def status(self, request, pk=None):
status_type = request.query_params.get('type', 'activate')
resort_id = request.query_params.get('resort_id', '')
try:
status_user = get_user_model().objects.get(user_id=pk)
except:
return Response({_("detail"): _("User does not exists")},
status=400)
request_user = request.user
status_user_resort = get_resort_for_user(status_user)
request_user_resort = get_resort_for_user(request_user)
if (status_user_resort != request_user_resort) or str(
status_user_resort.resort_id) != resort_id:
raise exceptions.PermissionDenied
if user_has_permission(request_user, request_user_resort,
3) or request.user.is_admin:
status_user_resort_map = get_user_resort_map(
status_user, status_user_resort)
status_user_resort_map.user_status = ARCHIVED if status_type == 'archived' else ACTIVE
status_user_resort_map.save()
return Response({_("detail"): _("user status updated")},
status=200)
else:
raise exceptions.PermissionDenied
def devices(self, request, pk=None):
user = request.user
resort = get_resort_for_user(user)
response_data = {}
if user_has_permission(
request.user, resort,
3) or request.user == user or request.user.is_admin:
user = get_user_model().objects.filter(user_id=pk).first()
if user is not None:
if not user.is_active:
return Response(
{_("detail"): _("User inactive or deleted.")},
status=403)
device_data = get_devices_user(user)
response_data['device_count'] = len(device_data)
response_data['user_id'] = user.user_id
response_data['devices'] = device_data
return Response(response_data, status=200)
else:
return Response({_('detail'): _('user does not exists')},
status=400)
else:
return Response(
{
_("detail"):
_("You dont have permission to retrieve user device")
},
status=403)
def create(self, request):
resort = get_resort_for_user(request.user)
asset_type_id = request.data.get('asset_type_id', '')
location_id = request.data.get('location_id', '')
if asset_type_id:
try:
asset_type = AssetType.objects.get(asset_type_id=asset_type_id)
if asset_type.asset_type_status == DELETED:
return Response({_('detail'): _('asset_type not found')}, status=400)
except:
return Response({_('detail'): _('asset_type not found')}, status=400)
else:
return Response({_('detail'): _('asset_type_id not provided')}, status=400)
if location_id:
try:
location = ResortLocation.objects.get(location_id=location_id)
if location.location_status == DELETED:
return Response({_('detail'): _('location not found')}, status=400)
except:
return Response({_('detail'): _('location not found')}, status=400)
else:
return Response({_('detail'): _('location_id not provided')}, status=400)
asset_data = AssetSerializer(data=request.data, fields='asset_name')
if asset_data.is_valid():
asset = asset_data.save(location=location, asset_type=asset_type, resort=resort)
else:
return Response(asset_data.errors, status=400)
return Response(AssetSerializer(asset).data, status=200)
def get_param_post(request):
resort_id = request.query_params.get('resort_id', None)
try:
resort = Resort.objects.get(resort_id=resort_id)
except:
resort = get_resort_for_user(user=request.user)
dateFrom = request.query_params.get('datefrom', None)
if dateFrom is None or not dateFrom:
dateFrom = datetime.today() - timedelta(days=7)
dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00")
else:
dateFrom = (datetime.strptime(dateFrom, "%Y-%m-%d %H:%M:%S"))
dateFrom = timezone('UTC').localize(dateFrom)
dateFrom = dateFrom.astimezone(timezone(resort.timezone))
dateTo = request.query_params.get('dateto', None)
if dateTo is None or not dateTo:
dateTo = datetime.today()
dateTo = dateTo.strftime("%Y-%m-%d 23:59:59")
else:
dateTo = (datetime.strptime(dateTo, "%Y-%m-%d %H:%M:%S"))
dateTo = timezone('UTC').localize(dateTo)
dateTo = dateTo.astimezone(timezone(resort.timezone))
return dateFrom, dateTo, resort
def create(self, request):
resort = get_resort_for_user(request.user)
area_id = request.data.get('area_id', '')
if area_id:
try:
area = Area.objects.get(area_id=area_id)
if area.area_status == DELETED:
return Response({_('detail'): _('area not found')},
status=400)
except:
return Response({_('detail'): _('area not found')}, status=400)
else:
return Response({_('detail'): _('area_id not provided')},
status=400)
location_data = LocationSerializer(data=request.data,
fields=('location_name', 'map_lat',
'map_long'))
if location_data.is_valid():
location = location_data.save(area=area, resort=resort)
else:
return Response(location_data.errors, status=400)
return Response(LocationSerializer(location).data, status=200)
def list(self, request, *args, **kwargs):
resort = get_resort_for_user(request.user)
