aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrea Lepori <alepori@student.ethz.ch>2020-06-25 18:18:20 +0200
committerAndrea Lepori <alepori@student.ethz.ch>2020-06-25 18:18:20 +0200
commit4bbe761215dbe989e8b2efc3823740416f403e71 (patch)
tree11f6f8c419516f196c525e25e11ec8ca4f086c42
parentNicer user list, multi group support (diff)
downloadscout-subs-4bbe761215dbe989e8b2efc3823740416f403e71.tar.gz
scout-subs-4bbe761215dbe989e8b2efc3823740416f403e71.zip
reset password and decorators for login check
-rw-r--r--accounts/urls.py2
-rw-r--r--accounts/views.py335
-rw-r--r--client/views.py211
-rw-r--r--manager/settings.py12
-rw-r--r--server/views.py953
-rw-r--r--templates/registration/password_reset_complete.html7
-rw-r--r--templates/registration/password_reset_confirm.html17
-rw-r--r--templates/registration/password_reset_done.html12
-rw-r--r--templates/registration/password_reset_email.html12
-rw-r--r--templates/registration/password_reset_form.html10
-rw-r--r--templates/registration/password_reset_subject.txt1
11 files changed, 814 insertions, 758 deletions
diff --git a/accounts/urls.py b/accounts/urls.py
index 332a16b..a2d8541 100644
--- a/accounts/urls.py
+++ b/accounts/urls.py
@@ -1,4 +1,4 @@
-from django.urls import path
+from django.urls import path, include
from . import views
diff --git a/accounts/views.py b/accounts/views.py
index 7b40c05..24e1b96 100644
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -5,6 +5,7 @@ from django.views import generic
from django.contrib.auth.models import Group
from django.core.files.storage import FileSystemStorage
from django.http import FileResponse
+from django.contrib.auth.decorators import login_required
from client.models import UserCode
@@ -17,178 +18,176 @@ class SignUp(generic.CreateView):
template_name = 'accounts/signup.html'
+@login_required
def personal(request):
context = {}
- if request.user.is_authenticated:
- usercode = UserCode.objects.filter(user=request.user)[0]
- medic = usercode.medic
- debug = ""
- branca_default = ""
- branca_castorini = ""
- branca_lupetti = ""
- branca_esploratori = ""
- branca_pionieri = ""
- branca_rover = ""
-
- if request.method == "POST":
- if request.POST['action'] == "download_vac":
- if medic.vac_certificate != None:
- filename = os.path.basename(medic.vac_certificate.name)
- filename = filename[filename.find("_")+1:]
- return FileResponse(medic.vac_certificate.file, as_attachment=True, filename=filename)
-
- if request.POST['action'] == "download_health":
- if medic.health_care_certificate != None:
- filename = os.path.basename(medic.health_care_certificate.name)
- filename = filename[filename.find("_")+1:]
- return FileResponse(medic.health_care_certificate.file, as_attachment=True, filename=filename)
-
- request.user.first_name = request.POST["first_name"]
- request.user.last_name = request.POST["last_name"]
- request.user.email = request.POST["email"]
- request.user.save()
- usercode.parent_name = request.POST["parent_name"]
- usercode.via = request.POST["via"]
- usercode.cap = request.POST["cap"]
- usercode.country = request.POST["country"]
- usercode.nationality = request.POST["nationality"]
- usercode.born_date = dateparser.parse(request.POST["birth_date"])
- usercode.home_phone = request.POST["home_phone"]
- usercode.phone = request.POST["phone"]
- usercode.school = request.POST["school"]
- usercode.year = request.POST["year"]
- usercode.save()
-
- medic.emer_name = request.POST["emer_name"]
- medic.emer_relative = request.POST["emer_relative"]
- medic.cell_phone = request.POST["cell_phone"]
- medic.address = request.POST["address"]
- medic.emer_phone = request.POST["emer_phone"]
- medic.health_care = request.POST["health_care"]
- medic.injuries = request.POST["injuries"]
- medic.rc = request.POST["rc"]
- medic.rega = "rega" in request.POST
- medic.medic_name = request.POST["medic_name"]
- medic.medic_phone = request.POST["medic_phone"]
- medic.medic_address = request.POST["medic_address"]
