def user_add_action(request): """ 增加用户 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = UserForm(request.POST) if form.is_valid(): role = form.cleaned_data['role'] # 人事用户也能够新建用户,但是只能新建员工 if check_role(request, ROLE_HR) and role != ROLE_STAFF: msg = u"人事只能新建普通员工。" form._errors["role"] = form.error_class([msg]) return render(request, "account/add.html", { "form": form, }) user = form.save() user.set_password(form.cleaned_data['password']) group = role_manager.get_role(role) if group: user.groups.add(group) if not user.is_superuser: personal = Personal.objects.create() user.personal_id = personal.id user.save() return back_to_original_page(request, "/account/list/") else: return render(request, "account/add.html", { "form": form, })
def user_add_action(request): """ 增加用户 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = UserForm(request.POST) if form.is_valid(): role = form.cleaned_data['role'] # 人事用户也能够新建用户,但是只能新建员工 if check_role(request, ROLE_HR) and role != ROLE_STAFF: msg = u"人事只能新建普通员工。" form._errors["role"] = form.error_class([msg]) return render(request, "account/add.html", {"form": form, }) user = form.save() user.set_password(form.cleaned_data['password']) group = role_manager.get_role(role) if group: user.groups.add(group) if not user.is_superuser: personal = Personal.objects.create() user.personal_id = personal.id user.save() return back_to_original_page(request, "/account/list/") else: return render(request, "account/add.html", { "form": form, })
def user_add_action(request): """ 增加用户 """ if check_role(request, ROLE_FAMILY_COMMON_USER): raise PermissionDeniedError form = UserForm(request.POST) if form.is_valid(): # 家庭管理员只能添加家庭普通成员 role = form.cleaned_data['role'] if check_role( request, ROLE_FAMILY_SUPER_USER) and role != ROLE_FAMILY_COMMON_USER: msg = u"家庭管理员只能添加家庭普通成员。" form._errors["role"] = form.error_class([msg]) return render(request, "user_account/add.html", { "form": form, }) user = form.save() user.set_password(form.cleaned_data['password']) group = role_manager.get_role(role) # 添加用户到组 if group: user.groups.add(group) user.save() # 保存用户到数据库 return back_to_original_page(request, "/user_account/list/") else: return render(request, "user_account/add.html", { "form": form, })
def user_list_view(request): """ 用户一览View """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError # 排除自己,为了避免删除自己的帐号 queryset = User.objects.filter(is_superuser=False).exclude( is_active=False).exclude(id=request.user.id) params = get_list_params(request) order_dict = { u"un": "username", u"fn": "full_name", u"cd": "create_datetime", u"gr": "groups", } # 搜索条件 if params['query']: queryset = queryset.filter( Q(username__contains=params['query']) | Q(full_name__contains=params['query']) | Q(groups__name__contains=params['query'])) # 如果是经理,权限等同管理员,显示全部 if check_role(request, ROLE_MANAGER): queryset = queryset # 如果是人事,只显示员工 elif check_role(request, ROLE_HR): queryset = queryset.filter(groups__name=ROLES[ROLE_STAFF]) # 排序 if not params['order_field'] or not order_dict.has_key( params['order_field']): params['order_field'] = 'un' params['order_direction'] = '' queryset = queryset.order_by( "%s%s" % (params['order_direction'], order_dict[params['order_field']])) total_count = queryset.count() return render( request, "account/list.html", { "users": queryset[params['from']:params['to']], "query_params": params, "need_pagination": params['limit'] < total_count, "total_count": total_count, })
def notice_add_action(request): """ 增加部门action """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = NoticeForm(request.POST, instance=Notice()) if form.is_valid() and 'dep_id' in request.POST: dep_id = ','.join(dict(request.POST)['dep_id']) form.instance.title = request.POST['title'] form.instance.start_date = request.POST['start_date'] form.instance.end_date = request.POST['end_date'] form.instance.content = request.POST['content'] form.instance.dep_id = str(dep_id) + ',' form.save() return back_to_original_page(request, "/notice/list/") else: departments = Department.objects.filter(delete_flg=False) return render( request, "notice/add.html", { "form": form, "departments": departments, "departments_need": 'dep_id' in request.POST, })
