def project_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: print("************* no user") return HTTPFound(request.application_url) project_id = request.matchdict.get('project_id') project = DBSession.query(Project).filter_by(id=project_id).filter_by(account_id=account_id).first() if project is None or user.can_access_client(project.client, "financials") == False: print("************* no permissions") return HTTPFound(request.application_url) project.is_active = False project.end_date = datetime.datetime.now() DBSession.flush() return HTTPFound(location=request.application_url + "/client/" + str(project.client_id) + "/projects/" + str( datetime.datetime.now().year)) except: print("*************") traceback.print_exc() return HTTPFound(request.application_url)
def person_enable_login(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or (user.is_administrator == False and user.is_hr_administrator == False): return HTTPFound(request.application_url) person_id = request.matchdict.get('person_id') if user_id == person_id: return HTTPFound(request.application_url + "/administration/employees") person = DBSession.query(User).filter_by(id=person_id).filter_by(account_id=account_id).first() password = None if person is None: return HTTPFound(request.application_url + "/administration/employees") password = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(6)) encrypted_password = bcrypt.hashpw(password, bcrypt.gensalt()) person.password = encrypted_password DBSession.flush() return dict(logged_in=authenticated_userid(request), header=Header("administration"), person=person, user=user, password=password) except: return HTTPFound(request.application_url)
def client_financials(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) client_id = request.matchdict['client_id'] year = request.matchdict['year'] user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() client = DBSession.query(Client).filter_by( account_id=account_id).filter_by(id=client_id).first() access_financials = user.can_access_client(client, "financials") if user is None or account is None or client is None or access_financials == False: return HTTPFound(request.application_url) access_pipeline = user.can_access_client(client, "pipeline") access_utilization = user.can_access_client(client, "utilization") financials = client.getFinancials(year, user) return dict(logged_in=authenticated_userid(request), header=getHeader(client), financials=financials, client=client, year=year, user=user, account=account, access_pipeline=access_pipeline, access_utilization=access_utilization, access_financials=access_financials) except: #how to print out the exception problem: #traceback.print_exc() return HTTPFound(request.application_url)
def _get_header(type_of_person, office_id, department_id): if ((office_id is None or office_id.lower() == "all") and (department_id is None or department_id.lower() == "all")): if type_of_person == "direct": return "My Direct Reports" else: return "All People" if office_id is None or office_id.lower() == "all": department = DBSession.query(Department).filter_by( id=department_id).first() if type_of_person == "direct": return "My Direct Reports in " + department.name else: return "People in " + department.name if department_id is None or department_id.lower() == "all": office = DBSession.query(Office).filter_by(id=office_id).first() if type_of_person == "direct": return "My Direct Reports in " + office.name else: return "People in " + office.name department = DBSession.query(Department).filter_by( id=department_id).first() office = DBSession.query(Office).filter_by(id=office_id).first() if type_of_person == "direct": return "My Direct Reports in " + office.name + " for " + department.name else: return "People in " + office.name + " for " + department.name
def _get_header(type_of_person, office_id, department_id): if ((office_id is None or office_id.lower() == "all") and ( department_id is None or department_id.lower() == "all")): if type_of_person == "direct": return "My Direct Reports" else: return "All People" if office_id is None or office_id.lower() == "all": department = DBSession.query(Department).filter_by(id=department_id).first() if type_of_person == "direct": return "My Direct Reports in " + department.name else: return "People in " + department.name if department_id is None or department_id.lower() == "all": office = DBSession.query(Office).filter_by(id=office_id).first() if type_of_person == "direct": return "My Direct Reports in " + office.name else: return "People in " + office.name department = DBSession.query(Department).filter_by(id=department_id).first() office = DBSession.query(Office).filter_by(id=office_id).first() if type_of_person == "direct": return "My Direct Reports in " + office.name + " for " + department.name else: return "People in " + office.name + " for " + department.name
def office_financials(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) office_id = request.matchdict['office_id'] year = request.matchdict['year'] user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() office = DBSession.query(Office).filter_by( account_id=account_id).filter_by(id=office_id).first() access_financials = user.can_access_office(office, "financials") if user is None or account is None or office is None or access_financials == False: return HTTPFound(request.application_url) access_pipeline = user.can_access_office(office, "pipeline") access_utilization = user.can_access_office(office, "utilization") financials = office.getFinancials(year, user) return dict(logged_in=authenticated_userid(request), header=getHeader(office), financials=financials, office=office, year=year, user=user, account=account, access_pipeline=access_pipeline, access_utilization=access_utilization, access_financials=access_financials) except: return HTTPFound(request.application_url)
def project_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: print("************* no user") return HTTPFound(request.application_url) project_id = request.matchdict.get('project_id') project = DBSession.query(Project).filter_by(id=project_id).filter_by( account_id=account_id).first() if project is None or user.can_access_client(project.client, "financials") == False: print("************* no permissions") return HTTPFound(request.application_url) project.is_active = False project.end_date = datetime.datetime.now() DBSession.flush() return HTTPFound(location=request.application_url + "/client/" + str(project.client_id) + "/projects/" + str(datetime.datetime.now().year)) except: print("*************") traceback.print_exc() return HTTPFound(request.application_url)
