def update_mobile_phone(request):
if (request.method != 'POST'):
return err_GE002()
user_type = int(request.user_type)
form = UpdateMobileForm(request.POST, user_type=user_type)
if (not form.is_valid()):
return err_GE031(form)
mobile_phone = form.cleaned_data["mobile_phone"]
# If CALL_ENABLE = True, and mobile_phone is not empty,
# this function can't be accessed directly.
# If CALL_ENABLE = True, mobile phone must be stored after validation.
if (settings.CALL_ENABLE and mobile_phone):
return err403(request)
# If the mobile_phone number is used by others, return error.
if mobile_phone and has_mhluser_with_mobile_phone(mobile_phone, request.user.id):
return err_AM020()
if mobile_phone:
MHLUser.objects.filter(id=request.user.id).update(mobile_phone=mobile_phone)
else:
if user_type not in [USER_TYPE_OFFICE_MANAGER, USER_TYPE_OFFICE_STAFF]:
return err403(request)
MHLUser.objects.filter(id=request.user.id).update(mobile_phone='', mobile_confirmed=False)
response = {
'data': {},
'warnings': {},
}
return HttpResponse(content=json.dumps(response), mimetype='application/json')
def display_scheduler(request, practice_id, callgroup_id):
if not user_is_mgr_of_practice_id(request.user, practice_id):
return err403(request)
context = get_context(request)
context['raw_callgroup_id'] = callgroup_id
callgroup_old_id = None
if not callgroup_id or callgroup_id in [0, '0'] and \
SessionHelper.CURRENT_CALLGROUP_ID in request.session.keys():
callgroup_id = request.session[SessionHelper.CURRENT_CALLGROUP_ID]
if SessionHelper.CURRENT_CALLGROUP_ID in request.session.keys():
callgroup_old_id = request.session[SessionHelper.CURRENT_CALLGROUP_ID]
callgroup_id = checkMultiCallGroupId(practice_id, callgroup_id)
request.session[SessionHelper.CURRENT_CALLGROUP_ID] = callgroup_id
if callgroup_old_id != callgroup_id:
SessionHelper.clearAllSessionStack(request)
if (not callgroup_id):
current_practice = context['current_practice']
context['error'] = _('There is no call group associated with your ' +
get_org_type_name(current_practice) + '.')
return render_to_response("error_multicallgroup.html", context)
if (not canAccessMultiCallGroup(request.user, long(callgroup_id),
practice_id)):
return err403(request)
specialties = Specialty.objects.filter(
practice_location__pk=practice_id).order_by('name')
call_groups = []
i = 256
for specialty in specialties:
for call_group in specialty.call_groups.all().order_by('team'):
if i:
description = '%s > %s ' % (specialty.name, call_group.team)
description = (description[:80] +
'..') if len(description) > 80 else description
call_groups.append({
'id': call_group.id,
'description': description
})
i -= 1
else:
context['error'] = _(
'For security reason, we only display 256 call groups here. '
'Sorry about inconvenience.')
return render_to_response("error_multicallgroup.html", context)
context['call_groups'] = call_groups
context['current_callgroup_id'] = callgroup_id
return render_to_response("schedule_multicallgroup.html", context)
def practice_profile_edit(request):
"""
Practice profile edit page.
"""
# Permissions checks. We need to check to see if this user is a manager
# for this office.
if (not 'OfficeStaff' in request.session['MHL_UserIDs']):
return err403(request)
office_staff = request.session['MHL_Users']['OfficeStaff']
office_mgr = Office_Manager.objects.filter(
user=office_staff, practice=office_staff.current_practice)
if (not office_mgr.exists()):
return err403(request)
context = get_context(request)
if (request.method == 'POST'):
old_url = None
if office_staff.current_practice.practice_photo:
old_url = office_staff.current_practice.practice_photo.name
form = PracticeProfileForm(request.POST,
request.FILES,
instance=office_staff.current_practice)
if (form.is_valid()):
practice = form.save(commit=False)
practice.practice_lat = form.cleaned_data['practice_lat']
practice.practice_longit = form.cleaned_data['practice_longit']
practice.save()
update_staff_address_info_by_practice(practice)
new_url = None
if office_staff.current_practice.practice_photo:
new_url = practice.practice_photo.name
if old_url != new_url:
ImageHelper.generate_image(old_url, new_url,
'img_size_practice')
if not form.non_field_warnings:
return HttpResponseRedirect(reverse(practice_profile_view))
else:
practice = office_staff.current_practice
try:
if practice.time_zone:
practice.time_zone = OLD_TIME_ZONES_MIGRATION[
practice.time_zone]
except Exception as e:
logger.critical("FIXME: Unexpected bug: %s" % str(e))
form = PracticeProfileForm(instance=practice)
context['form'] = form
return render_to_response('Profile/practice_profile_edit.html', context)
def check_attachment(request, message_id, attachment_id):
"""
Handles check attachment request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message id
:type message_id: int
:param attachment_id: Attachment id
:type attachment_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
"""
attachment = get_object_or_404(MessageAttachment,
message__uuid=message_id,
uuid=attachment_id)
if (request.user != attachment.message.sender
and not (request.user in attachment.message.recipients.all()
or request.user in attachment.message.ccs.all())):
return err403(
request,
err_msg=_("You don't seem to be a valid recipient for this file."))
if os.path.exists('%s/attachments/%s' % (
settings.MEDIA_ROOT,
attachment.uuid,
)):
return HttpResponse("success")
else:
return err404(request)
def download_pdf(request, refer_id):
"""
download_pdf
:param request: Request info
:type request: django.core.handlers.wsgi.WSGIRequest
:param refer_id: referall id
:type refer_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
"""
refer = get_object_or_404(MessageRefer, uuid=refer_id)
if (request.user != refer.message.sender
and not (request.user in refer.message.recipients.all())):
return err403(
request,
err_msg="You don't seem to be a valid recipient for this file.")
try:
response = refer.get_file(request)
return response
except Exception as e:
err_email_body = '\n'.join([
('PDF file not exist!'),
''.join(['Server: ', settings.SERVER_ADDRESS]),
''.join(['Session: ',
str(request.session.session_key)]),
''.join(['Message: ', (u'PDF file not exist in media/refer/pdf')]),
''.join(['Exception: ', str(e)]),
''.join(['Exception data: ', str(e.args)]),
])
mail_admins(_('PDF folder not exist'), err_email_body)
raise Exception(
_('A seemingly invalid URL has been stored for Refer Pdf.'))
def getPrintableSchedule(request, practice_id, callgroup_id=None): callgroup_id = checkMultiCallGroupId(practice_id, callgroup_id) callgroup = CallGroup.objects.get(pk=callgroup_id) if (not canAccessMultiCallGroup(request.user, long(callgroup_id), practice_id)): return err403(request) return export_schedule_to_pdf(request, callgroup)
def account_history(request):
"""
Will create a list of every trasnaction that exist for the billing account of
logged in user
"""
template_name = 'genbilling/account_history.html'
context = get_context(request)
context['no_account'] = False
mhluser = MHLUser.objects.get(pk=request.user.pk)
try:
ostaff = OfficeStaff.objects.get(user=mhluser)
omgr = Office_Manager.objects.get(user=ostaff,
practice=ostaff.current_practice)
except ObjectDoesNotExist:
return err403(request)
try:
account = Account.objects.get(practice_group_new=\
omgr.practice.get_parent_org())
except ObjectDoesNotExist:
context['no_account'] = True
return render_to_response(template_name,
context,
context_instance=RequestContext(request))
transactions = AccountTransaction.objects.filter(account=account)
context['account'] = account
context['transactions'] = transactions
return render_to_response(template_name,
context,
context_instance=RequestContext(request))
def getMembers(request, practice_id, callgroup_id):
callgroup_id = checkMultiCallGroupId(practice_id, callgroup_id)
if (not canAccessMultiCallGroup(request.user, long(callgroup_id),
practice_id)):
return err403(request)
#sort by first name 180 Chen Hu
members = list(
CallGroupMember.objects.filter(
call_group__id=callgroup_id).values_list(
'member__pk', 'member__user__first_name',
'member__user__last_name',
'member__user__title').order_by('member__user__last_name'))
members = [(m[0], m[1], m[2], 'drop', get_fullname_bystr(m[1], m[2], m[3]))
for m in members]
pendings = list(
CallGroupMemberPending.objects.filter(
call_group__id=callgroup_id, accept_status=0).values_list(
'to_user__pk', 'to_user__user__first_name',
'to_user__user__last_name',
'to_user__user__title').order_by('to_user__user__last_name'))
pendings = [(p[0], p[1], p[2], 'disabled',
get_fullname_bystr(p[1], p[2], p[3])) for p in pendings]
members.extend(pendings)
return HttpResponse(content=json.dumps(members),
mimetype='application/json')
def getAttachmentLogic(request, message_id, attachment_id, ss=None):
if (request.method != 'POST'):
return err_GE002()
attachment = get_object_or_404(MessageAttachment, message__uuid=message_id, uuid=attachment_id)
message = attachment.message
if ((message.sender and request.user.pk != message.sender.pk) and
not ((request.user.pk,) in message.recipients.values_list('id') or (request.user.pk,)
in message.ccs.values_list('id'))):
return err403(request, err_msg="You don't seem to be a valid recipient for this file.")