- medic.sickness = request.POST["sickness"]
- medic.vaccine = request.POST["vaccine"]
- medic.tetanus_date = dateparser.parse(request.POST["tetanus_date"])
- medic.allergy = request.POST["allergy"]
- medic.drugs_bool = "drugs_bool" in request.POST
- medic.drugs = request.POST["drugs"]
- medic.misc_bool = "misc_bool" in request.POST
- medic.misc = request.POST["misc"]
+ usercode = UserCode.objects.filter(user=request.user)[0]
+ medic = usercode.medic
+ debug = ""
+ branca_default = ""
+ branca_castorini = ""
+ branca_lupetti = ""
+ branca_esploratori = ""
+ branca_pionieri = ""
+ branca_rover = ""
+
+ if request.method == "POST":
+ if request.POST['action'] == "download_vac":
+ if medic.vac_certificate != None:
+ filename = os.path.basename(medic.vac_certificate.name)
+ filename = filename[filename.find("_")+1:]
+ return FileResponse(medic.vac_certificate.file, as_attachment=True, filename=filename)
+
+ if request.POST['action'] == "download_health":
+ if medic.health_care_certificate != None:
+ filename = os.path.basename(medic.health_care_certificate.name)
+ filename = filename[filename.find("_")+1:]
+ return FileResponse(medic.health_care_certificate.file, as_attachment=True, filename=filename)
+
+ request.user.first_name = request.POST["first_name"]
+ request.user.last_name = request.POST["last_name"]
+ request.user.email = request.POST["email"]
+ request.user.save()
+ usercode.parent_name = request.POST["parent_name"]
+ usercode.via = request.POST["via"]
+ usercode.cap = request.POST["cap"]
+ usercode.country = request.POST["country"]
+ usercode.nationality = request.POST["nationality"]
+ usercode.born_date = dateparser.parse(request.POST["birth_date"])
+ usercode.home_phone = request.POST["home_phone"]
+ usercode.phone = request.POST["phone"]
+ usercode.school = request.POST["school"]
+ usercode.year = request.POST["year"]
+ usercode.save()
+
+ medic.emer_name = request.POST["emer_name"]
+ medic.emer_relative = request.POST["emer_relative"]
+ medic.cell_phone = request.POST["cell_phone"]
+ medic.address = request.POST["address"]
+ medic.emer_phone = request.POST["emer_phone"]
+ medic.health_care = request.POST["health_care"]
+ medic.injuries = request.POST["injuries"]
+ medic.rc = request.POST["rc"]
+ medic.rega = "rega" in request.POST
+ medic.medic_name = request.POST["medic_name"]
+ medic.medic_phone = request.POST["medic_phone"]
+ medic.medic_address = request.POST["medic_address"]
+ medic.sickness = request.POST["sickness"]
+ medic.vaccine = request.POST["vaccine"]
+ medic.tetanus_date = dateparser.parse(request.POST["tetanus_date"])
+ medic.allergy = request.POST["allergy"]
+ medic.drugs_bool = "drugs_bool" in request.POST
+ medic.drugs = request.POST["drugs"]
+ medic.misc_bool = "misc_bool" in request.POST
+ medic.misc = request.POST["misc"]
+ medic.save()
+
+ if "branca" in request.POST:
+ if request.POST["branca"] != "":
+ request.user.groups.clear()
+ request.user.groups.add(
+ Group.objects.get(name=request.POST["branca"]))
+
+ if "vac_certificate" in request.FILES:
+ myfile = request.FILES['vac_certificate']
+ medic.vac_certificate.save(request.user.username+"_"+myfile.name, myfile)
medic.save()
- if "branca" in request.POST:
- if request.POST["branca"] != "":
- request.user.groups.clear()
- request.user.groups.add(
- Group.objects.get(name=request.POST["branca"]))
-
- if "vac_certificate" in request.FILES:
- myfile = request.FILES['vac_certificate']
- medic.vac_certificate.save(request.user.username+"_"+myfile.name, myfile)
- medic.save()
-
- if "health_care_certificate" in request.FILES:
- myfile = request.FILES['health_care_certificate']
- medic.health_care_certificate.save(request.user.username+"_"+myfile.name, myfile)
- medic.save()
-
- if request.POST["delete_vac"] == 'vac':
- medic.vac_certificate.delete()
- medic.save()
-
- if request.POST["delete_health"] == 'health':
- medic.health_care_certificate.delete()
- medic.save()
-
- if len(request.user.groups.values_list('name', flat=True)) == 0:
- branca_default = "selected"
- else:
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- if parent_group == "colonia":
- branca_castorini = "selected"
- elif parent_group == "muta":
- branca_lupetti = "selected"
- elif parent_group == "reparto":
- branca_esploratori = "selected"
- elif parent_group == "posto":
- branca_pionieri = "selected"
- elif parent_group == "clan":
- branca_rover = "selected"
- else:
- branca_default = "selected"
-
- rega = ""
- if medic.rega:
- rega = "checked='checked'"
- drugs = ""
- if medic.drugs_bool:
- drugs = "checked='checked'"
- misc = ""
- if medic.misc_bool:
- misc = "checked='checked'"
-
- if (medic.vac_certificate != None):
- vac_name = os.path.basename(medic.vac_certificate.name)
- vac_name = vac_name[vac_name.find("_")+1:]
- else:
- vac_name = ''
+ if "health_care_certificate" in request.FILES:
+ myfile = request.FILES['health_care_certificate']
+ medic.health_care_certificate.save(request.user.username+"_"+myfile.name, myfile)
+ medic.save()
- if (medic.health_care_certificate != None):
- card_name = os.path.basename(medic.health_care_certificate.name)
- card_name = card_name[card_name.find("_")+1:]
+ if request.POST["delete_vac"] == 'vac':
+ medic.vac_certificate.delete()
+ medic.save()
+
+ if request.POST["delete_health"] == 'health':
+ medic.health_care_certificate.delete()
+ medic.save()
+
+ if len(request.user.groups.values_list('name', flat=True)) == 0:
+ branca_default = "selected"
+ else:
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ if parent_group == "colonia":
+ branca_castorini = "selected"
+ elif parent_group == "muta":
+ branca_lupetti = "selected"
+ elif parent_group == "reparto":
+ branca_esploratori = "selected"
+ elif parent_group == "posto":
+ branca_pionieri = "selected"
+ elif parent_group == "clan":
+ branca_rover = "selected"
else:
- card_name = ''
-
- context = {
- 'first_name': request.user.first_name,
- 'last_name': request.user.last_name,
- 'email': request.user.email,
- 'parent_name': usercode.parent_name,
- 'via': usercode.via,
- 'cap': usercode.cap,
- 'country': usercode.country,
- 'nationality': usercode.nationality,
- 'birth_date': usercode.born_date,
- 'home_phone': usercode.home_phone,
- 'phone': usercode.phone,
- 'school': usercode.school,
- 'year': usercode.year,
- 'branca_default': branca_default,
- 'branca_castorini': branca_castorini,
- 'branca_lupetti': branca_lupetti,
- 'branca_esploratori': branca_esploratori,
- 'branca_pionieri': branca_pionieri,
- 'branca_rover': branca_rover,
- 'emer_name': medic.emer_name,
- 'emer_relative': medic.emer_relative,
- 'cell_phone': medic.cell_phone,
- 'address': medic.address,
- 'emer_phone': medic.emer_phone,
- 'health_care': medic.health_care,
- 'injuries': medic.injuries,
- 'rc': medic.rc,
- 'rega_check': rega,
- 'medic_name': medic.medic_name,
- 'medic_phone': medic.medic_phone,
- 'medic_address': medic.medic_address,
- 'sickness': medic.sickness,
- 'vaccine': medic.vaccine,
- 'tetanus_date': medic.tetanus_date,
- 'allergy': medic.allergy,
- 'drugs_check': drugs,
- 'drugs': medic.drugs,
- 'misc_check': misc,
- 'misc': medic.misc,
- 'health_care_certificate': card_name,
- 'vac_certificate': vac_name,
- }
-
- return render(request, 'accounts/index.html', context)
+ branca_default = "selected"
+
+ rega = ""
+ if medic.rega:
+ rega = "checked='checked'"
+ drugs = ""
+ if medic.drugs_bool:
+ drugs = "checked='checked'"
+ misc = ""
+ if medic.misc_bool:
+ misc = "checked='checked'"
+
+ if (medic.vac_certificate != None):
+ vac_name = os.path.basename(medic.vac_certificate.name)
+ vac_name = vac_name[vac_name.find("_")+1:]
+ else:
+ vac_name = ''
+
+ if (medic.health_care_certificate != None):
+ card_name = os.path.basename(medic.health_care_certificate.name)
+ card_name = card_name[card_name.find("_")+1:]
else:
- return render(request, 'client/index.html', context)
+ card_name = ''
+
+ context = {
+ 'first_name': request.user.first_name,
+ 'last_name': request.user.last_name,