search = request.query_params.get('search', '')
area_id = request.query_params.get('area_id', '')
order_by = request.query_params.get('order_by', 'location_name')
order_by_direction = request.query_params.get('order_by_direction',
'desc')
if order_by_direction == 'desc':
order = '-' + order_by
elif order_by_direction == 'asc':
order = order_by
if area_id:
query = ResortLocation.objects.filter(
location_name__icontains=search,
resort=resort,
location_status=LIVE,
area__area_id=area_id).order_by(order)
else:
query = ResortLocation.objects.filter(
location_name__icontains=search,
resort=resort,
location_status=LIVE).order_by(order)
queryset = self.filter_queryset(query)
page = self.paginate_queryset(queryset)
if page is not None:
serializer = LocationSerializer(page, many=True)
return self.get_paginated_response(serializer.data)
serializer = self.get_serializer(queryset, many=True)
return Response(serializer.data)
def list(self, request, *args, **kwargs):
resort = get_resort_for_user(request.user)
search = request.query_params.get('search', '')
order_by = request.query_params.get('order_by',
'controlled_substance_name')
order_by_direction = request.query_params.get('order_by_direction',
'desc')
if order_by_direction == 'desc':
order = '-' + order_by
elif order_by_direction == 'asc':
order = order_by
query = ControlledSubstances.objects.filter(
controlled_substance_name__icontains=search,
resort=resort,
controlled_substance_status=LIVE).order_by(order)
queryset = self.filter_queryset(query)
page = self.paginate_queryset(queryset)
if page is not None:
serializer = ControlledSubstancesSerializer(
page,
many=True,
fields=('controlled_substance_id', 'controlled_substance_name',
'units'))
return self.get_paginated_response(serializer.data)
serializer = self.get_serializer(queryset, many=True)
return Response(serializer.data)
def list(self, request, *args, **kwargs):
resort = get_resort_for_user(request.user)
search = request.query_params.get('search', '')
order_by = request.query_params.get('order_by', 'area_name')
order_by_direction = request.query_params.get('order_by_direction',
'desc')
if order_by_direction == 'desc':
order = '-' + order_by
elif order_by_direction == 'asc':
order = order_by
query = Area.objects.filter(area_name__icontains=search,
resort=resort,
area_status=LIVE).order_by(order)
queryset = self.filter_queryset(query)
page = self.paginate_queryset(queryset)
if page is not None:
serializer = AreaSerializer(page,
fields=('area_id', 'area_name'),
many=True,
context={
'location_count': True,
'resort': resort
})
return self.get_paginated_response(serializer.data)
serializer = self.get_serializer(queryset, many=True)
return Response(serializer.data)
def retrieve(self, request, pk=None):
from apps.custom_user.utils import get_user_resort_status
try:
user = get_user_model().objects.get(user_id=pk)
except:
return Response({_("detail"): _("User does not exists")},
status=400)
resort = get_resort_for_user(user)
if (user_has_permission(request.user, resort, 3)
or user_has_permission(request.user, resort, 2)
) or request.user == user or request.user.is_admin:
if not user.is_active:
return Response({_("detail"): _("User inactive or deleted.")},
status=403)
response_data = get_user_resort_combo(
user.user_pk,
('resort_id', 'resort_name', 'map_kml', 'map_type',
'report_form', 'unit_format', 'timezone', 'map_lat',
'map_lng', 'resort_logo', 'datetime_format',
'resort_controlled_substances', 'resort_asset_management'))
response_data.update(
{"user_status": get_user_resort_status(user, resort)})
return Response(response_data, status=200)
else:
return Response(
{_("detail"): _("You dont have permission to retrieve user")},
status=403)
def has_permission(self, request, view):
user = request.user
resort = get_resort_for_user(user)
if resort.resort_asset_management and user.user_asset_management:
return True
else:
return False
def has_permission(self, request, view):
user = request.user
resort = get_resort_for_user(user)
if resort.resort_controlled_substances and user.user_controlled_substances:
return True
else:
return False
def list_report(user):
resort = get_resort_for_user(user)
with connection.cursor() as cursor:
cursor.execute(
"""SELECT report_id as report_id, (report_config ->> 'label') as label, global_status as global, (report_config ->> 'type') as type
FROM reports_report
WHERE report_resort = %s AND (report_user = %s OR global_status = 1) ;""",
[resort.resort_pk, user.user_pk])
data = dictfetchall(cursor)
return data
def has_permission(self, request, view):
user = request.user
resort = get_resort_for_user(user)