# Get/set up data for KMS.
request.session['key'] = request.device_assn.secret
try:
clearkey = decrypt_cipherkey(request, attachment, ss=ss)
except KeyInvalidException:
return err_GE021()
url = attachment.decrypt_url(request, key=clearkey)
if (url[0:4] == 'file'):
response = HttpResponse(content_type=attachment.content_type)
attachment.get_file(request, response, key=clearkey)
return response
elif (url[0:4] == 'http'):
# This is likely a fully qualified URL
if (not attachment.encrypted):
return HttpResponseRedirect(url)
else:
# Download and decrypt this attachment.
pass
else:
raise Exception('A seemingly invalid URL has been stored: %s, for '
'MessageAttachment %s.' % (url, attachment_id,))
def addFollowUpAjax(request):
context = get_context(request)
count = int(request.POST['count'])
if (request.method == "POST"):
form = AddFollowUpForm(request.POST)
task = request.POST['task']
if len(task.strip()) == 0:
return err403(request, err_msg=_("The task is invalid."))
if (form.is_valid()):
#raise Exception('foo')
f_obj = form.save(commit=False)
f_obj.user = request.user
user = request.session['MHL_Users']['MHLUser']
practice = context['current_practice']
f_obj.due_date =convert_dt_to_stz(f_obj.due_date, user, practice)
f_obj.save()
else:
field_errors = dict()
for name in form._errors:
field_errors[name] = [unicode(err) for err in form._errors[name]]
non_field_errors = [unicode(err) for err in form.non_field_errors()]
return_obj = dict()
return_obj['error_type'] = 'form_validation'
return_obj['non_field_errors'] = non_field_errors
return_obj['field_errors'] = field_errors
return HttpResponse(json.dumps(return_obj), mimetype="application/json", status=400)
mhluser = request.session['MHL_Users']['MHLUser']
followup = get_followups(request.user, 0, count, mhluser, context['current_practice'])
context['followups'] = followup[0]
context['followup_count'] = followup[1]
return render_to_response('FollowUp/donefollowup.html', context)
def download_pdf(request, refer_id):
"""
download_pdf
:param request: Request info
:type request: django.core.handlers.wsgi.WSGIRequest
:param refer_id: referall id
:type refer_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
"""
refer = get_object_or_404(MessageRefer, uuid=refer_id)
if (request.user != refer.message.sender and not
(request.user in refer.message.recipients.all())):
return err403(request, err_msg="You don't seem to be a valid recipient for this file.")
try:
response = refer.get_file(request)
return response
except Exception as e:
err_email_body = '\n'.join([
('PDF file not exist!'),
''.join(['Server: ', settings.SERVER_ADDRESS]),
''.join(['Session: ', str(request.session.session_key)]),
''.join(['Message: ', (u'PDF file not exist in media/refer/pdf')]),
''.join(['Exception: ', str(e)]),
''.join(['Exception data: ', str(e.args)]),
])
mail_admins(_('PDF folder not exist'), err_email_body)
raise Exception(_('A seemingly invalid URL has been stored for Refer Pdf.'))
def doneFollowUp(request, followupID, offset, count):
"""
This function will toggle the state of the task as being done or not.
It is used by an AJAX jQuery load method which updates the table that displays
the follow up tasks.
"""
followup = get_object_or_404(FollowUps, id=followupID)
offset = int(offset)
count = int(count)
if (followup.user != request.user):
return err403(request, err_msg="You don't seem to own this follow-up item.")
if (followup.deleted):
raise Http404
if (followup.user == request.user):
if (not followup.done and not followup.completion_date):
followup.done = True
followup.completion_date = datetime.datetime.today()
elif (not followup.done and followup.completion_date):
followup.done = True
followup.completion_date = datetime.datetime.today()
elif (followup.done):
followup.done = False
followup.completion_date = None
followup.save()
context = get_context(request)
mhluser = request.session['MHL_Users']['MHLUser']
followup = get_followups(request.user, offset, count, mhluser, context['current_practice'])
context['followups'] = followup[0]
context['followup_count'] = followup[1]
return render_to_response('FollowUp/donefollowup.html', context)
def proceed_save_refer(request):
context = get_context(request)
if not REFER_CACHE_SESSION_KEY in request.session\
or not request.session[REFER_CACHE_SESSION_KEY]:
context['user_recipients'] = request.REQUEST.get(
"user_recipients", None)
# context['message'] = MESSAGE_REPEAT_COMMIT
return render_to_response('DoctorCom/Messaging/refer_success.html',
context)
refer_data = request.session[REFER_CACHE_SESSION_KEY]
file_list = None
if "file_list" in refer_data and refer_data["file_list"]:
file_list = refer_data["file_list"]
recipient_id = refer_data["user_recipients"]
recipient_provider = None
try:
recipient_provider = Provider.objects.get(pk=recipient_id)
except:
return err403(request, err_msg=_("This recipient is not a Provider."))
return save_refer(request,
refer_data,
recipient_provider,
context,
file_list=file_list)
def practice_profile_edit(request):
"""
Practice profile edit page.
"""
