def project_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
print("************* no user")
return HTTPFound(request.application_url)
project_id = request.matchdict.get('project_id')
project = DBSession.query(Project).filter_by(id=project_id).filter_by(account_id=account_id).first()
if project is None or user.can_access_client(project.client, "financials") == False:
print("************* no permissions")
return HTTPFound(request.application_url)
project.is_active = False
project.end_date = datetime.datetime.now()
DBSession.flush()
return HTTPFound(location=request.application_url + "/client/" + str(project.client_id) + "/projects/" + str(
datetime.datetime.now().year))
except:
print("*************")
traceback.print_exc()
return HTTPFound(request.application_url)
def person_enable_login(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or (user.is_administrator == False and user.is_hr_administrator == False):
return HTTPFound(request.application_url)
person_id = request.matchdict.get('person_id')
if user_id == person_id:
return HTTPFound(request.application_url + "/administration/employees")
person = DBSession.query(User).filter_by(id=person_id).filter_by(account_id=account_id).first()
password = None
if person is None:
return HTTPFound(request.application_url + "/administration/employees")
password = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(6))
encrypted_password = bcrypt.hashpw(password, bcrypt.gensalt())
person.password = encrypted_password
DBSession.flush()
return dict(logged_in=authenticated_userid(request), header=Header("administration"), person=person, user=user,
password=password)
except:
return HTTPFound(request.application_url)
def client_financials(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
client_id = request.matchdict['client_id']
year = request.matchdict['year']
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
client = DBSession.query(Client).filter_by(
account_id=account_id).filter_by(id=client_id).first()
access_financials = user.can_access_client(client, "financials")
if user is None or account is None or client is None or access_financials == False:
return HTTPFound(request.application_url)
access_pipeline = user.can_access_client(client, "pipeline")
access_utilization = user.can_access_client(client, "utilization")
financials = client.getFinancials(year, user)
return dict(logged_in=authenticated_userid(request),
header=getHeader(client),
financials=financials,
client=client,
year=year,
user=user,
account=account,
access_pipeline=access_pipeline,
access_utilization=access_utilization,
access_financials=access_financials)
except:
#how to print out the exception problem:
#traceback.print_exc()
return HTTPFound(request.application_url)
def _get_header(type_of_person, office_id, department_id):
if ((office_id is None or office_id.lower() == "all")
and (department_id is None or department_id.lower() == "all")):
if type_of_person == "direct":
return "My Direct Reports"
else:
return "All People"
if office_id is None or office_id.lower() == "all":
department = DBSession.query(Department).filter_by(
id=department_id).first()
if type_of_person == "direct":
return "My Direct Reports in " + department.name
else:
return "People in " + department.name
if department_id is None or department_id.lower() == "all":
office = DBSession.query(Office).filter_by(id=office_id).first()
if type_of_person == "direct":
return "My Direct Reports in " + office.name
else:
return "People in " + office.name
department = DBSession.query(Department).filter_by(
id=department_id).first()
office = DBSession.query(Office).filter_by(id=office_id).first()
if type_of_person == "direct":
return "My Direct Reports in " + office.name + " for " + department.name
else:
return "People in " + office.name + " for " + department.name
def _get_header(type_of_person, office_id, department_id):
if ((office_id is None or office_id.lower() == "all") and (
department_id is None or department_id.lower() == "all")):
if type_of_person == "direct":
return "My Direct Reports"
else:
return "All People"
if office_id is None or office_id.lower() == "all":
department = DBSession.query(Department).filter_by(id=department_id).first()
if type_of_person == "direct":
return "My Direct Reports in " + department.name
else:
return "People in " + department.name
if department_id is None or department_id.lower() == "all":
office = DBSession.query(Office).filter_by(id=office_id).first()
if type_of_person == "direct":
return "My Direct Reports in " + office.name
else:
return "People in " + office.name
department = DBSession.query(Department).filter_by(id=department_id).first()
office = DBSession.query(Office).filter_by(id=office_id).first()
if type_of_person == "direct":
return "My Direct Reports in " + office.name + " for " + department.name
else:
return "People in " + office.name + " for " + department.name
def office_financials(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
office_id = request.matchdict['office_id']
year = request.matchdict['year']
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
office = DBSession.query(Office).filter_by(
account_id=account_id).filter_by(id=office_id).first()
access_financials = user.can_access_office(office, "financials")
if user is None or account is None or office is None or access_financials == False:
return HTTPFound(request.application_url)
access_pipeline = user.can_access_office(office, "pipeline")
access_utilization = user.can_access_office(office, "utilization")
financials = office.getFinancials(year, user)
return dict(logged_in=authenticated_userid(request),
header=getHeader(office),
financials=financials,
office=office,
year=year,
user=user,
account=account,
access_pipeline=access_pipeline,
access_utilization=access_utilization,
access_financials=access_financials)
except:
return HTTPFound(request.application_url)
def project_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
print("************* no user")
return HTTPFound(request.application_url)
project_id = request.matchdict.get('project_id')
project = DBSession.query(Project).filter_by(id=project_id).filter_by(
account_id=account_id).first()
if project is None or user.can_access_client(project.client,
"financials") == False:
print("************* no permissions")
return HTTPFound(request.application_url)
project.is_active = False
project.end_date = datetime.datetime.now()
DBSession.flush()
return HTTPFound(location=request.application_url + "/client/" +
str(project.client_id) + "/projects/" +
str(datetime.datetime.now().year))
except:
print("*************")
traceback.print_exc()
return HTTPFound(request.application_url)
def department_financials(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
department_id = request.matchdict['department_id']
year = request.matchdict['year']
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
department = DBSession.query(Department).filter_by(
account_id=account_id).filter_by(id=department_id).first()
access_financials = user.can_access_department(department,
"financials")
if user is None or account is None or department is None or access_financials == False:
return HTTPFound(request.application_url)
access_utilization = user.can_access_department(
department, "utilization")
financials = department.getFinancials(year, user)
return dict(logged_in=authenticated_userid(request),
header=getHeader(department),
financials=financials,
department=department,
year=year,
user=user,
account=account,
access_utilization=access_utilization,