user_resor_map = get_user_resort_map(user, resort)
if user_resor_map.user_status == ACTIVE:
return True
else:
return False
def post(self, request, *args, **kwargs):
user = request.user
resort = get_resort_for_user(user)
operation = request.GET.get('operation', 'generate')
# Only manager has the permission to access the resource
if resort is not None:
role = get_roleid_user(resort=resort, user=user)
if role != 3:
return Response(
{_('detail'): _('you do not have permission to resource')},
status=400)
else:
return Response({_('detail'): _('no resort associated with user')},
status=400)
if operation == 'generate':
# If oauth app already exists then return existing credential
try:
app = ResortOauthApp.objects.get(resort=resort, is_active=True)
app = app.oauth_app
except:
app = Application(
user=user,
authorization_grant_type='client-credentials',
client_type='confidential',
name=resort.resort_name)
app.save()
resort_oauth = ResortOauthApp(resort=resort, oauth_app=app)
resort_oauth.save()
elif operation == 'regenerate':
try:
app = ResortOauthApp.objects.get(resort=resort, is_active=True)
oauth_app = app.oauth_app
oauth_app.delete()
except:
pass
app = Application(user=user,
authorization_grant_type='client-credentials',
client_type='confidential',
name=resort.resort_name)
app.save()
resort_oauth = ResortOauthApp(resort=resort, oauth_app=app)
resort_oauth.save()
return Response(
{
'client_id': app.client_id,
'client_secret': app.client_secret
},
status=200)
def create(self, request):
resort = get_resort_for_user(request.user)
area_data = AreaSerializer(data=request.data, fields=('area_name', ))
if area_data.is_valid():
area = area_data.save(resort=resort)
else:
return Response(area_data.errors, status=400)
return Response(AreaSerializer(area,
fields=('area_id', 'area_name')).data,
status=200)
def list(self, request, *args, **kwargs):
resort = get_resort_for_user(request.user)
search = request.query_params.get('search', '')
location_id = request.query_params.get('area_id', '')
asset_type_id = request.query_params.get('asset_type_id', '')
order_by = request.query_params.get('order_by', 'asset_name')
order_by_direction = request.query_params.get('order_by_direction', 'desc')
if order_by_direction == 'desc':
order = '-' + order_by
elif order_by_direction == 'asc':
order = order_by
if asset_type_id:
try:
asset_type = AssetType.objects.get(asset_type_id=asset_type_id)
if asset_type.asset_type_status == DELETED:
return Response({_('detail'): _('asset_type not found')}, status=400)
except:
return Response({_('detail'): _('asset_type not found')}, status=400)
if location_id:
try:
location = ResortLocation.objects.get(location_id=location_id)
if location.location_status == DELETED:
return Response({_('detail'): _('location not found')}, status=400)
except:
return Response({_('detail'): _('location not found')}, status=400)
if location_id and asset_type_id:
query = Assets.objects.filter(asset_name__icontains=search, resort=resort, asset_status=LIVE,
asset_type=asset_type, location=location).order_by(order)
elif location_id:
query = Assets.objects.filter(asset_name__icontains=search, resort=resort, asset_status=LIVE,
location=location).order_by(order)
elif asset_type_id:
query = Assets.objects.filter(asset_name__icontains=search, resort=resort, asset_status=LIVE,
asset_type=asset_type).order_by(order)
else:
query = Assets.objects.filter(asset_name__icontains=search, resort=resort, asset_status=LIVE) \
.order_by(order)
queryset = self.filter_queryset(query)
page = self.paginate_queryset(queryset)
if page is not None:
serializer = AssetSerializer(page, many=True)
return self.get_paginated_response(serializer.data)
serializer = self.get_serializer(queryset, many=True)
return Response(serializer.data)
def retrieve(self, request, pk=None):
resort = get_resort_for_user(request.user)
try:
area = Area.objects.get(area_id=pk)
if area.area_status == DELETED:
return Response({_('detail'): _('area not found')}, status=400)
except:
return Response({_('detail'): _('area not found')}, status=400)
return Response(AreaSerializer(area,
fields=('area_id', 'area_name'),
context={
'location_count': True,
'resort': resort
}).data,
status=200)
def list(self, request, *args, **kwargs):
resort = get_resort_for_user(request.user)
order_by = request.query_params.get('order_by', 'dt_added')
order_by_direction = request.query_params.get('order_by_direction',
'desc')
if order_by_direction == 'desc':
order = '-' + order_by
elif order_by_direction == 'asc':
order = order_by
dateFrom = request.GET.get('date_from', None)
if dateFrom is None:
dateFrom = datetime.datetime.today() - datetime.timedelta(days=30)
else:
dateFrom = (datetime.datetime.strptime(dateFrom,
"%Y-%m-%d %H:%M:%S"))
dateTo = request.GET.get('date_to', None)
if dateTo is None:
dateTo = datetime.datetime.today()
else:
dateTo = datetime.datetime.strptime(dateTo, "%Y-%m-%d %H:%M:%S")
query = AuditLog.objects.filter(resort=resort,
dt_added__gte=dateFrom,
dt_added__lte=dateTo).order_by(order)
queryset = self.filter_queryset(query)
page = self.paginate_queryset(queryset)
if page is not None:
serializer = AuditLogSerializer(
page,
many=True,
fields=('controlled_substance_audit_log_id', 'log_entry',
'dt_added', 'added_by_user'))
return self.get_paginated_response(serializer.data)
serializer = self.get_serializer(
queryset,
many=True,
fields=('controlled_substance_audit_log_id', 'log_entry',
'dt_added', 'added_by_user'))
return Response(serializer.data)
def create(self, request):
response = {}
if request.user.user_connected == 0:
return Response(
{
_('detail'):
_('you do not have permission to create report')
},
status=403)
resort = get_resort_for_user(request.user)
response_data = create_report(request.data.get('global', 0),
request.user, request.data, resort)
response.update(response_data['report_config'])
response.update({"report_id": response_data['report_id']})
return Response(response)
def create(self, request):
resort = get_resort_for_user(request.user)
units = request.data.get('units', '')
controlledsubstances_data = ControlledSubstancesSerializer(
data=request.data, fields=('controlled_substance_name', 'units'))
if controlledsubstances_data.is_valid():
controlledsubstances = controlledsubstances_data.save(
resort=resort)
else:
return Response(controlledsubstances_data.errors, status=400)
return Response(ControlledSubstancesSerializer(
controlledsubstances,
fields=('controlled_substance_id', 'controlled_substance_name',
'units')).data,
status=200)
def create(self, request):
resort = get_resort_for_user(request.user)
user = request.user
log_entry = request.data.get('log_entry', '')
if log_entry:
audit_log = AuditLog(log_entry=log_entry,
resort=resort,
added_by_user=user)
audit_log.save()
else:
return Response({_('detail'): _('log_entry can not be empty')},
status=400)
return Response(AuditLogSerializer(
audit_log,
fields=('controlled_substance_audit_log_id', 'log_entry',
'dt_added', 'added_by_user')).data,
status=200)
def create(self, request):
incoming_data = request.data
incoming_data.pop('dateTimeFormat', None)
user = request.user
resort = get_resort_for_user(user)
incoming_data, validation_error, missing_fields_with_data = validate_incident_data(incoming_data, resort)
if validation_error:
return Response(validation_error, status=400)
logger.info("Create Incident",
extra={'request': request, 'tags': {'user': user.email}, 'data': {"data": request.data}})
status = IncidentStatus.objects.get(pk=1)
if resort.use_sequential_incident_id == 1 and user.user_connected == 1:
incident_sequence = get_incident_sequence(resort)
else:
incident_sequence = 0
try:
new_incident = Incident(resort=resort, assigned_to=user, incident_status=status,
incident_sequence=incident_sequence)
new_incident.save()
data_key = get_data_key(resort)
incident_json = update_patient(incoming_data, new_incident.incident_pk, True, data_key)
except:
return Response({_('detail'): _('invalid incident information provided')}, status=400)
notes = incident_note(incident_json, user, new_incident)
if notes:
new_incident.incident_json['notes'] = notes
new_incident.save()
audit_incident(new_incident, resort, user, user, user, incident_json)
status_history(new_incident, status, user)
return Response({"incident_id": new_incident.incident_id,
"incident_pk": new_incident.incident_sequence if resort.use_sequential_incident_id == 1 else new_incident.incident_pk},
status=200)
def list(self, request, *args, **kwargs):
resort = get_resort_for_user(request.user)
search = request.query_params.get('search', '')
order_by = request.query_params.get('order_by', 'asset_type_name')
order_by_direction = request.query_params.get('order_by_direction', 'desc')
if order_by_direction == 'desc':
order = '-' + order_by
elif order_by_direction == 'asc':
order = order_by
query = AssetType.objects.filter(asset_type_name__icontains=search, resort=resort, asset_type_status=LIVE) \
.order_by(order)
queryset = self.filter_queryset(query)
page = self.paginate_queryset(queryset)
if page is not None:
serializer = AssetTypeSerializer(page, many=True)
return self.get_paginated_response(serializer.data)
serializer = self.get_serializer(queryset, many=True)
return Response(serializer.data)
