def log_view(self, request, **extra_attrs):
"""
Logs an instance of this persons' Personally Identifiable Information being viewed by
another user.
"""
from event_log.utils import emit
emit('core.person.viewed', person=self, request=request, **extra_attrs)
def sudo_view(request):
next = request.GET.get('next') or '/'
claims = {k: v for (k, v) in request.POST.items() if k in CBAC_SUDO_CLAIMS}
cbac_entry = CBACEntry(
user=request.user,
valid_until=now() + timedelta(minutes=CBAC_SUDO_VALID_MINUTES),
claims=claims,
created_by=request.user,
)
cbac_entry.save()
messages.warning(
request, f'Käyttöoikeustarkastus ohitettu pääkäyttäjän oikeuksin. '
f'Väliaikainen käyttöoikeus on voimassa {CBAC_SUDO_VALID_MINUTES} minuuttia.'
)
emit('access.cbac.sudo',
request=request,
other_fields=cbac_entry.as_dict())
emit('access.cbacentry.created',
request=request,
other_fields=cbac_entry.as_dict())
return redirect(next)
def archive_signup(self, signup):
"""
If the signup is in a positive final state, archives it. Otherwise deletes it.
An event log entry is emitted in both cases.
Archiving a signup means making an ArchivedSignup of it and deleting the original
Signup and its SignupExtra.
"""
with transaction.atomic():
person = signup.person
event = signup.event
if signup.state in ARCHIVE_STATES:
event_type = 'labour.signup.archived'
archived_signup, created = ArchivedSignup.objects.get_or_create(
person=signup.person,
event=signup.event,
job_title=signup.some_job_title,
)
archived_signup.job_categories_accepted.set(signup.job_categories_accepted.all())
archived_signup.personnel_classes.set(signup.personnel_classes.all())
else:
event_type = 'labour.signup.deleted'
signup.signup_extra.delete()
signup.delete()
emit(event_type, person=person, event=event)
def core_password_view(request):
form = initialize_form(PasswordForm, request, the_request=request)
if request.method == 'POST':
if form.is_valid():
old_password = form.cleaned_data['old_password']
new_password = form.cleaned_data['new_password']
try:
change_user_password(request.user, old_password=old_password, new_password=new_password)
except RuntimeError:
logger.exception('Failed to change password')
messages.error(request, 'Salasanan vaihto epäonnistui. Ole hyvä ja yritä myöhemmin uudelleen.')
return redirect('core_password_view')
else:
messages.success(request, 'Salasanasi on vaihdettu. Voit nyt kirjautua uudestaan sisään uudella salasanallasi.')
emit('core.password.changed', request=request)
return redirect('core_frontpage_view')
else:
messages.error(request, 'Ole hyvä ja korjaa virheelliset kentät.')
vars = dict(
form=form,
)
return render(request, 'core_password_view.pug', vars)
def tickets_admin_accommodation_view(request, vars, event, limit_group_id=None):
if limit_group_id is not None:
limit_group_id = int(limit_group_id)
limit_group = get_object_or_404(LimitGroup, id=limit_group_id, event=event)
query = Q(
# Belongs to the selected night and school
limit_groups=limit_group,
) & (
Q(
# Accommodation information is manually added
order_product__isnull=True
) | Q(
# Order is confirmed
order_product__order__confirm_time__isnull=False,
# Order is paid
order_product__order__payment_date__isnull=False,
# Order is not cancelled
order_product__order__cancellation_time__isnull=True,
)
)
accommodees = AccommodationInformation.objects.filter(query).order_by('last_name', 'first_name')
active_filter = limit_group
else:
accommodees = []
active_filter = None
format = request.GET.get('format', 'screen')
if format in CSV_EXPORT_FORMATS:
filename = "{event.slug}-{active_filter}-{timestamp}.{format}".format(
event=event,
active_filter=slugify(limit_group.description),
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(event, AccommodationInformation, accommodees, filename=filename, dialect=CSV_EXPORT_FORMATS[format])
elif format == 'screen':
filters = [
(limit_group_id == lg.id, lg)
for lg in LimitGroup.objects.filter(
event=event,
product__requires_accommodation_information=True,
).distinct()
]
vars.update(
accommodees=accommodees,
active_filter=active_filter,
filters=filters,
)
return render(request, 'tickets_admin_accommodation_view.pug', vars)
else:
raise NotImplementedError(format)
def log_view(self, request, **extra_attrs):
"""
Logs an instance of this persons' Personally Identifiable Information being viewed by
another user.