+ 'email': request.user.email,
+ 'parent_name': usercode.parent_name,
+ 'via': usercode.via,
+ 'cap': usercode.cap,
+ 'country': usercode.country,
+ 'nationality': usercode.nationality,
+ 'birth_date': usercode.born_date,
+ 'home_phone': usercode.home_phone,
+ 'phone': usercode.phone,
+ 'school': usercode.school,
+ 'year': usercode.year,
+ 'branca_default': branca_default,
+ 'branca_castorini': branca_castorini,
+ 'branca_lupetti': branca_lupetti,
+ 'branca_esploratori': branca_esploratori,
+ 'branca_pionieri': branca_pionieri,
+ 'branca_rover': branca_rover,
+ 'emer_name': medic.emer_name,
+ 'emer_relative': medic.emer_relative,
+ 'cell_phone': medic.cell_phone,
+ 'address': medic.address,
+ 'emer_phone': medic.emer_phone,
+ 'health_care': medic.health_care,
+ 'injuries': medic.injuries,
+ 'rc': medic.rc,
+ 'rega_check': rega,
+ 'medic_name': medic.medic_name,
+ 'medic_phone': medic.medic_phone,
+ 'medic_address': medic.medic_address,
+ 'sickness': medic.sickness,
+ 'vaccine': medic.vaccine,
+ 'tetanus_date': medic.tetanus_date,
+ 'allergy': medic.allergy,
+ 'drugs_check': drugs,
+ 'drugs': medic.drugs,
+ 'misc_check': misc,
+ 'misc': medic.misc,
+ 'health_care_certificate': card_name,
+ 'vac_certificate': vac_name,
+ }
+
+ return render(request, 'accounts/index.html', context) \ No newline at end of file
diff --git a/client/views.py b/client/views.py
index 17d9e0a..76672cd 100644
--- a/client/views.py
+++ b/client/views.py
@@ -3,6 +3,7 @@ from django.contrib.auth.models import Group, Permission, User
from client.models import UserCode, Keys, DocumentType, Document, PersonalData, KeyVal, MedicalData
from django.db.models import Q
from django.http import HttpResponseRedirect, FileResponse
+from django.contrib.auth.decorators import login_required
from django.shortcuts import render
@@ -87,6 +88,7 @@ def index(request):
return render(request, 'client/index.html', context)
+@login_required
def approve(request):
context = {}
if not (request.user.is_staff or request.user.has_perm('approved')):
@@ -99,123 +101,120 @@ def approve(request):
else:
return render(request, 'client/index.html', context)
+@login_required
def create(request):
context = {}
- if request.user.is_authenticated:
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- group = Group.objects.get(name=parent_group)
- doctypes = DocumentType.objects.filter(
- (Q(group_private=False) | Q(group=group)) & Q(enabled=True))
- out = []
- for doc in doctypes:
- if len(Document.objects.filter(Q(user=request.user) & Q(document_type=doc))) == 0:
- out.append(doc)
-
- context['docs'] = out
- if request.method == "POST":
- if request.POST["action"] == "details":
- if "doctype" not in request.POST.keys():
- context['error'] = True
- context['error_text'] = "Seleziona un documento"
- else:
- context['next'] = True
- document_type = DocumentType.objects.get(
- id=request.POST["doctype"])
- context['doctype'] = document_type
- context['personal_data'] = document_type.personal_data
- context['medical_data'] = document_type.medical_data
- context['custom_data'] = document_type.custom_data
- keys = Keys.objects.filter(container=document_type)
- out_keys = []
- for i in keys:
- out_keys.append([i, ""])
- context['keys'] = out_keys
- context['custom_message'] = document_type.custom_message
- context['custom_message_text'] = document_type.custom_message_text
- elif request.POST["action"] == "save":
- usercode = UserCode.objects.filter(user=request.user)[0]
- code = 0
- status = "wait"
- personal_data = None
- medical_data = None
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ group = Group.objects.get(name=parent_group)
+ doctypes = DocumentType.objects.filter(
+ (Q(group_private=False) | Q(group=group)) & Q(enabled=True))
+ out = []
+ for doc in doctypes:
+ if len(Document.objects.filter(Q(user=request.user) & Q(document_type=doc))) == 0:
+ out.append(doc)
+
+ context['docs'] = out
+ if request.method == "POST":
+ if request.POST["action"] == "details":
+ if "doctype" not in request.POST.keys():
