def put(self, request, pk, format=None): params = request.query_params if len( request.data) == 0 else request.data obj = self.get_object(pk) if (request.user.role == "ADMIN" or request.user.is_superuser or request.user == obj.commented_by): serializer = CommentSerializer(obj, data=params) if params.get("comment"): if serializer.is_valid(): serializer.save() return Response( { "error": False, "message": "Comment Submitted" }, status=status.HTTP_200_OK, ) return Response( { "error": True, "errors": serializer.errors }, status=status.HTTP_400_BAD_REQUEST, ) else: return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, )
def post(self, request, pk, **kwargs): params = ( self.request.query_params if len(self.request.data) == 0 else self.request.data ) context = {} self.lead_obj = Lead.objects.get(pk=pk) if self.lead_obj.org != request.org: return Response( {"error": True, "errors": "User company doesnot match with header...."}, status=status.HTTP_403_FORBIDDEN ) if self.request.profile.role != "ADMIN" and not self.request.user.is_superuser: if not ( (self.request.profile == self.lead_obj.created_by) or (self.request.profile in self.lead_obj.assigned_to.all()) ): return Response( { "error": True, "errors": "You do not have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) comment_serializer = CommentSerializer(data=params) if comment_serializer.is_valid(): if params.get("comment"): comment_serializer.save( lead_id=self.lead_obj.id, commented_by_id=self.request.profile.id, ) if self.request.FILES.get("lead_attachment"): attachment = Attachments() attachment.created_by = self.request.profile attachment.file_name = self.request.FILES.get( "lead_attachment").name attachment.lead = self.lead_obj attachment.attachment = self.request.FILES.get( "lead_attachment") attachment.save() comments = Comment.objects.filter( lead__id=self.lead_obj.id).order_by("-id") attachments = Attachments.objects.filter(lead__id=self.lead_obj.id).order_by( "-id" ) context.update( { "lead_obj": LeadSerializer(self.lead_obj).data, "attachments": AttachmentsSerializer(attachments, many=True).data, "comments": LeadCommentSerializer(comments, many=True).data, } ) return Response(context)
class EventSerializer(serializers.ModelSerializer): created_by = ProfileSerializer() assigned_to = ProfileSerializer(read_only=True, many=True) contacts = ContactSerializer(read_only=True, many=True) teams = TeamsSerializer(read_only=True, many=True) event_attachment = AttachmentsSerializer(read_only=True, many=True) event_comments = CommentSerializer(read_only=True, many=True) org = OrganizationSerializer() class Meta: model = Event fields = ( "id", "name", "event_type", "status", "is_active", "disabled", "start_date", "start_time", "end_date", "end_time", "description", "date_of_meeting", "created_by", "created_on", "contacts", "teams", "assigned_to", "event_attachment", "event_comments", "org" )
class TaskSerializer(serializers.ModelSerializer): created_by = ProfileSerializer() assigned_to = ProfileSerializer(read_only=True, many=True) contacts = ContactSerializer(read_only=True, many=True) teams = TeamsSerializer(read_only=True, many=True) task_attachment = AttachmentsSerializer(read_only=True, many=True) task_comments = CommentSerializer(read_only=True, many=True) class Meta: model = Task fields = ( "id", "title", "status", "priority", "due_date", "account", "created_by", "created_on", "contacts", "teams", "assigned_to", "task_attachment", "task_comments", )
def get_context_data(self, **kwargs): context = {} contact_obj = get_object_or_404(Contact, pk=kwargs['pk']) context["contact_obj"] = ContactSerializer(contact_obj).data user_assgn_list = [ assigned_to.id for assigned_to in contact_obj.assigned_to.all() ] user_assigned_accounts = set( self.request.user.account_assigned_users.values_list("id", flat=True)) contact_accounts = set( contact_obj.account_contacts.values_list("id", flat=True)) if user_assigned_accounts.intersection(contact_accounts): user_assgn_list.append(self.request.user.id) if self.request.user == contact_obj.created_by: user_assgn_list.append(self.request.user.id) if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if self.request.user.id