access_financials=access_financials)
except:
traceback.print_exc()
return HTTPFound(request.application_url)
def roles(request):
department_id = request.matchdict.get('department_id')
user = DBSession.query(User).filter_by(id=long(request.session['uid'])).first()
roles = []
if department_id == 'all':
if user.permissions.is_administrator or user.permissions.can_view_all_departments:
roles = DBSession.query(Role).filter_by(account_id=long(request.session['aid'])).filter(
Role.is_active == True).all()
else:
HTTPFound(request.application_url)
else:
if user.permissions.is_administrator or user.permissions.can_view_all_departments:
roles = DBSession.query(Role).filter_by(department_id=department_id).filter(Role.is_active == True).all()
else:
dept_match = False
for department in user.permissions.view_departments:
if department.id == department_id:
roles = DBSession.query(Role).filter_by(department_id=department_id).filter(
Role.is_active is True).all()
dept_match = True
break
if dept_match is False:
HTTPFound(request.application_url)
header = _get_header(department_id)
account = DBSession.query(Account).filter_by(id=long(request.session['aid'])).first()
return dict(logged_in=authenticated_userid(request), account=account, user=user, roles=roles, active_people="",
active_roles="active", header=header, department_id=department_id)
def client_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
client_id = request.matchdict.get('client_id')
client = DBSession.query(Client).filter_by(id=client_id).filter_by(
account_id=account_id).first()
if client is None or user.can_access_client(client,
"financials") == False:
return HTTPFound(request.application_url)
client.is_active = False
DBSession.flush()
return HTTPFound(request.application_url + "/office/" +
str(client.office_id) + "/clients/" +
str(datetime.datetime.now().year))
except:
return HTTPFound(request.application_url)
def client_projects_update(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
client_id = long(request.matchdict['client_id'])
client = DBSession.query(Client).filter_by(id=client_id).filter_by(
account_id=account_id).first()
if client is None or user.can_access_client(client,
"financials") == False:
return HTTPFound(request.application_url)
if request.method == "POST":
for project in account.projects:
if project.is_active and project.client.office_id == client.office_id:
revenue_local = long(
request.params.get(str(project.id) + "-revenue"))
if user.currency is None:
revenue = revenue_local
else:
revenue = revenue_local * user.currency.currency_to_usd
start_date_text = request.params.get(
str(project.id) + "-start_date")
start_dateparts = start_date_text.split("/")
start_date = datetime.date(long(start_dateparts[2]),
long(start_dateparts[0]),
long(start_dateparts[1]))
end_date_text = request.params.get(
str(project.id) + "-end_date")
end_dateparts = end_date_text.split("/")
end_date = datetime.date(long(end_dateparts[2]),
long(end_dateparts[0]),
long(end_dateparts[1]))
project.revenue = revenue
project.start_date = start_date
project.end_date = end_date
DBSession.flush()
return HTTPFound(request.application_url + "/client/" +
str(client.id) + "/projects/" +
str(datetime.datetime.now().year))
return dict(logged_in=authenticated_userid(request),
header=Header("financials"),
user=user,
account=account,
client=client)
except:
traceback.print_exc()
return HTTPFound(request.application_url)
def role(request):
role_id = request.matchdict.get('role_id')
user = DBSession.query(User).filter_by(id=long(request.session['uid'])).first()
role = DBSession.query(Role).filter_by(id=long(role_id)).first()
return dict(logged_in=authenticated_userid(request), header=Header("reviews"), role=role, user=user)
def global_expenses(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
year = request.matchdict['year']
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or not (
user.is_administrator or user.permissions_global_financials):
return HTTPFound(request.application_url)
offices = DBSession.query(Office).filter_by(
account_id=account_id).all()
if offices is None:
return HTTPFound(request.application_url)
if request.method == "POST":
for office in offices:
change = False
ase = None
sga = None
ase_text = request.POST.get("ase_" + str(office.id))
if ase_text is not None and ase_text != '':
ase_local = long(ase_text)
if user.currency is None:
ase = ase_local
else:
ase = ase_local * user.currency.currency_to_usd
office.allocated_salary_expense = ase
sga_text = request.POST.get("sga_" + str(office.id))
if sga_text is not None and sga_text != '':
sga_local = long(sga_text)
if user.currency is None:
sga = sga_local
else:
sga = sga_local * user.currency.currency_to_usd
office.sga_expense = sga
DBSession.flush()
# return HTTPFound(request.application_url + "/administration/expenses")
return dict(logged_in=authenticated_userid(request),
header=Header("financials"),
offices=offices,
year=year,
user=user)
except:
traceback.print_exc()
return HTTPFound(request.application_url)
def role(request):
role_id = request.matchdict.get('role_id')
user = DBSession.query(User).filter_by(
id=long(request.session['uid'])).first()
role = DBSession.query(Role).filter_by(id=long(role_id)).first()
return dict(logged_in=authenticated_userid(request),
header=Header("reviews"),
role=role,
user=user)
def administration_revenue(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or account is None or not (
user.is_administrator or user.permissions_global_financials):
return HTTPFound(request.application_url)
if request.method == "POST":
quarter_end_date_text = request.params.get("quarter_end_type")
quarter_end_year_text = request.params.get("quarter_end_year")
quarter_end_date_parts = quarter_end_date_text.split("/")
quarter_end_date = datetime.date(long(quarter_end_year_text),
long(quarter_end_date_parts[0]),
long(quarter_end_date_parts[1]))
for project in account.projects:
revenue_local = long(
request.params.get(str(project.id) + "-revenue"))
if user.currency is None:
revenue = revenue_local
else:
revenue = revenue_local * user.currency.currency_to_usd
actual_revenue = DBSession.query(ActualRevenue).filter_by(
project_id=project.id).filter_by(
quarter_end_date=quarter_end_date).first()
if actual_revenue is not None:
actual_revenue.revenue = revenue
else:
actual_revenue = ActualRevenue(project, revenue,
quarter_end_date)
DBSession.flush()
return HTTPFound(request.application_url +
"/administration/company")
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
account=account,
user=user)
except:
traceback.print_exc()
return HTTPFound(request.application_url)
def department_edit(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator is False:
return HTTPFound(request.application_url)
department_id = request.matchdict['department_id']
if request.method == "POST":
name = request.params["name"].lower()
dept = DBSession.query(Department).filter_by(account_id=account_id).filter_by(name=name).first()
if dept is None or dept.id == department_id:
DBSession.query(Department).filter_by(id=department_id).filter_by(account_id=account_id).update(
{'name': name})
DBSession.flush()
return HTTPFound(location=request.application_url + "/administration/company")
department = DBSession.query(Department).filter_by(id=department_id).first()
return dict(logged_in=authenticated_userid(request), header=Header("administration"), department=department,
user=user)
except:
return HTTPFound(request.application_url)
def person(request):
#FIX PERMISSIONS!