# Permissions checks. We need to check to see if this user is a manager
# for this office.
if (not 'OfficeStaff' in request.session['MHL_UserIDs']):
return err403(request)
office_staff = request.session['MHL_Users']['OfficeStaff']
office_mgr = Office_Manager.objects.filter(user=office_staff,
practice=office_staff.current_practice)
if (not office_mgr.exists()):
return err403(request)
context = get_context(request)
if (request.method == 'POST'):
old_url = None
if office_staff.current_practice.practice_photo:
old_url = office_staff.current_practice.practice_photo.name
form = PracticeProfileForm(request.POST, request.FILES,
instance=office_staff.current_practice)
if (form.is_valid()):
practice = form.save(commit=False)
practice.practice_lat = form.cleaned_data['practice_lat']
practice.practice_longit = form.cleaned_data['practice_longit']
practice.save()
update_staff_address_info_by_practice(practice)
new_url = None
if office_staff.current_practice.practice_photo:
new_url = practice.practice_photo.name
if old_url != new_url:
ImageHelper.generate_image(old_url, new_url, 'img_size_practice')
if not form.non_field_warnings:
return HttpResponseRedirect(reverse(practice_profile_view))
else:
practice = office_staff.current_practice
try:
if practice.time_zone:
practice.time_zone = OLD_TIME_ZONES_MIGRATION[practice.time_zone]
except Exception as e:
logger.critical("FIXME: Unexpected bug: %s" % str(e))
form = PracticeProfileForm(instance=practice)
context['form'] = form
return render_to_response('Profile/practice_profile_edit.html', context)
def getMembers(request, callgroup_id):
if (not canAccessCallGroup(request.user, long(callgroup_id))):
return err403(request)
#sort by first name 180 Chen Hu
members = CallGroupMember.objects.filter(call_group__id=callgroup_id).values_list('member__pk', 'member__user__first_name','member__user__last_name','member__user__title').order_by('member__user__last_name')
members = [(m[0],m[1],m[2],get_fullname_bystr(m[1],m[2],m[3])) for m in members]
return HttpResponse(content=json.dumps(list(members)), mimetype='application/json')
def sendCode(request): if (request.method == 'POST'): form = SendCodeForm(request.POST) if (form.is_valid()): ret_json = sendCodeLogic(form, request.user, request) if "error_code" in ret_json and ret_json["error_code"] == 403: return errlib.err403(request) return HttpResponse(content=json.dumps(ret_json), mimetype='application/json')
def display_scheduler(request, practice_id, callgroup_id):
if not user_is_mgr_of_practice_id(request.user, practice_id):
return err403(request)
context = get_context(request)
context['raw_callgroup_id'] = callgroup_id
callgroup_old_id = None
if not callgroup_id or callgroup_id in [0, '0'] and \
SessionHelper.CURRENT_CALLGROUP_ID in request.session.keys():
callgroup_id = request.session[SessionHelper.CURRENT_CALLGROUP_ID]
if SessionHelper.CURRENT_CALLGROUP_ID in request.session.keys():
callgroup_old_id = request.session[SessionHelper.CURRENT_CALLGROUP_ID]
callgroup_id = checkMultiCallGroupId(practice_id, callgroup_id)
request.session[SessionHelper.CURRENT_CALLGROUP_ID] = callgroup_id
if callgroup_old_id != callgroup_id:
SessionHelper.clearAllSessionStack(request)
if (not callgroup_id):
current_practice = context['current_practice']
context['error'] = _('There is no call group associated with your ' +
get_org_type_name(current_practice) + '.')
return render_to_response("error_multicallgroup.html", context)
if (not canAccessMultiCallGroup(request.user, long(callgroup_id), practice_id)):
return err403(request)
specialties = Specialty.objects.filter(practice_location__pk=practice_id).order_by('name')
call_groups = []
i = 256
for specialty in specialties:
for call_group in specialty.call_groups.all().order_by('team'):
if i:
description = '%s > %s ' % (specialty.name, call_group.team)
description = (description[:80] + '..') if len(description) > 80 else description
call_groups.append({'id': call_group.id, 'description': description})
i -= 1
else:
context['error'] = _('For security reason, we only display 256 call groups here. '
'Sorry about inconvenience.')
return render_to_response("error_multicallgroup.html", context)
context['call_groups'] = call_groups
context['current_callgroup_id'] = callgroup_id
return render_to_response("schedule_multicallgroup.html", context)
def getPrintableSchedule(request, practice_id, callgroup_id=None):
callgroup_id = checkMultiCallGroupId(practice_id, callgroup_id)
callgroup = CallGroup.objects.get(pk=callgroup_id)
if (not canAccessMultiCallGroup(request.user, long(callgroup_id),
practice_id)):
return err403(request)
return export_schedule_to_pdf(request, callgroup)
def sendCode(request):
if (request.method == 'POST'):
form = SendCodeForm(request.POST)
if (form.is_valid()):
ret_json = sendCodeLogic(form, request.user, request)
if "error_code" in ret_json and ret_json["error_code"] == 403:
return errlib.err403(request)
return HttpResponse(content=json.dumps(ret_json),
mimetype='application/json')
def practiceManageLogic(request):
user_type = int(request.user_type)
role_user = request.role_user
if (request.method != 'POST'):
# Get the user's current practices, and list them.
practices = role_user.practices.filter(\
organization_type__id=RESERVED_ORGANIZATION_TYPE_ID_PRACTICE)
if USER_TYPE_OFFICE_MANAGER == user_type:
practices = get_managed_practice(role_user)
practices = [[p.id, p.practice_name] for p in practices]
current_practice = role_user.current_practice
if ('pk' in dir(current_practice)):
current_practice = current_practice.pk
data = {
'practices': practices,
'current_practice': current_practice,
}
return HttpJSONSuccessResponse(data=data)
# office staff can't change current practice
if USER_TYPE_OFFICE_STAFF == user_type:
return err403(request)
form = SetPracticeForm(request.POST, user_type=user_type)
if (not form.is_valid()):
return err_GE031(form)
new_practice = form.cleaned_data['current_practice']
if (new_practice == None):
# Clearing the current practice.
role_user.current_practice = None
role_user.save()
data = {
'providers': [],
'staff': [],
}
return HttpJSONSuccessResponse(data=data)
if (new_practice in role_user.practices.values_list('id', flat=True)):
# great, do the change.
role_user.current_practice_id = new_practice
role_user.save()
data = {
'providers': getPracticeProviders(new_practice)['users'],
'staff': getPracticeStaff(new_practice)['users'],
}
return HttpJSONSuccessResponse(data=data)
err_obj = {
'errno': 'AM001',
'descr': _('Invalid practice selection.'),
}
return HttpResponseBadRequest(content=json.dumps(err_obj),
mimetype='application/json')
def saveViewInfo(request, callgroup_id=None):
if (not canAccessCallGroup(request.user, long(callgroup_id))):
return err403(request)
if request.method == 'POST':
view = request.POST['view']
if checkSchedulerView(view):
request.session[SessionHelper.SCHEDULE_LASTVIEW] = view
response = {'view': view}
else:
response = {'view': ''}
return HttpResponse(content=json.dumps(response), mimetype='application/json')
def getViewInfo(request, callgroup_id=None):
if (not canAccessCallGroup(request.user, long(callgroup_id))):
return err403(request)
if request.method == 'GET':
try:
view = request.session[SessionHelper.SCHEDULE_LASTVIEW]
response = {'view': view}
except KeyError:
response = {'view': ''}
else:
response = {'view': ''}
return HttpResponse(content=json.dumps(response), mimetype='application/json')
def practiceManageLogic(request):
user_type = int(request.user_type)
role_user = request.role_user
if (request.method != 'POST'):
# Get the user's current practices, and list them.
practices = role_user.practices.filter(\
organization_type__id=RESERVED_ORGANIZATION_TYPE_ID_PRACTICE)
if USER_TYPE_OFFICE_MANAGER == user_type:
practices = get_managed_practice(role_user)
practices = [[p.id, p.practice_name] for p in practices]
current_practice = role_user.current_practice
if ('pk' in dir(current_practice)):
current_practice = current_practice.pk
data = {
'practices':practices,
'current_practice':current_practice,
}
return HttpJSONSuccessResponse(data=data)
# office staff can't change current practice
if USER_TYPE_OFFICE_STAFF == user_type:
return err403(request)
form = SetPracticeForm(request.POST, user_type=user_type)
if (not form.is_valid()):
return err_GE031(form)
new_practice = form.cleaned_data['current_practice']
if (new_practice == None):
# Clearing the current practice.
role_user.current_practice = None
role_user.save()
data = {
'providers': [],
'staff': [],
}
return HttpJSONSuccessResponse(data=data)
if (new_practice in role_user.practices.values_list('id', flat=True)):