+ context['error'] = True
+ context['error_text'] = "Seleziona un documento"
+ else:
+ context['next'] = True
document_type = DocumentType.objects.get(
id=request.POST["doctype"])
+ context['doctype'] = document_type
+ context['personal_data'] = document_type.personal_data
+ context['medical_data'] = document_type.medical_data
+ context['custom_data'] = document_type.custom_data
+ keys = Keys.objects.filter(container=document_type)
+ out_keys = []
+ for i in keys:
+ out_keys.append([i, ""])
+ context['keys'] = out_keys
+ context['custom_message'] = document_type.custom_message
+ context['custom_message_text'] = document_type.custom_message_text
+ elif request.POST["action"] == "save":
+ usercode = UserCode.objects.filter(user=request.user)[0]
+ code = 0
+ status = "wait"
+ personal_data = None
+ medical_data = None
+ document_type = DocumentType.objects.get(
+ id=request.POST["doctype"])
+
+ if document_type.auto_sign:
+ status = "autosign"
+
+ keys = []
+ if document_type.personal_data:
+ personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country,
+ nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone)
+ personal_data.save()
+
+ if document_type.medical_data:
+ medic = usercode.medic
+ medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc)
+ medical_data.save()
- if document_type.auto_sign:
- status = "autosign"
-
- keys = []
- if document_type.personal_data:
- personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country,
- nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone)
- personal_data.save()
-
- if document_type.medical_data:
- medic = usercode.medic
- medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc)
- medical_data.save()
-
- while (True):
- code = randint(100000, 999999)
- if len(Document.objects.filter(code=code)) == 0:
- break
+ while (True):
+ code = randint(100000, 999999)
+ if len(Document.objects.filter(code=code)) == 0:
+ break
- document = Document(
- user=request.user, group=document_type.group, code=code, status=status, document_type=document_type, personal_data=personal_data, medical_data=medical_data)
- document.save()
+ document = Document(
+ user=request.user, group=document_type.group, code=code, status=status, document_type=document_type, personal_data=personal_data, medical_data=medical_data)
+ document.save()
- if document_type.custom_data:
- for i in request.POST.keys():
- if i == "doctype" or i=="csrfmiddlewaretoken" or i=="action":
- continue
- key = KeyVal(container=document, key=Keys.objects.get(id=i).key, value=request.POST[i])
- key.save()
+ if document_type.custom_data:
+ for i in request.POST.keys():
+ if i == "doctype" or i=="csrfmiddlewaretoken" or i=="action":
+ continue
+ key = KeyVal(container=document, key=Keys.objects.get(id=i).key, value=request.POST[i])
+ key.save()
- return HttpResponseRedirect('/')
+ return HttpResponseRedirect('/')
- return render(request, 'client/doc_create.html', context)
- else:
- return render(request, 'client/index.html', context)
+ return render(request, 'client/doc_create.html', context)
+@login_required
def edit(request):
return edit_wrapper(request, {})
+@login_required
def edit_wrapper(request, context):
- if request.user.is_authenticated:
- if request.method == "POST":
- if "action" not in request.POST.keys():
- document = Document.objects.get(id=request.POST["doc"])
- usercode = UserCode.objects.filter(user=document.user)[0]
-
- if document.document_type.personal_data:
- personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country,
- nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone)
- personal_data.save()
- old_data = document.personal_data
- document.personal_data = personal_data
- document.save()
- old_data.delete()
-
- if document.document_type.medical_data:
- medic = usercode.medic
- medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc)
- medical_data.save()
- old_data = document.medical_data
- document.medical_data = medical_data
- document.save()