person_id = request.matchdict.get('person_id')
review_year = request.params.get('year')
user = DBSession.query(User).filter_by(id=long(request.session['uid'])).first()
person = DBSession.query(User).filter_by(id=long(person_id)).first()
account = DBSession.query(Account).filter_by(id=long(request.session['aid'])).first()
if review_year is None or review_year == "":
review_year = account.latest_review_year
review = DBSession.query(Review).filter_by(user_id=person.id).filter_by(review_cycle_year=review_year).first()
if review is None:
if review_year == account.latest_review_year:
review = Review(user, review_year)
DBSession.add(review)
DBSession.flush()
else:
HTTPFound(location=request.application_url)
return dict(logged_in=authenticated_userid(request), person=person, user=user, review=review, account=account)
def administration_employees(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or account is None or (user.is_administrator == False and user.is_hr_administrator == False):
return HTTPFound(request.application_url)
return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account,
user=user)
except:
return HTTPFound(request.application_url)
def department_edit(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator is False:
return HTTPFound(request.application_url)
department_id = request.matchdict['department_id']
if request.method == "POST":
name = request.params["name"].lower()
dept = DBSession.query(Department).filter_by(
account_id=account_id).filter_by(name=name).first()
if dept is None or dept.id == department_id:
DBSession.query(Department).filter_by(
id=department_id).filter_by(account_id=account_id).update(
{'name': name})
DBSession.flush()
return HTTPFound(location=request.application_url +
"/administration/company")
department = DBSession.query(Department).filter_by(
id=department_id).first()
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
department=department,
user=user)
except:
return HTTPFound(request.application_url)
def global_expenses(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
year = request.matchdict['year']
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or not (user.is_administrator or user.permissions_global_financials):
return HTTPFound(request.application_url)
offices = DBSession.query(Office).filter_by(account_id=account_id).all()
if offices is None:
return HTTPFound(request.application_url)
if request.method == "POST":
for office in offices:
change = False
ase = None
sga = None
ase_text = request.POST.get("ase_" + str(office.id))
if ase_text is not None and ase_text != '':
ase_local = long(ase_text)
if user.currency is None:
ase = ase_local
else:
ase = ase_local * user.currency.currency_to_usd
office.allocated_salary_expense = ase
sga_text = request.POST.get("sga_" + str(office.id))
if sga_text is not None and sga_text != '':
sga_local = long(sga_text)
if user.currency is None:
sga = sga_local
else:
sga = sga_local * user.currency.currency_to_usd
office.sga_expense = sga
DBSession.flush()
# return HTTPFound(request.application_url + "/administration/expenses")
return dict(logged_in=authenticated_userid(request), header=Header("financials"), offices=offices, year=year,
user=user)
except:
traceback.print_exc()
return HTTPFound(request.application_url)
def _get_header(department_id):
if (department_id is None or department_id.lower() == "all"):
return "All Roles"
else:
department = DBSession.query(Department).filter_by(
id=department_id).first()
return "Roles in " + department.name
def administration_company(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
account=account,
user=user)
except:
return HTTPFound(request.application_url)
def login(request):
login_url = request.route_url('login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
if came_from == None:
came_from = request.application_url
message = ''
email = ''
password = ''
if 'form.submitted' in request.params:
email = request.params['email'].lower()
password = request.params['password']
user = DBSession.query(User).filter_by(email=email).first()
if user is None:
return dict(message='user not found', url=request.application_url + '/login', came_from=came_from,
email=email)
if user.is_valid_password(password):
request.session['uid'] = str(user.id)
request.session['aid'] = str(user.account_id)
headers = remember(request, user.id)
return HTTPFound(came_from, headers=headers)
else:
return dict(message='invalid password', url=request.application_url + '/login', came_from=came_from,
email=email)
return dict(message='failed login', url=request.application_url + '/login', came_from=came_from, email=email)
def client_projects_update(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
client_id = long(request.matchdict['client_id'])
client = DBSession.query(Client).filter_by(id=client_id).filter_by(account_id=account_id).first()
if client is None or user.can_access_client(client, "financials") == False:
return HTTPFound(request.application_url)
if request.method == "POST":
for project in account.projects:
if project.is_active and project.client.office_id == client.office_id:
revenue_local = long(request.params.get(str(project.id) + "-revenue"))
if user.currency is None:
revenue = revenue_local
else:
revenue = revenue_local * user.currency.currency_to_usd
start_date_text = request.params.get(str(project.id) + "-start_date")
start_dateparts = start_date_text.split("/")
start_date = datetime.date(long(start_dateparts[2]), long(start_dateparts[0]),
long(start_dateparts[1]))
end_date_text = request.params.get(str(project.id) + "-end_date")
end_dateparts = end_date_text.split("/")
end_date = datetime.date(long(end_dateparts[2]), long(end_dateparts[0]), long(end_dateparts[1]))
project.revenue = revenue
project.start_date = start_date
project.end_date = end_date
DBSession.flush()
return HTTPFound(request.application_url + "/client/" + str(client.id) + "/projects/" + str(
datetime.datetime.now().year))
return dict(logged_in=authenticated_userid(request), header=Header("financials"), user=user, account=account,
client=client)
except:
traceback.print_exc()
return HTTPFound(request.application_url)
def department_add(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"].lower()
dept = DBSession.query(Department).filter_by(
account_id=account_id).filter_by(name=name).first()
if dept is None:
new_department = Department(name, account)
DBSession.add(new_department)
DBSession.flush()
if request.params.get("add_another") is None:
return HTTPFound(location=request.application_url +
"/administration/company")
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
user=user)
except:
return HTTPFound(request.application_url)
def currency_add(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"].lower()
currency_to_usd = float(request.params["currency_to_usd"])
error = False
if name == "usd":
error = True
currency = DBSession.query(Currency).filter_by(account_id=account_id).filter_by(name=name).first()
if currency is not None:
error = True
if error == False:
new_currency = Currency(name, account, currency_to_usd)
DBSession.add(new_currency)
DBSession.flush()
if request.params.get("add_another") is None:
return HTTPFound(request.application_url + "/administration/company")
return dict(logged_in=authenticated_userid(request), header=Header("administration"), user=user)
except:
return HTTPFound(request.application_url)
def office_add(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"].lower()
office = DBSession.query(Office).filter_by(
account_id=long(request.session['aid'])).filter_by(
name=name).first()
if office is None:
benefits_and_bonus = long(request.params["benefits_and_bonus"])
new_office = Office(name, benefits_and_bonus, account)
DBSession.add(new_office)
DBSession.flush()
if request.params.get("add_another") is None:
return HTTPFound(request.application_url +
"/administration/company")
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
user=user)
except:
return HTTPFound(request.application_url)
def account_edit(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or user.is_administrator == False or account is None:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"]
benefits_and_bonus = long(request.params["benefits_and_bonus"])
acc = DBSession.query(Account).filter_by(name=name).first()
if acc is None or acc.id == account.id:
DBSession.query(Account).filter_by(id=account_id).update(
{'name': name, 'benefits_and_bonus': benefits_and_bonus})
DBSession.flush()
return HTTPFound(request.application_url + "/administration/company")
return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account,
user=user)
except:
return HTTPFound(request.application_url)
def account_edit(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or user.is_administrator == False or account is None:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"]
benefits_and_bonus = long(request.params["benefits_and_bonus"])
acc = DBSession.query(Account).filter_by(name=name).first()
if acc is None or acc.id == account.id:
DBSession.query(Account).filter_by(id=account_id).update({
'name':
name,
'benefits_and_bonus':
benefits_and_bonus
})
DBSession.flush()
return HTTPFound(request.application_url +
"/administration/company")
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
account=account,
user=user)
except:
return HTTPFound(request.application_url)
def global_offices(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
user = DBSession.query(User).filter_by(id=user_id).first()
year = request.matchdict['year']
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or (
user.is_administrator == False and user.permissions_global_financials == False):
return HTTPFound(request.application_url)
financials = account.getFinancials(year, user)
return dict(logged_in=authenticated_userid(request), header=getHeader(), financials=financials,
year=year, account=account, user=user)
except:
return HTTPFound(request.application_url)
def global_utilization(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
user = DBSession.query(User).filter_by(id=user_id).first()
year = request.matchdict['year']
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or (
user.is_administrator is False and user.permissions_global_utilization is False) and not user.is_hr_administrator:
return HTTPFound(request.application_url)
utilization = account.getUtilization(year)
return dict(logged_in=authenticated_userid(request), header=getHeader(), utilization=utilization,
year=year, account=account, user=user)
except:
return HTTPFound(request.application_url)
def client_edit(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
client_id = long(request.matchdict['client_id'])
client = DBSession.query(Client).filter_by(account_id=account_id).filter_by(id=client_id).first()
if user is None or account is None or client is None:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"].lower()
code = request.params["client_code"]
target_margin = request.params["target_margin"]
office_id = long(request.params["office_id"])
office_temp = DBSession.query(Office).filter_by(id=office_id).filter_by(account_id=account_id).first()
client_temp = DBSession.query(Client).filter_by(account_id=account_id).filter_by(name=name).first()
if office_temp is None or user.can_access_client(client, "financials") == False or user.can_access_office(
office_temp, "financials") == False:
return HTTPFound(request.application_url)
if client_temp is not None and client_temp.id != client.id:
return HTTPFound(request.application_url)
client.name = name
client.code = code
client.office = office_temp
client.target_margin = target_margin
DBSession.flush()
return HTTPFound(
request.application_url + "/office/" + str(office_id) + "/clients/" + str(datetime.datetime.now().year))
offices_all = DBSession.query(Office).filter_by(account_id=long(request.session['aid'])).all()
offices = []
if user.is_administrator or user.permissions_global_financials:
offices = offices_all
else:
for office in offices_all:
if user.can_access_office(office, "financials"):
offices.append(office)
if len(offices) == 0:
return HTTPFound(request.application_url)
return dict(logged_in=authenticated_userid(request), header=getHeader(client), offices=offices, user=user,
client=client, account=account)
except:
return HTTPFound(request.application_url)
def administration_revenue(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or account is None or not (user.is_administrator or user.permissions_global_financials):
return HTTPFound(request.application_url)
if request.method == "POST":
quarter_end_date_text = request.params.get("quarter_end_type")
quarter_end_year_text = request.params.get("quarter_end_year")
quarter_end_date_parts = quarter_end_date_text.split("/")
quarter_end_date = datetime.date(long(quarter_end_year_text), long(quarter_end_date_parts[0]),
long(quarter_end_date_parts[1]))
for project in account.projects:
revenue_local = long(request.params.get(str(project.id) + "-revenue"))
if user.currency is None:
revenue = revenue_local
else:
revenue = revenue_local * user.currency.currency_to_usd
actual_revenue = DBSession.query(ActualRevenue).filter_by(project_id=project.id).filter_by(
quarter_end_date=quarter_end_date).first()
if actual_revenue is not None:
actual_revenue.revenue = revenue
else:
actual_revenue = ActualRevenue(project, revenue, quarter_end_date)
DBSession.flush()
return HTTPFound(request.application_url + "/administration/company")
return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account,
user=user)
except:
traceback.print_exc()
return HTTPFound(request.application_url)
def roles(request):
department_id = request.matchdict.get('department_id')
user = DBSession.query(User).filter_by(
id=long(request.session['uid'])).first()
roles = []
if department_id == 'all':
if user.permissions.is_administrator or user.permissions.can_view_all_departments:
roles = DBSession.query(Role).filter_by(
account_id=long(request.session['aid'])).filter(
Role.is_active == True).all()
else:
HTTPFound(request.application_url)
else:
if user.permissions.is_administrator or user.permissions.can_view_all_departments:
roles = DBSession.query(Role).filter_by(
department_id=department_id).filter(
Role.is_active == True).all()
else:
dept_match = False
for department in user.permissions.view_departments:
if department.id == department_id:
roles = DBSession.query(Role).filter_by(
department_id=department_id).filter(
Role.is_active is True).all()
dept_match = True
break
if dept_match is False:
HTTPFound(request.application_url)
header = _get_header(department_id)
account = DBSession.query(Account).filter_by(
id=long(request.session['aid'])).first()
return dict(logged_in=authenticated_userid(request),
account=account,
user=user,
roles=roles,
active_people="",
active_roles="active",
header=header,
department_id=department_id)
def home(request):
try:
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None:
return HTTPFound(request.application_url + '/login')
except:
return HTTPFound(request.application_url + '/login')
year = str(datetime.datetime.now().year)
if user.is_administrator or user.permissions_global_financials:
return HTTPFound(request.application_url + "/global/financials/" +
year)
if user.permissions_global_utilization or user.is_hr_administrator:
return HTTPFound(request.application_url + "/global/utilization/" +
year)
if user.permissions_global_pipeline:
return HTTPFound(request.application_url + "/global/pipeline/" + year)
if len(user.permissions_office_financials) > 0:
return HTTPFound(request.application_url + "/office/" +
str(user.permissions_office_financials[0].id) +
"/financials/" + year)
if len(user.permissions_office_pipeline) > 0:
return HTTPFound(request.application_url + "/office/" +
str(user.permissions_office_pipeline[0].id) +
"/pipeline/" + year)
if len(user.permissions_office_utilization) > 0:
return HTTPFound(request.application_url + "/office/" +
str(user.permissions_office_utilization[0].id) +
"/utilization/" + year)
if len(user.permissions_client_financials) > 0:
return HTTPFound(request.application_url + "/client/" +
str(user.permissions_client_financials[0].id) +
"/financials/" + year)
if len(user.permissions_client_pipeline) > 0:
return HTTPFound(request.application_url + "/client/" +
str(user.permissions_client_pipeline[0].id) +
"/pipeline/" + year)
if len(user.permissions_client_utilization) > 0:
return HTTPFound(request.application_url + "/client/" +
str(user.permissions_client_utilization[0].id) +
"/utilization/" + year)
return HTTPFound(request.application_url + '/login')
def administration_password(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
if request.method == "POST":
password = request.params["password"]
user.set_password(password)
transaction.commit()
return HTTPFound(request.application_url)
return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account,
user=user)
except:
return HTTPFound(request.application_url)
def main(argv=sys.argv):
if len(argv) != 2:
usage(argv)
config_uri = argv[1]
setup_logging(config_uri)
settings = get_appsettings(config_uri)
engine = engine_from_config(settings, 'sqlalchemy.')
DBSession.configure(bind=engine)
Base.metadata.create_all(engine)
with transaction.manager:
huge = Account("Finance", 2013)
office = Office("New York", 10, huge)
corporate = Department("Corporate", huge)
ceo = Role(huge, "Senior Developer", corporate, 150000, 50000)
aaron = User(huge, "Atish Narlawar", "*****@*****.**", office, ceo, 100000, datetime.date(2012, 1, 1))
aaron.set_password("atish")
aaron.is_administrator = True
salary = Salary(aaron, 100000, 1, datetime.date(2012, 1, 1), 100)
aaron.salary_history.append(salary)
DBSession.add(aaron)
def skillset_entry_update(request):
print("skillset entry update")
rating = request.matchdict.get('rating')
skillset_entry_id = request.matchdict.get('skillset_entry_id')
person_id = request.matchdict.get('person_id')
account = DBSession.query(Account).filter_by(
id=long(request.session['aid'])).first()
user = DBSession.query(User).filter_by(
id=long(request.session['uid'])).first()
person = DBSession.query(User).filter_by(id=long(person_id)).first()
skillset_entry = DBSession.query(SkillsetEntry).filter_by(
id=long(skillset_entry_id)).first()
if user.permissions.is_administrator or person.manager_id == user.id:
if skillset_entry.is_midyear and (
datetime.datetime.now() > account.midyear_review_end_date
or datetime.datetime.now() < account.midyear_review_start):
return {'ok': 'False'}
if skillset_entry.is_midyear == False and (
datetime.datetime.now() > account.annual_review_end_date
or datetime.datetime.now() < account.annual_review_start):
return {'ok': 'False'}
DBSession.query(SkillsetEntry).filter_by(id=skillset_entry_id).update(
{'ranking': rating})
return {"ok": "True"}
return {'ok': 'False'}
def currency_edit(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
currency_id = long(request.matchdict['currency_id'])
currency = DBSession.query(Currency).filter_by(id=currency_id).first()
if currency == None:
return HTTPFound(request.application_url + "/administration/company")
if request.method == "POST":
error = False
name = request.params["name"].lower()
if name == "usd":
error = True
currency_to_usd = float(request.params["currency_to_usd"])
cur = DBSession.query(Currency).filter_by(account_id=account_id).filter_by(name=name).first()
if cur is not None and cur.id != currency_id:
error = True
if error == False:
currency.name = name
currency.currency_to_usd = currency_to_usd
DBSession.flush()
return HTTPFound(request.application_url + "/administration/company")
return dict(logged_in=authenticated_userid(request), header=Header("administration"), currency=currency,
user=user)
except:
return HTTPFound(request.application_url)
def main(argv=sys.argv):
if len(argv) != 2:
usage(argv)
config_uri = argv[1]
setup_logging(config_uri)
settings = get_appsettings(config_uri)
engine = engine_from_config(settings, 'sqlalchemy.')