def notice_add_action(request): """ 增加部门action """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = NoticeForm(request.POST, instance=Notice()) if form.is_valid() and 'dep_id' in request.POST: dep_id = ','.join(dict(request.POST)['dep_id']) form.instance.title = request.POST['title'] form.instance.start_date = request.POST['start_date'] form.instance.end_date = request.POST['end_date'] form.instance.content = request.POST['content'] form.instance.dep_id = str(dep_id) + ',' form.save() return back_to_original_page(request, "/notice/list/") else: departments = Department.objects.filter(delete_flg=False) return render(request, "notice/add.html", { "form": form, "departments": departments, "departments_need": 'dep_id' in request.POST, })
def user_list_view(request): """ 用户一览View """ queryset = User.objects.filter(is_superuser=False).exclude(is_active=False) params = get_list_params(request) order_dict = { u"un": "username", u"fn": "full_name", u"cd": "create_datetime", u"gr": "groups", u"mb": "mobile", u"em": "email", } # 搜索条件 if params['query']: queryset = queryset.filter(Q(username__contains=params['query'])) # 如果是超级管理员,那么显示所有的用户信息 if check_role(request, ROLE_SYSADMIN): queryset = queryset # 如果是家庭管理员,那么只显示家庭普通成员的信息 elif check_role(request, ROLE_FAMILY_SUPER_USER): queryset = queryset.filter(groups__name=ROLES[ROLE_FAMILY_COMMON_USER]) # 排序 if not params['order_field'] or not order_dict.has_key( params['order_field']): params['order_field'] = 'un' params['order_direction'] = '' queryset = queryset.order_by( "%s%s" % (params['order_direction'], order_dict[params['order_field']])) total_count = queryset.count() return render( request, "user_account/list.html", { "users": queryset[params['from']:params['to']], "query_params": params, "need_pagination": params['limit'] < total_count, "total_count": total_count, })
def user_list_view(request): """ 用户一览View """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError # 排除自己,为了避免删除自己的帐号 queryset = User.objects.filter(is_superuser=False).exclude(is_active=False).exclude(id=request.user.id) params = get_list_params(request) order_dict = { u"un": "username", u"fn": "full_name", u"cd": "create_datetime", u"gr": "groups", } # 搜索条件 if params['query']: queryset = queryset.filter( Q(username__contains=params['query']) | Q(full_name__contains=params['query']) | Q(groups__name__contains=params['query']) ) # 如果是经理,权限等同管理员,显示全部 if check_role(request, ROLE_MANAGER): queryset = queryset # 如果是人事,只显示员工 elif check_role(request, ROLE_HR): queryset = queryset.filter(groups__name=ROLES[ROLE_STAFF]) # 排序 if not params['order_field'] or not order_dict.has_key(params['order_field']): params['order_field'] = 'un' params['order_direction'] = '' queryset = queryset.order_by("%s%s" % (params['order_direction'], order_dict[params['order_field']])) total_count = queryset.count() return render(request, "account/list.html", { "users": queryset[params['from']:params['to']], "query_params": params, "need_pagination": params['limit'] < total_count, "total_count": total_count, })
def check_in_all_list_view(request): """ 所有人考勤记录view """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError params = get_list_params(request) # queryset = CheckIn.objects.filter().order_by('-date', 'groups', 'full_name') queryset = CheckIn.objects.order_by('-date') order_dict = { u"da": "date", } # 搜索条件 if params['query']: queryset = queryset.filter( Q(personal_check_in__belong_to__full_name__contains=params['query']) | Q(personal_check_in__belong_to__groups__name__contains=params['query']) ) # 如果是经理,权限等同管理员,显示全部 if check_role(request, ROLE_MANAGER): queryset = queryset # 如果是人事,只显示员工 elif check_role(request, ROLE_HR): queryset = queryset.filter(personal_check_in__belong_to__groups__name=ROLES[ROLE_STAFF]) # 排序 if not params['order_field'] or not order_dict.has_key(params['order_field']): params['order_field'] = 'da' params['order_direction'] = '-' queryset = queryset.order_by("%s%s" % (params['order_direction'], order_dict[params['order_field']])) total_count = queryset.count() return render(request, "comprehensive/check_in_all_view.html", { "check_in": queryset[params['from']:params['to']], "query_params": params, "need_pagination": params['limit'] < total_count, "total_count": total_count, })