def department_financials(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) department_id = request.matchdict['department_id'] year = request.matchdict['year'] user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() department = DBSession.query(Department).filter_by( account_id=account_id).filter_by(id=department_id).first() access_financials = user.can_access_department(department, "financials") if user is None or account is None or department is None or access_financials == False: return HTTPFound(request.application_url) access_utilization = user.can_access_department( department, "utilization") financials = department.getFinancials(year, user) return dict(logged_in=authenticated_userid(request), header=getHeader(department), financials=financials, department=department, year=year, user=user, account=account, access_utilization=access_utilization, access_financials=access_financials) except: traceback.print_exc() return HTTPFound(request.application_url)
def roles(request): department_id = request.matchdict.get('department_id') user = DBSession.query(User).filter_by(id=long(request.session['uid'])).first() roles = [] if department_id == 'all': if user.permissions.is_administrator or user.permissions.can_view_all_departments: roles = DBSession.query(Role).filter_by(account_id=long(request.session['aid'])).filter( Role.is_active == True).all() else: HTTPFound(request.application_url) else: if user.permissions.is_administrator or user.permissions.can_view_all_departments: roles = DBSession.query(Role).filter_by(department_id=department_id).filter(Role.is_active == True).all() else: dept_match = False for department in user.permissions.view_departments: if department.id == department_id: roles = DBSession.query(Role).filter_by(department_id=department_id).filter( Role.is_active is True).all() dept_match = True break if dept_match is False: HTTPFound(request.application_url) header = _get_header(department_id) account = DBSession.query(Account).filter_by(id=long(request.session['aid'])).first() return dict(logged_in=authenticated_userid(request), account=account, user=user, roles=roles, active_people="", active_roles="active", header=header, department_id=department_id)
def client_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: return HTTPFound(request.application_url) client_id = request.matchdict.get('client_id') client = DBSession.query(Client).filter_by(id=client_id).filter_by( account_id=account_id).first() if client is None or user.can_access_client(client, "financials") == False: return HTTPFound(request.application_url) client.is_active = False DBSession.flush() return HTTPFound(request.application_url + "/office/" + str(client.office_id) + "/clients/" + str(datetime.datetime.now().year)) except: return HTTPFound(request.application_url)
def client_projects_update(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: return HTTPFound(request.application_url) client_id = long(request.matchdict['client_id']) client = DBSession.query(Client).filter_by(id=client_id).filter_by( account_id=account_id).first() if client is None or user.can_access_client(client, "financials") == False: return HTTPFound(request.application_url) if request.method == "POST": for project in account.projects: if project.is_active and project.client.office_id == client.office_id: revenue_local = long( request.params.get(str(project.id) + "-revenue")) if user.currency is None: revenue = revenue_local else: revenue = revenue_local * user.currency.currency_to_usd start_date_text = request.params.get( str(project.id) + "-start_date") start_dateparts = start_date_text.split("/") start_date = datetime.date(long(start_dateparts[2]), long(start_dateparts[0]), long(start_dateparts[1])) end_date_text = request.params.get( str(project.id) + "-end_date") end_dateparts = end_date_text.split("/") end_date = datetime.date(long(end_dateparts[2]), long(end_dateparts[0]), long(end_dateparts[1])) project.revenue = revenue project.start_date = start_date project.end_date = end_date DBSession.flush() return HTTPFound(request.application_url + "/client/" + str(client.id) + "/projects/" + str(datetime.datetime.now().year)) return dict(logged_in=authenticated_userid(request), header=Header("financials"), user=user, account=account, client=client) except: traceback.print_exc() return HTTPFound(request.application_url)
def role(request): role_id = request.matchdict.get('role_id') user = DBSession.query(User).filter_by(id=long(request.session['uid'])).first() role = DBSession.query(Role).filter_by(id=long(role_id)).first() return dict(logged_in=authenticated_userid(request), header=Header("reviews"), role=role, user=user)
def global_expenses(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) year = request.matchdict['year'] user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or not ( user.is_administrator or user.permissions_global_financials): return HTTPFound(request.application_url) offices = DBSession.query(Office).filter_by( account_id=account_id).all() if offices is None: return HTTPFound(request.application_url) if request.method == "POST": for office in offices: change = False ase = None sga = None ase_text = request.POST.get("ase_" + str(office.id)) if ase_text is not None and ase_text != '': ase_local = long(ase_text) if user.currency is None: ase = ase_local else: ase = ase_local * user.currency.currency_to_usd office.allocated_salary_expense = ase sga_text = request.POST.get("sga_" + str(office.id)) if sga_text is not None and sga_text != '': sga_local = long(sga_text) if user.currency is None: sga = sga_local else: sga = sga_local * user.currency.currency_to_usd office.sga_expense = sga DBSession.flush() # return HTTPFound(request.application_url + "/administration/expenses") return dict(logged_in=authenticated_userid(request), header=Header("financials"), offices=offices, year=year, user=user) except: traceback.print_exc() return HTTPFound(request.application_url)
def role(request): role_id = request.matchdict.get('role_id') user = DBSession.query(User).filter_by( id=long(request.session['uid'])).first() role = DBSession.query(Role).filter_by(id=long(role_id)).first() return dict(logged_in=authenticated_userid(request), header=Header("reviews"), role=role, user=user)
def administration_revenue(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or account is None or not ( user.is_administrator or user.permissions_global_financials): return HTTPFound(request.application_url) if request.method == "POST": quarter_end_date_text = request.params.get("quarter_end_type") quarter_end_year_text = request.params.get("quarter_end_year") quarter_end_date_parts = quarter_end_date_text.split("/") quarter_end_date = datetime.date(long(quarter_end_year_text), long(quarter_end_date_parts[0]), long(quarter_end_date_parts[1])) for project in account.projects: revenue_local = long( request.params.get(str(project.id) + "-revenue")) if user.currency is None: revenue = revenue_local else: revenue = revenue_local * user.currency.currency_to_usd actual_revenue = DBSession.query(ActualRevenue).filter_by( project_id=project.id).filter_by( quarter_end_date=quarter_end_date).first() if actual_revenue is not None: actual_revenue.revenue = revenue else: actual_revenue = ActualRevenue(project, revenue, quarter_end_date) DBSession.flush() return HTTPFound(request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account, user=user) except: traceback.print_exc() return HTTPFound(request.application_url)