not in user_assgn_list: raise PermissionDenied assigned_data = [] for each in contact_obj.assigned_to.all(): assigned_dict = {} assigned_dict["id"] = each.id assigned_dict["name"] = each.email assigned_data.append(assigned_dict) if self.request.user.is_superuser or self.request.user.role == "ADMIN": users_mention = list( User.objects.filter( is_active=True, company=self.request.company).values("username")) elif self.request.user != contact_obj.created_by: users_mention = [{"username": contact_obj.created_by.username}] else: users_mention = list( contact_obj.assigned_to.all().values("username")) context.update({ "comments": CommentSerializer(contact_obj.contact_comments.all(), many=True).data, "attachments": AttachmentsSerializer(contact_obj.contact_attachment.all(), many=True).data, "assigned_data": assigned_data, "tasks": TaskSerializer(contact_obj.contacts_tasks.all(), many=True).data, "users_mention": users_mention, }) return context
def post(self, request, pk, **kwargs): params = (self.request.query_params if len(self.request.data) == 0 else self.request.data) context = {} self.opportunity_obj = Opportunity.objects.get(pk=pk) if self.opportunity_obj.company != request.company: return Response({ "error": True, "errors": "User company doesnot match with header...." }) comment_serializer = CommentSerializer(data=params) if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if not ( (self.request.user == self.opportunity_obj.created_by) or (self.request.user in self.opportunity_obj.assigned_to.all())): return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_401_UNAUTHORIZED, ) if comment_serializer.is_valid(): if params.get("comment"): comment_serializer.save( opportunity_id=self.opportunity_obj.id, commented_by_id=self.request.user.id, ) if self.request.FILES.get("opportunity_attachment"): attachment = Attachments() attachment.created_by = self.request.user attachment.file_name = self.request.FILES.get( "opportunity_attachment").name attachment.opportunity = self.opportunity_obj attachment.attachment = self.request.FILES.get( "opportunity_attachment") attachment.save() comments = Comment.objects.filter( opportunity=self.opportunity_obj).order_by("-id") attachments = Attachments.objects.filter( opportunity=self.opportunity_obj).order_by("-id") context.update({ "opportunity_obj": OpportunitySerializer(self.opportunity_obj).data, "attachments": AttachmentsSerializer(attachments, many=True).data, "comments": CommentSerializer(comments, many=True).data, }) return Response(context)
def post(self, request, pk, **kwargs): params = (self.request.query_params if len(self.request.data) == 0 else self.request.data) context = {} self.cases_obj = Case.objects.get(pk=pk) comment_serializer = CommentSerializer(data=params) if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if not ((self.request.user == self.cases_obj.created_by) or (self.request.user in self.cases_obj.assigned_to.all())): return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) if comment_serializer.is_valid(): if params.get("comment"): comment_serializer.save( case_id=self.cases_obj.id, commented_by_id=self.request.user.id, ) if self.request.FILES.get("case_attachment"): attachment = Attachments() attachment.created_by = self.request.user attachment.file_name = self.request.FILES.get( "case_attachment").name attachment.case = self.cases_obj attachment.attachment = self.request.FILES.get("case_attachment") attachment.save() attachments = Attachments.objects.filter( case=self.cases_obj).order_by("-id") comments = Comment.objects.filter(case=self.cases_obj).order_by("-id") context.update({ "cases_obj": CaseSerializer(self.cases_obj).data, "attachments": AttachmentsSerializer(attachments, many=True).data, "comments": CommentSerializer(comments, many=True).data, }) return Response(context)
