def _admin_delete_user(request, user_id=None): response_data = {'success': False} response_data['error_msg'] = "Erro no servidor." if has_permission_to_user(request.user, user_id): try: user = User.objects.get(id=user_id) cant = user.is_superuser or user.id == request.user.id if not cant: for group in user.groups.all(): if not has_permission_to_group(request.user, group.id): cant = True break if cant: response_data[ 'error_msg'] = "Você não pode excluir este usuário." else: user.is_active = False user.save() GroupManager.objects.filter(user=user).delete() response_data['success'] = True except: response_data[ 'error_msg'] = "Voluntário não cadastrado." return JsonResponse(response_data)
def _treatment_follow(message, treatment): if treatment.is_closed or treatment.user is None: raise ClientError("TREATMENT_ACCESS_DENIED") if not has_permission_to_user(message.user, treatment.user.id): raise ClientError("TREATMENT_ACCESS_DENIED") if treatment.id not in message.channel_session['treatments']: treatment.websocket_group.add(message.reply_channel) message.channel_session['treatments'].append(treatment.id) message.reply_channel.send({"text": json.dumps({"action": "following", "volunteer": treatment.user.first_name})}) _send_treatment_messages(message.reply_channel, treatment)
def _admin_get_user(request, user_id): response_data = {'success': False} response_data['error_msg'] = "Erro no servidor." if has_permission_to_user(request.user, user_id): try: response_data['user'] = _user_to_data_json( request, User.objects.get(id=user_id)) response_data['success'] = True except: pass return JsonResponse(response_data)
def _admin_save_user(request, user=None): response_data = {'success': False} response_data['error_msg'] = "Erro no servidor." if has_permission_to_user(request.user, user.id if user is not None else None): if 'json_data' in request.POST: try: request_json = json.loads(request.POST['json_data']) name = request_json['name'] username = request_json['username'] email = request_json['email'] groups = request_json['groups'] reset_password = request_json['reset_password'] with transaction.atomic(): if user is None: user = User() user.first_name = name user.username = username user.email = email user.save() if reset_password: user.set_password(user.username) if not groups: groups = [] current_groups = user.groups.all() for current_group in current_groups: if current_group.id not in groups: if has_permission_to_group(request.user, current_group.id): user.groups.remove(current_group) for group in groups: if has_permission_to_group(request.user, group): user.groups.add(Group.objects.get(id=group)) user.save() response_data['success'] = True except IntegrityError as ie: response_data[ 'error_msg'] = "Já existe um voluntário com este usuário." return JsonResponse(response_data)
def manager_users(request): response_data = {} response_data['users'] = [] users = User.objects.filter(is_active=True).order_by( 'first_name', 'username') for user in users: if has_permission_to_user(request.user, user.id): user_json = {} user_json['id'] = user.id user_json['name'] = user.first_name user_json['username'] = user.username user_json['email'] = user.email user_json['groups'] = _get_names_user_groups( user.groups.all().order_by('name')) response_data['users'].append(user_json) return JsonResponse(response_data)