# great, do the change.
role_user.current_practice_id = new_practice
role_user.save()
data = {
'providers': getPracticeProviders(new_practice)['users'],
'staff': getPracticeStaff(new_practice)['users'],
}
return HttpJSONSuccessResponse(data=data)
err_obj = {
'errno': 'AM001',
'descr': _('Invalid practice selection.'),
}
return HttpResponseBadRequest(content=json.dumps(err_obj), mimetype='application/json')
def list_invites(request):
# if (request.method != 'POST'):
# return err_GE002()
user_type = int(request.user_type)
if USER_TYPE_OFFICE_STAFF == user_type:
return err403(request)
invites = Invitation.objects.filter(
sender=request.user).order_by('requestTimestamp')
response = {
'data': {
'invitations': []
},
'warnings': {},
}
invite_list = response['data']['invitations']
use_time_setting = False
if 'use_time_setting' in request.POST and request.POST[
'use_time_setting'] == 'true':
use_time_setting = True
user = request.user
local_tz = getCurrentTimeZoneForUser(user)
for invite in invites:
desc = ''
if not invite.assignPractice:
desc = _('Invite to DoctorCom')
else:
desc = _('Invite to %s') % invite.assignPractice.practice_name
invite_list.append({
'id':
invite.id,
'recipient':
invite.recipient,
'timestamp':
formatTimeSetting(user, invite.requestTimestamp, local_tz,
use_time_setting),
'request_timestamp':
convertDatetimeToUTCTimestamp(invite.requestTimestamp),
'desc':
desc,
'code':
invite.code,
})
return HttpResponse(content=json.dumps(response),
mimetype='application/json')
def getPrintableSchedule(request, callgroup_id=None):
callgroup = None
if ('OfficeStaff' in request.session['MHL_Users']):
current_practice = request.session['MHL_Users']['OfficeStaff'].current_practice
if current_practice.uses_original_answering_serice():
if (not canAccessCallGroup(request.user, long(callgroup_id))):
return err403(request)
else:
callgroup = CallGroup.objects.get(pk=callgroup_id)
else:
if SessionHelper.CURRENT_CALLGROUP_ID in request.session.keys():
callgroup_id = request.session[SessionHelper.CURRENT_CALLGROUP_ID]
callgroup = CallGroup.objects.get(pk=callgroup_id)
if (not canAccessMultiCallGroup(request.user, long(callgroup_id), current_practice.id)):
return err403(request)
else:
return err403(request)
if not callgroup:
return err403(request)
return export_schedule_to_pdf(request, callgroup)
def getReferPDFLogic(request, refer_id, ss=None):
"""
get_refer_pdf
:param request: Request info
:type request: django.core.handlers.wsgi.WSGIRequest
:param refer_id: referall id
:type refer_id: uuid
:returns: django.http.HttpResponse -- the result in an HttpResonse object
"""
if (request.method != 'POST'):
return err_GE002()
form = MsgGetForm(request.POST)
if (not form.is_valid()):
return err_GE031(form)
refer = get_object_or_404(MessageRefer, uuid=refer_id)
message = refer.message
if ((message.sender and request.user.pk != message.sender.pk) and
not ((request.user.pk, ) in message.recipients.values_list('id') or
(request.user.pk, ) in message.ccs.values_list('id'))):
return err403(
request,
err_msg=_("You don't seem to be a valid recipient for this file."))
# special for mobile app api
# Get/set up data for KMS.
request.session['key'] = request.device_assn.secret
try:
clearkey = decrypt_cipherkey(request, refer, ss=ss)
except KeyInvalidException:
return err_GE021()
try:
response = refer.get_file(request, key=clearkey)
return response
except Exception as e:
err_email_body = '\n'.join([
('PDF file not exist!'),
''.join(['Server: ', settings.SERVER_ADDRESS]),
''.join(['Session: ',
str(request.session.session_key)]),
''.join(['Message: ', (u'PDF file not exist in media/refer/pdf')]),
''.join(['Exception: ', str(e)]),
''.join(['Exception data: ', str(e.args)]),
])
mail_admins(_('PDF folder not exist'), err_email_body)
raise Exception(
_('A seemingly invalid URL has been stored for Refer Pdf.'))
def download_attachment(request, message_id, attachment_id):
"""
Handles download attachment request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message id
:type message_id: int
:param attachment_id: Attachment id
:type attachment_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
:raises: Exception
"""
attachment = get_object_or_404(MessageAttachment,
message__uuid=message_id,
uuid=attachment_id)
if (request.user != attachment.message.sender
and not (request.user in attachment.message.recipients.all()
or request.user in attachment.message.ccs.all())):
return err403(
request,
err_msg=_("You don't seem to be a valid recipient for this file."))
url = attachment.decrypt_url(request)
if (url[0:4] == 'file'):
try:
content_type = attachment.content_type if attachment.content_type \
else "application/octet-stream"
response = HttpResponse(content_type=content_type)
attachment.get_file(request, response)
return response
except (IOError):
return err404(request)
elif (url[0:4] == 'http'):
# This is likely a fully qualified URL
if (not attachment.encrypted):
return HttpResponseRedirect(url)
else:
# Download and decrypt this attachment.
pass
else:
raise Exception(
_('A seemingly invalid URL has been stored: %(url)s, for '
'MessageAttachment %(attachment_id)s.') % {
'url': url,
'attachment_id': attachment_id
})
def practice_edit_holidays(request, holidayid):
if ('Office_Manager' in request.session['MHL_UserIDs']):
context = get_context(request)
else:
raise Exception(_('Only Office Managers can view Office profile'))
#we need office staff model - to get office information, but only office manager can change that info
office_staff = request.session['MHL_Users']['OfficeStaff']
if (not office_staff):
raise Exception(_('This user is NOT office staff'))
practiceLocationId = office_staff.current_practice.id
#a PracticeHolidays object with id=0 should never exist, it's used by
#the template create a new object
if (holidayid == '0'):
holiday = None
else:
try:
holiday = PracticeHolidays.objects.get(
id=holidayid, practice_location=practiceLocationId)
except ObjectDoesNotExist:
return err403(request)
if (request.method == 'POST'):
form = HolidaysForm(request.POST, instance=holiday)
if (form.is_valid()):
try:
PracticeHolidays.objects.get(
~Q(id=holidayid),
practice_location=practiceLocationId,
designated_day=form.cleaned_data['designated_day'])
form._errors['designated_day'] = [
_("a holiday already exists on that day")
]
except ObjectDoesNotExist:
newholiday = form.save(commit=False)
newholiday.practice_location = PracticeLocation.objects.get(
id=practiceLocationId)
newholiday.save()
return HttpResponseRedirect(
reverse(
'MHLogin.MHLPractices.views.practice_manage_holidays'))
else:
form = HolidaysForm(instance=holiday)
context['form'] = form
return render_to_response("Profile/practice_edit_holidays.html", context)
def org_remove(request):
org = request.org
mhluser = request.session['MHL_Users']['MHLUser']
can_remove_org = can_we_remove_this_org(org.id, mhluser.id)
if(can_remove_org):
request.org.delete_flag = True
request.org.practice_name = ' '.join([request.org.practice_name,
'Removed', str(int(time.time()))])
request.org.save()
# send notification to related users
thread.start_new_thread(notify_org_users_tab_chanaged,\
(request.org.id,), {"include_member_org": True})
return HttpResponse(json.dumps({'status': 'ok'}), mimetype='application/json')
else:
return err403(request, err_msg=_("You can't remove this organization."))
def resend_invite(request, invitation_id):
if (request.method != 'POST'):
return err_GE002()
user_type = int(request.user_type)
if USER_TYPE_OFFICE_STAFF == user_type:
return err403(request)
note = ''
if (request.method == 'POST'):
form = ResendInviteForm(request.POST)
if (not form.is_valid()):
return err_GE031(form)
if ('note' in form.cleaned_data):
note = form.cleaned_data['note']
try:
invite = Invitation.objects.get(pk=invitation_id, sender=request.user)
except Invitation.DoesNotExist:
raise Http404
if User.objects.filter(email=invite.recipient).exists():
return err_IN002()
invite.resend_invite(msg=note)
use_time_setting = False
if 'use_time_setting' in request.POST and request.POST[
'use_time_setting'] == 'true':
use_time_setting = True
user = request.user
local_tz = getCurrentTimeZoneForUser(user)
response = {
'data': {
'id':
invite.id,
'timestamp':
formatTimeSetting(user, invite.requestTimestamp, local_tz,
use_time_setting),
'request_timestamp':
convertDatetimeToUTCTimestamp(invite.requestTimestamp),
},
'warnings': {},
}
return HttpResponse(content=json.dumps(response),
mimetype='application/json')
def cancel_invite(request, invitation_id):
user_type = int(request.user_type)
if USER_TYPE_OFFICE_STAFF == user_type:
return err403(request)
try:
invite = Invitation.objects.get(pk=invitation_id, sender=request.user)
except Invitation.DoesNotExist:
raise Http404
invite.cancel_invitation()
response = {
'data': {},
'warnings': {},
}
return HttpResponse(content=json.dumps(response), mimetype='application/json')
def getReferPDFLogic(request, refer_id, ss=None):
"""
get_refer_pdf
:param request: Request info
:type request: django.core.handlers.wsgi.WSGIRequest
:param refer_id: referall id
:type refer_id: uuid
:returns: django.http.HttpResponse -- the result in an HttpResonse object
"""
if (request.method != 'POST'):
return err_GE002()
form = MsgGetForm(request.POST)
if (not form.is_valid()):
return err_GE031(form)
refer = get_object_or_404(MessageRefer, uuid=refer_id)
message = refer.message
if ((message.sender and request.user.pk != message.sender.pk) and
not ((request.user.pk,) in message.recipients.values_list('id') or
(request.user.pk,) in message.ccs.values_list('id'))):
return err403(request, err_msg=_("You don't seem to be a valid recipient for this file."))