def get(self, request, pk, format=None): self.account = self.get_object(pk=pk) if self.account.org != request.org: return Response( { "error": True, "errors": "User company doesnot match with header...." }, status=status.HTTP_404_NOT_FOUND, ) context = {} context["account_obj"] = AccountSerializer(self.account).data if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin: if not ((self.request.profile == self.account.created_by) or (self.request.profile in self.account.assigned_to.all())): return Response( { "error": True, "errors": "You do not have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) comment_permission = False if (self.request.profile == self.account.created_by or self.request.profile.is_admin or self.request.profile.role == "ADMIN"): comment_permission = True if self.request.profile.is_admin or self.request.profile.role == "ADMIN": users_mention = list( Profile.objects.filter( is_active=True, org=self.request.org).values("user__username")) elif self.request.profile != self.account.created_by: if self.account.created_by: users_mention = [{ "username": self.account.created_by.user.username }] else: users_mention = [] else: users_mention = [] context.update({ "attachments": AttachmentsSerializer(self.account.account_attachment.all(), many=True).data, "comments": CommentSerializer(self.account.accounts_comments.all(), many=True).data, "contacts": ContactSerializer(self.account.contacts.all(), many=True).data, "opportunity_list": OpportunitySerializer( Opportunity.objects.filter(account=self.account), many=True).data, "users": ProfileSerializer( Profile.objects.filter( is_active=True, org=self.request.org).order_by("user__email"), many=True, ).data, "cases": CaseSerializer(self.account.accounts_cases.all(), many=True).data, "stages": STAGES, "sources": SOURCES, "countries": COUNTRIES, "currencies": CURRENCY_CODES, "case_types": CASE_TYPE, "case_priority": PRIORITY_CHOICE, "case_status": STATUS_CHOICE, "comment_permission": comment_permission, "tasks": TaskSerializer(self.account.accounts_tasks.all(), many=True).data, "invoices": InvoiceSerailizer(self.account.accounts_invoices.all(), many=True).data, "emails": EmailSerializer(self.account.sent_email.all(), many=True).data, "users_mention": users_mention, }) return Response(context)
def get_context_data(self, **kwargs): context = {} user_assgn_list = [ assigned_to.id for assigned_to in self.lead_obj.assigned_to.all() ] if self.request.user == self.lead_obj.created_by: user_assgn_list.append(self.request.user.id) if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if self.request.user.id not in user_assgn_list: raise PermissionDenied comments = Comment.objects.filter( lead__id=self.lead_obj.id).order_by("-id") attachments = Attachments.objects.filter(lead__id=self.lead_obj.id).order_by( "-id" ) assigned_data = [] for each in self.lead_obj.assigned_to.all(): assigned_dict = {} assigned_dict["id"] = each.id assigned_dict["name"] = each.email assigned_data.append(assigned_dict) if self.request.user.is_superuser or self.request.user.role == "ADMIN": users_mention = list( User.objects.filter( is_active=True, company=self.request.company ).values("username") ) elif self.request.user != self.lead_obj.created_by: users_mention = [ {"username": self.lead_obj.created_by.username}] else: users_mention = list( self.lead_obj.assigned_to.all().values("username")) if self.request.user.role == "ADMIN" or self.request.user.is_superuser: users = User.objects.filter(is_active=True, company=self.request.company).order_by( "email" ) else: users = User.objects.filter(role="ADMIN", company=self.request.company).order_by( "email" ) user_assgn_list = [ assigned_to.id for assigned_to in self.lead_obj.get_assigned_users_not_in_teams ] if self.request.user == self.lead_obj.created_by: user_assgn_list.append(self.request.user.id) if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if self.request.user.id not in user_assgn_list: raise PermissionDenied team_ids = [user.id for user in self.lead_obj.get_team_users] all_user_ids = [user.id for user in users] users_excluding_team_id = set(all_user_ids) - set(team_ids) users_excluding_team = User.objects.filter( id__in=users_excluding_team_id) context["users"] = UserSerializer(users, many=True).data context["users_excluding_team"] = UserSerializer( users_excluding_team, many=True).data context["countries"] = COUNTRIES context["source"] = LEAD_SOURCE context["teams"] = TeamsSerializer( Teams.objects.filter(company=self.request.company), many=True).data context.update( { "attachments": AttachmentsSerializer(attachments, many=True).data, "comments": CommentSerializer(comments, many=True).data, "status": LEAD_STATUS, "countries": COUNTRIES, "users_mention": users_mention, "assigned_data": assigned_data, 'lead_obj': LeadSerializer(self.lead_obj).data } ) return context