def department_edit(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator is False: return HTTPFound(request.application_url) department_id = request.matchdict['department_id'] if request.method == "POST": name = request.params["name"].lower() dept = DBSession.query(Department).filter_by(account_id=account_id).filter_by(name=name).first() if dept is None or dept.id == department_id: DBSession.query(Department).filter_by(id=department_id).filter_by(account_id=account_id).update( {'name': name}) DBSession.flush() return HTTPFound(location=request.application_url + "/administration/company") department = DBSession.query(Department).filter_by(id=department_id).first() return dict(logged_in=authenticated_userid(request), header=Header("administration"), department=department, user=user) except: return HTTPFound(request.application_url)
def person(request): #FIX PERMISSIONS! person_id = request.matchdict.get('person_id') review_year = request.params.get('year') user = DBSession.query(User).filter_by(id=long(request.session['uid'])).first() person = DBSession.query(User).filter_by(id=long(person_id)).first() account = DBSession.query(Account).filter_by(id=long(request.session['aid'])).first() if review_year is None or review_year == "": review_year = account.latest_review_year review = DBSession.query(Review).filter_by(user_id=person.id).filter_by(review_cycle_year=review_year).first() if review is None: if review_year == account.latest_review_year: review = Review(user, review_year) DBSession.add(review) DBSession.flush() else: HTTPFound(location=request.application_url) return dict(logged_in=authenticated_userid(request), person=person, user=user, review=review, account=account)
def administration_employees(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or account is None or (user.is_administrator == False and user.is_hr_administrator == False): return HTTPFound(request.application_url) return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account, user=user) except: return HTTPFound(request.application_url)
def department_edit(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator is False: return HTTPFound(request.application_url) department_id = request.matchdict['department_id'] if request.method == "POST": name = request.params["name"].lower() dept = DBSession.query(Department).filter_by( account_id=account_id).filter_by(name=name).first() if dept is None or dept.id == department_id: DBSession.query(Department).filter_by( id=department_id).filter_by(account_id=account_id).update( {'name': name}) DBSession.flush() return HTTPFound(location=request.application_url + "/administration/company") department = DBSession.query(Department).filter_by( id=department_id).first() return dict(logged_in=authenticated_userid(request), header=Header("administration"), department=department, user=user) except: return HTTPFound(request.application_url)
def global_expenses(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) year = request.matchdict['year'] user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or not (user.is_administrator or user.permissions_global_financials): return HTTPFound(request.application_url) offices = DBSession.query(Office).filter_by(account_id=account_id).all() if offices is None: return HTTPFound(request.application_url) if request.method == "POST": for office in offices: change = False ase = None sga = None ase_text = request.POST.get("ase_" + str(office.id)) if ase_text is not None and ase_text != '': ase_local = long(ase_text) if user.currency is None: ase = ase_local else: ase = ase_local * user.currency.currency_to_usd office.allocated_salary_expense = ase sga_text = request.POST.get("sga_" + str(office.id)) if sga_text is not None and sga_text != '': sga_local = long(sga_text) if user.currency is None: sga = sga_local else: sga = sga_local * user.currency.currency_to_usd office.sga_expense = sga DBSession.flush() # return HTTPFound(request.application_url + "/administration/expenses") return dict(logged_in=authenticated_userid(request), header=Header("financials"), offices=offices, year=year, user=user) except: traceback.print_exc() return HTTPFound(request.application_url)
def _get_header(department_id): if (department_id is None or department_id.lower() == "all"): return "All Roles" else: department = DBSession.query(Department).filter_by( id=department_id).first() return "Roles in " + department.name
def administration_company(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account, user=user) except: return HTTPFound(request.application_url)
def login(request): login_url = request.route_url('login') referrer = request.url if referrer == login_url: referrer = '/' # never use the login form itself as came_from came_from = request.params.get('came_from', referrer) if came_from == None: came_from = request.application_url message = '' email = '' password = '' if 'form.submitted' in request.params: email = request.params['email'].lower() password = request.params['password'] user = DBSession.query(User).filter_by(email=email).first() if user is None: return dict(message='user not found', url=request.application_url + '/login', came_from=came_from, email=email) if user.is_valid_password(password): request.session['uid'] = str(user.id) request.session['aid'] = str(user.account_id) headers = remember(request, user.id) return HTTPFound(came_from, headers=headers) else: return dict(message='invalid password', url=request.application_url + '/login', came_from=came_from, email=email) return dict(message='failed login', url=request.application_url + '/login', came_from=came_from, email=email)
def client_projects_update(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: return HTTPFound(request.application_url) client_id = long(request.matchdict['client_id']) client = DBSession.query(Client).filter_by(id=client_id).filter_by(account_id=account_id).first() if client is None or user.can_access_client(client, "financials") == False: return HTTPFound(request.application_url) if request.method == "POST": for project in account.projects: if project.is_active and project.client.office_id == client.office_id: revenue_local = long(request.params.get(str(project.id) + "-revenue")) if user.currency is None: revenue = revenue_local else: revenue = revenue_local * user.currency.currency_to_usd start_date_text = request.params.get(str(project.id) + "-start_date") start_dateparts = start_date_text.split("/") start_date = datetime.date(long(start_dateparts[2]), long(start_dateparts[0]), long(start_dateparts[1])) end_date_text = request.params.get(str(project.id) + "-end_date") end_dateparts = end_date_text.split("/") end_date = datetime.date(long(end_dateparts[2]), long(end_dateparts[0]), long(end_dateparts[1])) project.revenue = revenue project.start_date = start_date project.end_date = end_date DBSession.flush() return HTTPFound(request.application_url + "/client/" + str(client.id) + "/projects/" + str( datetime.datetime.now().year)) return dict(logged_in=authenticated_userid(request), header=Header("financials"), user=user, account=account, client=client) except: traceback.print_exc() return HTTPFound(request.application_url)
