def put(self, request, pk): """ Assigns a gov user to be the case officer for a case """ case = get_case(pk) gov_user_pk = request.data.get("gov_user_pk") if not gov_user_pk: return JsonResponse( data={"errors": { "user": [Cases.CaseOfficerPage.NONE] }}, status=status.HTTP_400_BAD_REQUEST) data = {"case_officer": gov_user_pk} serializer = CaseOfficerUpdateSerializer(instance=case, data=data) if serializer.is_valid(raise_exception=True): user = get_user_by_pk(gov_user_pk) serializer.save() audit_trail_service.create( actor=request.user, verb=AuditType.ADD_CASE_OFFICER_TO_CASE, target=case, payload={ "case_officer": user.email if not user.first_name else f"{user.first_name} {user.last_name}" }, ) return JsonResponse(data={}, status=status.HTTP_200_OK)
def to_representation(self, instance): instance = get_user_by_pk(instance.id) if isinstance(instance, ExporterUser): return ExporterUserViewSerializer(instance=instance).data else: return GovUserViewSerializer(instance=instance).data
def get(self, request, pk): """ Get user from pk """ gov_user = get_user_by_pk(pk) serializer = GovUserViewSerializer(gov_user) return JsonResponse(data={"user": serializer.data})
def put(self, request, pk): """ Edit user from pk """ gov_user = get_user_by_pk(pk) data = request.data # Cannot perform actions on another super user without super user role if ( gov_user.role_id == Roles.INTERNAL_SUPER_USER_ROLE_ID or data.get("roles") == Roles.INTERNAL_SUPER_USER_ROLE_ID ) and not request.user.govuser.role_id == Roles.INTERNAL_SUPER_USER_ROLE_ID: raise PermissionDenied() if "status" in data.keys(): if gov_user.pk == request.user.pk: return JsonResponse( data={"errors": "A user cannot change their own status"}, status=status.HTTP_400_BAD_REQUEST, ) elif gov_user.role_id == Roles.INTERNAL_SUPER_USER_ROLE_ID and data[ "status"] == "Deactivated": raise PermissionDenied() # Cannot deactivate a super user if "role" in data.keys(): if gov_user.pk == request.user.pk and request.user.govuser.role_id == Roles.INTERNAL_SUPER_USER_ROLE_ID: return JsonResponse( data={ "errors": "A user cannot remove super user from themselves" }, status=status.HTTP_400_BAD_REQUEST, ) serializer = GovUserCreateOrUpdateSerializer(gov_user, data=data, partial=True, is_creating=False) if serializer.is_valid(): serializer.save() # Remove user from assigned cases if gov_user.status == GovUserStatuses.DEACTIVATED: gov_user.unassign_from_cases() return JsonResponse(data={"gov_user": serializer.data}, status=status.HTTP_200_OK) return JsonResponse(data={"errors": serializer.errors}, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk): """ Get user from pk """ user = get_user_by_pk(pk) organisation = get_request_user_organisation(request) if request.user.pk != pk: assert_user_has_permission(request.user.exporteruser, ExporterPermissions.ADMINISTER_USERS, organisation) relationship = get_user_organisation_relationship(user, organisation) serializer = ExporterUserViewSerializer(user, context=relationship) return JsonResponse(data={"user": serializer.data})
def put(self, request, pk): """ Update Exporter user """ user = get_user_by_pk(pk) data = request.data data["organisation"] = get_request_user_organisation_id(request) serializer = ExporterUserCreateUpdateSerializer(user, data=data, partial=True) if serializer.is_valid(): serializer.save() return JsonResponse(data={"user": serializer.data}, status=status.HTTP_200_OK) return JsonResponse(data={"errors": serializer.errors}, status=400)
def put(self, request, pk): """ Assign users to cases on that queue """ queue = get_queue(pk) data = request.data for assignment in data.get("case_assignments"): case = get_case(assignment["case_id"]) users = [get_user_by_pk(i) for i in assignment["users"]] if str_to_bool(data.get("remove_existing_assignments")): CaseAssignment.objects.filter(case=case, queue=queue).delete() # Create a new case assignment object between that case and those users for user in users: try: CaseAssignment.objects.get(case=case, queue=queue, user=user) except CaseAssignment.DoesNotExist: case_assignment = CaseAssignment(case=case, queue=queue, user=user) case_assignment.save(audit_user=request.user, user=user, audit_note=data.get("note")) # Add to queue case.queues.add(queue)
def put(self, request, org_pk, user_pk): """ Update the status of a user """ if hasattr(request.user, "exporteruser"): assert_user_has_permission(request.user.exporteruser, ExporterPermissions.ADMINISTER_USERS, org_pk) data = JSONParser().parse(request) user = get_user_by_pk(user_pk) org = get_organisation_by_pk(org_pk) # Set the user's status in that org user_relationship = org.get_user_relationship(user) user.status = user_relationship.status # Cannot perform actions on another super user without super user role if (data.get("role") == Roles.EXPORTER_SUPER_USER_ROLE_ID or user.get_role(org_pk).id == Roles.EXPORTER_SUPER_USER_ROLE_ID ) and not request.user.exporteruser.get_role( org_pk).id == Roles.EXPORTER_SUPER_USER_ROLE_ID: raise PermissionDenied() # Don't allow a user to update their own status or that of a super user if "status" in data.keys(): if user.pk == request.user.pk: return JsonResponse( data={"errors": "A user cannot change their own status"}, status=status.HTTP_400_BAD_REQUEST) elif user.get_role( org_pk).id == Roles.EXPORTER_SUPER_USER_ROLE_ID and data[ "status"] == "Deactivated": raise PermissionDenied() # Cannot remove super user from yourself if "role" in data.keys(): if user.pk == request.user.pk: return JsonResponse( data={ "errors": strings.Users. ORGANISATIONS_VIEWS_USER_CANNOT_CHANGE_OWN_ROLE }, status=status.HTTP_400_BAD_REQUEST, ) elif user.pk == request.user.pk and request.user.get_role( org_pk).id == Roles.EXPORTER_SUPER_USER_ROLE_ID: return JsonResponse( data={ "errors": "A user cannot remove super user from themselves" }, status=status.HTTP_400_BAD_REQUEST, ) # Cannot assign a role, you do not have access to exporter_roles = [ str(role) for role in Roles.EXPORTER_PRESET_ROLES ] user_roles = [ str(role.id) for role in filter_roles_by_user_role( request.user, Role.objects.filter( organisation=org_pk), org_pk) ] if data["role"] not in exporter_roles + user_roles: raise PermissionDenied() serializer = UserOrganisationRelationshipSerializer( instance=user_relationship, data=data, partial=True) if serializer.is_valid(): serializer.save() return JsonResponse(data={"user_relationship": serializer.data}) return JsonResponse(data={"errors": serializer.errors})