# special for mobile app api
# Get/set up data for KMS.
request.session['key'] = request.device_assn.secret
try:
clearkey = decrypt_cipherkey(request, refer, ss=ss)
except KeyInvalidException:
return err_GE021()
try:
response = refer.get_file(request, key=clearkey)
return response
except Exception as e:
err_email_body = '\n'.join([
('PDF file not exist!'),
''.join(['Server: ', settings.SERVER_ADDRESS]),
''.join(['Session: ', str(request.session.session_key)]),
''.join(['Message: ', (u'PDF file not exist in media/refer/pdf')]),
''.join(['Exception: ', str(e)]),
''.join(['Exception data: ', str(e.args)]),
])
mail_admins(_('PDF folder not exist'), err_email_body)
raise Exception(_('A seemingly invalid URL has been stored for Refer Pdf.'))
def check_send_refer(request):
recipient_id = request.REQUEST.get("user_recipients", None)
sel_practice = request.REQUEST.get("sel_practice", None)
check_get_more = request.REQUEST.get("check_get_more", None)
if not recipient_id or not sel_practice:
return HttpResponseRedirect('/')
recipient_provider = None
try:
recipient_provider = Provider.objects.get(pk=recipient_id)
except:
return err403(request, err_msg=_("This recipient is not a Provider."))
ret_data = {
"goto_next_direct": True,
"message": ""
}
show_get_more_page = False
if check_get_more:
mhluser = request.session['MHL_Users']['MHLUser']
sender_id = mhluser.id
show_get_more_page = check_show_get_more_provider(sender_id,
recipient_id, recipient_provider)
if show_get_more_page:
return HttpResponse(json.dumps(ret_data), mimetype='application/json')
mgrs = list(Office_Manager.active_objects.filter(practice__pk=sel_practice))
if REFER_FORWARD_CHOICES_ONLY_MANAGER == recipient_provider.user.refer_forward \
and len(mgrs) > 0:
managers = []
for recipient in mgrs:
managers.append(" ".join([
recipient.user.user.first_name,
recipient.user.user.last_name
]))
receiver_role = "manager"
if len(mgrs) > 1:
receiver_role = "managers"
ret_data["goto_next_direct"] = False
ret_data["message"] = _("This referral will be sent to %(receiver_role)s:"
" %(managers)s.<br/><br/>Do you wish to proceed?") % \
({"receiver_role": receiver_role, "managers": ", ".join(managers)})
return HttpResponse(json.dumps(ret_data), mimetype='application/json')
def cancel_invite(request, invitation_id):
user_type = int(request.user_type)
if USER_TYPE_OFFICE_STAFF == user_type:
return err403(request)
try:
invite = Invitation.objects.get(pk=invitation_id, sender=request.user)
except Invitation.DoesNotExist:
raise Http404
invite.cancel_invitation()
response = {
'data': {},
'warnings': {},
}
return HttpResponse(content=json.dumps(response),
mimetype='application/json')
def getDicomJPG(request, message_id, attachment_id, index, secret=None):
"""
Handles download dicom jpg request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message uuid
:type message_id: uuid
:param attachment_id: Attachment uuid
:type attachment_id: uuid
:param index: index of dicom jpg
:type index: int
:param secret: secret for decrypting jpg(used for app).
:type secret: string
:returns: django.http.HttpResponse -- the result in an HttpResonse object
:raises: Exception
"""
attachment = get_object_or_404(MessageAttachment,
message__uuid=message_id,
uuid=attachment_id)
attachment_dicom = get_object_or_404(MessageAttachmentDicom,
attachment=attachment)
if int(index) >= attachment_dicom.jpg_count:
raise Http404
message = attachment.message
if ((message.sender and request.user.pk != message.sender.pk) and
not ((request.user.pk, ) in message.recipients.values_list('id') or
(request.user.pk, ) in message.ccs.values_list('id'))):
return err403(
request,
err_msg=_("You don't seem to be a valid recipient for this file."))
clearkey = None
if secret:
# request must has the right 'key' value in session
clearkey = decrypt_cipherkey(request, attachment_dicom, ss=secret)
index = int(index)
return attachment_dicom.get_dicom_jpg_to_response(request,
index,
key=clearkey)
def practice_edit_holidays(request, holidayid):
if ('Office_Manager' in request.session['MHL_UserIDs']):
context = get_context(request)
else:
raise Exception(_('Only Office Managers can view Office profile'))
#we need office staff model - to get office information, but only office manager can change that info
office_staff = request.session['MHL_Users']['OfficeStaff']
if (not office_staff):
raise Exception(_('This user is NOT office staff'))
practiceLocationId = office_staff.current_practice.id
#a PracticeHolidays object with id=0 should never exist, it's used by
#the template create a new object
if (holidayid == '0'):
holiday = None
else:
try:
holiday = PracticeHolidays.objects.get(id=holidayid,
practice_location=practiceLocationId)
except ObjectDoesNotExist:
return err403(request)
if(request.method == 'POST'):
form = HolidaysForm(request.POST, instance=holiday)
if (form.is_valid()):
try:
PracticeHolidays.objects.get(~Q(id=holidayid),
practice_location=practiceLocationId,
designated_day=form.cleaned_data['designated_day'])
form._errors['designated_day'] = [_("a holiday already exists on that day")]
except ObjectDoesNotExist:
newholiday = form.save(commit=False)
newholiday.practice_location = PracticeLocation.objects.get(id=practiceLocationId)
newholiday.save()
return HttpResponseRedirect(reverse('MHLogin.MHLPractices.views.practice_manage_holidays'))
else:
form = HolidaysForm(instance=holiday)
context['form'] = form
return render_to_response("Profile/practice_edit_holidays.html", context)
def check_send_refer(request):
recipient_id = request.REQUEST.get("user_recipients", None)
sel_practice = request.REQUEST.get("sel_practice", None)
check_get_more = request.REQUEST.get("check_get_more", None)
if not recipient_id or not sel_practice:
return HttpResponseRedirect('/')
recipient_provider = None
try:
recipient_provider = Provider.objects.get(pk=recipient_id)
except:
return err403(request, err_msg=_("This recipient is not a Provider."))
ret_data = {"goto_next_direct": True, "message": ""}
show_get_more_page = False
if check_get_more:
mhluser = request.session['MHL_Users']['MHLUser']
sender_id = mhluser.id
show_get_more_page = check_show_get_more_provider(
sender_id, recipient_id, recipient_provider)
if show_get_more_page:
return HttpResponse(json.dumps(ret_data),
mimetype='application/json')
mgrs = list(
Office_Manager.active_objects.filter(practice__pk=sel_practice))
if REFER_FORWARD_CHOICES_ONLY_MANAGER == recipient_provider.user.refer_forward \
and len(mgrs) > 0:
managers = []
for recipient in mgrs:
managers.append(" ".join([
recipient.user.user.first_name, recipient.user.user.last_name
]))
receiver_role = "manager"
if len(mgrs) > 1:
receiver_role = "managers"
ret_data["goto_next_direct"] = False
ret_data["message"] = _("This referral will be sent to %(receiver_role)s:"
" %(managers)s.<br/><br/>Do you wish to proceed?") % \
({"receiver_role": receiver_role, "managers": ", ".join(managers)})
return HttpResponse(json.dumps(ret_data), mimetype='application/json')
def getAttachmentLogic(request, message_id, attachment_id, ss=None):
if (request.method != 'POST'):
return err_GE002()
attachment = get_object_or_404(MessageAttachment,
message__uuid=message_id,
uuid=attachment_id)
message = attachment.message
if ((message.sender and request.user.pk != message.sender.pk) and
not ((request.user.pk, ) in message.recipients.values_list('id') or
(request.user.pk, ) in message.ccs.values_list('id'))):
return err403(
request,
err_msg="You don't seem to be a valid recipient for this file.")
