def company_user_profile(request): """Let the company user see and eventually edit its own profile.""" user = request.user company_user = get_actual_user(request.user) if request.method == 'POST': user_form = UserForm(request.POST, instance=user) company_user_form = CompanyUserForm(request.POST, instance=company_user) account_adapter = get_adapter(request) if user_form.is_valid() and company_user_form.is_valid(): with transaction.atomic(): user_form.save() company_user_form.save() account_adapter.add_message( request, messages.SUCCESS, 'dashboard/messages/profile_update_success.txt' ) else: user_form = UserForm(instance=user) company_user_form = CompanyUserForm(instance=company_user) context = { 'user_has_usable_password': user.has_usable_password(), 'user_form': user_form, 'company_user_form': company_user_form, } return render(request, 'dashboard/user/company/profile.html', context)
def search_in_file(request): """Let the user perform a search for text into the specified file.""" user = request.user # check audio file existence try: audio = AudioFile.objects.get(id=request.GET.get('file')) except AudioFile.DoesNotExist: get_adapter(request).add_message( request, messages.ERROR, 'dashboard/messages/file_does_not_exist.txt' ) return redirect(reverse('dashboard:list-files')) # if audio is public no check is required if not audio.is_public: # guest users cannot do nothing with non-public files if user.is_anonymous: return redirect(reverse('dashboard:forbidden')) # user is not the uploader elif user != audio.uploader: # private and employee users are not allowed to view other users' non-public files if user.is_private or user.is_employee: return redirect(reverse('dashboard:forbidden')) # company user can use its own files and the employees' ones elif user.is_company and not get_actual_user(user).company.employees.filter(user=audio.uploader).exists(): return redirect(reverse('dashboard:forbidden')) # user is performing a search if request.method == 'POST': query_string = request.POST.get('querystring') transcriptions = audio.transcriptions\ .filter(text__icontains=query_string)\ .order_by('offset', 'confidence')\ .values_list('offset', 'confidence') results = [ { 'start_time': offset, 'end_time': offset + settings.MOMENTTRACK_AUDIO_FRAGMENT_DURATION, 'confidence': confidence } for offset, confidence in OrderedDict(transcriptions).items() ] # user is requesting the page without any query string else: query_string = '' results = [] context = {'audio': audio, 'query_string': query_string, 'results': results} return render(request, 'dashboard/search.html', context)
def employee_company_details(request): """Let the employee have information regarding their company""" employee_user = get_actual_user(request.user) company = employee_user.company company_user = company.contact_person context = { 'company': CompanyForm(model_to_dict(company)), 'contact_person_user': UserForm(model_to_dict(company_user.user)), 'company_contact_person': CompanyUserForm(model_to_dict(company_user)), } return render(request, 'dashboard/user/employee/company.html', context)
def company_details(request): """Let the company user to see and eventually edit the company's information""" company_user = get_actual_user(request.user) company = company_user.company if request.method == 'POST': company_form = CompanyForm(request.POST, instance=company) if company_form.is_valid(): company_form.save() else: company_form = CompanyForm(instance=company) context = {'company_form': company_form} return render(request, 'dashboard/user/company/company_details.html', context)
def invert_employee_account_active_status(request, employee_id): """Let the company user activate/deactivate an employee account""" status = 'unknown' got_error = True if request.method == 'POST': try: employee = get_actual_user(request.user).company.employees.get(id=employee_id) user = employee.user user.is_active = not user.is_active user.save() status = 'active' if user.is_active else 'inactive' got_error = False except EmployeeUser.DoesNotExist: pass return JsonResponse({'error': got_error, 'status': status})
def company_employees(request): """Let the company user see the list of its company's employees and add some more. Adding an employee automatically sign up the new user with a random password sent to the employee. """ # if this is a POST request we need to process the form data # otherwise we just create a blank employee signup form if request.method == 'POST': employee_signup_form = EmployeeSignupForm(request.POST) if employee_signup_form.is_valid(): with transaction.atomic(): user = employee_signup_form.save(request) signals.user_signed_up.send(sender=user.__class__, user=user) # Automatically verify email email = EmailAddress.objects.get_primary(user=user) email.verified = True email.save() signals.email_confirmed.send(sender=user.__class__, email_address=user.email) # we need the account adapter to send email using allauth workflow account_adapter = get_adapter() # create a random password for the user # N.B: user already has a password, but it is not accessible # anymore because of crypt, so we create a new one and # send it to the user email random_password = get_user_model().objects.make_random_password() user.set_password(raw_password=random_password) user.save() signals.password_changed.send(sender=user.__class__, request=request, user=user) employee = get_actual_user(user) current_site = get_current_site(request) company = employee.company account_adapter.send_mail( 'account/email/employee_password', employee.email, { 'current_site': current_site, 'company': company, 'password': random_password } ) account_adapter.send_mail( 'account/email/employee_added', company.contact_person.email, { 'current_site': current_site, 'company': company, 'employee': employee } ) # send a notification as another confirmation message account_adapter.add_message( request, messages.SUCCESS, 'account/messages/employee_added.txt', { 'company': company, 'employee': employee } ) # If this is a GET (or any other methods) request, create a blank form else: employee_signup_form = EmployeeSignupForm() company_user = get_actual_user(request.user) company = company_user.company employees = EmployeeUser.objects.filter(company=company) context = { 'employee_signup_form': employee_signup_form, 'employees': employees, } return render(request, 'dashboard/user/company/employees.html', context)
def list_files(request): """Let the user have a list of uploaded files available for searching and/or editing. The list is different from user type to user type: * `guest user`, can see only public files * `private user`, can see all of its own files and the other users' public files * `employee user`, can see all of its own files and the other users' public files * `company user`, can see all of its own files, the other users' public files and his/her company's employees public and private files """ requested_user_id = request.GET.get('uploader') user = request.user actual_user = get_actual_user(user) try: requested_user = User.objects.get(id=requested_user_id) except User.DoesNotExist: requested_user = None # user is guest if user.is_anonymous: # no specific user requested, show all public files if requested_user is None: title = _("Public files") files = AudioFile.objects.filter(is_public=True) # specific user requested, show its own public files only else: # requested user exists if requested_user is not None: title = _("%s's public files" % user_displayable_name(requested_user)) files = AudioFile.objects.filter(uploader=requested_user, is_public=True) # requested user does not exist else: title = _("Requested user does not exist") files = AudioFile.objects.none() # user is authenticated else: # if no specific user requested if requested_user_id is None: # company user will see all the company's files if user.is_company: title = _("%s's files" % actual_user.company.name) company_staff = [employee_id for employee_id in actual_user.company.employees.values_list('user__id', flat=True)] company_staff.append(user.id) files = AudioFile.objects.filter(uploader__in=company_staff) # private and employees will see their own files else: title = _("Your files") files = AudioFile.objects.filter(uploader=user) # specific user requested else: # user asks for its own files, show them if user.id == requested_user.id: title = _("Your files") files = AudioFile.objects.filter(uploader=user) # user is company and asks for employee's files, show them elif user.is_company and actual_user.company.employees.filter(user__id=requested_user.id).exists(): title = _("Employee %s's files" % user_displayable_name(requested_user)) files = AudioFile.objects.filter(uploader=requested_user) # user asks for other user files, show the public ones only else: title = _("%s's public files" % user_displayable_name(requested_user)) files = AudioFile.objects.filter(uploader=requested_user, is_public=True) context = { 'files': files.order_by('-upload_datetime'), 'title': title, 'user': user } return render(request, 'dashboard/list_files.html', context)