def get_context_data(self, **kwargs): context = {} user_assgn_list = [ assigned_to.id for assigned_to in self.task_obj.assigned_to.all() ] if self.request.user == self.task_obj.created_by: user_assgn_list.append(self.request.user.id) if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if self.request.user.id not in user_assgn_list: return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) comments = Comment.objects.filter(task=self.task_obj).order_by("-id") attachments = Attachments.objects.filter( task=self.task_obj).order_by("-id") assigned_data = self.task_obj.assigned_to.values("id", "email") if self.request.user.is_superuser or self.request.user.role == "ADMIN": users_mention = list( User.objects.filter(is_active=True, ).values("username")) elif self.request.user != self.task_obj.created_by: users_mention = [{"username": self.task_obj.created_by.username}] else: users_mention = list( self.task_obj.assigned_to.all().values("username")) if self.request.user.role == "ADMIN" or self.request.user.is_superuser: users = User.objects.filter(is_active=True, ).order_by("email") else: users = User.objects.filter(role="ADMIN", ).order_by("email") if self.request.user == self.task_obj.created_by: user_assgn_list.append(self.request.user.id) if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if self.request.user.id not in user_assgn_list: return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) team_ids = [user.id for user in self.task_obj.get_team_users] all_user_ids = users.values_list("id", flat=True) users_excluding_team_id = set(all_user_ids) - set(team_ids) users_excluding_team = User.objects.filter( id__in=users_excluding_team_id) context.update({ "task_obj": TaskSerializer(self.task_obj).data, "attachments": AttachmentsSerializer(attachments, many=True).data, "comments": CommentSerializer(comments, many=True).data, "users_mention": users_mention, "assigned_data": assigned_data, }) context["users"] = UserSerializer(users, many=True).data context["users_excluding_team"] = UserSerializer(users_excluding_team, many=True).data context["teams"] = TeamsSerializer(Teams.objects.all(), many=True).data return context
def get(self, request, pk, format=None): context = {} contact_obj = self.get_object(pk) context["contact_obj"] = ContactSerializer(contact_obj).data user_assgn_list = [ assigned_to.id for assigned_to in contact_obj.assigned_to.all() ] user_assigned_accounts = set( self.request.user.account_assigned_users.values_list( "id", flat=True) ) contact_accounts = set( contact_obj.account_contacts.values_list("id", flat=True) ) if user_assigned_accounts.intersection(contact_accounts): user_assgn_list.append(self.request.user.id) if self.request.user == contact_obj.created_by: user_assgn_list.append(self.request.user.id) if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if self.request.user.id not in user_assgn_list: raise PermissionDenied assigned_data = [] for each in contact_obj.assigned_to.all(): assigned_dict = {} assigned_dict["id"] = each.id assigned_dict["name"] = each.email assigned_data.append(assigned_dict) if self.request.user.is_superuser or self.request.user.role == "ADMIN": users_mention = list( User.objects.filter( is_active=True, company=self.request.company ).values("username") ) elif self.request.user != contact_obj.created_by: users_mention = [ {"username": contact_obj.created_by.username}] else: users_mention = list( contact_obj.assigned_to.all().values("username")) if self.request.user.role == "ADMIN" or self.request.user.is_superuser: self.users = User.objects.filter( is_active=True, company=self.request.company).order_by("email") else: self.users = User.objects.filter( role="ADMIN", company=self.request.company).order_by("email") if request.user == contact_obj.created_by: user_assgn_list.append(self.request.user.id) context["address_obj"] = BillingAddressSerializer( contact_obj.address).data context["users"] = UserSerializer(self.users, many=True).data context["countries"] = COUNTRIES context["teams"] = TeamsSerializer( Teams.objects.filter(company=request.company), many=True).data context.update( { "comments": CommentSerializer( contact_obj.contact_comments.all(), many=True).data, "attachments": AttachmentsSerializer( contact_obj.contact_attachment.all(), many=True).data, "assigned_data": assigned_data, "tasks": TaskSerializer( contact_obj.contacts_tasks.all(), many=True).data, "users_mention": users_mention, } ) return Response(context)
