'Atualização realizada com sucesso' else: message = message or 'Cadastro realizado com sucesso' return httprr(request, url, message) except ValidationError as e: form.add_error(None, str(e.message)) return render(request, 'default.html', locals())
def register(request, token=None, userid=None): from djangoplus.ui.components import forms from djangoplus.utils.metadata import get_metadata initial = {} username_field = get_metadata(loader.signup_model, 'role_username') email_field = get_metadata(loader.signup_model, 'role_email') name_field = get_metadata(loader.signup_model, 'role_name') if not loader.signup_model: return httprr(request, '/admin/login/', _('Sign-up not enabled.')) if token: if token and userid: url = 'https://graph.facebook.com/{}?fields=email,first_name,last_name&access_token={}' url = url.format(userid, token) elif token: url = 'https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token={}'.format( token) data = json.loads(urllib.request.urlopen(url).read()) qs = User.objects.filter(username=data['email']) if qs.exists(): user = qs[0] auth.login(request, user) return httprr(request, '/admin/', _('You have successfully logged in.')) else: initial = { name_field: data.get('name'), username_field: data['email'], email_field: data['email'] } class RegisterForm(forms.ModelForm): class Meta: model = loader.signup_model fields = get_metadata(loader.signup_model, 'form_fields', '__all__') exclude = get_metadata(loader.signup_model, 'exclude_fields', ()) submit_label = _('Register') title = '{} {}'.format( _('Register'), get_metadata(loader.signup_model, 'verbose_name')) icon = get_metadata(loader.signup_model, 'icon', None) captcha = settings.CAPTCHA_KEY and settings.CAPTCHA_SECRET and 'test' not in sys.argv or False form = RegisterForm(request, initial=initial) form.fields[username_field].help_text = _('Used to access the system') save_instance = True for field_name in form.fields: if not initial.get(field_name): save_instance = False if save_instance: instance = loader.signup_model() for field_name in form.fields: setattr(instance, field_name, initial[field_name]) instance.save() user = User.objects.get(username=initial[username_field]) auth.login(request, user) return httprr(request, '/admin/', _('You were successfully registered.')) if form.is_valid(): instance = form.save() extra = email_field and _( 'An e-mail will be sent to you as soon as your account is activated.' ) or '' if instance: user = User.objects.get(username=form.cleaned_data[username_field]) auth.login(request, user) return httprr(request, '/admin/', _('User successfully registered.')) else: return httprr( request, '..', _('Click on the link sent to your e-mail to have you account activated.' )) return locals()
def login_as(request, pk): auth.logout(request) user = User.objects.get(pk=pk) auth.login(request, user) return httprr(request, '/admin/', _('User successfully authenticated.'))
def public(request): app_settings = Settings.default() if not app_settings.background: return httprr(request, '/admin/') return locals()
def listt(request, app, cls, subset=None): try: _model = apps.get_model(app, cls) except LookupError as e: return page_not_found(request, e, 'error404.html') title = get_metadata(_model, 'verbose_name_plural') subsetp = None list_display = None list_filter = None search_fields = None if subset: subset_func = getattr(_model.objects.get_queryset(), subset) can_view = subset_func._metadata['{}:can_view'.format(subset)] list_display = subset_func._metadata['{}:list_display'.format(subset)] list_filter = subset_func._metadata['{}:list_filter'.format(subset)] search_fields = subset_func._metadata['{}:search_fields'.format( subset)] title = '{} - {}'.format( title, subset_func._metadata['{}:title'.format(subset)]) else: tid = request.GET.get('tid') subsetp = request.GET.get('tab{}'.format(tid)) if tid and subsetp: subset_func = getattr(_model.objects.get_queryset(), subsetp) subset_title = subset_func._metadata['{}:title'.format(subsetp)] can_view = subset_func._metadata['{}:can_view'.format(subsetp)] title = '{} - {}'.format( title, subset_func._metadata['{}:title'.format(subsetp)]) if not permissions.check_group_or_permission(request, can_view): return httprr( request, '/admin/login/?next={}'.format(request.get_full_path())) else: permission = '{}.list_{}'.format(app, cls) if not request.user.has_perm(permission): return httprr( request, '/admin/login/?next={}'.format(request.get_full_path())) qs = _model.objects.all(request.user) list_subsets = subset and [subset] or None paginator = Paginator(request, qs, title, list_subsets=list_subsets, is_list_view=True, list_display=list_display, list_filter=list_filter, search_fields=search_fields) paginator.process_request() if _model in loader.class_actions: for group in loader.class_actions[_model]: for view_name in loader.class_actions[_model][group]: _action = loader.class_actions[_model][group][view_name] action_title = _action['title'] action_message = _action['message'] action_can_execute = _action['can_execute'] action_input = _action['input'] action_css = _action['css'] action_condition = _action['condition'] initial = _action['initial'] choices = _action['choices'] if subsetp: if subsetp not in loader.subset_actions[ _model] or view_name not in loader.subset_actions[ _model][subsetp]: continue else: if subset not in loader.subset_actions[ _model] or view_name not in loader.subset_actions[ _model][subset]: continue if permissions.check_group_or_permission( request, action_can_execute): func = hasattr(qs, view_name) and getattr( qs, view_name) or None if func: char = '?' in request.get_full_path() and '&' or '?' url = '{}{}{}'.format(request.get_full_path(), char, '{}='.format(view_name)) has_input = func.