def destroy(self, request, pk=None):
try:
user = get_user_model().objects.get(user_id=pk)
except:
return Response({_("detail"): _("User does not exists")},
status=400)
resort = get_resort_for_user(user)
response_data = {}
if user_has_permission(request.user, resort,
3) or request.user.is_admin:
user_resort_map_combo = get_user_resort_map(user, resort)
user_resort_map_combo.user_status = USER_DELETED
user_resort_map_combo.save()
if not user.is_active:
return Response({_("detail"): _("User inactive or deleted.")},
status=403)
user.is_active = False
user.save()
response_data['user_id'] = user.user_id
response_data['status'] = 'deleted'
# Deletes all the device associated with user
Devices.objects.filter(device_user=user).delete()
inject_patroller(resort, user, 'remove')
return Response(response_data, status=200)
else:
return Response(
{_("detail"): _("You dont have permission to delete user")},
status=403)
def get_param(request):
dateFrom = request.GET.get('datefrom', None)
if dateFrom is None:
dateFrom = datetime.today()
dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00")
else:
dateFrom = (datetime.strptime(str(dateFrom), "%Y-%m-%d %H:%M:%S"))
dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00")
dateTo = request.GET.get('dateto', None)
if dateTo is None or not dateTo:
dateTo = datetime.today()
dateTo = dateTo.strftime("%Y-%m-%d 23:59:59")
else:
dateTo = (datetime.strptime(dateTo, "%Y-%m-%d %H:%M:%S"))
dateTo = dateTo.strftime("%Y-%m-%d 23:59:59")
resort_id = request.GET.get('resort_id', None)
try:
resort = Resort.objects.get(resort_id=resort_id)
except:
resort = get_resort_for_user(user=request.user)
return dateFrom, dateTo, resort
def pie(self, request):
if request.user.user_connected == 0:
return Response(
{_('detail'): _('you do not have access to report')},
status=403)
response_data = []
output_format = request.query_params.get('output_format', 'json')
resort = get_resort_for_user(request.user)
b = incident_template_field_type_mapping(resort.incident_template)
datetime_object = extract_date_chart(request.data, resort)
dateFrom = datetime_object[0]['dateFrom']
dateTo = datetime_object[0]['dateTo']
for idx, value in enumerate(request.data):
dateFrom, dateTo = datetime_object[idx][
'dateFrom'], datetime_object[idx]['dateTo']
key = b[value['data'].keys()[0]]
for id, val in enumerate(key['data']):
inner_join = ''
from_query = ''
select_query = ''
where_query = ''
where_parameter = []
select_query += "%s as name ,COUNT(*) as count"
where_parameter.append(val[val.keys()[0]])
if key['main_type'] == 'gender' or key['key'] == 'country':
inner_join += " INNER JOIN incidents_patients on incidents_patients.incident_id = incidents_incident.incident_pk"
where_query += " AND incidents_patients.%s = %s" % (
key['key'], '%s')
where_parameter.append(val.keys()[0])
elif key['type'] in ['text']:
where_query += " AND (incident_data ->> '%s') = %s" % (
key['key'], '%s')
where_parameter.append(val.keys()[0])
elif key['type'] == 'array':
from_query += ", json_array_elements(incidents_incident.incident_data -> '%s') as table0" % (
key['key'])
where_query += " AND CAST(table0 AS TEXT) = %s" % ('%s')
where_parameter.append('"' + val.keys()[0] + '"')
elif 'repeating' in key['type']:
from_query += ", CAST(json_array_elements(incidents_incident.incident_data -> '%s') AS JSON) as table0" % (
key['key'])
where_query += " AND (table0 ->> '%s') = %s" % (
key['sub_key'], '%s')
where_parameter.append(val.keys()[0])
with connection.cursor() as cursor:
query = """SELECT %s
FROM incidents_incident INNER JOIN custom_user_users ON assigned_to_id = custom_user_users.user_pk INNER JOIN incidents_incidentstatus
ON (incidents_incident.incident_status_id = incidents_incidentstatus.incident_status_id)%s%s
WHERE resort_id = %d AND custom_user_users.user_connected = 1 AND dt_created IS NOT NULL AND dt_created >= '%s' AND dt_created <= '%s' AND incidents_incidentstatus.order IN (1,2,3,4,5,6,7,8)%s;""" % (
select_query, inner_join, from_query, resort.resort_pk,
dateFrom, dateTo, where_query)
cursor.execute('BEGIN;')
cursor.execute("SET LOCAL TIME ZONE %s;",
[resort.timezone])
cursor.execute(query, where_parameter)
data = dictfetchall(cursor)
cursor.execute('END;')
response_data.append(data[0])
cursor = connection.cursor()
query = """SELECT COUNT(*) as count
FROM incidents_incident INNER JOIN custom_user_users ON assigned_to_id = custom_user_users.user_pk INNER JOIN incidents_incidentstatus
ON (incidents_incident.incident_status_id = incidents_incidentstatus.incident_status_id)