"""
from event_log.utils import emit
emit(
'core.person.viewed',
person=self,
request=request,
**extra_attrs
)
def wrapped_view(request, *args, **kwargs):
claims = get_default_claims(request)
user = request.user
logger.debug("CBAC: Checking permissions: user=%r, claims=%s",
user.username, claims)
if not CBACEntry.is_allowed(user, claims):
logger.warning("CBAC: Permission denied: user=%r, claims=%r",
user.username, claims)
emit('access.cbac.denied',
request=request,
other_fields={'claims': claims})
raise CBACPermissionDenied(claims)
return view_func(request, *args, **kwargs)
def directory_view(request, vars, organization):
people = organization.people
num_total_people = people.count()
events = organization.events.all()
event_filters = Filter(request, 'event').add_objects('event', events)
event_slug = event_filters.selected_slug
if event_slug:
event = get_object_or_404(events, slug=event_slug)
people = event.people
else:
event = None
search_form = SearchForm(request.GET)
if search_form.is_valid():
query = search_form.cleaned_data['query']
if query:
people = people.annotate(search=SearchVector(
'first_name', 'surname', 'nick', 'email', 'phone',
'user__username'), ).filter(search=query)
hide_warning = None
if request.method == 'POST':
if request.POST.get('action') == 'hide-warning':
hide_warning = request.session[HIDE_WARNING_SESSION_KEY] = True
else:
messages.error(request, _('Unknown action.'))
if hide_warning is None:
hide_warning = request.session.get(HIDE_WARNING_SESSION_KEY, False)
vars.update(
event_filters=event_filters,
num_total_people=num_total_people,
people=people,
search_form=search_form,
show_warning=not hide_warning,
)
if search_form.is_valid() and query:
emit('directory.search.performed',
search_term=query,
request=request,
organization=organization)
else:
emit('directory.viewed', request=request, organization=organization)
return render(request, 'directory_view.pug', vars)
def directory_view(request, vars, organization):
people = organization.people
num_total_people = people.count()
events = organization.events.all()
event_filters = Filter(request, 'event').add_objects('event', events)
event_slug = event_filters.selected_slug
if event_slug:
event = get_object_or_404(events, slug=event_slug)
people = event.people
else:
event = None
search_form = SearchForm(request.GET)
if search_form.is_valid():
query = search_form.cleaned_data['query']
if query:
people = people.annotate(
search=SearchVector('first_name', 'surname', 'nick', 'email', 'phone', 'user__username'),
).filter(search=query)
hide_warning = None
if request.method == 'POST':
if request.POST.get('action') == 'hide-warning':
hide_warning = request.session[HIDE_WARNING_SESSION_KEY] = True
else:
messages.error(request, _('Unknown action.'))
if hide_warning is None:
hide_warning = request.session.get(HIDE_WARNING_SESSION_KEY, False)
vars.update(
event_filters=event_filters,
num_total_people=num_total_people,
people=people,
search_form=search_form,
show_warning=not hide_warning,
)
if search_form.is_valid() and query:
emit('directory.search.performed', search_term=query, request=request, organization=organization)
else:
emit('directory.viewed', request=request, organization=organization)
return render(request, 'directory_view.pug', vars)
def tracon2017_afterparty_participants_view(request, vars, event):
assert event.slug == 'tracon2017'
participants = SignupExtraAfterpartyProxy.objects.filter(afterparty_participation=True)
filename = "{event.slug}_afterparty_participants_{timestamp}.xlsx".format(
event=event,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(event, SignupExtraAfterpartyProxy, participants,
dialect='xlsx',
filename=filename,
m2m_mode='separate_columns',
)
def traconpaidat2019_custom_shirts_view(request, vars, event):
assert event.slug == 'traconpaidat2019'
shirts = CustomShirtProxy.objects.all()
filename = "{event.slug}_nimikoidut_{timestamp}.xlsx".format(
event=event,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(event, CustomShirtProxy, shirts,
dialect='xlsx',
filename=filename,
m2m_mode='separate_columns',
)
def core_admin_impersonate_view(request, username):
user = get_object_or_404(get_user_model(), username=username)
try:
person = user.person
except Person.DoesNotExist:
person = None
emit('core.person.impersonated', request=request, person=person)
next = get_next(request)
user = authenticate(username=username, allow_passwordless_login=YES_PLEASE_ALLOW_PASSWORDLESS_LOGIN)
messages.warning(request,
'Käytät nyt Kompassia toisen käyttäjän oikeuksilla. Tämän toiminnon käyttö on sallittua '
'ainoastaan sellaisiin ylläpitotoimenpiteisiin, joiden hoitaminen ylläpitotunnuksilla on '
'muuten tarpeettoman työlästä tai hankalaa. Muista kirjautua ulos, kun olet saanut '
'ylläpitotoimenpiteet hoidettua.'