def user_edit_action(request): """ 编辑用户动作 """ # if not request.POST.has_key('id'): # raise InvalidPostDataError() id = request.POST['id'] if not check_permission_allowed(request, id): raise PermissionDeniedError user = get_object_or_404(User, id=id) if request.POST.has_key('password'): form = UserForm(request.POST, instance=user) else: form = UserEditForm(request.POST, instance=user) if form.is_valid(): # 数据一致性校验 # if not 'update_timestamp' in request.POST or crypt.loads(request.POST["update_timestamp"]) != unicode( # user.update_datetime): # raise DataExclusivityError() if request.user.is_superuser: role = form.cleaned_data['role'] group = role_manager.get_role(role) if group: user.groups.clear() user.groups.add(group) user.full_name = form.cleaned_data['full_name'] if not isinstance(form, UserEditForm): user.set_password(form.cleaned_data['password']) user.save(update_fields=("full_name", "password", "update_datetime")) else: user.save(update_fields=("full_name", "update_datetime")) # 员工没有访问list权限,所以这里返回index if check_role(request, ROLE_STAFF): return back_to_original_page(request, "/") return back_to_original_page(request, "/account/list/") else: role = form.cleaned_data[ 'role'] if 'role' in form.cleaned_data else None return render( request, "account/edit.html", { "form": form, "id": id, "role": role, "role_name": ROLES[role] if role in ROLES else "", # "update_timestamp": crypt.encryt(unicode(user.update_datetime)) })
def department_add_view(request): """ 增加部门View """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = DepartmentForm() return render(request, "comprehensive/department_add.html", { "form": form, })
def user_add_view(request): """ 增加用户View """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = UserForm() return render(request, "account/add.html", { "form": form, })
def user_add_view(request): """ 增加用户View """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = UserForm() return render(request, "account/add.html", { "form": form, })
def user_edit_action(request): """ 编辑用户动作 """ # if not request.POST.has_key('id'): # raise InvalidPostDataError() id = request.POST['id'] if not check_permission_allowed(request, id): raise PermissionDeniedError user = get_object_or_404(User, id=id) if request.POST.has_key('password'): form = UserForm(request.POST, instance=user) else: form = UserEditForm(request.POST, instance=user) if form.is_valid(): # 数据一致性校验 # if not 'update_timestamp' in request.POST or crypt.loads(request.POST["update_timestamp"]) != unicode( # user.update_datetime): # raise DataExclusivityError() if request.user.is_superuser: role = form.cleaned_data['role'] group = role_manager.get_role(role) if group: user.groups.clear() user.groups.add(group) user.full_name = form.cleaned_data['full_name'] if not isinstance(form, UserEditForm): user.set_password(form.cleaned_data['password']) user.save(update_fields=("full_name", "password", "update_datetime")) else: user.save(update_fields=("full_name", "update_datetime")) # 员工没有访问list权限,所以这里返回index if check_role(request, ROLE_STAFF): return back_to_original_page(request, "/") return back_to_original_page(request, "/account/list/") else: role = form.cleaned_data['role'] if 'role' in form.cleaned_data else None return render(request, "account/edit.html", { "form": form, "id": id, "role": role, "role_name": ROLES[role] if role in ROLES else "", # "update_timestamp": crypt.encryt(unicode(user.update_datetime)) })
def notice_add_view(request): """ 增加公告View """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = NoticeForm() departments = Department.objects.filter(delete_flg=False) return render(request, "notice/add.html", { "form": form, "departments": departments, "departments_need": True, })
def department_set_view(request): """ 部门配置view """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError user = User.objects.select_related('personal').filter(is_superuser=False).\ exclude(is_active=False).order_by('groups', 'full_name') params = get_list_params(request) # 搜索条件 if params['query']: user = user.filter( Q(full_name__contains=params['query']) | Q(groups__name__contains=params['query']) | Q(personal__department__name__contains=params['query']) ) # 如果是经理,权限等同管理员,显示全部 if check_role(request, ROLE_MANAGER): user = user # 如果是人事,只显示员工 elif check_role(request, ROLE_HR): user = user.filter(groups__name=ROLES[ROLE_STAFF]) total_count = user.count() department = Department.objects.filter(delete_flg=False).order_by('name') return render(request, "comprehensive/department_set.html", { "form_list": user, "departments": department, "query_params": params, "total_count": total_count, })
def department_edit_view(request, department_id): """ 编辑部门视图 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError department = get_object_or_404(Department, id=department_id) form = DepartmentForm(instance=department) return render(request, "comprehensive/department_edit.html", { "form": form, "department_id": department_id, })
