def find_departments(request): """ Gets the departments the logged user can create tasks for a project, depending to their roles """ if "project_id" not in request.GET: raise SuspiciousOperation project_id = request.GET.get("project_id") actor=get_actor_or_403(request) if actor.user_type == "A" or is_executive(actor): departamentos = Department.objects.filter(projectdepartment__project_id_id=project_id,company_id=actor.company_id, active=True) else: # not an executive roles_dep = ProjectDepartmentEmployeeRole.objects.filter(employee_id=actor, role_id__tier__gte=20, projectDepartment_id__project_id__deleted=False,projectDepartment_id__department_id__active=True) if roles_dep.count() > 0: # you're a project manager or a coordinator. Loading your departments for the selected project departamentos = Department.objects.filter( company_id=actor.company_id, active=True, projectdepartment__projectdepartmentemployeerole__employee_id=actor, projectdepartment__project_id_id=project_id) else: # not any of this? get outta here!! raise PermissionDenied return departamentos.distinct()
def get_list_for_role(request): """ Gets the list of projects according to the role tier of the logged user """ actor = get_actor_or_403(request) highest = get_highest_role_tier(actor) if highest < 40: raise PermissionDenied elif highest >= 50: # Admins and executives can do everything return Project.objects.filter( company_id=actor.company_id).distinct().order_by("name") else: # If it's for view, projectmanager and greater can access too return Project.objects.filter( projectdepartment__projectdepartmentemployeerole__employee_id=actor, projectdepartment__projectdepartmentemployeerole__role_id__tier__gte =40, company_id=actor.company_id, deleted=False).distinct().order_by("name") # Otherwise GTFO raise PermissionDenied
def find_collections(request): """ Gets the projects and departments the logged user can create tasks for, depending to their roles """ actor=get_actor_or_403(request) if actor.user_type == "A" or is_executive(actor): proyectos = Project.objects.filter(company_id=actor.company_id, deleted=False) departamentos = Department.objects.filter(company_id=actor.company_id, active=True) else: # not an executive roles_dep = ProjectDepartmentEmployeeRole.objects.filter(employee_id=actor, role_id__tier__gte=20) if roles_dep.count() > 0: # you're a project manager. Loading your projects proyectos = Project.objects.filter( company_id=actor.company_id, deleted=False, projectdepartment__projectdepartmentemployeerole__employee_id=actor) departamentos = Department.objects.filter( company_id=actor.company_id, active=True, projectdepartment__projectdepartmentemployeerole__employee_id=actor) else: # not any of this? get outta here!! raise PermissionDenied return {"departments": departamentos.distinct(), "projects": proyectos.distinct()}
def get_list_for_role(request): """ Gets the list of departments according to the role tier of the logged user """ actor = get_actor_or_403(request) # Admins and executives can do everything if actor.user_type == "A" or is_executive(actor): return Department.objects.filter( company_id=actor.company_id).distinct().order_by("name") # If it's for view, coordinators and greater can access too if ProjectDepartmentEmployeeRole.objects.filter( employee_id=actor, role_id__tier__gte=20).exists(): return Department.objects.filter( projectdepartment__projectdepartmentemployeerole__employee_id=actor, projectdepartment__projectdepartmentemployeerole__role_id__tier__gte =20, company_id=actor.company_id, active=True).distinct().order_by("name") # Otherwise GTFO raise PermissionDenied
def get_list_for_role(request): """ Gets the list of employees according to the role tier of the logged user """ actor = get_actor_or_403(request) highest = get_highest_role_tier(actor) if highest >= 50: return Employee.objects.filter( company_id=actor.company_id).distinct().order_by( "user__first_name", "user__last_name") else: raise PermissionDenied
def get_list_for_role(request): """ Gets the list of tasks according to the role tier of the logged user """ actor=get_actor_or_403(request) highest=get_highest_role_tier(actor) if highest < 20: raise PermissionDenied elif highest>=50: return Task.objects.filter(actor_id__company_id=actor.company_id).distinct().order_by("name") else: return Task.objects.filter(actor_id__company_id=actor.company_id, projectDepartment_id__project_id__deleted=False, projectDepartment_id__department_id__active=True, projectDepartment_id__projectdepartmentemployeerole__role_id__tier__gte=20, projectDepartment_id__projectdepartmentemployeerole__employee_id=actor).distinct()
def check_project(request, project): """ checks if the project belongs to the logged actor with appropiate roles Admin, manager or project manager """ actor = get_actor_or_403(request) highest = get_highest_role_tier(actor) if highest >= 50: # Admins and executives can do everything return actor elif project.deleted: raise PermissionDenied elif ProjectDepartmentEmployeeRole.objects.filter( employee_id=actor, projectDepartment_id__project_id=project, role_id__tier__gte=40).exists(): return actor # Otherwise GTFO raise PermissionDenied