)
return do_login(request, user, password=None, next=next)
def traconpaidat2019_custom_shirts_view(request, vars, event):
assert event.slug == 'traconpaidat2019'
shirts = CustomShirtProxy.objects.all()
filename = "{event.slug}_nimikoidut_{timestamp}.xlsx".format(
event=event,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(
event,
CustomShirtProxy,
shirts,
dialect='xlsx',
filename=filename,
m2m_mode='separate_columns',
)
def ensure_admin_group_privileges_for_event(cls, event, *, t: datetime = None, request = None):
if t is None:
t = now()
for app_name in SUPPORTED_APPS:
meta = event.get_app_event_meta(app_name)
if not meta:
continue
admin_group = meta.admin_group
admin_group_members = admin_group.user_set.all()
# remove access from those who should not have it
entries_to_remove = cls.objects.filter(granted_by_group=admin_group).exclude(user__in=admin_group_members)
for cbac_entry in entries_to_remove:
emit('access.cbacentry.deleted', request=request, other_fields=cbac_entry.as_dict())
entries_to_remove.delete()
# add access to those who should have it but do not yet have
for user in admin_group_members:
cbac_entry, created = cls.objects.get_or_create(
user=user,
granted_by_group=admin_group,
defaults=dict(
valid_from=t,
valid_until=event.end_time + timedelta(CBAC_VALID_AFTER_EVENT_DAYS),
claims={
"organization": event.organization.slug,
"event": event.slug,
"app": app_name,
},
created_by=request.user if request else None,
),
)
log_get_or_create(logger, cbac_entry, created)
if created:
emit('access.cbacentry.created', request=request, other_fields=cbac_entry.as_dict())
def core_admin_impersonate_view(request, username):
user = get_object_or_404(get_user_model(), username=username)
try:
person = user.person
except Person.DoesNotExist:
person = None
emit('core.person.impersonated', request=request, person=person)
next = get_next(request)
user = authenticate(
username=username,
allow_passwordless_login=YES_PLEASE_ALLOW_PASSWORDLESS_LOGIN)
messages.warning(
request,
'Käytät nyt Kompassia toisen käyttäjän oikeuksilla. Tämän toiminnon käyttö on sallittua '
'ainoastaan sellaisiin ylläpitotoimenpiteisiin, joiden hoitaminen ylläpitotunnuksilla on '
'muuten tarpeettoman työlästä tai hankalaa. Muista kirjautua ulos, kun olet saanut '
'ylläpitotoimenpiteet hoidettua.')
return do_login(request, user, password=None, next=next)
def tickets_admin_accommodation_view(request,
vars,
event,
limit_group_id=None):
if limit_group_id is not None:
limit_group_id = int(limit_group_id)
limit_group = get_object_or_404(LimitGroup,
id=limit_group_id,
event=event)
query = Q(
# Belongs to the selected night and school
limit_groups=limit_group, ) & (
Q(
# Accommodation information is manually added
order_product__isnull=True) | Q(
# Order is confirmed
order_product__order__confirm_time__isnull=False,
# Order is paid
order_product__order__payment_date__isnull=False,
# Order is not cancelled
order_product__order__cancellation_time__isnull=True,
))
accommodees = AccommodationInformation.objects.filter(query).order_by(
'last_name', 'first_name')
active_filter = limit_group
else:
accommodees = []
active_filter = None
limit_group = None
format = request.GET.get('format', 'screen')
if format in CSV_EXPORT_FORMATS:
filename = "{event.slug}-{active_filter}-{timestamp}.{format}".format(
event=event,
active_filter=slugify(limit_group.description)
if limit_group else "tickets",
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(event,
AccommodationInformation,
accommodees,
filename=filename,
dialect=CSV_EXPORT_FORMATS[format])
elif format == 'screen':
filters = [(limit_group_id == lg.id, lg)
for lg in LimitGroup.objects.filter(
event=event,
product__requires_accommodation_information=True,
).distinct()]
vars.update(
accommodees=accommodees,
active_filter=active_filter,
filters=filters,
)
return render(request, 'tickets_admin_accommodation_view.pug', vars)
else:
raise NotImplementedError(format)
def tickets_admin_order_view(request, vars, event, order_id):
order = get_object_or_404(Order, id=int(order_id), event=event)
customer_form = initialize_form(
CustomerForm,
request,
instance=order.customer,
prefix='customer',
)
order_form = initialize_form(
AdminOrderForm,
request,
instance=order,
prefix='order',
readonly=True,
)
order_product_forms = OrderProductForm.get_for_order(request,
order,
admin=True)
can_mark_paid = order.is_confirmed and not order.is_paid and not order.is_cancelled
can_resend = order.is_confirmed and order.is_paid and not order.is_cancelled
can_cancel = order.is_confirmed and not order.is_cancelled
can_uncancel = order.is_cancelled
if request.method == 'POST':
if customer_form.is_valid() and all(
form.fields['count'].widget.attrs.get('readonly', False)
or form.is_valid() for form in order_product_forms):
def save():
customer_form.save()
for form in order_product_forms:
if form.fields['count'].widget.attrs.get(
'readonly', False):
continue
form.save()
order.clean_up_order_products()
if 'cancel' in request.POST and can_cancel:
save()
order.cancel()
messages.success(request, 'Tilaus peruutettiin.')
return redirect('tickets_admin_order_view', event.slug,
order.pk)
elif 'uncancel' in request.POST and can_uncancel:
save()
order.uncancel()
messages.success(request, 'Tilaus palautettiin.')
return redirect('tickets_admin_order_view', event.slug,
order.pk)
elif 'mark-paid' in request.POST and can_mark_paid:
save()
order.confirm_payment()
messages.success(request, 'Tilaus merkittiin maksetuksi.')
return redirect('tickets_admin_order_view', event.slug,
order.pk)
elif 'resend-confirmation' in request.POST and can_resend:
save()
order.send_confirmation_message('payment_confirmation')
messages.success(request,
'Vahvistusviesti lähetettiin uudelleen.')