__code__.co_argcount > 1 if not has_input: action_css = action_css.replace('popup', '') paginator.add_subset_action(action_title, url, action_css, None, action_condition) if view_name in request.GET: ids = paginator.get_selected_ids() if ids: qs = paginator.get_queryset( paginate=False).filter(id__in=ids) else: qs = paginator.get_queryset(paginate=False) func = getattr(qs, view_name) redirect_url = None if has_input: form = factory.get_class_action_form( request, _model, _action, func) paginator = '' if form.is_valid(): params = [] for param in func.__code__.co_varnames[ 1:func.__code__.co_argcount]: if param in form.cleaned_data: params.append( form.cleaned_data[param]) try: f_return = func(*params) redirect_url = '..' except ValidationError as e: form.add_error(None, str(e.message)) if not redirect_url: return render(request, 'default.html', locals()) else: f_return = func() redirect_url = '.' if redirect_url: request.GET._mutable = True del request.GET['ids'] del request.GET[view_name] request.GET._mutable = False return httprr(request, redirect_url, action_message) else: url = '/{}/{}/'.format(app, view_name) if view_name in request.GET: return httprr(request, url) else: action_css = action_css.replace('popup', '') paginator.add_action(action_title, url, action_css, None) paginator.add_actions() return render(request, 'default.html', locals())
def action(request, app, cls, action_name, pk=None): try: _model = apps.get_model(app, cls) except LookupError as e: return page_not_found(request, e, 'error404.html') for group in loader.instance_actions[_model]: if action_name in loader.instance_actions[_model][group]: break form_action = loader.instance_actions[_model][group][action_name] action_verbose_name = form_action['verbose_name'] action_can_execute = form_action['can_execute'] action_condition = form_action['condition'] action_function = form_action['function'] action_message = 'message' in form_action and form_action['message'] or None action_permission = '{}.{}'.format(_model._meta.app_label, action_function.__name__) action_input = form_action['input'] action_display = form_action['display'] action_style = form_action['style'] action_redirect = form_action['redirect_to'] obj = pk and _model.objects.all( request.user).distinct().get(pk=pk) or _model() obj.request = request obj._user = request.user title = action_verbose_name redirect_to = None if check_condition(request.user, action_condition, obj) and (not action_can_execute or permissions.check_group_or_permission( request, action_permission)): f_return = None func = getattr(_model, action_function.__name__, action_function) form = factory.get_action_form(request, obj, form_action) if count_parameters_names(func) > 1 or action_input: if form.is_valid(): if 'instance' in form.fields: obj = form.cleaned_data['instance'] func = getattr(obj, action_function.__name__, action_function) params = [] for param in get_parameters_names(func, include_annotated=True): if param in form.cleaned_data: params.append(form.cleaned_data[param]) else: params.append( get_role_value_for_action(func, request.user, param)) try: f_return = func(*params) if not action_redirect: if count_parameters_names(func) > 0 or action_display: redirect_to = '..' else: redirect_to = '.' else: redirect_to = Template(action_redirect).render( Context({'self': obj})) except ValidationError as e: form.add_error(None, str(e.message)) else: try: if form.fields and form.is_valid() or not form.fields: if 'instance' in form.fields: obj = form.cleaned_data['instance'] func = getattr(obj, action_function.__name__, action_function) params = [] for param in get_parameters_names(func, include_annotated=True): params.append( get_role_value_for_action(func, request.user, param)) f_return = func(*params) if not action_redirect: if count_parameters_names(func) > 0 or action_display: redirect_to = '..' else: redirect_to = '.' else: redirect_to = Template(action_redirect).render( Context({'self': obj})) except ValidationError as e: if form.fields: form.add_error(None, str(e.message)) return httprr(request, '.', e.message, error=True) if f_return: template_name = '{}.html'.format(action_function.__name__) return return_response(f_return, request, title, action_style, template_name) elif redirect_to: return httprr(request, redirect_to, action_message) if form.title == _('Form'): form.title = action_verbose_name if form.submit_label == _('Send'): form.submit_label = action_verbose_name return render(request, 'default.html', locals()) else: return HttpResponseForbidden()