WHERE resort_id = %d AND custom_user_users.user_connected = 1 AND dt_created IS NOT NULL AND dt_created >= '%s' AND dt_created <= '%s' AND incidents_incidentstatus.order IN (1,2,3,4,5,6,7,8);""" % (
resort.resort_pk, dateFrom, dateTo)
cursor.execute(query)
total_data = dictfetchall(cursor)
final_data = process_pie_chart_data(response_data,
total_data[0]['count'])
if output_format == 'csv':
return sendfile(request,
settings.MEDIA_ROOT +
dict_to_csv_report(final_data),
attachment=True)
return Response(final_data)
def bar(self, request):
tempdata = []
output_format = request.query_params.get('output_format', 'json')
if request.user.user_connected == 0:
return Response(
{_('detail'): _('you do not have access to report')},
status=403)
resort = get_resort_for_user(request.user)
text_data_key = get_data_key(resort)
b = incident_template_field_type_mapping(resort.incident_template)
datetime_object = extract_date_chart(request.data, resort)
for idx, value in enumerate(request.data):
from_query = ''
where_query = ''
inner_join = ''
cross_join = ''
table_no = 0
inner_patient = False
inner_note = False
where_parameter = []
group_by_query = ''
order_by_query = ''
dateFrom, dateTo = datetime_object[idx][
'dateFrom'], datetime_object[idx]['dateTo']
scale = scale_mapping[value.get('scale', 'date')]
if scale == 'date':
column_query = 'incidents_incident.dt_created::TIMESTAMP::DATE as columndetail'
else:
if scale in ["hour", "dow"]:
column_query = 'extract( ' + scale + ' FROM incidents_incident.dt_created::TIMESTAMP) + 1 as columndetail'
elif scale == 'hdow':
column_query = "extract(DOW FROM incidents_incident.dt_created::TIMESTAMP) + 1 as columndetail, extract( HOUR FROM incidents_incident.dt_created::TIMESTAMP) + 1 as columndetail1"
group_by_query = ',columndetail1'
order_by_query = ',columndetail1'
else:
column_query = 'extract( ' + scale + ' FROM incidents_incident.dt_created::TIMESTAMP) as columndetail'
for data_key, data_value in value['data'].iteritems():
if data_key == 'total_incident':
pass
elif data_key in patient_fields:
if not inner_patient:
inner_join += ' INNER JOIN incidents_patients ON incidents_patients.incident_id = incidents_incident.incident_pk'
cross_join += """CROSS JOIN (SELECT '%s' As datakey) As keys""" % (
text_data_key)
inner_patient = True
for id, value in enumerate(data_value):
if data_key in encrypted_fields:
where_query += " AND pgp_sym_decrypt(incidents_patients.%s, keys.datakey) ILIKE %s" % (
data_key, '%s')
where_parameter.append("%" + data_value[id] + "%")
elif data_key == 'sex':
where_query += " AND incidents_patients.%s = %s" % (
'sex', '%s')
where_parameter.append(data_value[id].lower())
else:
where_query += " AND incidents_patients.%s = %s" % (
data_key, '%s')
where_parameter.append(data_value[id])
elif data_key in note_fields:
if not inner_note:
inner_join += ' INNER JOIN incidents_incidentnotes ON incidents_incidentnotes.incident_id = incidents_incident.incident_pk'
inner_note = True
for id, value in enumerate(data_value):
where_query += " AND incidents_incidentnotes.%s = %s" % (
note_field_map[data_key], '%s')
where_parameter.append(data_value[id])
elif data_key in location_field:
if not 'field_52ca456962ba8' in from_query:
from_query += ", CAST((incidents_incident.incident_data -> 'field_52ca456962ba8') AS JSON) as location_json"
for id, value in enumerate(data_value):
where_query += " AND (location_json ->> '%s') = %s" % (
data_key.split('____')[1], '%s')
where_parameter.append(data_value[id])
elif b[data_key]['type'] == 'text' or b[data_key][
'type'] == 'int':
for id, value in enumerate(data_value):
where_query += " AND (incident_data ->> '%s') = %s" % (
b[data_key]['key'], '%s')
where_parameter.append(data_value[id])
elif b[data_key]['type'] == 'array':
if not b[data_key]['key'] in from_query:
from_query += ", json_array_elements(incidents_incident.incident_data -> '%s') as table%d" % (
b[data_key]['key'], table_no)
for id, value in enumerate(data_value):
where_query += " AND CAST(table%d AS TEXT) = %s" % (
table_no, '%s')
where_parameter.append('"' + data_value[id] + '"')
table_no += 1
elif 'repeating' in b[data_key]['type']:
if not b[data_key]['key'] in from_query:
from_query += ", CAST(json_array_elements(incidents_incident.incident_data -> '%s') AS JSON) as table%d" % (
b[data_key]['key'], table_no)
for id, value in enumerate(data_value):
where_query += " AND (table%d ->> '%s') = %s" % (
table_no, b[data_key]['sub_key'], '%s')
where_parameter.append(data_value[id])
with connection.cursor() as cursor:
query = """SELECT %d as field, %s , count(*) count FROM incidents_incident INNER JOIN custom_user_users ON assigned_to_id = custom_user_users.user_pk INNER JOIN incidents_incidentstatus ON (incidents_incident.incident_status_id = incidents_incidentstatus.incident_status_id)%s %s %s WHERE resort_id = %d AND custom_user_users.user_connected = 1 AND dt_created IS NOT NULL AND dt_created >= '%s' AND dt_created <= '%s' AND incidents_incidentstatus.order IN (1,2,3,4,5,6,7,8) %s GROUP BY columndetail %s ORDER BY columndetail%s;""" % \
( idx + 1, column_query, inner_join, from_query, cross_join, resort.resort_pk, dateFrom, dateTo, where_query, group_by_query, order_by_query)
cursor.execute('BEGIN;')
cursor.execute("SET LOCAL TIME ZONE %s;", [resort.timezone])
cursor.execute(query, where_parameter)
data = dictfetchall(cursor)
cursor.execute('END;')
tempdata.append(
add_missing_data(data, idx + 1, dateFrom, dateTo, scale))
final_data = merge_compare_data(tempdata)
if output_format == 'csv':
scale = scale_mapping[request.data[0].get('scale', 'date')]
return sendfile(request,
settings.MEDIA_ROOT +
dict_to_csv_report(final_data, 'bar', scale),
attachment=True)
return Response(final_data)
def report(self, request):
resort = get_resort_for_user(request.user)
order_by = request.query_params.get(
'order_by', 'controlled_substance__controlled_substance_name')
order_by_direction = request.query_params.get('order_by_direction',
'desc')
current_status = request.query_params.get('current_status', '')
location_id = request.query_params.get('location_id', '')
controlled_substance_id = request.query_params.get(
'controlled_substance_id', '')
if order_by_direction == 'desc':
order = '-' + order_by
elif order_by_direction == 'asc':
order = order_by
if current_status == 'used':
where_query = ""
try:
if location_id:
location = ResortLocation.objects.get(
location_id=location_id)
else:
location = None
except:
return Response({_('detail'): _('location not found')})
try:
if controlled_substance_id:
controlled_substance = ControlledSubstances.objects.get(
controlled_substance_id=controlled_substance_id)
else:
controlled_substance = None
except:
return Response(
{_('detail'): _('controlled_substance not found')})
# Create extended where query
if location is not None:
where_query += ' AND controlled_substance_stock.location = ' + str(
location.location_pk)
if controlled_substance is not None:
where_query += ' AND controlled_substance_controlledsubstances.controlled_substance_pk = ' + str(
controlled_substance.controlled_substance_pk)
dateFrom = request.GET.get('date_from', None)
if dateFrom is None:
dateFrom = datetime.datetime.today() - datetime.timedelta(
days=30)
dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00")
else:
dateFrom = (datetime.datetime.strptime(dateFrom,
"%Y-%m-%d %H:%M:%S"))
dateFrom = dateFrom.strftime("%Y-%m-%d 00:00:00")
dateTo = request.GET.get('date_to', None)
if dateTo is None:
dateTo = datetime.datetime.today()
dateTo = dateTo.strftime("%Y-%m-%d 23:59:59")
else:
dateTo = (datetime.datetime.strptime(dateTo,
"%Y-%m-%d %H:%M:%S"))
dateTo = dateTo.strftime("%Y-%m-%d 23:59:59")
with connection.cursor() as cursor:
cursor.execute(
"""SELECT array_agg(controlled_substance_stockassignment.controlled_substance_stock) as pk
FROM controlled_substance_stockassignment
INNER JOIN controlled_substance_stock ON controlled_substance_stockassignment.controlled_substance_stock = controlled_substance_stock.controlled_substance_stock_pk
INNER JOIN controlled_substance_controlledsubstances ON controlled_substance_stock.controlled_substance = controlled_substance_controlledsubstances.controlled_substance_pk
WHERE controlled_substance_controlledsubstances.resort = %d AND controlled_substance_stockassignment.dt_used >= '%s' AND controlled_substance_stockassignment.dt_used <= '%s' AND controlled_substance_stockassignment.controlled_substance_stock_assignment_status = 2%s;"""
% (resort.resort_pk, dateFrom, dateTo, where_query))
data = dictfetchall(cursor)
query = Stock.objects.filter(
controlled_substance_stock_pk__in=data[0]['pk']
if data[0]['pk'] is not None else []).exclude(
current_status=DISPOSED).order_by(order)
else:
extra_conditions = {}
if current_status:
extra_conditions.update(
{"current_status": STATUS[current_status]})
if location_id:
extra_conditions.update({"location__location_id": location_id})
if controlled_substance_id:
extra_conditions.update({
"controlled_substance__controlled_substance_id":
controlled_substance_id
})
query = Stock.objects.filter(
controlled_substance__resort=resort,
**extra_conditions).exclude(
current_status=DISPOSED).order_by(order)
queryset = self.filter_queryset(query)
page = self.paginate_queryset(queryset)
if page is not None:
stocks = Stock.objects.filter(