# Get/set up data for KMS.
request.session['key'] = request.device_assn.secret
try:
clearkey = decrypt_cipherkey(request, attachment, ss=ss)
except KeyInvalidException:
return err_GE021()
url = attachment.decrypt_url(request, key=clearkey)
if (url[0:4] == 'file'):
response = HttpResponse(content_type=attachment.content_type)
attachment.get_file(request, response, key=clearkey)
return response
elif (url[0:4] == 'http'):
# This is likely a fully qualified URL
if (not attachment.encrypted):
return HttpResponseRedirect(url)
else:
# Download and decrypt this attachment.
pass
else:
raise Exception('A seemingly invalid URL has been stored: %s, for '
'MessageAttachment %s.' % (
url,
attachment_id,
))
def delFollowUp(request, followupID, count):
followup = get_object_or_404(FollowUps, id=followupID)
count = int(count)
if (followup.user != request.user):
return err403(request, err_msg=_("You don't seem to own this follow-up item."))
if (followup.deleted):
raise Http404
if (followup.user == request.user):
followup.deleted = True
followup.save()
context = get_context(request)
mhluser = request.session['MHL_Users']['MHLUser']
followup = get_followups(request.user, 0, count, mhluser, context['current_practice'])
context['followups'] = followup[0]
context['followup_count'] = followup[1]
return render_to_response('FollowUp/donefollowup.html', context)
def download_attachment(request, message_id, attachment_id):
"""
Handles download attachment request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message id
:type message_id: int
:param attachment_id: Attachment id
:type attachment_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
:raises: Exception
"""
attachment = get_object_or_404(MessageAttachment, message__uuid=message_id, uuid=attachment_id)
if (request.user != attachment.message.sender and not
(request.user in attachment.message.recipients.all() or
request.user in attachment.message.ccs.all())):
return err403(request, err_msg=_("You don't seem to be a valid recipient for this file."))
url = attachment.decrypt_url(request)
if (url[0:4] == 'file'):
try:
content_type = attachment.content_type if attachment.content_type \
else "application/octet-stream"
response = HttpResponse(content_type=content_type)
attachment.get_file(request, response)
return response
except(IOError):
return err404(request)
elif (url[0:4] == 'http'):
# This is likely a fully qualified URL
if (not attachment.encrypted):
return HttpResponseRedirect(url)
else:
# Download and decrypt this attachment.
pass
else:
raise Exception(_('A seemingly invalid URL has been stored: %(url)s, for '
'MessageAttachment %(attachment_id)s.') % {'url': url, 'attachment_id': attachment_id})
def resend_invite(request, invitation_id):
if (request.method != 'POST'):
return err_GE002()
user_type = int(request.user_type)
if USER_TYPE_OFFICE_STAFF == user_type:
return err403(request)
note = ''
if (request.method == 'POST'):
form = ResendInviteForm(request.POST)
if (not form.is_valid()):
return err_GE031(form)
if ('note' in form.cleaned_data):
note = form.cleaned_data['note']
try:
invite = Invitation.objects.get(pk=invitation_id, sender=request.user)
except Invitation.DoesNotExist:
raise Http404
if User.objects.filter(email=invite.recipient).exists():
return err_IN002()
invite.resend_invite(msg=note)
use_time_setting = False
if 'use_time_setting' in request.POST and request.POST['use_time_setting'] == 'true':
use_time_setting = True
user = request.user
local_tz = getCurrentTimeZoneForUser(user)
response = {
'data': {
'id': invite.id,
'timestamp': formatTimeSetting(user, invite.requestTimestamp, local_tz, use_time_setting),
'request_timestamp': convertDatetimeToUTCTimestamp(invite.requestTimestamp),
},
'warnings': {},
}
return HttpResponse(content=json.dumps(response), mimetype='application/json')
def editFollowUp(request, followupID):
followup = get_object_or_404(FollowUps, id=followupID)
if (followup.user != request.user):
return err403(request,
err_msg=_("You don't seem to own this follow-up item."))
if (followup.deleted):
raise Http404
# Get the context *after* the ownership check. After all, why do all that
# work if we're just going to return HTTP403?
context = get_context(request)
user = request.session['MHL_Users']['MHLUser']
practice = context['current_practice']
if followup:
followup.due_date = convert_dt_to_utz(followup.due_date, user,
practice)
if (request.method == "POST"):
editfollowup_form = FollowUpForm(request.POST, instance=followup)
if (editfollowup_form.is_valid()):
followup_obj = editfollowup_form.save(commit=False)
if (followup_obj.done and not followup_obj.completion_date):
followup_obj.completion_date = datetime.datetime.today()
elif (not followup_obj.done):
followup_obj.completion_date = None
followup_obj.due_date = convert_dt_to_stz(followup_obj.due_date,
user, practice)
followup_obj.save()
return HttpResponseRedirect(
reverse('MHLogin.MHLogin_Main.views.main'))
else: # if not (editfollowup_form.is_valid()):
context['form_id'] = followupID
context['editfollowup_form'] = editfollowup_form
else: # if (request.method != "POST"):
context['form_id'] = followupID
context['editfollowup_form'] = FollowUpForm(instance=followup)
return render_to_response('FollowUp/editfollowup.html', context)
def proceed_save_refer(request):
context = get_context(request)
if not REFER_CACHE_SESSION_KEY in request.session\
or not request.session[REFER_CACHE_SESSION_KEY]:
context['user_recipients'] = request.REQUEST.get("user_recipients", None)
# context['message'] = MESSAGE_REPEAT_COMMIT
return render_to_response('DoctorCom/Messaging/refer_success.html', context)
refer_data = request.session[REFER_CACHE_SESSION_KEY]
file_list = None
if "file_list" in refer_data and refer_data["file_list"]:
file_list = refer_data["file_list"]
recipient_id = refer_data["user_recipients"]
recipient_provider = None
try:
recipient_provider = Provider.objects.get(pk=recipient_id)
except:
return err403(request, err_msg=_("This recipient is not a Provider."))
return save_refer(request, refer_data, recipient_provider, context, file_list=file_list)
def addFollowUpAjax(request):
context = get_context(request)
count = int(request.POST['count'])
if (request.method == "POST"):
form = AddFollowUpForm(request.POST)
task = request.POST['task']
if len(task.strip()) == 0:
return err403(request, err_msg=_("The task is invalid."))