def notice_add_view(request): """ 增加公告View """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = NoticeForm() departments = Department.objects.filter(delete_flg=False) return render(request, "notice/add.html", { "form": form, "departments": departments, "departments_need": True, })
def department_delete_action(request): """ 删除部门 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) Department.objects.filter(id__in=pks).update(delete_flg=True) return back_to_original_page(request, '/comprehensive/department/list/')
def notice_delete_action(request): """ 删除公告 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) Notice.objects.filter(id__in=pks).update(delete_flg=True) return back_to_original_page(request, '/notice/list/')
def user_delete_action(request): """ 删除用户 """ if check_role(request, ROLE_FAMILY_COMMON_USER): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) User.objects.filter(id__in=pks).update(is_active=False) return back_to_original_page(request, '/user_account/list/')
def notice_delete_action(request): """ 删除公告 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) Notice.objects.filter(id__in=pks).update(delete_flg=True) return back_to_original_page(request, '/notice/list/')
def notice_edit_view(request, notice_id): """ 编辑公告视图 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError notice = get_object_or_404(Notice, id=notice_id) form = NoticeForm(instance=notice) departments = Department.objects.filter(delete_flg=False) return render(request, "notice/edit.html", { "form": form, "notice_id": notice_id, "departments": departments, "departments_need": True, })
def year_delete_action(request): """ 家庭借入信息删除action :param request: :return: """ # 如果是家庭普通成员则报错 if check_role(request, ROLE_FAMILY_COMMON_USER): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): if key: pks.append(int(key)) Yearly.objects.filter(id__in=pks).update(delete_flg=True, update_datetime=datetime.now()) return back_to_original_page(request, '/plan/year/list/')
def user_delete_action(request): """ 删除用户 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError # if not request.POST.has_key('pk'): # raise InvalidPostDataError() pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) User.objects.filter(id__in=pks).update(is_active=False) return back_to_original_page(request, '/account/list/')
def user_delete_action(request): """ 删除用户 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError # if not request.POST.has_key('pk'): # raise InvalidPostDataError() pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) User.objects.filter(id__in=pks).update(is_active=False) return back_to_original_page(request, '/account/list/')
def notice_edit_view(request, notice_id): """ 编辑公告视图 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError notice = get_object_or_404(Notice, id=notice_id) form = NoticeForm(instance=notice) departments = Department.objects.filter(delete_flg=False) return render( request, "notice/edit.html", { "form": form, "notice_id": notice_id, "departments": departments, "departments_need": True, })
def lend_delete_action(request): """ 家庭借入信息删除action :param request: :return: """ # 如果是家庭普通成员则报错 if check_role(request, ROLE_FAMILY_COMMON_USER): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): if key: pks.append(int(key)) Lend.objects.filter(id__in=pks).update(delete_flg=True, update_datetime=datetime.now()) return back_to_original_page(request, '/income/lend/list/')
def department_add_action(request): """ 增加部门action """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = DepartmentForm(request.POST) if form.is_valid(): form.instance.name = request.POST['name'] if request.POST['description']: form.instance.description = request.POST['description'] form.save() return back_to_original_page(request, "/comprehensive/department/list/") else: return render(request, "comprehensive/department_add.html", { "form": form, })