def department_add(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"].lower() dept = DBSession.query(Department).filter_by( account_id=account_id).filter_by(name=name).first() if dept is None: new_department = Department(name, account) DBSession.add(new_department) DBSession.flush() if request.params.get("add_another") is None: return HTTPFound(location=request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), user=user) except: return HTTPFound(request.application_url)
def currency_add(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"].lower() currency_to_usd = float(request.params["currency_to_usd"]) error = False if name == "usd": error = True currency = DBSession.query(Currency).filter_by(account_id=account_id).filter_by(name=name).first() if currency is not None: error = True if error == False: new_currency = Currency(name, account, currency_to_usd) DBSession.add(new_currency) DBSession.flush() if request.params.get("add_another") is None: return HTTPFound(request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), user=user) except: return HTTPFound(request.application_url)
def office_add(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"].lower() office = DBSession.query(Office).filter_by( account_id=long(request.session['aid'])).filter_by( name=name).first() if office is None: benefits_and_bonus = long(request.params["benefits_and_bonus"]) new_office = Office(name, benefits_and_bonus, account) DBSession.add(new_office) DBSession.flush() if request.params.get("add_another") is None: return HTTPFound(request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), user=user) except: return HTTPFound(request.application_url)
def account_edit(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or user.is_administrator == False or account is None: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"] benefits_and_bonus = long(request.params["benefits_and_bonus"]) acc = DBSession.query(Account).filter_by(name=name).first() if acc is None or acc.id == account.id: DBSession.query(Account).filter_by(id=account_id).update( {'name': name, 'benefits_and_bonus': benefits_and_bonus}) DBSession.flush() return HTTPFound(request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account, user=user) except: return HTTPFound(request.application_url)
def account_edit(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or user.is_administrator == False or account is None: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"] benefits_and_bonus = long(request.params["benefits_and_bonus"]) acc = DBSession.query(Account).filter_by(name=name).first() if acc is None or acc.id == account.id: DBSession.query(Account).filter_by(id=account_id).update({ 'name': name, 'benefits_and_bonus': benefits_and_bonus }) DBSession.flush() return HTTPFound(request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account, user=user) except: return HTTPFound(request.application_url)
def global_offices(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) user = DBSession.query(User).filter_by(id=user_id).first() year = request.matchdict['year'] account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or ( user.is_administrator == False and user.permissions_global_financials == False): return HTTPFound(request.application_url) financials = account.getFinancials(year, user) return dict(logged_in=authenticated_userid(request), header=getHeader(), financials=financials, year=year, account=account, user=user) except: return HTTPFound(request.application_url)
def global_utilization(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) user = DBSession.query(User).filter_by(id=user_id).first() year = request.matchdict['year'] account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or ( user.is_administrator is False and user.permissions_global_utilization is False) and not user.is_hr_administrator: return HTTPFound(request.application_url) utilization = account.getUtilization(year) return dict(logged_in=authenticated_userid(request), header=getHeader(), utilization=utilization, year=year, account=account, user=user) except: return HTTPFound(request.application_url)
def client_edit(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() client_id = long(request.matchdict['client_id']) client = DBSession.query(Client).filter_by(account_id=account_id).filter_by(id=client_id).first() if user is None or account is None or client is None: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"].lower() code = request.params["client_code"] target_margin = request.params["target_margin"] office_id = long(request.params["office_id"]) office_temp = DBSession.query(Office).filter_by(id=office_id).filter_by(account_id=account_id).first() client_temp = DBSession.query(Client).filter_by(account_id=account_id).filter_by(name=name).first() if office_temp is None or user.can_access_client(client, "financials") == False or user.can_access_office( office_temp, "financials") == False: return HTTPFound(request.application_url) if client_temp is not None and client_temp.id != client.id: return HTTPFound(request.application_url) client.name = name client.code = code client.office = office_temp client.target_margin = target_margin DBSession.flush() return HTTPFound( request.application_url + "/office/" + str(office_id) + "/clients/" + str(datetime.datetime.now().year)) offices_all = DBSession.query(Office).filter_by(account_id=long(request.session['aid'])).all() offices = [] if user.is_administrator or user.permissions_global_financials: offices = offices_all else: for office in offices_all: if user.can_access_office(office, "financials"): offices.append(office) if len(offices) == 0: return HTTPFound(request.application_url) return dict(logged_in=authenticated_userid(request), header=getHeader(client), offices=offices, user=user, client=client, account=account) except: return HTTPFound(request.application_url)
def administration_revenue(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or account is None or not (user.is_administrator or user.permissions_global_financials): return HTTPFound(request.application_url) if request.method == "POST": quarter_end_date_text = request.params.get("quarter_end_type") quarter_end_year_text = request.params.get("quarter_end_year") quarter_end_date_parts = quarter_end_date_text.split("/") quarter_end_date = datetime.date(long(quarter_end_year_text), long(quarter_end_date_parts[0]), long(quarter_end_date_parts[1])) for project in account.projects: revenue_local = long(request.params.get(str(project.id) + "-revenue")) if user.currency is None: revenue = revenue_local else: revenue = revenue_local * user.currency.currency_to_usd actual_revenue = DBSession.query(ActualRevenue).filter_by(project_id=project.id).filter_by( quarter_end_date=quarter_end_date).first() if actual_revenue is not None: actual_revenue.revenue = revenue else: actual_revenue = ActualRevenue(project, revenue, quarter_end_date) DBSession.flush() return HTTPFound(request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account, user=user) except: traceback.print_exc() return HTTPFound(request.application_url)