def get(self, request, pk, format=None): self.cases = self.get_object(pk=pk) if self.cases.org != request.org: return Response( {"error": True, "errors": "User company doesnot match with header...."}, status=status.HTTP_403_FORBIDDEN, ) context = {} context["cases_obj"] = CaseSerializer(self.cases).data if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin: if not ( (self.request.profile == self.cases.created_by) or (self.request.profile in self.cases.assigned_to.all()) ): return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) comment_permission = False if ( self.request.profile == self.cases.created_by or self.request.profile.is_admin or self.request.profile.role == "ADMIN" ): comment_permission = True if self.request.profile.is_admin or self.request.profile.role == "ADMIN": users_mention = list( Profile.objects.filter( is_active=True, org=self.request.org ).values("user__username") ) elif self.request.profile != self.cases.created_by: if self.cases.created_by: users_mention = [ {"username": self.cases.created_by.user.username}] else: users_mention = [] else: users_mention = [] attachments = Attachments.objects.filter( case=self.cases).order_by("-id") comments = Comment.objects.filter(case=self.cases).order_by("-id") context.update( { "attachments": AttachmentsSerializer(attachments, many=True).data, "comments": CommentSerializer(comments, many=True).data, "contacts": ContactSerializer( self.cases.contacts.all(), many=True ).data, "status": STATUS_CHOICE, "priority": PRIORITY_CHOICE, "type_of_case": CASE_TYPE, "comment_permission": comment_permission, "users_mention": users_mention, } ) return Response(context)
def get(self, request, pk, format=None): self.opportunity = self.get_object(pk=pk) context = {} context["opportunity_obj"] = OpportunitySerializer( self.opportunity).data if self.opportunity.org != request.org: return Response( { "error": True, "errors": "User company doesnot match with header...." }, status=status.HTTP_403_FORBIDDEN, ) if self.request.profile.role != "ADMIN" and not self.request.user.is_superuser: if not ( (self.request.profile == self.opportunity.created_by) or (self.request.profile in self.opportunity.assigned_to.all())): return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) comment_permission = False if (self.request.profile == self.opportunity.created_by or self.request.user.is_superuser or self.request.profile.role == "ADMIN"): comment_permission = True if self.request.user.is_superuser or self.request.profile.role == "ADMIN": users_mention = list( Profile.objects.filter( is_active=True, org=self.request.org).values("user__username")) elif self.request.profile != self.opportunity.created_by: if self.opportunity.created_by: users_mention = [{ "username": self.opportunity.created_by.user.username }] else: users_mention = [] else: users_mention = [] context.update({ "comments": CommentSerializer(self.opportunity.opportunity_comments.all(), many=True).data, "attachments": AttachmentsSerializer( self.opportunity.opportunity_attachment.all(), many=True).data, "contacts": ContactSerializer(self.opportunity.contacts.all(), many=True).data, "users": ProfileSerializer( Profile.objects.filter( is_active=True, org=self.request.org).order_by("user__email"), many=True, ).data, "stage": STAGES, "lead_source": SOURCES, "currency": CURRENCY_CODES, "comment_permission": comment_permission, "users_mention": users_mention, }) return Response(context)