return redirect('tickets_admin_order_view', event.slug,
order.pk)
elif 'save' in request.POST:
save()
messages.success(request, 'Muutokset tallennettiin.')
else:
messages.error(request, 'Tuntematon tai kielletty toiminto.')
else:
messages.error(request, 'Ole hyvä ja tarkista lomake.')
vars.update(
order=order,
customer_form=customer_form,
order_form=order_form,
can_cancel=can_cancel,
can_mark_paid=can_mark_paid,
can_resend=can_resend,
can_uncancel=can_uncancel,
# XXX due to template being shared with public view, needs to be named "form"
form=order_product_forms,
)
# Slightly abusing the core.person.view entry type as there is no Person.
# But the context field provides enough clue.
emit('core.person.viewed', request=request, event=event)
return render(request, 'tickets_admin_order_view.pug', vars)
def membership_admin_members_view(request, vars, organization, format='screen'):
memberships = organization.memberships.all().select_related('person')
num_all_members = memberships.count()
state_filters = Filter(request, 'state').add_choices('state', STATE_CHOICES)
memberships = state_filters.filter_queryset(memberships)
filter_active = any(f.selected_slug != f.default for f in [
state_filters,
])
memberships = memberships.order_by('person__surname', 'person__official_first_names')
if request.method == 'POST' and state_filters.selected_slug == 'approval':
# PLEASE DON'T: locally cached objects do not get updated and apply_state does not do the needful
# memberships.update(state='in_effect')
# TODO encap in Membership
for membership in memberships:
membership.state = 'in_effect'
membership.save()
membership.apply_state()
messages.success(request, 'Hyväksyntää odottavat jäsenhakemukset hyväksyttiin.')
return redirect('membership_admin_members_view', organization.slug)
export_type = state_filters.selected_slug or 'all'
export_type_verbose = EXPORT_TYPE_VERBOSE[export_type]
title = '{organization.name} – {export_type_verbose}'.format(
organization=organization,
export_type_verbose=export_type_verbose,
)
vars.update(
show_approve_all_button=state_filters.selected_slug == 'approval',
memberships=memberships,
num_members=memberships.count(),
num_all_members=num_all_members,
state_filters=state_filters,
filter_active=filter_active,
css_to_show_filter_panel='in' if filter_active else '',
export_formats=EXPORT_FORMATS,
now=now(),
title=title,
)
if format in HTML_TEMPLATES:
return render(request, HTML_TEMPLATES[format], vars)
elif format in CSV_EXPORT_FORMATS:
filename = "{organization.slug}_members_{timestamp}.{format}".format(
organization=organization,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, organization=organization)
return csv_response(organization, Membership, memberships,
dialect=format,
filename=filename,
m2m_mode='separate_columns',
)
else:
raise NotImplementedError(format)
def membership_admin_members_view(request,
vars,
organization,
format='screen'):
memberships = organization.memberships.all().select_related('person')
num_all_members = memberships.count()
state_filters = Filter(request,
'state').add_choices('state', STATE_CHOICES)
memberships = state_filters.filter_queryset(memberships)
filter_active = any(f.selected_slug != f.default for f in [
state_filters,
])
memberships = memberships.order_by('person__surname',
'person__official_first_names')
if request.method == 'POST' and state_filters.selected_slug == 'approval':
# PLEASE DON'T: locally cached objects do not get updated and apply_state does not do the needful
# memberships.update(state='in_effect')
# TODO encap in Membership
for membership in memberships:
membership.state = 'in_effect'
membership.save()
membership.apply_state()
messages.success(
request, 'Hyväksyntää odottavat jäsenhakemukset hyväksyttiin.')
return redirect('membership_admin_members_view', organization.slug)
export_type = state_filters.selected_slug or 'all'
export_type_verbose = EXPORT_TYPE_VERBOSE[export_type]
title = '{organization.name} – {export_type_verbose}'.format(
organization=organization,
export_type_verbose=export_type_verbose,
)
vars.update(
show_approve_all_button=state_filters.selected_slug == 'approval',
memberships=memberships,
num_members=memberships.count(),
num_all_members=num_all_members,
state_filters=state_filters,
filter_active=filter_active,
css_to_show_filter_panel='in' if filter_active else '',
export_formats=EXPORT_FORMATS,
now=now(),
title=title,
)
if format in HTML_TEMPLATES:
return render(request, HTML_TEMPLATES[format], vars)
elif format in CSV_EXPORT_FORMATS:
filename = "{organization.slug}_members_{timestamp}.{format}".format(
organization=organization,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported',
request=request,
organization=organization)
return csv_response(
organization,
Membership,
memberships,
dialect=format,
filename=filename,
m2m_mode='separate_columns',
)
else:
raise NotImplementedError(format)
def actual_labour_signup_view(request, event, alternative_form_slug):
vars = page_wizard_vars(request)
signup = event.labour_event_meta.get_signup_for_person(request.user.person)
if alternative_form_slug is not None:
# Alternative signup form specified via URL
alternative_signup_form = get_object_or_404(AlternativeSignupForm, event=event, slug=alternative_form_slug)
if (
signup.alternative_signup_form_used is not None and \
signup.alternative_signup_form_used.pk != alternative_signup_form.pk
):
messages.error(request, _('Your application has not been submitted using this form.'))