def roles(request): department_id = request.matchdict.get('department_id') user = DBSession.query(User).filter_by( id=long(request.session['uid'])).first() roles = [] if department_id == 'all': if user.permissions.is_administrator or user.permissions.can_view_all_departments: roles = DBSession.query(Role).filter_by( account_id=long(request.session['aid'])).filter( Role.is_active == True).all() else: HTTPFound(request.application_url) else: if user.permissions.is_administrator or user.permissions.can_view_all_departments: roles = DBSession.query(Role).filter_by( department_id=department_id).filter( Role.is_active == True).all() else: dept_match = False for department in user.permissions.view_departments: if department.id == department_id: roles = DBSession.query(Role).filter_by( department_id=department_id).filter( Role.is_active is True).all() dept_match = True break if dept_match is False: HTTPFound(request.application_url) header = _get_header(department_id) account = DBSession.query(Account).filter_by( id=long(request.session['aid'])).first() return dict(logged_in=authenticated_userid(request), account=account, user=user, roles=roles, active_people="", active_roles="active", header=header, department_id=department_id)
def home(request): try: user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() if user is None: return HTTPFound(request.application_url + '/login') except: return HTTPFound(request.application_url + '/login') year = str(datetime.datetime.now().year) if user.is_administrator or user.permissions_global_financials: return HTTPFound(request.application_url + "/global/financials/" + year) if user.permissions_global_utilization or user.is_hr_administrator: return HTTPFound(request.application_url + "/global/utilization/" + year) if user.permissions_global_pipeline: return HTTPFound(request.application_url + "/global/pipeline/" + year) if len(user.permissions_office_financials) > 0: return HTTPFound(request.application_url + "/office/" + str(user.permissions_office_financials[0].id) + "/financials/" + year) if len(user.permissions_office_pipeline) > 0: return HTTPFound(request.application_url + "/office/" + str(user.permissions_office_pipeline[0].id) + "/pipeline/" + year) if len(user.permissions_office_utilization) > 0: return HTTPFound(request.application_url + "/office/" + str(user.permissions_office_utilization[0].id) + "/utilization/" + year) if len(user.permissions_client_financials) > 0: return HTTPFound(request.application_url + "/client/" + str(user.permissions_client_financials[0].id) + "/financials/" + year) if len(user.permissions_client_pipeline) > 0: return HTTPFound(request.application_url + "/client/" + str(user.permissions_client_pipeline[0].id) + "/pipeline/" + year) if len(user.permissions_client_utilization) > 0: return HTTPFound(request.application_url + "/client/" + str(user.permissions_client_utilization[0].id) + "/utilization/" + year) return HTTPFound(request.application_url + '/login')
def administration_password(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or account is None: return HTTPFound(request.application_url) if request.method == "POST": password = request.params["password"] user.set_password(password) transaction.commit() return HTTPFound(request.application_url) return dict(logged_in=authenticated_userid(request), header=Header("administration"), account=account, user=user) except: return HTTPFound(request.application_url)
def main(argv=sys.argv): if len(argv) != 2: usage(argv) config_uri = argv[1] setup_logging(config_uri) settings = get_appsettings(config_uri) engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) Base.metadata.create_all(engine) with transaction.manager: huge = Account("Finance", 2013) office = Office("New York", 10, huge) corporate = Department("Corporate", huge) ceo = Role(huge, "Senior Developer", corporate, 150000, 50000) aaron = User(huge, "Atish Narlawar", "*****@*****.**", office, ceo, 100000, datetime.date(2012, 1, 1)) aaron.set_password("atish") aaron.is_administrator = True salary = Salary(aaron, 100000, 1, datetime.date(2012, 1, 1), 100) aaron.salary_history.append(salary) DBSession.add(aaron)
def skillset_entry_update(request): print("skillset entry update") rating = request.matchdict.get('rating') skillset_entry_id = request.matchdict.get('skillset_entry_id') person_id = request.matchdict.get('person_id') account = DBSession.query(Account).filter_by( id=long(request.session['aid'])).first() user = DBSession.query(User).filter_by( id=long(request.session['uid'])).first() person = DBSession.query(User).filter_by(id=long(person_id)).first() skillset_entry = DBSession.query(SkillsetEntry).filter_by( id=long(skillset_entry_id)).first() if user.permissions.is_administrator or person.manager_id == user.id: if skillset_entry.is_midyear and ( datetime.datetime.now() > account.midyear_review_end_date or datetime.datetime.now() < account.midyear_review_start): return {'ok': 'False'} if skillset_entry.is_midyear == False and ( datetime.datetime.now() > account.annual_review_end_date or datetime.datetime.now() < account.annual_review_start): return {'ok': 'False'} DBSession.query(SkillsetEntry).filter_by(id=skillset_entry_id).update( {'ranking': rating}) return {"ok": "True"} return {'ok': 'False'}
def currency_edit(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) currency_id = long(request.matchdict['currency_id']) currency = DBSession.query(Currency).filter_by(id=currency_id).first() if currency == None: return HTTPFound(request.application_url + "/administration/company") if request.method == "POST": error = False name = request.params["name"].lower() if name == "usd": error = True currency_to_usd = float(request.params["currency_to_usd"]) cur = DBSession.query(Currency).filter_by(account_id=account_id).filter_by(name=name).first() if cur is not None and cur.id != currency_id: error = True if error == False: currency.name = name currency.currency_to_usd = currency_to_usd DBSession.flush() return HTTPFound(request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), currency=currency, user=user) except: return HTTPFound(request.application_url)
def client_utilization(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) client_id = request.matchdict['client_id'] year = request.matchdict['year'] user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() client = DBSession.query(Client).filter_by(account_id=account_id).filter_by(id=client_id).first() access_utilization = user.can_access_client(client, "utilization") if user is None or account is None or client is None or access_utilization == False: return HTTPFound(request.application_url) access_pipeline = user.can_access_client(client, "pipeline") access_financials = user.can_access_client(client, "financials") utilization = client.getUtilization(year) return dict(logged_in=authenticated_userid(request), header=getHeader(client), utilization=utilization, client=client, year=year, user=user, account=account, access_pipeline=access_pipeline, access_utilization=access_utilization, access_financials=access_financials) except: return HTTPFound(request.application_url)