if (form.is_valid()):
#raise Exception('foo')
f_obj = form.save(commit=False)
f_obj.user = request.user
user = request.session['MHL_Users']['MHLUser']
practice = context['current_practice']
f_obj.due_date = convert_dt_to_stz(f_obj.due_date, user, practice)
f_obj.save()
else:
field_errors = dict()
for name in form._errors:
field_errors[name] = [
unicode(err) for err in form._errors[name]
]
non_field_errors = [
unicode(err) for err in form.non_field_errors()
]
return_obj = dict()
return_obj['error_type'] = 'form_validation'
return_obj['non_field_errors'] = non_field_errors
return_obj['field_errors'] = field_errors
return HttpResponse(json.dumps(return_obj),
mimetype="application/json",
status=400)
mhluser = request.session['MHL_Users']['MHLUser']
followup = get_followups(request.user, 0, count, mhluser,
context['current_practice'])
context['followups'] = followup[0]
context['followup_count'] = followup[1]
return render_to_response('FollowUp/donefollowup.html', context)
def sendCode(request):
if (request.method != 'POST'):
return err_GE002()
form = SendCodeForm(request.POST)
if (not form.is_valid()):
return err_GE031(form)
# uniqueness check for mobile phone
type = form.cleaned_data["type"]
recipient = form.cleaned_data["recipient"]
if "2" == type and has_mhluser_with_mobile_phone(recipient,
request.user.id):
return err_AM020()
request.session['key'] = request.device_assn.secret
ret_json = sendCodeLogic(form, request.user, request)
if "error_code" in ret_json:
if ret_json["error_code"] == 403:
return errlib.err403(request)
elif ret_json["error_code"] == 404:
err_obj = {
'errno':
'VA001',
'descr':
_('The number is invalid, we can\'t send code to you. '
'Please input a valid mobile phone number.'),
}
return HttpResponseBadRequest(content=json.dumps(err_obj),
mimetype='application/json')
ret_json[
"settings_send_code_waiting_time"] = settings.SEND_CODE_WAITING_TIME
ret_json["settings_validate_lock_time"] = settings.VALIDATE_LOCK_TIME
response = {
'data': ret_json,
'warnings': {},
}
return HttpResponse(content=json.dumps(response),
mimetype='application/json')
def f(request, *args, **kwargs): if 'org_id' in request.REQUEST and \ request.REQUEST['org_id']: org_id = int(request.REQUEST['org_id']) request.session['SELECTED_ORG_ID'] = org_id elif 'SELECTED_ORG_ID' in request.session and \ request.session['SELECTED_ORG_ID']: org_id = request.session['SELECTED_ORG_ID'] try: request.org = PracticeLocation.objects.get(pk=org_id) except: return err404(request) ret_data = can_user_manage_this_org(org_id, request.user.id) if not ret_data["can_manage_org"]: return err403(request) request.org_setting = request.org.get_setting() request.org_mgr = ret_data["Office_Manager"] request.org_admin = ret_data["Administrator"] return func(request, *args, **kwargs)
def list_invites(request):
# if (request.method != 'POST'):
# return err_GE002()
user_type = int(request.user_type)
if USER_TYPE_OFFICE_STAFF == user_type:
return err403(request)
invites = Invitation.objects.filter(sender=request.user).order_by('requestTimestamp')
response = {
'data': {'invitations':[]},
'warnings': {},
}
invite_list = response['data']['invitations']
use_time_setting = False
if 'use_time_setting' in request.POST and request.POST['use_time_setting'] == 'true':
use_time_setting = True
user = request.user
local_tz = getCurrentTimeZoneForUser(user)
for invite in invites:
desc = ''
if not invite.assignPractice:
desc = _('Invite to DoctorCom')
else:
desc = _('Invite to %s') % invite.assignPractice.practice_name
invite_list.append({
'id': invite.id,
'recipient': invite.recipient,
'timestamp': formatTimeSetting(user, invite.requestTimestamp, local_tz, use_time_setting),
'request_timestamp': convertDatetimeToUTCTimestamp(invite.requestTimestamp),
'desc' : desc,
'code': invite.code,
})
return HttpResponse(content=json.dumps(response), mimetype='application/json')
def f(request, *args, **kwargs):
if 'org_id' in request.REQUEST and \
request.REQUEST['org_id']:
org_id = int(request.REQUEST['org_id'])
request.session['SELECTED_ORG_ID'] = org_id
elif 'SELECTED_ORG_ID' in request.session and \
request.session['SELECTED_ORG_ID']:
org_id = request.session['SELECTED_ORG_ID']
try:
request.org = PracticeLocation.objects.get(pk=org_id)
except:
return err404(request)
ret_data = can_user_manage_this_org(org_id, request.user.id)
if not ret_data["can_manage_org"]:
return err403(request)
request.org_setting = request.org.get_setting()
request.org_mgr = ret_data["Office_Manager"]
request.org_admin = ret_data["Administrator"]
return func(request, *args, **kwargs)
def delFollowUp(request, followupID, count):
followup = get_object_or_404(FollowUps, id=followupID)
count = int(count)
if (followup.user != request.user):
return err403(request,
err_msg=_("You don't seem to own this follow-up item."))
if (followup.deleted):
raise Http404
if (followup.user == request.user):
followup.deleted = True
followup.save()
context = get_context(request)
mhluser = request.session['MHL_Users']['MHLUser']
followup = get_followups(request.user, 0, count, mhluser,
context['current_practice'])
context['followups'] = followup[0]
context['followup_count'] = followup[1]
return render_to_response('FollowUp/donefollowup.html', context)
def check_attachment(request, message_id, attachment_id):
"""
Handles check attachment request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message id
:type message_id: int
:param attachment_id: Attachment id
:type attachment_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
"""
attachment = get_object_or_404(MessageAttachment, message__uuid=message_id, uuid=attachment_id)
if (request.user != attachment.message.sender and not
(request.user in attachment.message.recipients.all() or
request.user in attachment.message.ccs.all())):
return err403(request, err_msg=_("You don't seem to be a valid recipient for this file."))
if os.path.exists('%s/attachments/%s' % (settings.MEDIA_ROOT, attachment.uuid,)):
return HttpResponse("success")
else:
return err404(request)
def editFollowUp(request, followupID):
followup = get_object_or_404(FollowUps, id=followupID)
if (followup.user != request.user):
return err403(request, err_msg=_("You don't seem to own this follow-up item."))
if (followup.deleted):
raise Http404
# Get the context *after* the ownership check. After all, why do all that
# work if we're just going to return HTTP403?
context = get_context(request)
user = request.session['MHL_Users']['MHLUser']
practice = context['current_practice']
if followup:
followup.due_date = convert_dt_to_utz(followup.due_date, user, practice)
if (request.method == "POST"):
editfollowup_form = FollowUpForm(request.POST, instance=followup)
if (editfollowup_form.is_valid()):
followup_obj = editfollowup_form.save(commit=False)
if (followup_obj.done and not followup_obj.completion_date):
followup_obj.completion_date = datetime.datetime.today()
elif (not followup_obj.done):
followup_obj.completion_date = None
followup_obj.due_date =convert_dt_to_stz(followup_obj.due_date, user, practice)
followup_obj.save()
return HttpResponseRedirect(reverse('MHLogin.MHLogin_Main.views.main'))
else: # if not (editfollowup_form.is_valid()):
context['form_id'] = followupID
context['editfollowup_form'] = editfollowup_form
else: # if (request.method != "POST"):
context['form_id'] = followupID
context['editfollowup_form'] = FollowUpForm(instance=followup)
return render_to_response('FollowUp/editfollowup.html', context)
def information_sub_holiday_add(request, holiday_id):
context = get_context_for_organization(request)
practiceLocationId = request.org.id
#a PracticeHolidays object with id=0 should never exist, it's used by
#the template create a new object
if (holiday_id == '0'):
holiday = None
else:
try:
holiday = PracticeHolidays.objects.get(id=holiday_id,
practice_location=practiceLocationId)
except ObjectDoesNotExist:
return err403(request)
if(request.method == 'POST'):
form = HolidaysForm(request.POST, instance=holiday)
if (form.is_valid()):
try:
PracticeHolidays.objects.get(~Q(id=holiday_id),
practice_location=practiceLocationId,
designated_day=form.cleaned_data['designated_day'])
form._errors['designated_day'] = [_("a holiday already exists on that day")]
except ObjectDoesNotExist:
newholiday = form.save(commit=False)
newholiday.practice_location = PracticeLocation.objects.get(id=practiceLocationId)
newholiday.save()
return HttpResponseRedirect(reverse(
'MHLogin.MHLOrganization.views.information_sub_holiday_view'))
else:
form = HolidaysForm(instance=holiday)
context['holiday_id'] = holiday_id
context['form'] = form
return render_to_response('MHLOrganization/InformationSub/information_sub_holiday_add.html',
context)
def doneFollowUp(request, followupID, offset, count):
"""
This function will toggle the state of the task as being done or not.