def register(request, token=None, userid=None): from djangoplus.ui.components import forms from djangoplus.utils.metadata import get_metadata initial = {} username_field = get_metadata(loader.signup_model, 'role_username') email_field = get_metadata(loader.signup_model, 'role_email') name_field = get_metadata(loader.signup_model, 'role_name') if not loader.signup_model: return httprr(request, '/admin/login/', 'O cadastrado externo não está habilitado.') if token: if token and userid: url = 'https://graph.facebook.com/{}?fields=email,first_name,last_name&access_token={}'.format(userid, token) elif token: url = 'https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token={}'.format(token) data = json.loads(urllib.request.urlopen(url).read()) qs = User.objects.filter(username=data['email']) if qs.exists(): user = qs[0] auth.login(request, user) return httprr(request, '/admin/', 'Usuário autenticado com sucesso.') else: initial = {name_field: data['name'], username_field : data['email'], email_field : data['email']} class RegisterForm(forms.ModelForm): class Meta: model = loader.signup_model fields = get_metadata(loader.signup_model, 'form_fields', '__all__') exclude = get_metadata(loader.signup_model, 'exclude_fields', ()) submit_label = 'Cadastrar' title = 'Cadastro de {}'.format(get_metadata(loader.signup_model, 'verbose_name')) icon = get_metadata(loader.signup_model, 'icon', None) form = RegisterForm(request, initial=initial) form.fields[username_field].help_text='Utilizado para acessar o sistema.' save_instance = True for field_name in form.fields: if not initial.get(field_name): save_instance = False if save_instance: instance = loader.signup_model() for field_name in form.fields: setattr(instance, field_name, initial[field_name]) instance.save() user = User.objects.get(username=initial[username_field]) auth.login(request, user) return httprr(request, '/admin/', 'Usuário cadastrado com sucesso.') if form.is_valid(): instance = form.save() extra = email_field and 'Um e-mail será enviado para você tão logo sua conta seja ativada.' or '' if instance: user = User.objects.get(username=form.cleaned_data[username_field]) auth.login(request, user) return httprr(request, '/admin/', 'Usuário cadastrado com sucesso.') else: return httprr(request, '..', 'Acesse o link enviado para seu e-mail para confirmar a criação da sua conta.') return locals()
def recover(request): title = 'Recuperar Senha' form = RecoverPassowordForm(request) if form.is_valid(): return httprr(request, '/admin/login/', 'O link para redefinição da senha foi enviado para o e-mail informado.') return locals()
def action(request, app, cls, action_name, pk=None): try: _model = apps.get_model(app, cls) except LookupError as e: return page_not_found(request, e, 'error404.html') for group in loader.actions[_model]: if action_name in loader.actions[_model][group]: break form_action = loader.actions[_model][group][action_name] action_title = form_action['title'] action_can_execute = form_action['can_execute'] action_condition = form_action['condition'] action_function = form_action['function'] action_message = 'message' in form_action and form_action['message'] or None action_permission = '{}.{}'.format(_model._meta.app_label, action_function.__name__) action_input = form_action['input'] redirect_to = form_action['redirect_to'] obj = pk and _model.objects.all(request.user).get(pk=pk) or _model() obj.request = request obj._user = request.user title = action_title if check_condition(action_condition, obj) and (not action_can_execute or permissions.check_group_or_permission( request, action_permission)): func = getattr(_model, action_function.__name__, action_function) form = factory.get_action_form(request, obj, form_action) if func.__code__.co_argcount > 1 or action_input: if form.is_valid(): if 'instance' in form.fields: obj = form.cleaned_data['instance'] func = getattr(obj, action_function.__name__, action_function) params = [] for param in func.__code__.co_varnames[1:func.__code__. co_argcount]: if param in form.cleaned_data: params.append(form.cleaned_data[param]) try: f_return = func(*params) if not redirect_to: if func.__code__.co_argcount > 1: return httprr(request, '..', action_message) else: return httprr(request, '.', action_message) else: return httprr( request, Template(redirect_to).render(Context({'self': obj})), action_message) except ValidationError as e: form.add_error(None, str(e.message)) else: try: if form.fields and form.is_valid() or not form.fields: if form.fields: obj = form.cleaned_data['instance'] func = getattr(obj, action_function.__name__, action_function) f_return = func() if not redirect_to: if func.__code__.co_argcount > 1: return httprr(request, '..', action_message) else: return httprr(request, '.', action_message) else: return httprr( request, Template(redirect_to).render(Context({'self': obj})), action_message) except ValidationError as e: return httprr(request, '.', str(e.message)) if form.title == DEFAULT_FORM_TITLE: form.title = action_title if form.submit_label == DEFAULT_SUBMIT_LABEL: form.submit_label = action_title return render(request, 'default.html', locals()) else: return HttpResponseForbidden()
def profile(request): form = ProfileForm(request, instance=request.user) if form.is_valid(): form.save() return httprr(request, '..', _('Profile successfully updated.')) return locals()
def submit(self): url = self.request.GET.get('next', '/admin/') return httprr(self.request, url, _('You have successfully logged in.'))
def profile(request): form = ProfileForm(request, instance=request.user) if form.is_valid(): form.save() return httprr(request, '..', 'Perfil atualizado com sucesso') return locals()