return redirect('core_event_view', event.slug)
elif signup.pk is not None and signup.alternative_signup_form_used is not None:
# Alternative signup form used to sign up
alternative_signup_form = signup.alternative_signup_form_used
else:
# Use default signup form
alternative_signup_form = None
if alternative_signup_form is not None:
# Using an alternative signup form
if not alternative_signup_form.is_active:
messages.error(request, _('The signup form you have requested is not currently active.'))
return redirect('core_event_view', event.slug)
if alternative_signup_form.signup_message:
messages.warning(request, alternative_signup_form.signup_message)
SignupFormClass = alternative_signup_form.signup_form_class
SignupExtraFormClass = alternative_signup_form.signup_extra_form_class
else:
# Using default signup form
if not event.labour_event_meta.is_registration_open:
messages.error(request, _('This event is not currently accepting applications.'))
return redirect('core_event_view', event.slug)
if event.labour_event_meta.signup_message:
messages.warning(request, event.labour_event_meta.signup_message)
SignupFormClass = None
SignupExtraFormClass = None
if signup.is_processed:
messages.error(request, _(
'Your application has already been processed, so you can no longer edit it. '
'Please contact the volunteer coordinator for any further changes.'
))
return redirect('core_event_view', event.slug)
if signup.pk is not None:
old_state = signup.state
submit_text = _('Update application')
else:
old_state = None
submit_text = _('Submit application')
signup_extra = signup.signup_extra
signup_form, signup_extra_form = initialize_signup_forms(request, event, signup,
SignupFormClass=SignupFormClass,
SignupExtraFormClass=SignupExtraFormClass,
)
if request.method == 'POST':
if signup_form.is_valid() and signup_extra_form.is_valid():
if signup.pk is None:
message = _('Thank you for your application!')
event_type = 'labour.signup.created'
else:
message = _('Your application has been updated.')
event_type = 'labour.signup.updated'
if alternative_signup_form is not None:
signup.alternative_signup_form_used = alternative_signup_form
set_attrs(signup, **signup_form.get_excluded_field_defaults())
set_attrs(signup_extra, **signup_extra_form.get_excluded_field_defaults())
with transaction.atomic():
signup = signup_form.save()
signup_extra.signup = signup
signup_extra = signup_extra_form.save()
if alternative_signup_form is not None:
# Save m2m field defaults
for obj, form in [
(signup, signup_form),
(signup_extra, signup_extra_form),
]:
defaults = form.get_excluded_m2m_field_defaults() or {}
for key, values in defaults.items():
getattr(obj, key).set(values)
emit(event_type, request=request, person=request.user.person, event=event)
signup.apply_state()
messages.success(request, message)
return redirect('core_event_view', event.slug)
else:
messages.error(request, _('Please check the form.'))
available_job_categories = signup_form.get_job_categories(event=event)
all_job_categories = JobCategory.objects.filter(event=event)
# FIXME use id and data attr instead of category name
non_qualified_category_names = [
jc.name for jc in available_job_categories
if not jc.is_person_qualified(request.user.person)
]
vars.update(
alternative_signup_form=alternative_signup_form,
event=event,
signup_extra_form=signup_extra_form,
signup_form=signup_form,
signup=signup,
submit_text=submit_text,
# XXX HACK descriptions injected using javascript
job_descriptions_json=json.dumps(dict((cat.pk, cat.description) for cat in all_job_categories)),
non_qualified_category_names_json=json.dumps(non_qualified_category_names),
)
return render(request, 'labour_signup_view.pug', vars)
def labour_admin_signups_view(request, vars, event, format='screen'):
meta = event.labour_event_meta
SignupClass = SignupCertificateProxy if format == 'html' else Signup
SignupExtra = meta.signup_extra_model
signups = SignupClass.objects.filter(event=event)
signups = signups.select_related('person').select_related('event')
signups = signups.prefetch_related('job_categories').prefetch_related('job_categories_accepted')
if format in HTML_TEMPLATES:
num_all_signups = signups.count()
job_categories = event.jobcategory_set.all()
personnel_classes = event.personnelclass_set.filter(app_label='labour')
job_category_filters = Filter(request, "job_category").add_objects("job_categories__slug", job_categories)
signups = job_category_filters.filter_queryset(signups)
job_category_accepted_filters = Filter(request, "job_category_accepted").add_objects("job_categories_accepted__slug", job_categories)
signups = job_category_accepted_filters.filter_queryset(signups)
personnel_class_filters = Filter(request, "personnel_class").add_objects("personnel_classes__slug", personnel_classes)
signups = personnel_class_filters.filter_queryset(signups)
state_filter = SignupStateFilter(request, "state")
signups = state_filter.filter_queryset(signups)
if SignupExtra.get_field('night_work'):
night_work_path = '{prefix}{app_label}_signup_extra__night_work'.format(
prefix='person__' if SignupExtra.schema_version >= 2 else '',
app_label=SignupExtra._meta.app_label
)
night_work_filter = Filter(request, 'night_work').add_booleans(night_work_path)
signups = night_work_filter.filter_queryset(signups)
else:
night_work_filter = None
sorter = Sorter(request, "sort")
sorter.add("name", name='Sukunimi, Etunimi', definition=('person__surname', 'person__first_name'))
sorter.add("newest", name='Uusin ensin', definition=('-created_at',))
sorter.add("oldest", name='Vanhin ensin', definition=('created_at',))
signups = sorter.order_queryset(signups)
if request.method == 'POST':
action = request.POST.get('action', None)
if action == 'reject':
SignupClass.mass_reject(signups)
elif action == 'request_confirmation':
SignupClass.mass_request_confirmation(signups)
elif action == 'send_shifts':
SignupClass.mass_send_shifts(signups)
else:
messages.error(request, 'Ei semmosta toimintoa oo.')