def department_utilization(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) department_id = request.matchdict['department_id'] year = request.matchdict['year'] user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() department = DBSession.query(Department).filter_by(account_id=account_id).filter_by(id=department_id).first() access_utilization = user.can_access_department(department, "utilization") if user is None or account is None or department is None or access_utilization == False: return HTTPFound(request.application_url) access_financials = user.can_access_department(department, "financials") utilization = department.getUtilization(year) return dict(logged_in=authenticated_userid(request), header=getHeader(department), utilization=utilization, department=department, year=year, user=user, account=account, access_utilization=access_utilization, access_financials=access_financials) except: traceback.print_exc() return HTTPFound(request.application_url)
def role_edit(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) role_id = long(request.matchdict['role_id']) role = DBSession.query(Role).filter_by(id=role_id).filter_by( account_id=account_id).first() if request.method == "POST": name = request.params["name"].lower() department_id = long(request.params["department_id"]) salary_low_local = long(request.params["salary_low"]) salary_high_local = long(request.params["salary_high"]) if user.currency is None: salary_low = salary_low_local salary_high = salary_high_local else: salary_low = salary_low_local * user.currency.currency_to_usd salary_high = salary_high_local * user.currency.currency_to_usd department = DBSession.query(Department).filter_by( id=department_id).filter_by(account_id=account.id).first() role_ok = True for r in department.roles: if r.name == name and r.id != role_id: role_ok = False if role_ok: role.name = name role.department = department role.salary_low = salary_low role.salary_high = salary_high DBSession.flush() return HTTPFound(request.application_url + "/administration/company") departments = DBSession.query(Department).filter_by( account_id=long(request.session['aid'])).all() return dict(logged_in=authenticated_userid(request), header=Header("administration"), departments=departments, user=user, role=role) except: return HTTPFound(request.application_url)
def client_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: return HTTPFound(request.application_url) client_id = request.matchdict.get('client_id') client = DBSession.query(Client).filter_by(id=client_id).filter_by(account_id=account_id).first() if client is None or user.can_access_client(client, "financials") == False: return HTTPFound(request.application_url) client.is_active = False DBSession.flush() return HTTPFound(request.application_url + "/office/" + str(client.office_id) + "/clients/" + str( datetime.datetime.now().year)) except: return HTTPFound(request.application_url)
def person_show_review(request): review_id = request.matchdict.get('review_id') person_id = request.matchdict.get('person_id') account = DBSession.query(Account).filter_by(id=long(request.session['aid'])).first() user = DBSession.query(User).filter_by(id=long(request.session['uid'])).first() person = DBSession.query(User).filter_by(id=long(person_id)).first() review = DBSession.query(Review).filter_by(id=long(review_id)).first() #FIX PERMISSIONS! if user.permissions.is_administrator or person.manager_id == user.id: if review.current_datetime > account.midyear_review_start and review.midyear_visible_to_user == False: DBSession.query(Review).filter_by(id=review.id).update({'midyear_visible_to_user': True}) elif review.current_datetime > account.annual_review_start and review.annual_visible_to_user == False: DBSession.query(Review).filter_by(id=review.id).update({'midyear_visible_to_user': True}) return HTTPFound(request.application_url + "/person/" + str(person_id) + "?year=" + str(review.review_cycle_year))
def person_assign_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) person_id = long(request.matchdict.get('person_id')) assignment_id = long(request.matchdict.get('assignment_id')) person = DBSession.query(User).filter_by(id=person_id).filter_by(account_id=account_id).first() if person == None: return HTTPFound(request.application_url) source_type_text = request.params.get("source_type") if source_type_text is None: source_type = "office" elif source_type_text == "ghost_client": source_type = "ghost/client" elif source_type_text == "client": source_type = source_type_text else: source_type = "office" source_id_text = request.params.get("source_id") if source_id_text is None: source_id = person.office_id else: source_id = long(source_id_text) user_allocation = DBSession.query(UserAllocation).filter_by(id=assignment_id).first() if user_allocation == None or user_allocation.user_id != person.id: return HTTPFound(request.application_url) DBSession.delete(user_allocation) DBSession.flush() return HTTPFound(location=request.application_url + "/person/" + str( person_id) + "/assign/edit?source_type=" + source_type + "&source_id=" + str(source_id)) except: print("*****") traceback.print_exc() return HTTPFound(request.application_url)
def home(request): try: user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() if user is None: return HTTPFound(request.application_url + '/login') except: return HTTPFound(request.application_url + '/login') year = str(datetime.datetime.now().year) if user.is_administrator or user.permissions_global_financials: return HTTPFound(request.application_url + "/global/financials/" + year) if user.permissions_global_utilization or user.is_hr_administrator: return HTTPFound(request.application_url + "/global/utilization/" + year) if user.permissions_global_pipeline: return HTTPFound(request.application_url + "/global/pipeline/" + year) if len(user.permissions_office_financials) > 0: return HTTPFound(request.application_url + "/office/" + str( user.permissions_office_financials[0].id) + "/financials/" + year) if len(user.permissions_office_pipeline) > 0: return HTTPFound( request.application_url + "/office/" + str(user.permissions_office_pipeline[0].id) + "/pipeline/" + year) if len(user.permissions_office_utilization) > 0: return HTTPFound(request.application_url + "/office/" + str( user.permissions_office_utilization[0].id) + "/utilization/" + year) if len(user.permissions_client_financials) > 0: return HTTPFound(request.application_url + "/client/" + str( user.permissions_client_financials[0].id) + "/financials/" + year) if len(user.permissions_client_pipeline) > 0: return HTTPFound( request.application_url + "/client/" + str(user.permissions_client_pipeline[0].id) + "/pipeline/" + year) if len(user.permissions_client_utilization) > 0: return HTTPFound(request.application_url + "/client/" + str( user.permissions_client_utilization[0].id) + "/utilization/" + year) return HTTPFound(request.application_url + '/login')