def get(self, request, pk, format=None): self.invoice = self.get_object(pk=pk) if self.invoice.company != request.company: return Response( { "error": True, "errors": "User company doesnot match with header...." }, status=status.HTTP_404_NOT_FOUND, ) context = {} context["invoice_obj"] = InvoiceSerailizer(self.invoice).data if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if not ((self.request.user == self.invoice.created_by) or (self.request.user in self.invoice.assigned_to.all())): return Response({ "error": True, "errors": "You don't have Permission to perform this action", }) comment_permission = (True if (self.request.user == self.invoice.created_by or self.request.user.is_superuser or self.request.user.role == "ADMIN") else False) if self.request.user.is_superuser or self.request.user.role == "ADMIN": users_mention = list( User.objects.filter( is_active=True, company=self.request.company, ).values("username")) elif self.request.user != self.invoice.created_by: if self.invoice.created_by: users_mention = [{ "username": self.invoice.created_by.username }] else: users_mention = [] else: users_mention = [] attachments = Attachments.objects.filter( invoice=self.invoice).order_by("-id") comments = Comment.objects.filter(invoice=self.invoice).order_by("-id") context.update({ "attachments": AttachmentsSerializer(attachments, many=True).data, "comments": CommentSerializer(comments, many=True).data, "invoice_history": InvoiceHistorySerializer(self.invoice.invoice_history.all(), many=True).data, "accounts": AccountSerializer(self.invoice.accounts.all(), many=True).data, "users": UserSerializer( User.objects.filter( is_active=True, company=self.request.company, ).order_by("email"), many=True, ).data, "comment_permission": comment_permission, "users_mention": users_mention, "status": INVOICE_STATUS, "currency": CURRENCY_CODES, "countries": COUNTRIES, }) return Response(context)
def get(self, request, pk, format=None): context = {} context["account_obj"] = AccountSerializer(self.account).data if self.request.user.role != "ADMIN" and not self.request.user.is_superuser: if not ((self.request.user == self.account.created_by) or (self.request.user in self.account.assigned_to.all())): raise PermissionDenied comment_permission = (True if (self.request.user == self.account.created_by or self.request.user.is_superuser or self.request.user.role == "ADMIN") else False) if self.request.user.is_superuser or self.request.user.role == "ADMIN": users_mention = list( User.objects.filter( is_active=True, company=self.request.company, ).values("username")) elif self.request.user != self.account.created_by: if self.account.created_by: users_mention = [{ "username": self.account.created_by.username }] else: users_mention = [] else: users_mention = [] context.update({ "comments": CommentSerializer(self.account.accounts_comments.all(), many=True).data, "attachments": AttachmentsSerializer(self.account.account_attachment.all(), many=True).data, "opportunity_list": OpportunitySerializer( Opportunity.objects.filter(account=self.account), many=True).data, "contacts": ContactSerializer(self.account.contacts.all(), many=True).data, "users": UserSerializer( User.objects.filter( is_active=True, company=self.request.company, ).order_by("email"), many=True, ).data, "cases": CaseSerializer(Case.objects.filter(account=self.account), many=True).data, "stages": STAGES, "sources": SOURCES, "countries": COUNTRIES, "currencies": CURRENCY_CODES, "case_types": CASE_TYPE, "case_priority": PRIORITY_CHOICE, "case_status": STATUS_CHOICE, "comment_permission": comment_permission, "tasks": TaskSerializer(self.account.accounts_tasks.all(), many=True).data, "invoices": InvoiceSerailizer(self.account.accounts_invoices.all(), many=True).data, "emails": EmailSerailizer(self.account.sent_email.all(), many=True).data, "users_mention": users_mention, }) return Response(context)