return redirect('labour_admin_signups_view', event.slug)
elif format in HTML_TEMPLATES:
num_would_mass_reject = signups.filter(**SignupClass.get_state_query_params('new')).count()
num_would_mass_request_confirmation = signups.filter(**SignupClass.get_state_query_params('accepted')).count()
num_would_send_shifts = SignupClass.filter_signups_for_mass_send_shifts(signups).count()
mass_operations = OrderedDict([
('reject', MassOperation(
'reject',
'labour-admin-mass-reject-modal',
'Hylkää kaikki käsittelemättömät...',
num_would_mass_reject,
)),
('request_confirmation', MassOperation(
'request_confirmation',
'labour-admin-mass-request-confirmation-modal',
'Vaadi vahvistusta kaikilta hyväksytyiltä...',
num_would_mass_request_confirmation,
)),
('send_shifts', MassOperation(
'send_shifts',
'labour-admin-mass-send-shifts-modal',
'Lähetä vuorot kaikille vuoroja odottaville, joille ne on määritelty...',
num_would_send_shifts,
)),
])
vars.update(
export_formats=EXPORT_FORMATS,
job_category_accepted_filters=job_category_accepted_filters,
job_category_filters=job_category_filters,
mass_operations=mass_operations,
night_work_filter=night_work_filter,
num_all_signups=num_all_signups,
num_signups=signups.count(),
personnel_class_filters=personnel_class_filters,
signups=signups,
sorter=sorter,
state_filter=state_filter,
css_to_show_filter_panel='in' if any(f.selected_slug != f.default for f in [
job_category_filters,
job_category_accepted_filters,
personnel_class_filters,
state_filter,
sorter,
]) else '',
now=now(),
)
html_template = HTML_TEMPLATES[format]
return render(request, html_template, vars)
elif format in CSV_EXPORT_FORMATS:
filename = "{event.slug}_signups_{timestamp}.{format}".format(
event=event,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(event, SignupClass, signups,
dialect=CSV_EXPORT_FORMATS[format],
filename=filename,
m2m_mode='separate_columns',
)
else:
raise NotImplementedError(format)
def programme_admin_organizers_view(request, vars, event, format='screen'):
programme_roles = (
ProgrammeRole.objects.filter(programme__category__event=event)
.select_related('person')
.select_related('programme')
.select_related('role')
.order_by('person__surname', 'person__first_name', 'programme__title')
)
personnel_classes = PersonnelClass.objects.filter(
event=event,
role__personnel_class__event=event,
)
personnel_class_filters = Filter(request, 'personnel_class')
personnel_class_filters.add_objects('role__personnel_class__slug', personnel_classes)
programme_roles = personnel_class_filters.filter_queryset(programme_roles)
roles = Role.objects.filter(personnel_class__event=event)
role_filters = Filter(request, 'role')
role_filters.add_objects('role__slug', roles)
programme_roles = role_filters.filter_queryset(programme_roles)
forms = AlternativeProgrammeForm.objects.filter(event=event)
form_filters = Filter(request, 'form')
form_filters.add_objects('programme__form_used__slug', forms)
programme_roles = form_filters.filter_queryset(programme_roles)
active_filters = Filter(request, 'active').add_booleans('is_active')
programme_roles = active_filters.filter_queryset(programme_roles)
organizers = []
prs_by_organizer = groupby_strict(programme_roles, lambda pr: pr.person)
for organizer, prs in prs_by_organizer:
organizer.current_event_programme_roles = prs
organizers.append(organizer)
vars.update(
active_filters=active_filters,
export_formats=EXPORT_FORMATS,
form_filters=form_filters,
num_organizers=len(organizers),
num_total_organizers=Person.objects.filter(programme__category__event=event).distinct().count(),
organizers=organizers,
personnel_class_filters=personnel_class_filters,
role_filters=role_filters,
)
if format == 'screen':
return render(request, 'programme_admin_organizers_view.pug', vars)
elif format == 'txt':
emails = '\n'.join(programme_roles.order_by('person__email').values_list('person__email', flat=True).distinct())
emit('core.person.exported', request=request, event=event)
return HttpResponse(emails, content_type='text/plain')
elif format in CSV_EXPORT_FORMATS:
filename = "{event.slug}_programme_organizers_{timestamp}.{format}".format(
event=event,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(event, ProgrammeRole, programme_roles,
dialect=CSV_EXPORT_FORMATS[format],
filename=filename,
m2m_mode='separate_columns',
)
else:
raise NotImplementedError(format)
def tickets_admin_order_view(request, vars, event, order_id):
order = get_object_or_404(Order, id=int(order_id), event=event)
customer_form = initialize_form(CustomerForm, request,
instance=order.customer,