def role_add(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"].lower() department_id = long(request.params["department_id"]) salary_low = long(request.params["salary_low"]) salary_high = long(request.params["salary_high"]) department = DBSession.query(Department).filter_by( id=department_id).filter_by(account_id=account.id).first() role_ok = True for role in department.roles: if role.name == name: role_ok = False break if role_ok: new_role = Role(account, name, department, salary_high, salary_low) DBSession.add(new_role) DBSession.flush() if request.params.get("add_another") is None: return HTTPFound(request.application_url + "/administration/company") departments = DBSession.query(Department).filter_by( account_id=long(request.session['aid'])).all() return dict(logged_in=authenticated_userid(request), header=Header("administration"), departments=departments, user=user) except: return HTTPFound(request.application_url)
def role_edit(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) role_id = long(request.matchdict['role_id']) role = DBSession.query(Role).filter_by(id=role_id).filter_by(account_id=account_id).first() if request.method == "POST": name = request.params["name"].lower() department_id = long(request.params["department_id"]) salary_low_local = long(request.params["salary_low"]) salary_high_local = long(request.params["salary_high"]) if user.currency is None: salary_low = salary_low_local salary_high = salary_high_local else: salary_low = salary_low_local * user.currency.currency_to_usd salary_high = salary_high_local * user.currency.currency_to_usd department = DBSession.query(Department).filter_by(id=department_id).filter_by( account_id=account.id).first() role_ok = True for r in department.roles: if r.name == name and r.id != role_id: role_ok = False if role_ok: role.name = name role.department = department role.salary_low = salary_low role.salary_high = salary_high DBSession.flush() return HTTPFound(request.application_url + "/administration/company") departments = DBSession.query(Department).filter_by(account_id=long(request.session['aid'])).all() return dict(logged_in=authenticated_userid(request), header=Header("administration"), departments=departments, user=user, role=role) except: return HTTPFound(request.application_url)
def currency_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) currency_id = long(request.matchdict['currency_id']) DBSession.query(Currency).filter_by(id=currency_id).filter_by(account_id=account_id).delete() DBSession.flush() return HTTPFound(request.application_url + "/administration/company") except: return HTTPFound(request.application_url)
def office_edit(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) account = DBSession.query(Account).filter_by(id=account_id).first() user = DBSession.query(User).filter_by(id=user_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) office_id = request.matchdict['office_id'] if request.method == "POST": name = request.params["name"].lower() off = DBSession.query(Office).filter_by( account_id=long(request.session['aid'])).filter_by( name=name).first() if off is None or str(off.id) == office_id: benefits_and_bonus = long(request.params["benefits_and_bonus"]) DBSession.query(Office).filter_by(id=office_id).filter_by( account_id=account_id).update({ 'name': name, 'benefits_and_bonus': benefits_and_bonus }) DBSession.flush() return HTTPFound(request.application_url + "/administration/company") office = DBSession.query(Office).filter_by(id=office_id).first() return dict(logged_in=authenticated_userid(request), header=Header("administration"), office=office, user=user) except: return HTTPFound(request.application_url)
def role_add(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"].lower() department_id = long(request.params["department_id"]) salary_low = long(request.params["salary_low"]) salary_high = long(request.params["salary_high"]) department = DBSession.query(Department).filter_by(id=department_id).filter_by( account_id=account.id).first() role_ok = True for role in department.roles: if role.name == name: role_ok = False break if role_ok: new_role = Role(account, name, department, salary_high, salary_low) DBSession.add(new_role) DBSession.flush() if request.params.get("add_another") is None: return HTTPFound(request.application_url + "/administration/company") departments = DBSession.query(Department).filter_by(account_id=long(request.session['aid'])).all() return dict(logged_in=authenticated_userid(request), header=Header("administration"), departments=departments, user=user) except: return HTTPFound(request.application_url)
def currency_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) currency_id = long(request.matchdict['currency_id']) DBSession.query(Currency).filter_by(id=currency_id).filter_by( account_id=account_id).delete() DBSession.flush() return HTTPFound(request.application_url + "/administration/company") except: return HTTPFound(request.application_url)
def role_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) role_id = request.matchdict.get('role_id') DBSession.query(Role).filter_by(id=role_id).filter_by(account_id=account_id).update({'is_active': False}) DBSession.flush() return HTTPFound(location=request.application_url + "/administration/company") except: return HTTPFound(request.application_url)
def freelancer_delete(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: return HTTPFound(request.application_url) freelancer_id = request.matchdict.get('freelancer_id') freelancer = DBSession.query(Freelancer).filter_by(id=freelancer_id).filter_by(account_id=account_id).first() if freelancer is None: return HTTPFound(request.application_url) if freelancer.office is None and freelancer.client is None: return HTTPFound(request.application_url) if freelancer.office is not None and user.can_access_office(freelancer.office, "utilization") == False: return HTTPFound(request.application_url) if freelancer.client is not None and user.can_access_client(freelancer.client, "utilization") == False: return HTTPFound(request.application_url) source_id = freelancer.client_id DBSession.delete(freelancer) DBSession.flush() return HTTPFound( request.application_url + "/client/" + str(source_id) + "/utilization/" + str(datetime.datetime.now().year)) except: print("*************") traceback.print_exc() return HTTPFound(request.application_url)
def department_add(request): try: account_id = long(request.session['aid']) user_id = long(request.session['uid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None or user.is_administrator == False: return HTTPFound(request.application_url) if request.method == "POST": name = request.params["name"].lower() dept = DBSession.query(Department).filter_by(account_id=account_id).filter_by(name=name).first() if dept is None: new_department = Department(name, account) DBSession.add(new_department) DBSession.flush() if request.params.get("add_another") is None: return HTTPFound(location=request.application_url + "/administration/company") return dict(logged_in=authenticated_userid(request), header=Header("administration"), user=user) except: return HTTPFound(request.application_url)
