def set_as_admin(request, pk):
user = get_object_or_404(User, pk=pk)
if request.user.is_superuser:
user.is_staff = True
user.is_admin = True
user.is_superuser = True
try:
user_data = user.userdata
except UserData.DoesNotExist:
user_data = UserData()
user_data.user = user
user_data.save()
old_role = user_data.role
user_data.role = "admin"
user.is_staff = True
user.is_superuser = True
user_data.save()
user.save()
action = Action(user=request.user, target=str(user))
action.action = "set user as admin"
action.timestamp = timezone.now()
action.save()
Cruise.objects.filter(leader=user).update(
missing_information_cache_outdated=True)
messages.add_message(request, messages.WARNING,
mark_safe('User ' + str(user) + ' set as admin.'))
if old_role == "":
send_user_approval_email(request, user)
else:
raise PermissionDenied
return redirect(request.META['HTTP_REFERER'])
def mark_invoice_as_finalized(request, pk):
invoice = get_object_or_404(InvoiceInformation, pk=pk)
if (request.user.is_superuser):
invoice.is_finalized = True
invoice.save()
action = Action(user=request.user, target=str(invoice))
action.action = "marked invoice as finalized"
action.timestamp = timezone.now()
action.save()
messages.add_message(
request, messages.SUCCESS,
mark_safe(
'Invoice "' + str(invoice) +
'" marked as finalized. It is now viewable by invoicers.'))
invoicer_user_emails = [
invoice_user.email for invoice_user in list(
User.objects.filter(userdata__role='invoicer'))
]
send_template_only_email(
invoicer_user_emails,
EmailTemplate.objects.get(title='New invoice ready'),
invoice=invoice)
else:
raise PermissionDenied
return redirect(request.META['HTTP_REFERER'])
def log_hijack_ended(sender, hijacker_id, hijacked_id, request, **kwargs):
user = User.objects.get(id=hijacker_id)
target_user = User.objects.get(id=hijacked_id)
action = Action(user=user, target=str(target_user))
action.action = "released control of user"
action.timestamp = timezone.now()
action.save()
def reject_invoice(request, pk):
invoice = get_object_or_404(InvoiceInformation, pk=pk)
if request.user.userdata.role == "invoicer":
#message
message = ""
try:
json_data = json.loads(request.body.decode("utf-8"))
message = json_data["message"]
except:
message = ""
#end message
invoice.is_finalized = False
invoice.is_sent = False
invoice.is_paid = False
invoice.rejection_message = message
invoice.save()
action = Action(user=request.user, target=str(invoice))
action.action = "rejected invoice"
action.timestamp = timezone.now()
action.save()
messages.add_message(
request, messages.SUCCESS,
mark_safe('Invoice "' + str(invoice) + '" rejected.'))
admin_user_emails = [
admin_user.email
for admin_user in list(User.objects.filter(userdata__role='admin'))
]
send_template_only_email(
admin_user_emails,
EmailTemplate.objects.get(title='Invoice rejected'),
invoice=invoice)
else:
raise PermissionDenied
return JsonResponse(json.dumps([], ensure_ascii=True), safe=False)
def mark_invoice_as_unsent(request, pk):
invoice = get_object_or_404(InvoiceInformation, pk=pk)
if (request.user.userdata.role == "invoicer"):
invoice.is_sent = False
invoice.save()
action = Action(user=request.user, target=str(invoice))
action.action = "marked as unsent"
action.timestamp = timezone.now()
action.save()
messages.add_message(
request, messages.SUCCESS,
mark_safe('Invoice "' + str(invoice) + '" marked as unsent.'))
else:
raise PermissionDenied
return redirect(request.META['HTTP_REFERER'])
def delete_user(request, pk):
user = get_object_or_404(User, pk=pk)
if request.user.is_superuser:
user.userdata.role = ""
user.is_active = False
user.userdata.save()
user.save()
action = Action(user=request.user, target=str(user))
action.action = "deleted user"
action.timestamp = timezone.now()
action.save()
Cruise.objects.filter(leader=user).update(
missing_information_cache_outdated=True)
messages.add_message(request, messages.WARNING,
mark_safe('User ' + str(user) + ' deleted.'))
else:
raise PermissionDenied
return redirect(request.META['HTTP_REFERER'])
def mark_invoice_as_unfinalized(request, pk):
invoice = get_object_or_404(InvoiceInformation, pk=pk)
if (request.user.is_superuser and not invoice.is_sent):
invoice.is_finalized = False
invoice.save()
action = Action(user=request.user, target=str(invoice))
action.action = "marked invoice as unfinalized"
action.timestamp = timezone.now()
action.save()
messages.add_message(
request, messages.SUCCESS,
mark_safe(
'Invoice "' + str(invoice) +
'" marked as finalized. It is no longer viewable by invoicers.'
))
else:
raise PermissionDenied
return redirect(request.META['HTTP_REFERER'])
def toggle_user_crew_status(request, pk):
# is_staff is internally used to mark crew members for the off hour calculation view.
user = get_object_or_404(User, pk=pk)
if request.user.is_superuser:
action = Action(user=request.user, target=str(user))
if user.is_staff:
user.is_staff = False
action.action = "set user as not crew"
messages.add_message(
request, messages.SUCCESS,
mark_safe('User ' + str(user) + ' set as not crew.'))
else:
user.is_staff = True
action.action = "set user as crew"
messages.add_message(
request, messages.SUCCESS,
mark_safe('User ' + str(user) + ' set as crew.'))
user.save()
action.timestamp = timezone.now()
action.save()
else:
raise PermissionDenied
return redirect(request.META['HTTP_REFERER'])