prefix='customer',
)
order_form = initialize_form(AdminOrderForm, request,
instance=order,
prefix='order',
readonly=True,
)
order_product_forms = OrderProductForm.get_for_order(request, order, admin=True)
can_mark_paid = order.is_confirmed and not order.is_paid and not order.is_cancelled
can_resend = order.is_confirmed and order.is_paid and not order.is_cancelled
can_cancel = order.is_confirmed and not order.is_cancelled
can_uncancel = order.is_cancelled
if request.method == 'POST':
if customer_form.is_valid() and all(form.fields['count'].widget.attrs.get('readonly', False) or form.is_valid() for form in order_product_forms):
def save():
customer_form.save()
for form in order_product_forms:
if form.fields['count'].widget.attrs.get('readonly', False):
continue
form.save()
order.clean_up_order_products()
if 'cancel' in request.POST and can_cancel:
save()
order.cancel()
messages.success(request, 'Tilaus peruutettiin.')
return redirect('tickets_admin_order_view', event.slug, order.pk)
elif 'uncancel' in request.POST and can_uncancel:
save()
order.uncancel()
messages.success(request, 'Tilaus palautettiin.')
return redirect('tickets_admin_order_view', event.slug, order.pk)
elif 'mark-paid' in request.POST and can_mark_paid:
save()
order.confirm_payment()
messages.success(request, 'Tilaus merkittiin maksetuksi.')
return redirect('tickets_admin_order_view', event.slug, order.pk)
elif 'resend-confirmation' in request.POST and can_resend:
save()
order.send_confirmation_message('payment_confirmation')
messages.success(request, 'Vahvistusviesti lähetettiin uudelleen.')
return redirect('tickets_admin_order_view', event.slug, order.pk)
elif 'save' in request.POST:
save()
messages.success(request, 'Muutokset tallennettiin.')
else:
messages.error(request, 'Tuntematon tai kielletty toiminto.')
else:
messages.error(request, 'Ole hyvä ja tarkista lomake.')
vars.update(
order=order,
customer_form=customer_form,
order_form=order_form,
can_cancel=can_cancel,
can_mark_paid=can_mark_paid,
can_resend=can_resend,
can_uncancel=can_uncancel,
# XXX due to template being shared with public view, needs to be named "form"
form=order_product_forms,
)
# Slightly abusing the core.person.view entry type as there is no Person.
# But the context field provides enough clue.
emit('core.person.viewed', request=request, event=event)
return render(request, 'tickets_admin_order_view.pug', vars)
def admin_organizers_view(request, vars, event, format='screen'):
programme_roles = (
ProgrammeRole.objects.filter(
programme__category__event=event).select_related('person').
select_related('programme').select_related('role').order_by(
'person__surname', 'person__first_name', 'programme__title'))
personnel_classes = PersonnelClass.objects.filter(
event=event,
role__personnel_class__event=event,
)
personnel_class_filters = Filter(request, 'personnel_class')
personnel_class_filters.add_objects('role__personnel_class__slug',
personnel_classes)
programme_roles = personnel_class_filters.filter_queryset(programme_roles)
roles = Role.objects.filter(personnel_class__event=event)
role_filters = Filter(request, 'role')
role_filters.add_objects('role__slug', roles)
programme_roles = role_filters.filter_queryset(programme_roles)
forms = AlternativeProgrammeForm.objects.filter(event=event)
form_filters = Filter(request, 'form')
form_filters.add_objects('programme__form_used__slug', forms)
programme_roles = form_filters.filter_queryset(programme_roles)
active_filters = Filter(request, 'active').add_booleans('is_active')
programme_roles = active_filters.filter_queryset(programme_roles)
organizers = []
prs_by_organizer = groupby_strict(programme_roles, lambda pr: pr.person)
for organizer, prs in prs_by_organizer:
organizer.current_event_programme_roles = prs
organizers.append(organizer)
vars.update(
active_filters=active_filters,
export_formats=EXPORT_FORMATS,
form_filters=form_filters,
num_organizers=len(organizers),
num_total_organizers=Person.objects.filter(
programme__category__event=event).distinct().count(),
organizers=organizers,
personnel_class_filters=personnel_class_filters,
role_filters=role_filters,
)
if format == 'screen':
return render(request, 'programme_admin_organizers_view.pug', vars)
elif format == 'txt':
emails = '\n'.join(
programme_roles.order_by('person__email').values_list(
'person__email', flat=True).distinct())
emit('core.person.exported', request=request, event=event)
return HttpResponse(emails, content_type='text/plain')
elif format in CSV_EXPORT_FORMATS:
filename = "{event.slug}_programme_organizers_{timestamp}.{format}".format(