def client_assign_ghost(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: return HTTPFound(request.application_url) if request.method == "POST": ghost_user_id = request.params.get('ghost_user_id') if ghost_user_id is None or len(ghost_user_id) == 0 or ghost_user_id == '': return HTTPFound(request.application_url) ghost_user = DBSession.query(GhostUser).filter_by(id=ghost_user_id).filter_by(account_id=account_id).first() client_id = request.params.get('client_id') client = None if client_id is not None and len(client_id) > 0 and client_id != '': client = DBSession.query(Client).filter_by(account_id=account_id).filter_by(id=long(client_id)).first() ghost_client_id = request.params.get('ghost_client_id') ghost_client = None if ghost_client_id is not None and len(ghost_client_id) > 0 and ghost_client_id != '': ghost_client = DBSession.query(GhostClient).filter_by(account_id=account_id).filter_by( id=long(ghost_client_id)).first() if client is None and ghost_client is None: return HTTPFound(request.application_url) if client is not None and user.can_access_client(client, "utilization") == False: return HTTPFound(request.application_url) if ghost_client is not None and user.can_access_office(ghost_client.office, "utilization") == False: return HTTPFound(request.application_url) utilization = long(request.params["utilization"]) start_date_text = request.params["start_date"] start_dateparts = start_date_text.split("/") start_date = datetime.date(long(start_dateparts[2]), long(start_dateparts[0]), long(start_dateparts[1])) end_date_text = request.params["end_date"] end_dateparts = end_date_text.split("/") end_date = datetime.date(long(end_dateparts[2]), long(end_dateparts[0]), long(end_dateparts[1])) if ghost_user.start_date.date() > start_date or start_date > end_date: print('**** late start') return HTTPFound(request.path) gua = GhostAllocation(ghost_user, client, ghost_client, utilization, start_date, end_date) DBSession.add(gua) if ghost_user.start_date.date() > start_date: ghost_user.start_date = datetime.datetime.combine(start_date, datetime.time()) DBSession.flush() if client is not None: return HTTPFound(request.application_url + "/client/" + str(client_id) + "/utilization/" + str( datetime.datetime.now().year)) if ghost_client is not None: return HTTPFound( request.application_url + "/ghost/client/" + str(ghost_client_id) + "/utilization/" + str( datetime.datetime.now().year)) currentClientId = request.params.get('clientid') currentClient = None if currentClientId is not None: currentClient = DBSession.query(Client).filter_by(id=currentClientId).filter_by(is_active=True).first() currentGhostClientId = request.params.get('ghostclientid') currentGhostClient = None if currentGhostClientId is not None: currentGhostClient = DBSession.query(GhostClient).filter_by(id=currentGhostClientId).filter_by( is_active=True).first() clients_all = DBSession.query(Client).filter_by(account_id=account_id).all() clients = [] if user.is_administrator or user.permissions_global_utilization: clients = clients_all else: for client in clients_all: if user.can_access_client(client, "utilization"): clients.append(client) if len(clients) == 0: return HTTPFound(request.application_url) #fix to handle disabled ghost_users_all = DBSession.query(GhostUser).filter_by(account_id=account_id).all() ghost_users = [] if user.is_administrator or user.permissions_global_utilization: ghost_users = ghost_users_all else: for ghost_user in ghost_users: if user.can_access_office(ghost_user.office, "utilization"): ghost_users.append(ghost_user) ghost_clients = [] ghost_clients_all = DBSession.query(GhostClient).filter_by(account_id=account_id).all() if user.is_administrator or user.permissions_global_utilization: ghost_clients = ghost_clients_all else: for ghost_client in ghost_clients_all: if user.can_access_office(ghost_client.office, "utilization"): ghost_clients.append(ghost_client) return dict(logged_in=authenticated_userid(request), header=getHeader(None), clients=clients, ghost_users=ghost_users, user=user, account=account, ghost_clients=ghost_clients, currentClient=currentClient, currentGhostClient=currentGhostClient) except: print("*****") traceback.print_exc() return HTTPFound(request.application_url)
def client_assign_resource(request): try: user_id = long(request.session['uid']) account_id = long(request.session['aid']) user = DBSession.query(User).filter_by(id=user_id).first() account = DBSession.query(Account).filter_by(id=account_id).first() if user is None or account is None: return HTTPFound(request.application_url) if request.method == "POST": client_id = long(request.params['client_id']) client = DBSession.query(Client).filter_by(account_id=account_id).filter_by(id=client_id).first() person_id = long(request.params["user_id"]) person = DBSession.query(User).filter_by(id=person_id).filter_by(account_id=account_id).first() utilization = long(request.params["utilization"]) start_date_text = request.params["start_date"] start_dateparts = start_date_text.split("/") start_date = datetime.date(long(start_dateparts[2]), long(start_dateparts[0]), long(start_dateparts[1])) end_date_text = request.params["end_date"] end_dateparts = end_date_text.split("/") end_date = datetime.date(long(end_dateparts[2]), long(end_dateparts[0]), long(end_dateparts[1])) if person is None or client is None or user.can_access_client(client, "utilization") == False: return HTTPFound(request.application_url) if person.start_date.date() > start_date or start_date > end_date: print("*** late start") return HTTPFound(request.path) ua = UserAllocation(person, client, None, utilization, start_date, end_date) DBSession.add(ua) DBSession.flush() return HTTPFound(request.application_url + "/client/" + str(client_id) + "/utilization/" + str( datetime.datetime.now().year)) clients_all = DBSession.query(Client).filter_by(account_id=account_id).filter_by(is_active=True).all() clients = [] if user.is_administrator or user.permissions_global_utilization: clients = clients_all else: for client in clients_all: if user.can_access_client(client, "utilization"): clients.append(client) if len(clients) == 0: return HTTPFound(request.application_url) access_administration = user.is_administrator # fix this so the filtering is btter instead of doing a big loop users_all = DBSession.query(User).filter_by(account_id=account_id).filter_by(is_active=True).all() users = [] for u in users_all: if u.is_active and u.percent_billable > 0 and user.can_access_office(u.office, "utilization"): users.append(u) if len(users) == 0: return HTTPFound(request.application_url) currentClientId = request.params.get('clientid') currentClient = None if currentClientId is not None: currentClient = DBSession.query(Client).filter_by(id=currentClientId).filter_by(is_active=True).first() return dict(logged_in=authenticated_userid(request), header=getHeader(None), clients=clients, users=users, user=user, account=account, access_administration=access_administration, currentClient=currentClient) except: print("*****") traceback.print_exc() return HTTPFound(request.application_url)