def user_edit_action(request): """ 编辑用户动作 """ id = request.POST['id'] user = get_object_or_404(User, id=id) if request.POST.has_key('password'): form = UserForm(request.POST, instance=user) else: form = UserEditForm(request.POST, instance=user) if form.is_valid(): if request.user.is_superuser: role = form.cleaned_data['role'] group = role_manager.get_role(role) if group: user.groups.clear() user.groups.add(group) user.full_name = form.cleaned_data['full_name'] if not isinstance(form, UserEditForm): user.set_password(form.cleaned_data['password']) user.save(update_fields=("full_name", "password", "update_datetime")) else: user.save(update_fields=("full_name", "update_datetime")) if check_role(request, ROLE_FAMILY_COMMON_USER): return back_to_original_page(request, "/") return back_to_original_page(request, "/user_account/list/") else: role = form.cleaned_data[ 'role'] if 'role' in form.cleaned_data else None return render( request, "user_account/edit.html", { "form": form, "id": id, "role": role, "role_name": ROLES[role] if role in ROLES else "", })
def department_list_view(request): """ 部门一览View """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError queryset = Department.objects.filter(delete_flg=False).order_by('name') params = get_list_params(request) # 搜索条件 if params['query']: queryset = queryset.filter(name__contains=params['query']) total_count = queryset.count() return render(request, "comprehensive/department_list.html", { "departments": queryset, "query_params": params, "total_count": total_count, })
def status_set_edit_action(request): """ 状态配置 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError response_data = {} # 取得请求的人员信息id pk = request.POST['pk'] # 取得请求的状态 value = request.POST['value'] # 取得人员 queryset = Personal.objects.filter(id=pk, delete_flg=False) personal = queryset.get() # 更新人员状态 personal.status = value personal.save() return HttpResponse(json.dumps(response_data), mimetype="application/json")
def notice_list_view(request): """ 公告一览view """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError queryset = Notice.objects.filter().exclude(delete_flg=True) params = get_list_params(request) order_dict = { u"sd": "start_date", u"ed": "end_date", } # 搜索条件 if params['query']: queryset = queryset.filter( Q(content__contains=params['query']) | Q(title__contains=params['query'])) # 排序 if not params['order_field'] or not order_dict.has_key( params['order_field']): params['order_field'] = 'sd' params['order_direction'] = '' queryset = queryset.order_by( "%s%s" % (params['order_direction'], order_dict[params['order_field']])) total_count = queryset.count() return render( request, "notice/list.html", { "notices": queryset[params['from']:params['to']], "query_params": params, "need_pagination": params['limit'] < total_count, "total_count": total_count, })
def department_edit_action(request): """ 编辑部门动作 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError department_id = request.POST['department_id'] department = get_object_or_404(Department, id=department_id) form = DepartmentForm(request.POST, instance=department) if form.is_valid(): form.instance.name = request.POST['name'] if request.POST['description']: form.instance.description = request.POST['description'] form.save() return back_to_original_page(request, "/comprehensive/department/list/") else: return render(request, "comprehensive/department_edit.html", { "form": form, "department_id": department_id, })
def notice_list_view(request): """ 公告一览view """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError queryset = Notice.objects.filter().exclude(delete_flg=True) params = get_list_params(request) order_dict = { u"sd": "start_date", u"ed": "end_date", } # 搜索条件 if params['query']: queryset = queryset.filter( Q(content__contains=params['query']) | Q(title__contains=params['query']) ) # 排序 if not params['order_field'] or not order_dict.has_key(params['order_field']): params['order_field'] = 'sd' params['order_direction'] = '' queryset = queryset.order_by("%s%s" % (params['order_direction'], order_dict[params['order_field']])) total_count = queryset.count() return render(request, "notice/list.html", { "notices": queryset[params['from']:params['to']], "query_params": params, "need_pagination": params['limit'] < total_count, "total_count": total_count, })
def department_set_edit_action(request): """ 部门配置 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError response_data = {} personal_id = request.POST.get('personal_id') department_id = request.POST.get('department_id') queryset = Personal.objects.filter(id=personal_id).get() form = PersonalDepartmentForm(request.POST, instance=queryset) if form.is_valid(): form.instance.department_id = department_id form.save() response_data['validation'] = True return HttpResponse(json.dumps(response_data), mimetype="application/json") else: response_data['validation'] = False return HttpResponse(json.dumps(response_data), mimetype="application/json")