DBSession.configure(bind=engine)
Base.metadata.create_all(engine)
with transaction.manager:
huge = Account("Finance", 2013)
office = Office("New York", 10, huge)
corporate = Department("Corporate", huge)
ceo = Role(huge, "Senior Developer", corporate, 150000, 50000)
aaron = User(huge, "Atish Narlawar", "*****@*****.**", office,
ceo, 100000, datetime.date(2012, 1, 1))
aaron.set_password("atish")
aaron.is_administrator = True
salary = Salary(aaron, 100000, 1, datetime.date(2012, 1, 1), 100)
aaron.salary_history.append(salary)
DBSession.add(aaron)
def client_utilization(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
client_id = request.matchdict['client_id']
year = request.matchdict['year']
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
client = DBSession.query(Client).filter_by(account_id=account_id).filter_by(id=client_id).first()
access_utilization = user.can_access_client(client, "utilization")
if user is None or account is None or client is None or access_utilization == False:
return HTTPFound(request.application_url)
access_pipeline = user.can_access_client(client, "pipeline")
access_financials = user.can_access_client(client, "financials")
utilization = client.getUtilization(year)
return dict(logged_in=authenticated_userid(request), header=getHeader(client), utilization=utilization,
client=client, year=year, user=user, account=account, access_pipeline=access_pipeline,
access_utilization=access_utilization, access_financials=access_financials)
except:
return HTTPFound(request.application_url)
def department_utilization(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
department_id = request.matchdict['department_id']
year = request.matchdict['year']
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
department = DBSession.query(Department).filter_by(account_id=account_id).filter_by(id=department_id).first()
access_utilization = user.can_access_department(department, "utilization")
if user is None or account is None or department is None or access_utilization == False:
return HTTPFound(request.application_url)
access_financials = user.can_access_department(department, "financials")
utilization = department.getUtilization(year)
return dict(logged_in=authenticated_userid(request), header=getHeader(department), utilization=utilization,
department=department, year=year, user=user, account=account, access_utilization=access_utilization,
access_financials=access_financials)
except:
traceback.print_exc()
return HTTPFound(request.application_url)
def role_edit(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
role_id = long(request.matchdict['role_id'])
role = DBSession.query(Role).filter_by(id=role_id).filter_by(
account_id=account_id).first()
if request.method == "POST":
name = request.params["name"].lower()
department_id = long(request.params["department_id"])
salary_low_local = long(request.params["salary_low"])
salary_high_local = long(request.params["salary_high"])
if user.currency is None:
salary_low = salary_low_local
salary_high = salary_high_local
else:
salary_low = salary_low_local * user.currency.currency_to_usd
salary_high = salary_high_local * user.currency.currency_to_usd
department = DBSession.query(Department).filter_by(
id=department_id).filter_by(account_id=account.id).first()
role_ok = True
for r in department.roles:
if r.name == name and r.id != role_id:
role_ok = False
if role_ok:
role.name = name
role.department = department
role.salary_low = salary_low
role.salary_high = salary_high
DBSession.flush()
return HTTPFound(request.application_url +
"/administration/company")
departments = DBSession.query(Department).filter_by(
account_id=long(request.session['aid'])).all()
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
departments=departments,
user=user,
role=role)
except:
return HTTPFound(request.application_url)
def administration_password(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
if request.method == "POST":
password = request.params["password"]
user.set_password(password)
transaction.commit()
return HTTPFound(request.application_url)
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
account=account,
user=user)
except:
return HTTPFound(request.application_url)
def client_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
client_id = request.matchdict.get('client_id')
client = DBSession.query(Client).filter_by(id=client_id).filter_by(account_id=account_id).first()
if client is None or user.can_access_client(client, "financials") == False:
return HTTPFound(request.application_url)
client.is_active = False
DBSession.flush()
return HTTPFound(request.application_url + "/office/" + str(client.office_id) + "/clients/" + str(
datetime.datetime.now().year))
except:
return HTTPFound(request.application_url)
def person_show_review(request):
review_id = request.matchdict.get('review_id')
person_id = request.matchdict.get('person_id')
account = DBSession.query(Account).filter_by(id=long(request.session['aid'])).first()
user = DBSession.query(User).filter_by(id=long(request.session['uid'])).first()
person = DBSession.query(User).filter_by(id=long(person_id)).first()
review = DBSession.query(Review).filter_by(id=long(review_id)).first()
#FIX PERMISSIONS!
if user.permissions.is_administrator or person.manager_id == user.id:
if review.current_datetime > account.midyear_review_start and review.midyear_visible_to_user == False:
DBSession.query(Review).filter_by(id=review.id).update({'midyear_visible_to_user': True})
elif review.current_datetime > account.annual_review_start and review.annual_visible_to_user == False:
DBSession.query(Review).filter_by(id=review.id).update({'midyear_visible_to_user': True})
return HTTPFound(request.application_url + "/person/" + str(person_id) + "?year=" + str(review.review_cycle_year))
def person_assign_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
person_id = long(request.matchdict.get('person_id'))
assignment_id = long(request.matchdict.get('assignment_id'))
person = DBSession.query(User).filter_by(id=person_id).filter_by(account_id=account_id).first()
if person == None:
return HTTPFound(request.application_url)
source_type_text = request.params.get("source_type")
if source_type_text is None:
source_type = "office"
elif source_type_text == "ghost_client":
source_type = "ghost/client"
elif source_type_text == "client":
source_type = source_type_text
else:
source_type = "office"
source_id_text = request.params.get("source_id")
if source_id_text is None:
source_id = person.office_id
else:
source_id = long(source_id_text)
user_allocation = DBSession.query(UserAllocation).filter_by(id=assignment_id).first()
if user_allocation == None or user_allocation.user_id != person.id:
return HTTPFound(request.application_url)
DBSession.delete(user_allocation)
DBSession.flush()
return HTTPFound(location=request.application_url + "/person/" + str(
person_id) + "/assign/edit?source_type=" + source_type + "&source_id=" + str(source_id))
except:
print("*****")
traceback.print_exc()
return HTTPFound(request.application_url)
def home(request):
try:
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None:
return HTTPFound(request.application_url + '/login')
except:
return HTTPFound(request.application_url + '/login')
year = str(datetime.datetime.now().year)
if user.is_administrator or user.permissions_global_financials:
return HTTPFound(request.application_url + "/global/financials/" + year)
if user.permissions_global_utilization or user.is_hr_administrator:
return HTTPFound(request.application_url + "/global/utilization/" + year)
if user.permissions_global_pipeline:
return HTTPFound(request.application_url + "/global/pipeline/" + year)