It is used by an AJAX jQuery load method which updates the table that displays
the follow up tasks.
"""
followup = get_object_or_404(FollowUps, id=followupID)
offset = int(offset)
count = int(count)
if (followup.user != request.user):
return err403(request,
err_msg="You don't seem to own this follow-up item.")
if (followup.deleted):
raise Http404
if (followup.user == request.user):
if (not followup.done and not followup.completion_date):
followup.done = True
followup.completion_date = datetime.datetime.today()
elif (not followup.done and followup.completion_date):
followup.done = True
followup.completion_date = datetime.datetime.today()
elif (followup.done):
followup.done = False
followup.completion_date = None
followup.save()
context = get_context(request)
mhluser = request.session['MHL_Users']['MHLUser']
followup = get_followups(request.user, offset, count, mhluser,
context['current_practice'])
context['followups'] = followup[0]
context['followup_count'] = followup[1]
return render_to_response('FollowUp/donefollowup.html', context)
def undoOrRedo(request, practice_id, callgroup_id, srcStackName, targetStackName):
callgroup_id = checkMultiCallGroupId(practice_id, callgroup_id)
if (not canAccessMultiCallGroup(request.user, long(callgroup_id), practice_id)):
return err403(request)
user = request.user
if request.method == 'POST':
operateList = SessionHelper.popSessionStack(request, srcStackName)
if (operateList is not None and len(operateList) > 0):
operateList_n = []
operateList_r = []
for operateItem in operateList:
type = operateItem["type"]
data = operateItem["data"]
view = operateItem["view"]
pk = operateItem["pk"]
eventObj = serializers.deserialize("json", data).next()
if ("0" == type):
# set defaults
eventObj.object.callGroup_id = int(callgroup_id)
eventObj.object.notifyState = 2
eventObj.object.whoCanModify = 1
eventObj.object.eventStatus = 1
if validateNewEvent(eventObj):
# we are ok to save this new object
eventObj.object.creator = user
eventObj.object.creationdate = datetime.datetime.now()
eventObj.object.lastupdate = datetime.datetime.now()
eventObj.object.title = 'scheduled_event'
eventObj.save()
newOperate = {
'type': "2",
'view': view,
"pk": eventObj.object.pk,
'data': serializers.serialize("json", [eventObj.object],
fields=('oncallPerson', 'eventType', 'startDate',
'endDate', 'checkString'))}
SessionHelper.checkSessionStack(request,
SessionHelper.SCHEDULE_UNDOSTACK_NAME, pk, eventObj.object.pk)
SessionHelper.checkSessionStack(request,
SessionHelper.SCHEDULE_REDOSTACK_NAME, pk, eventObj.object.pk)
operateList_n.append(newOperate)
operateList_r.append(newOperate)
elif ("1" == type or "2" == type):
# check checkString and fill in creationdate and lastupdate date
oldEvent = EventEntry.objects.get(id=eventObj.object.pk)
if (oldEvent.checkString == eventObj.object.checkString):
newType = ("1" == type and "1" or "0")
eventObj.object.callGroup_id = int(callgroup_id)
# necessary for easier access in the admin
eventObj.object.title = 'scheduled_event-%i' % (eventObj.object.pk,)
eventObj.object.notifyState = 2
eventObj.object.whoCanModify = 1
eventObj.object.creator = user
eventObj.object.creationdate = oldEvent.creationdate
eventObj.object.lastupdate = datetime.datetime.now()
eventObj.object.eventStatus = newType
eventObj.save()
operateList_n.append({
'type': newType,
'view': view,
"pk": eventObj.object.pk,
'data': serializers.serialize("json", [oldEvent],
fields=('oncallPerson', 'eventType',
'startDate', 'endDate', 'checkString'))})
operateList_r.append({
'type': newType,
'view': view,
'pk': pk,
'data': serializers.serialize("json", [eventObj.object],
fields=('oncallPerson', 'eventType',
'startDate', 'endDate', 'checkString'))})
request.session[SessionHelper.SCHEDULE_LASTVIEW] = view
SessionHelper.pushSessionStack(request, targetStackName, operateList_n)
response = {'operateList': operateList_r, 'error': '', 'undoSize':
SessionHelper.getSessionStackSize(request, SessionHelper.SCHEDULE_UNDOSTACK_NAME),
'redoSize': SessionHelper.getSessionStackSize(
request, SessionHelper.SCHEDULE_REDOSTACK_NAME)}
else:
response = {'operateList': [], 'error': '', 'count': 0,
'undoSize': SessionHelper.getSessionStackSize(
request, SessionHelper.SCHEDULE_UNDOSTACK_NAME),
'redoSize': SessionHelper.getSessionStackSize(
request, SessionHelper.SCHEDULE_REDOSTACK_NAME)}
return HttpResponse(content=json.dumps(response), mimetype='application/json')
def bulkUpdateEvents(request, practice_id, callgroup_id=None):
"""
bulk update eventEntry returns result of eventEntries updated and any
errors/warnings if there is a mismatch with checkString
"""
callgroup_id = checkMultiCallGroupId(practice_id, callgroup_id)
if (not canAccessMultiCallGroup(request.user, long(callgroup_id), practice_id)):
return err403(request)
user = request.user
if request.method == 'POST':
# form = BulkEventForm(request.POST) # never used.
errorlist = []
savelist = []
operateList = []
count = 0
data = request.POST['data']
view = request.POST['view']
if checkSchedulerView(view):
logger.debug('data from request is %s' % (data))
for eventObj in serializers.deserialize("json", data):
count = count + 1
eventObj.object.callGroup_id = int(callgroup_id)
# necessary for easier access in the admin
eventObj.object.title = 'scheduled_event-%i' % (eventObj.object.pk,)
eventObj.object.notifyState = 2
eventObj.object.whoCanModify = 1
# we check for pk presence first
if (eventObj.object.pk == None):
errorlist.append("0, error updating object - no key present %s %s" %
(eventObj.object.checkString, eventObj))
elif checkDSEventConsistency(eventObj):
# check checkString and fill in creationdate and lastupdate date
oldEvent = EventEntry.objects.get(id=eventObj.object.pk)
if (oldEvent.checkString == eventObj.object.checkString):
# we are ok
eventObj.object.creator = user
eventObj.object.creationdate = oldEvent.creationdate
eventObj.object.lastupdate = datetime.datetime.now()
try:
# validate the updated EventEntry
eventObj.object.clean_fields()
eventObj.save()
operateList.append({
'type': eventObj.object.eventStatus,
"view": view,
"pk": eventObj.object.pk,
'data': serializers.serialize("json", [oldEvent],
fields=('oncallPerson', 'eventType', 'startDate',
'endDate', 'checkString'))})
savelist.append('%s, %s' % (eventObj.object.id,
eventObj.object.checkString))
except ValidationError:
errorlist.append("%d, update failed - validate error %s obj %s" %
(eventObj.object.pk, eventObj.object.checkString, eventObj))
else:
errorlist.append("%d, update failed - invalid checkString %s obj %s" %
(eventObj.object.pk, eventObj.object.checkString, eventObj))
else:
errorlist.append("%d, error updating object %s obj %s" %
(eventObj.object.pk, eventObj.object.checkString, eventObj))
else:
errorlist.append("invalid view")
SessionHelper.pushSessionStack(request, SessionHelper.SCHEDULE_UNDOSTACK_NAME, operateList)
SessionHelper.clearSessionStack(request, SessionHelper.SCHEDULE_REDOSTACK_NAME)
response = {'data': savelist, 'error': errorlist, 'count': count,
'undoSize': SessionHelper.getSessionStackSize(request, SessionHelper.SCHEDULE_UNDOSTACK_NAME),
'redoSize': SessionHelper.getSessionStackSize(request, SessionHelper.SCHEDULE_REDOSTACK_NAME)}
logger.debug('returned result %s' % (response))
return HttpResponse(content=json.dumps(response), mimetype='application/json')
else:
form = BulkEventForm()
return render_to_response("bulkOperation.html", {'form': form, })