- old_data.delete()
-
- if document.document_type.custom_data:
- for i in request.POST.keys():
- if i == "doc" or i=="csrfmiddlewaretoken":
- continue
- key = KeyVal.objects.filter(Q(container=document) & Q(key=Keys.objects.get(id=i).key))[0]
- key.value = request.POST[i]
- key.save()
-
- return HttpResponseRedirect('/')
-
- return render(request, 'client/doc_edit.html', context)
- else:
- return render(request, 'client/index.html', context)
+ if request.method == "POST":
+ if "action" not in request.POST.keys():
+ document = Document.objects.get(id=request.POST["doc"])
+ usercode = UserCode.objects.filter(user=document.user)[0]
+
+ if document.document_type.personal_data:
+ personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country,
+ nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone)
+ personal_data.save()
+ old_data = document.personal_data
+ document.personal_data = personal_data
+ document.save()
+ old_data.delete()
+
+ if document.document_type.medical_data:
+ medic = usercode.medic
+ medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc)
+ medical_data.save()
+ old_data = document.medical_data
+ document.medical_data = medical_data
+ document.save()
+ old_data.delete()
+
+ if document.document_type.custom_data:
+ for i in request.POST.keys():
+ if i == "doc" or i=="csrfmiddlewaretoken":
+ continue
+ key = KeyVal.objects.filter(Q(container=document) & Q(key=Keys.objects.get(id=i).key))[0]
+ key.value = request.POST[i]
+ key.save()
+
+ return HttpResponseRedirect('/')
+
+ return render(request, 'client/doc_edit.html', context)
diff --git a/manager/settings.py b/manager/settings.py
index 087d7da..037fc9e 100644
--- a/manager/settings.py
+++ b/manager/settings.py
@@ -27,6 +27,18 @@ DEBUG = True
ALLOWED_HOSTS = []
+# Email
+SENDGRID_API_KEY = os.getenv('SENDGRID_API_KEY')
+
+EMAIL_HOST = 'smtp.sendgrid.net'
+EMAIL_HOST_USER = 'apikey'
+EMAIL_HOST_PASSWORD = SENDGRID_API_KEY
+EMAIL_PORT = 587
+EMAIL_USE_TLS = True
+
+DEFAULT_FROM_EMAIL = 'mafaldo@hotmail.it'
+SERVER_EMAIL = 'mafaldo@hotmail.it'
+
# Application definition
diff --git a/server/views.py b/server/views.py
index 0954a1f..b04cce1 100644
--- a/server/views.py
+++ b/server/views.py
@@ -6,6 +6,7 @@ from django.http import HttpResponseRedirect, FileResponse
from django.db.models.deletion import ProtectedError
from django.template.loader import get_template
from django.conf import settings
+from django.contrib.admin.views.decorators import staff_member_required
import dateparser
from datetime import datetime
@@ -17,520 +18,506 @@ from io import BytesIO
# Create your views here.
+@staff_member_required
def index(request):
context = {}
- if (request.user.is_staff):
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- users = User.objects.filter(groups__name=parent_group)
- users_out = []
- for user in users:
- code = ""
- if len(UserCode.objects.filter(user=user)) > 0:
- code = 'U' + str(UserCode.objects.filter(user=user)[0].code)
- status = ""
- if user.is_staff:
- status = "Staff"
- elif user.has_perm("client.approved"):
- status = "Attivo"
- else:
- status = "In attesa"
- users_out.append([user.username, user.first_name,
- user.last_name, code, status])
-
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- group = Group.objects.get(name=parent_group)
- public_types = DocumentType.objects.filter(
- Q(group_private=False) | Q(group=group) & Q(enabled=True))
- docs = []
- for doc in public_types:
- ref_docs = Document.objects.filter(document_type=doc)
- docs.append([doc, len(ref_docs)])
-
- context = {
- 'docs': docs,
- 'users': users_out,
- }
- return render(request, 'server/index.html', context)
- else:
- return render(request, 'client/index.html', context)
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ users = User.objects.filter(groups__name=parent_group)
+ users_out = []
+ for user in users:
+ code = ""
+ if len(UserCode.objects.filter(user=user)) > 0:
+ code = 'U' + str(UserCode.objects.filter(user=user)[0].code)