event=event,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(
event,
ProgrammeRole,
programme_roles,
dialect=CSV_EXPORT_FORMATS[format],
filename=filename,
m2m_mode='separate_columns',
)
else:
raise NotImplementedError(format)
def labour_admin_signups_view(request, vars, event, format='screen'):
meta = event.labour_event_meta
SignupClass = SignupCertificateProxy if format == 'html' else Signup
SignupExtra = meta.signup_extra_model
signups = SignupClass.objects.filter(event=event)
signups = signups.select_related('person').select_related('event')
signups = signups.prefetch_related('job_categories').prefetch_related(
'job_categories_accepted')
if format in HTML_TEMPLATES:
num_all_signups = signups.count()
job_categories = event.jobcategory_set.all()
personnel_classes = event.personnelclass_set.filter(app_label='labour')
job_category_filters = Filter(request, "job_category").add_objects(
"job_categories__slug", job_categories)
signups = job_category_filters.filter_queryset(signups)
job_category_accepted_filters = Filter(
request,
"job_category_accepted").add_objects("job_categories_accepted__slug",
job_categories)
signups = job_category_accepted_filters.filter_queryset(signups)
personnel_class_filters = Filter(request, "personnel_class").add_objects(
"personnel_classes__slug", personnel_classes)
signups = personnel_class_filters.filter_queryset(signups)
state_filter = SignupStateFilter(request, "state")
signups = state_filter.filter_queryset(signups)
if SignupExtra.get_field('night_work'):
night_work_path = '{prefix}{app_label}_signup_extra__night_work'.format(
prefix='person__' if SignupExtra.schema_version >= 2 else '',
app_label=SignupExtra._meta.app_label)
night_work_filter = Filter(request,
'night_work').add_booleans(night_work_path)
signups = night_work_filter.filter_queryset(signups)
else:
night_work_filter = None
sorter = Sorter(request, "sort")
sorter.add("name",
name='Sukunimi, Etunimi',
definition=('person__surname', 'person__first_name'))
sorter.add("newest", name='Uusin ensin', definition=('-created_at', ))
sorter.add("oldest", name='Vanhin ensin', definition=('created_at', ))
signups = sorter.order_queryset(signups)
if request.method == 'POST':
action = request.POST.get('action', None)
if action == 'reject':
SignupClass.mass_reject(signups)
elif action == 'request_confirmation':
SignupClass.mass_request_confirmation(signups)
elif action == 'send_shifts':
SignupClass.mass_send_shifts(signups)
else:
messages.error(request, 'Ei semmosta toimintoa oo.')
return redirect('labour_admin_signups_view', event.slug)
elif format in HTML_TEMPLATES:
num_would_mass_reject = signups.filter(
**SignupClass.get_state_query_params('new')).count()
num_would_mass_request_confirmation = signups.filter(
**SignupClass.get_state_query_params('accepted')).count()
num_would_send_shifts = SignupClass.filter_signups_for_mass_send_shifts(
signups).count()
mass_operations = OrderedDict([
('reject',
MassOperation(
'reject',
'labour-admin-mass-reject-modal',
'Hylkää kaikki käsittelemättömät...',
num_would_mass_reject,
)),
('request_confirmation',
MassOperation(
'request_confirmation',
'labour-admin-mass-request-confirmation-modal',
'Vaadi vahvistusta kaikilta hyväksytyiltä...',
num_would_mass_request_confirmation,
)),
('send_shifts',
MassOperation(
'send_shifts',
'labour-admin-mass-send-shifts-modal',
'Lähetä vuorot kaikille vuoroja odottaville, joille ne on määritelty...',
num_would_send_shifts,
)),
])
vars.update(
export_formats=EXPORT_FORMATS,
job_category_accepted_filters=job_category_accepted_filters,
job_category_filters=job_category_filters,
mass_operations=mass_operations,
night_work_filter=night_work_filter,
num_all_signups=num_all_signups,
num_signups=signups.count(),
personnel_class_filters=personnel_class_filters,
signups=signups,
sorter=sorter,
state_filter=state_filter,
css_to_show_filter_panel='in' if any(
f.selected_slug != f.default for f in [
job_category_filters,
job_category_accepted_filters,
personnel_class_filters,
state_filter,
sorter,
]) else '',
now=now(),
)
html_template = HTML_TEMPLATES[format]
return render(request, html_template, vars)
elif format in CSV_EXPORT_FORMATS:
filename = "{event.slug}_signups_{timestamp}.{format}".format(
event=event,
timestamp=now().strftime('%Y%m%d%H%M%S'),
format=format,
)
emit('core.person.exported', request=request, event=event)
return csv_response(
event,
SignupClass,
signups,
dialect=CSV_EXPORT_FORMATS[format],
filename=filename,
m2m_mode='separate_columns',
)
else:
raise NotImplementedError(format)