def get(self, request, pk, format=None): context = {} contact_obj = self.get_object(pk) context["contact_obj"] = ContactSerializer(contact_obj).data user_assgn_list = [ assigned_to.id for assigned_to in contact_obj.assigned_to.all() ] user_assigned_accounts = set( self.request.profile.account_assigned_users.values_list("id", flat=True)) contact_accounts = set( contact_obj.account_contacts.values_list("id", flat=True)) if user_assigned_accounts.intersection(contact_accounts): user_assgn_list.append(self.request.profile.id) if self.request.profile == contact_obj.created_by: user_assgn_list.append(self.request.profile.id) if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin: if self.request.profile.id not in user_assgn_list: return Response( { "error": True, "errors": "You do not have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) assigned_data = [] for each in contact_obj.assigned_to.all(): assigned_dict = {} assigned_dict["id"] = each.id assigned_dict["name"] = each.email assigned_data.append(assigned_dict) if self.request.profile.is_admin or self.request.profile.role == "ADMIN": users_mention = list( Profile.objects.filter( is_active=True, org=request.org).values("user__username")) elif self.request.profile != contact_obj.created_by: users_mention = [{ "username": contact_obj.created_by.user.username }] else: users_mention = list( contact_obj.assigned_to.all().values("username")) if request.profile == contact_obj.created_by: user_assgn_list.append(self.request.profile.id) context["address_obj"] = BillingAddressSerializer( contact_obj.address).data context["countries"] = COUNTRIES context.update({ "comments": CommentSerializer(contact_obj.contact_comments.all(), many=True).data, "attachments": AttachmentsSerializer(contact_obj.contact_attachment.all(), many=True).data, "assigned_data": assigned_data, "tasks": TaskSerializer(contact_obj.contacts_tasks.all(), many=True).data, "users_mention": users_mention, }) return Response(context)
def get_context_data(self, **kwargs): context = {} user_assgn_list = [ assigned_to.id for assigned_to in self.event_obj.assigned_to.all() ] if self.request.profile == self.event_obj.created_by: user_assgn_list.append(self.request.profile.id) if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin: if self.request.profile.id not in user_assgn_list: return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) comments = Comment.objects.filter(event=self.event_obj).order_by("-id") attachments = Attachments.objects.filter( event=self.event_obj).order_by("-id") assigned_data = self.event_obj.assigned_to.values("id", "user__email") if self.request.profile.is_admin or self.request.profile.role == "ADMIN": users_mention = list( Profile.objects.filter( is_active=True, ).values("user__username")) elif self.request.profile != self.event_obj.created_by: users_mention = [{ "username": self.event_obj.created_by.user.username }] else: users_mention = list( self.event_obj.assigned_to.all().values("user__username")) profile_list = Profile.objects.filter(is_active=True, org=self.request.org) if self.request.profile.role == "ADMIN" or self.request.profile.is_admin: profiles = profile_list.order_by("user__email") else: profiles = profile_list.filter( role="ADMIN").order_by("user__email") if self.request.profile == self.event_obj.created_by: user_assgn_list.append(self.request.profile.id) if self.request.profile.role != "ADMIN" and not self.request.profile.is_admin: if self.request.profile.id not in user_assgn_list: return Response( { "error": True, "errors": "You don't have Permission to perform this action", }, status=status.HTTP_403_FORBIDDEN, ) team_ids = [user.id for user in self.event_obj.get_team_users] all_user_ids = profiles.values_list("id", flat=True) users_excluding_team_id = set(all_user_ids) - set(team_ids) users_excluding_team = Profile.objects.filter( id__in=users_excluding_team_id) selected_recurring_days = Event.objects.filter( name=self.event_obj.name).values_list("date_of_meeting", flat=True) selected_recurring_days = set( [day.strftime("%A") for day in selected_recurring_days]) context.update({ "event_obj": EventSerializer(self.event_obj).data, "attachments": AttachmentsSerializer(attachments, many=True).data, "comments": CommentSerializer(comments, many=True).data, "selected_recurring_days": selected_recurring_days, "users_mention": users_mention, "assigned_data": assigned_data, }) context["users"] = ProfileSerializer(profiles, many=True).data context["users_excluding_team"] = ProfileSerializer( users_excluding_team, many=True).data context["teams"] = TeamsSerializer(Teams.objects.all(), many=True).data return context