+ status = ""
+ if user.is_staff:
+ status = "Staff"
+ elif user.has_perm("client.approved"):
+ status = "Attivo"
+ else:
+ status = "In attesa"
+ users_out.append([user.username, user.first_name,
+ user.last_name, code, status])
+
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ group = Group.objects.get(name=parent_group)
+ public_types = DocumentType.objects.filter(
+ Q(group_private=False) | Q(group=group) & Q(enabled=True))
+ docs = []
+ for doc in public_types:
+ ref_docs = Document.objects.filter(document_type=doc)
+ docs.append([doc, len(ref_docs)])
+
+ context = {
+ 'docs': docs,
+ 'users': users_out,
+ }
+ return render(request, 'server/index.html', context)
+@staff_member_required
def uapprove(request):
context = {}
- if (request.user.is_staff):
- data = []
- if request.method == "POST":
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- group = Group.objects.get(name=parent_group)
- permission = Permission.objects.get(codename='approved')
- data = request.POST["codes"]
- data.replace("\r", "")
- data = data.split("\n")
- for i in range(len(data)):
- if not data[i].startswith("U"):
- data[i] = data[i] + " - Formato errato"
- elif not data[i][1:].isdigit():
- data[i] = data[i] + " - Formato errato"
- elif int(data[i][1:]) < 100000 or int(data[i][1:]) > 999999:
- data[i] = data[i] + " - Formato errato"
- elif len(UserCode.objects.filter(code=data[i][1:])) == 0:
- data[i] = data[i] + " - Invalido"
+ data = []
+ if request.method == "POST":
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ group = Group.objects.get(name=parent_group)
+ permission = Permission.objects.get(codename='approved')
+ data = request.POST["codes"]
+ data.replace("\r", "")
+ data = data.split("\n")
+ for i in range(len(data)):
+ if not data[i].startswith("U"):
+ data[i] = data[i] + " - Formato errato"
+ elif not data[i][1:].isdigit():
+ data[i] = data[i] + " - Formato errato"
+ elif int(data[i][1:]) < 100000 or int(data[i][1:]) > 999999:
+ data[i] = data[i] + " - Formato errato"
+ elif len(UserCode.objects.filter(code=data[i][1:])) == 0:
+ data[i] = data[i] + " - Invalido"
+ else:
+ user = UserCode.objects.filter(code=data[i][1:])[0].user
+ if len(user.groups.values_list('name', flat=True)) == 0:
+ user.groups.add(group)
+ user.user_permissions.add(permission)
+ data[i] = data[i] + " - Ok"
else:
- user = UserCode.objects.filter(code=data[i][1:])[0].user
- if len(user.groups.values_list('name', flat=True)) == 0:
- user.groups.add(group)
+ if user.groups.values_list('name', flat=True)[0] == parent_group:
user.user_permissions.add(permission)
data[i] = data[i] + " - Ok"
else:
- if user.groups.values_list('name', flat=True)[0] == parent_group:
- user.user_permissions.add(permission)
- data[i] = data[i] + " - Ok"
- else:
- user.groups.clear()
- user.groups.add(group)
- user.user_permissions.add(permission)
- data[i] = data[i] + " - Ok, cambio branca"
-
- context = {
- 'messages': data,
- 'empty': len(data) == 0,
- }
+ user.groups.clear()
+ user.groups.add(group)
+ user.user_permissions.add(permission)
+ data[i] = data[i] + " - Ok, cambio branca"
+
+ context = {
+ 'messages': data,
+ 'empty': len(data) == 0,
+ }
- return render(request, 'server/approve_user.html', context)
- else:
- return render(request, 'client/index.html', context)
+ return render(request, 'server/approve_user.html', context)
+@staff_member_required
def docapprove(request):
context = {}
- if (request.user.is_staff):
- data = []
- if request.method == "POST":
- data = request.POST["codes"]
- data.replace("\r", "")
- data = data.split("\n")
- for i in range(len(data)):
- if not data[i].isdigit():
- data[i] = data[i] + " - Formato errato"
- elif int(data[i]) < 100000 or int(data[i]) > 999999:
- data[i] = data[i] + " - Formato errato"
- elif len(Document.objects.filter(code=data[i])) == 0:
- data[i] = data[i] + " - Invalido"
+ data = []
+ if request.method == "POST":
+ data = request.POST["codes"]
+ data.replace("\r", "")
+ data = data.split("\n")