if len(user.permissions_office_financials) > 0:
return HTTPFound(request.application_url + "/office/" + str(
user.permissions_office_financials[0].id) + "/financials/" + year)
if len(user.permissions_office_pipeline) > 0:
return HTTPFound(
request.application_url + "/office/" + str(user.permissions_office_pipeline[0].id) + "/pipeline/" + year)
if len(user.permissions_office_utilization) > 0:
return HTTPFound(request.application_url + "/office/" + str(
user.permissions_office_utilization[0].id) + "/utilization/" + year)
if len(user.permissions_client_financials) > 0:
return HTTPFound(request.application_url + "/client/" + str(
user.permissions_client_financials[0].id) + "/financials/" + year)
if len(user.permissions_client_pipeline) > 0:
return HTTPFound(
request.application_url + "/client/" + str(user.permissions_client_pipeline[0].id) + "/pipeline/" + year)
if len(user.permissions_client_utilization) > 0:
return HTTPFound(request.application_url + "/client/" + str(
user.permissions_client_utilization[0].id) + "/utilization/" + year)
return HTTPFound(request.application_url + '/login')
def role_add(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"].lower()
department_id = long(request.params["department_id"])
salary_low = long(request.params["salary_low"])
salary_high = long(request.params["salary_high"])
department = DBSession.query(Department).filter_by(
id=department_id).filter_by(account_id=account.id).first()
role_ok = True
for role in department.roles:
if role.name == name:
role_ok = False
break
if role_ok:
new_role = Role(account, name, department, salary_high,
salary_low)
DBSession.add(new_role)
DBSession.flush()
if request.params.get("add_another") is None:
return HTTPFound(request.application_url +
"/administration/company")
departments = DBSession.query(Department).filter_by(
account_id=long(request.session['aid'])).all()
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
departments=departments,
user=user)
except:
return HTTPFound(request.application_url)
def role_edit(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
role_id = long(request.matchdict['role_id'])
role = DBSession.query(Role).filter_by(id=role_id).filter_by(account_id=account_id).first()
if request.method == "POST":
name = request.params["name"].lower()
department_id = long(request.params["department_id"])
salary_low_local = long(request.params["salary_low"])
salary_high_local = long(request.params["salary_high"])
if user.currency is None:
salary_low = salary_low_local
salary_high = salary_high_local
else:
salary_low = salary_low_local * user.currency.currency_to_usd
salary_high = salary_high_local * user.currency.currency_to_usd
department = DBSession.query(Department).filter_by(id=department_id).filter_by(
account_id=account.id).first()
role_ok = True
for r in department.roles:
if r.name == name and r.id != role_id:
role_ok = False
if role_ok:
role.name = name
role.department = department
role.salary_low = salary_low
role.salary_high = salary_high
DBSession.flush()
return HTTPFound(request.application_url + "/administration/company")
departments = DBSession.query(Department).filter_by(account_id=long(request.session['aid'])).all()
return dict(logged_in=authenticated_userid(request), header=Header("administration"), departments=departments,
user=user, role=role)
except:
return HTTPFound(request.application_url)
def currency_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
currency_id = long(request.matchdict['currency_id'])
DBSession.query(Currency).filter_by(id=currency_id).filter_by(account_id=account_id).delete()
DBSession.flush()
return HTTPFound(request.application_url + "/administration/company")
except:
return HTTPFound(request.application_url)
def office_edit(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
account = DBSession.query(Account).filter_by(id=account_id).first()
user = DBSession.query(User).filter_by(id=user_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
office_id = request.matchdict['office_id']
if request.method == "POST":
name = request.params["name"].lower()
off = DBSession.query(Office).filter_by(
account_id=long(request.session['aid'])).filter_by(
name=name).first()
if off is None or str(off.id) == office_id:
benefits_and_bonus = long(request.params["benefits_and_bonus"])
DBSession.query(Office).filter_by(id=office_id).filter_by(
account_id=account_id).update({
'name':
name,
'benefits_and_bonus':
benefits_and_bonus
})
DBSession.flush()
return HTTPFound(request.application_url +
"/administration/company")
office = DBSession.query(Office).filter_by(id=office_id).first()
return dict(logged_in=authenticated_userid(request),
header=Header("administration"),
office=office,
user=user)
except:
return HTTPFound(request.application_url)
def role_add(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"].lower()
department_id = long(request.params["department_id"])
salary_low = long(request.params["salary_low"])
salary_high = long(request.params["salary_high"])
department = DBSession.query(Department).filter_by(id=department_id).filter_by(
account_id=account.id).first()
role_ok = True
for role in department.roles:
if role.name == name:
role_ok = False
break
if role_ok:
new_role = Role(account, name, department, salary_high, salary_low)
DBSession.add(new_role)
DBSession.flush()
if request.params.get("add_another") is None:
return HTTPFound(request.application_url + "/administration/company")
departments = DBSession.query(Department).filter_by(account_id=long(request.session['aid'])).all()
return dict(logged_in=authenticated_userid(request), header=Header("administration"), departments=departments,
user=user)
except:
return HTTPFound(request.application_url)
def currency_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
currency_id = long(request.matchdict['currency_id'])
DBSession.query(Currency).filter_by(id=currency_id).filter_by(
account_id=account_id).delete()
DBSession.flush()
return HTTPFound(request.application_url + "/administration/company")
except:
return HTTPFound(request.application_url)
def role_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
role_id = request.matchdict.get('role_id')
DBSession.query(Role).filter_by(id=role_id).filter_by(account_id=account_id).update({'is_active': False})
DBSession.flush()
return HTTPFound(location=request.application_url + "/administration/company")
except:
return HTTPFound(request.application_url)
def freelancer_delete(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
freelancer_id = request.matchdict.get('freelancer_id')
freelancer = DBSession.query(Freelancer).filter_by(id=freelancer_id).filter_by(account_id=account_id).first()
if freelancer is None:
return HTTPFound(request.application_url)
if freelancer.office is None and freelancer.client is None:
return HTTPFound(request.application_url)
if freelancer.office is not None and user.can_access_office(freelancer.office, "utilization") == False:
return HTTPFound(request.application_url)
if freelancer.client is not None and user.can_access_client(freelancer.client, "utilization") == False:
return HTTPFound(request.application_url)
source_id = freelancer.client_id
DBSession.delete(freelancer)
DBSession.flush()
return HTTPFound(
request.application_url + "/client/" + str(source_id) + "/utilization/" + str(datetime.datetime.now().year))
except:
print("*************")
traceback.print_exc()
return HTTPFound(request.application_url)
def department_add(request):
try:
account_id = long(request.session['aid'])
user_id = long(request.session['uid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None or user.is_administrator == False:
return HTTPFound(request.application_url)
if request.method == "POST":
name = request.params["name"].lower()
dept = DBSession.query(Department).filter_by(account_id=account_id).filter_by(name=name).first()
if dept is None:
new_department = Department(name, account)
DBSession.add(new_department)
DBSession.flush()
if request.params.get("add_another") is None:
return HTTPFound(location=request.application_url + "/administration/company")
return dict(logged_in=authenticated_userid(request), header=Header("administration"), user=user)
except:
return HTTPFound(request.application_url)
def client_assign_ghost(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
if request.method == "POST":
ghost_user_id = request.params.get('ghost_user_id')
if ghost_user_id is None or len(ghost_user_id) == 0 or ghost_user_id == '':
return HTTPFound(request.application_url)
ghost_user = DBSession.query(GhostUser).filter_by(id=ghost_user_id).filter_by(account_id=account_id).first()
client_id = request.params.get('client_id')
client = None
if client_id is not None and len(client_id) > 0 and client_id != '':
client = DBSession.query(Client).filter_by(account_id=account_id).filter_by(id=long(client_id)).first()
ghost_client_id = request.params.get('ghost_client_id')
ghost_client = None
if ghost_client_id is not None and len(ghost_client_id) > 0 and ghost_client_id != '':
ghost_client = DBSession.query(GhostClient).filter_by(account_id=account_id).filter_by(
id=long(ghost_client_id)).first()
if client is None and ghost_client is None:
return HTTPFound(request.application_url)
if client is not None and user.can_access_client(client, "utilization") == False:
return HTTPFound(request.application_url)
if ghost_client is not None and user.can_access_office(ghost_client.office, "utilization") == False:
return HTTPFound(request.application_url)
utilization = long(request.params["utilization"])
start_date_text = request.params["start_date"]
start_dateparts = start_date_text.split("/")
start_date = datetime.date(long(start_dateparts[2]), long(start_dateparts[0]), long(start_dateparts[1]))
end_date_text = request.params["end_date"]
end_dateparts = end_date_text.split("/")
end_date = datetime.date(long(end_dateparts[2]), long(end_dateparts[0]), long(end_dateparts[1]))
if ghost_user.start_date.date() > start_date or start_date > end_date:
print('**** late start')
return HTTPFound(request.path)
gua = GhostAllocation(ghost_user, client, ghost_client, utilization, start_date, end_date)
DBSession.add(gua)
if ghost_user.start_date.date() > start_date:
ghost_user.start_date = datetime.datetime.combine(start_date, datetime.time())
DBSession.flush()
if client is not None:
return HTTPFound(request.application_url + "/client/" + str(client_id) + "/utilization/" + str(
datetime.datetime.now().year))
if ghost_client is not None:
return HTTPFound(
request.application_url + "/ghost/client/" + str(ghost_client_id) + "/utilization/" + str(
datetime.datetime.now().year))
currentClientId = request.params.get('clientid')
currentClient = None
if currentClientId is not None:
currentClient = DBSession.query(Client).filter_by(id=currentClientId).filter_by(is_active=True).first()
currentGhostClientId = request.params.get('ghostclientid')
currentGhostClient = None
if currentGhostClientId is not None:
currentGhostClient = DBSession.query(GhostClient).filter_by(id=currentGhostClientId).filter_by(
is_active=True).first()
clients_all = DBSession.query(Client).filter_by(account_id=account_id).all()
clients = []
if user.is_administrator or user.permissions_global_utilization:
clients = clients_all
else:
for client in clients_all:
if user.can_access_client(client, "utilization"):
clients.append(client)
if len(clients) == 0:
return HTTPFound(request.application_url)
#fix to handle disabled
ghost_users_all = DBSession.query(GhostUser).filter_by(account_id=account_id).all()
ghost_users = []
if user.is_administrator or user.permissions_global_utilization:
ghost_users = ghost_users_all
else:
for ghost_user in ghost_users:
if user.can_access_office(ghost_user.office, "utilization"):
ghost_users.append(ghost_user)
ghost_clients = []
ghost_clients_all = DBSession.query(GhostClient).filter_by(account_id=account_id).all()
if user.is_administrator or user.permissions_global_utilization:
ghost_clients = ghost_clients_all
else:
for ghost_client in ghost_clients_all:
if user.can_access_office(ghost_client.office, "utilization"):
ghost_clients.append(ghost_client)
return dict(logged_in=authenticated_userid(request), header=getHeader(None), clients=clients,
ghost_users=ghost_users, user=user, account=account, ghost_clients=ghost_clients,
currentClient=currentClient, currentGhostClient=currentGhostClient)
except:
print("*****")
traceback.print_exc()
return HTTPFound(request.application_url)
def client_assign_resource(request):
try:
user_id = long(request.session['uid'])
account_id = long(request.session['aid'])
user = DBSession.query(User).filter_by(id=user_id).first()
account = DBSession.query(Account).filter_by(id=account_id).first()
if user is None or account is None:
return HTTPFound(request.application_url)
if request.method == "POST":
client_id = long(request.params['client_id'])
client = DBSession.query(Client).filter_by(account_id=account_id).filter_by(id=client_id).first()
person_id = long(request.params["user_id"])
person = DBSession.query(User).filter_by(id=person_id).filter_by(account_id=account_id).first()
utilization = long(request.params["utilization"])
start_date_text = request.params["start_date"]
start_dateparts = start_date_text.split("/")
start_date = datetime.date(long(start_dateparts[2]), long(start_dateparts[0]), long(start_dateparts[1]))
end_date_text = request.params["end_date"]
end_dateparts = end_date_text.split("/")
end_date = datetime.date(long(end_dateparts[2]), long(end_dateparts[0]), long(end_dateparts[1]))
if person is None or client is None or user.can_access_client(client, "utilization") == False:
return HTTPFound(request.application_url)
if person.start_date.date() > start_date or start_date > end_date:
print("*** late start")
return HTTPFound(request.path)
ua = UserAllocation(person, client, None, utilization, start_date, end_date)
DBSession.add(ua)
DBSession.flush()
return HTTPFound(request.application_url + "/client/" + str(client_id) + "/utilization/" + str(
datetime.datetime.now().year))
clients_all = DBSession.query(Client).filter_by(account_id=account_id).filter_by(is_active=True).all()
clients = []
if user.is_administrator or user.permissions_global_utilization:
clients = clients_all
else:
for client in clients_all:
if user.can_access_client(client, "utilization"):
clients.append(client)
if len(clients) == 0:
return HTTPFound(request.application_url)
access_administration = user.is_administrator
# fix this so the filtering is btter instead of doing a big loop
users_all = DBSession.query(User).filter_by(account_id=account_id).filter_by(is_active=True).all()
users = []
for u in users_all:
if u.is_active and u.percent_billable > 0 and user.can_access_office(u.office, "utilization"):
users.append(u)
if len(users) == 0:
return HTTPFound(request.application_url)
currentClientId = request.params.get('clientid')
currentClient = None
if currentClientId is not None:
currentClient = DBSession.query(Client).filter_by(id=currentClientId).filter_by(is_active=True).first()
return dict(logged_in=authenticated_userid(request), header=getHeader(None), clients=clients, users=users,
user=user, account=account, access_administration=access_administration,
currentClient=currentClient)
except:
print("*****")
traceback.print_exc()
return HTTPFound(request.application_url)