controlled_substance__resort=resort,
controlled_substance__controlled_substance_id=
controlled_substance_id).exclude(current_status=DISPOSED)
stock_status = stock_status_count(stocks)
serializer = StockReportSerializer(
page,
many=True,
fields=('controlled_substance_stock_pk',
'controlled_substance_stock_id',
'controlled_substance', 'location', 'volume',
'dt_expiry', 'added_by_user', 'disposed_by_user'))
response = self.get_paginated_response(serializer.data)
response.data.update({"summary": stock_status})
return response
def relocate(self, request):
resort = get_resort_for_user(request.user)
controlled_substance_stock_id = request.data.get(
'controlled_substance_stock_id', '')
location_id = request.data.get('location_id', '')
if not controlled_substance_stock_id:
return Response(
{
_('detail'):
_('controlled_substances_stock_id not provided')
},
status=400)
try:
stock = Stock.objects.get(
controlled_substance_stock_id=controlled_substance_stock_id)
controlled_substance = stock.controlled_substance
except:
return Response(
{_('detail'): _('controlled_substance_stock not found')},
status=400)
if not location_id:
return Response({_('detail'): _('location_id not provided')},
status=400)
try:
location = ResortLocation.objects.get(location_id=location_id)
except:
return Response({_('detail'): _('location not found')}, status=400)
if stock.current_status == DISPOSED:
return Response(
{
_('detail'):
_('this item has been disposed and can not be relocated')
},
status=400)
elif stock.current_status == IN:
stock.location = location
stock.save()
elif stock.current_status == OUT:
return Response(
{
_('detail'):
_('this item is checked out. Must be checked in for relocation'
)
},
status=400)
elif stock.current_status == USED:
return Response(
{
_('detail'):
_('this item has been used and cannot be relocated')
},
status=400)
log_entry = 'Item ' + str(stock.controlled_substance_stock_pk) + ': ' + \
str(stock.volume) + ' ' + controlled_substance.units + ' of ' + \
controlled_substance.controlled_substance_name + ' ' + 'relocated to ' + location.location_name
add_log(log_entry=log_entry, resort=resort, user=request.user)
return Response(StockSerializer(
stock,
fields=('controlled_substance_stock_pk',
'controlled_substance_stock_id', 'controlled_substance',
'location', 'volume', 'dt_expiry', 'added_by_user',
'disposed_by_user', 'dt_disposed', 'dt_added')).data,
status=200)
def checkin(self, request):
resort = get_resort_for_user(request.user)
controlled_substance_stock_assignment_id = request.data.get(
'controlled_substance_stock_assignment_id', '')
location_id = request.data.get('location_id', '')
if not controlled_substance_stock_assignment_id:
return Response(
{
_('detail'):
_('controlled_substances_stock_assignment_id not provided')
},
status=400)
try:
stock_assignment = StockAssignment.objects.get(
controlled_substance_stock_assignment_id=
controlled_substance_stock_assignment_id)
stock = stock_assignment.controlled_substance_stock
controlled_substance = stock.controlled_substance
except:
return Response(
{_('detail'): _('controlled_substance_stock not found')},
status=400)
location = None
if location_id:
try:
location = ResortLocation.objects.get(location_id=location_id)
except:
return Response({_('detail'): _('location not found')},
status=400)
if stock.current_status == DISPOSED:
return Response(
{
_('detail'):
_('this item has been disposed and can not be checked in')
},
status=400)
elif stock.current_status == IN:
return Response(
{_('detail'): _('this item is already checked in')},
status=400)
elif stock.current_status == OUT:
stock.current_status = IN
if location is not None:
stock.location = location
stock.save()
stock_assignment.controlled_substance_stock_assignment_status = IN
stock_assignment.save()
elif stock.current_status == USED:
return Response(
{
_('detail'):
_('this item has been used and cannot be checked in')
},
status=400)
# Remove stock entry from the config
status, message = remove_stock_entry_from_config(resort, stock)
if not status:
return Response({_('detail'): _(message)}, status=400)
log_entry = 'Item ' + str(stock.controlled_substance_stock_pk) + ': ' + \
str(stock.volume) + ' ' + controlled_substance.units + ' of ' + \
controlled_substance.controlled_substance_name + ' ' + 'was checked-in to ' + \
stock.location.location_name + ' from ' + stock_assignment.user.name
add_log(log_entry=log_entry, resort=resort, user=request.user)
return Response(StockAssignmentSerializer(
stock_assignment,
fields=('controlled_substance_stock_assignment_id',
'controlled_substance_stock_assignment_status')).data,
status=200)