def check_department(department, request): """ checks if the department belongs to the logged actor with appropiate roles Admin, manager or project manager """ actor = get_actor_or_403(request) highest = get_highest_role_tier(actor) if highest >= 50: # Admins and executives can do everything return actor elif not department.active: raise PermissionDenied elif ProjectDepartmentEmployeeRole.objects.filter( employee_id=actor, projectDepartment_id__department_id=department, role_id__tier__gte=20).exists(): # If it's for view, coordinators and greater can access too return actor # Otherwise GTFO raise PermissionDenied
def check_task(request,task, for_view=False): """ checks if the task belongs to the logged actor with appropiate roles """ actor=get_actor_or_403(request) highest=get_highest_role_tier(actor) if highest>=50: # Admins and executives can do everything return actor elif task: if not task.active: raise PermissionDenied # If it's for view, project managers can see tasks in their projects but not their departments elif for_view and highest>=20: if highest >= 40 and ProjectDepartmentEmployeeRole.objects.filter( Q(employee_id=actor), Q(role_id__tier__gte=40), (Q(projectDepartment_id__department_id=task.projectDepartment_id.department_id) | Q(projectDepartment_id__project_id=task.projectDepartment_id.project_id))) \ .exists(): return actor elif ProjectDepartmentEmployeeRole.objects.filter(employee_id=actor, projectDepartment_id=task.projectDepartment_id, role_id__tier__gte=20).exists(): return actor elif ProjectDepartmentEmployeeRole.objects.filter(employee_id=actor, projectDepartment_id=task.projectDepartment_id, role_id__tier__gte=20).exists(): # If it's for view, coordinators and greater can access too return actor elif highest>=20: # If it's for creation, task is None return actor # Otherwise GTFO raise PermissionDenied
def ajax_productivity_per_task(request): """ # Devuelve un objeto {'names': [dpto1, dpto2...], 'values': [tiempo1, tiempo2...]} # Parámetros obligatorios: # task_id - ID del task # Parámetros opcionales: # start_date - fecha en formato YYYY-MM-DD que indica el inicio de la medición. Por defecto, 30 días antes de la fecha actual. # end_date - fecha en formato YYYY-MM-DD que indica el final de la medición. Por defecto, fecha actual. # offset - desplazamiento (huso) horario en formato +/-HH:MM - Por defecto +00:00 # Si se proporcionan pero no tienen el formato correcto se lanzará un error HTTP 400 Bad Request """ # ------------------------- Cortesía de Agu ------------------------------ actor=get_actor_or_403(request) if "task_id" not in request.GET: raise SuspiciousOperation task_id = request.GET["task_id"] task=get_object_or_404(Task, pk=task_id) actor=check_task(request,task,for_view=True) same_company_or_403(actor,task.actor_id) # Get and parse the dates and the offset start_date = request.GET.get("start_date", str(date.today() - timedelta(days=30))) end_date = request.GET.get("end_date", str(date.today())) date_regex = re.compile("^\d{4}-\d{2}-\d{2}$") if date_regex.match(start_date) is None or date_regex.match(end_date) is None: raise SuspiciousOperation("Start/end date are not valid") offset = request.GET.get("offset", "+00:00") offset_regex = re.compile("^(\+|-)\d{2}:\d{2}$") if offset_regex.match(offset) is None: raise SuspiciousOperation("Time offset is not valid") # Append time offsets start_date += " 00:00" + offset end_date += " 00:00" + offset # -------------------------------------------------------------------------- dates = [] str_dates = [] d1 = datetime.strptime(start_date[0:19] + start_date[20:22], '%Y-%m-%d %H:%M%z') d2 = datetime.strptime(end_date[0:19] + end_date[20:22], '%Y-%m-%d %H:%M%z') delta = d2 - d1 # timedelta for i in range(delta.days + 1): str_dates.append((d1 + timedelta(days=i)).date().strftime("%Y-%m-%d")) dates.append(d1 + timedelta(days=i)) data = {"days": str_dates, "production": [], "goal_evolution": []} index = 0 # Save productivity for each date # for each date, we will find the asociated timelog for log_date in dates: log = TimeLog.objects.filter(task_id=task_id, workDate__year=log_date.year, workDate__month=log_date.month, workDate__day=log_date.day).aggregate( total_duration=Sum( F("duration")/60.0, output_field=FloatField()), total_produced_units=Sum( F("produced_units"), output_field=FloatField())) if log is None: # Not work that day total_productivity = 0 total_duration = 0 else: total_produced_units = log["total_produced_units"] total_duration = log["total_duration"] if total_duration == 0 or total_duration is None: total_productivity = 0 else: # If not produced but spent time, 0 productivity (you lazy guy...) if total_produced_units is None: total_productivity = 0 else: total_productivity = total_produced_units/total_duration # Find the registry date of production goal evolution which is closest to the date expected_productivity = GoalEvolution.objects.filter(task_id_id=task_id, registryDate__gte=log_date).first() # If we do not find the goal or if the date is after the last task update, it may be the current task goal if total_duration==0 or total_duration is None: expected_productivity=0 else: if expected_productivity is None or task.registryDate <= log_date: expected_productivity = task.production_goal else: expected_productivity = expected_productivity.production_goal data["production"].append(default_round(total_productivity)) data["goal_evolution"].append(default_round(expected_productivity)) return JsonResponse(data)