+ for i in range(len(data)):
+ if not data[i].isdigit():
+ data[i] = data[i] + " - Formato errato"
+ elif int(data[i]) < 100000 or int(data[i]) > 999999:
+ data[i] = data[i] + " - Formato errato"
+ elif len(Document.objects.filter(code=data[i])) == 0:
+ data[i] = data[i] + " - Invalido"
+ else:
+ document = Document.objects.filter(code=data[i])[0]
+ if document.status == 'ok':
+ data[i] = data[i] + " - Già approvato"
else:
- document = Document.objects.filter(code=data[i])[0]
- if document.status == 'ok':
- data[i] = data[i] + " - Già approvato"
- else:
- document.status = 'ok'
- document.save()
- data[i] = data[i] + " - Ok"
+ document.status = 'ok'
+ document.save()
+ data[i] = data[i] + " - Ok"
- context = {
- 'messages': data,
- 'empty': len(data) == 0,
- }
+ context = {
+ 'messages': data,
+ 'empty': len(data) == 0,
+ }
- return render(request, 'server/approve_doc.html', context)
- else:
- return render(request, 'client/index.html', context)
+ return render(request, 'server/approve_doc.html', context)
+@staff_member_required
def ulist(request):
context = {}
- if (request.user.is_staff):
- parent_group = request.user.groups.values_list('name', flat=True)[0]
- group = Group.objects.get(name=parent_group)
- if request.method == "POST":
- if request.POST["action"][0] == 'f':
- document = Document.objects.get(id=request.POST["action"][1:])
- if document.group == group:
- template = get_template('server/download_doc.html')
- doc = [document, KeyVal.objects.filter(container=document), document.personal_data, document.medical_data, parent_group]
- context = {'doc': doc}
- html = template.render(context)
- pdf = pdfkit.from_string(html, False)
- result = BytesIO(pdf)
- result.seek(0)
-
- return FileResponse(result, as_attachment=True, filename=document.user.username+"_"+document.document_type.name+".pdf")
- users = User.objects.filter(groups__name=parent_group).order_by("first_name")
- out = []
- for user in users:
- usercode = UserCode.objects.filter(user=user)[0]
- documents = Document.objects.filter(Q(user=user) & ~Q(status='archive'))
- out.append([user, usercode, parent_group, documents])
- context = {'users': out}
- return render(request, 'server/user_list.html', context)
- else:
- return render(request, 'client/index.html', context)
-
-
+ parent_group = request.user.groups.values_list('name', flat=True)[0]
+ group = Group.objects.get(name=parent_group)
+ if request.method == "POST":
+ if request.POST["action"][0] == 'f':
+ document = Document.objects.get(id=request.POST["action"][1:])
+ if document.group == group:
+ template = get_template('server/download_doc.html')
+ doc = [document, KeyVal.objects.filter(container=document), document.personal_data, document.medical_data, parent_group]
+ context = {'doc': doc}
+ html = template.render(context)
+ pdf = pdfkit.from_string(html, False)
+ result = BytesIO(pdf)
+ result.seek(0)
+
+ return FileResponse(result, as_attachment=True, filename=document.user.username+"_"+document.document_type.name+".pdf")
+ users = User.objects.filter(groups__name=parent_group).order_by("first_name")
+ out = []
+ for user in users:
+ usercode = UserCode.objects.filter(user=user)[0]
+ documents = Document.objects.filter(Q(user=user) & ~Q(status='archive'))
+ out.append([user, usercode, parent_group, documents])
+ context = {'users': out}
+ return render(request, 'server/user_list.html', context)
+
+
+@staff_member_required
def doctype(request):
context = {}
- if request.user.is_staff:
- error = False
- error_text = ""
-
- public = True
- selfsign = True
- hidden = False
- personal = True
- medic = True
- custom = True
- message = True
- group_bool = True
- public_check = 'checked="checked"'
- selfsign_check = 'checked="checked"'
- hidden_check = 'checked="checked"'
- personal_check = 'checked="checked"'
- medic_check = 'checked="checked"'
- custom_check = 'checked="checked"'
- message_check = 'checked="checked"'
- group_check = 'checked="checked"'
- if request.method == "POST":
- selected = []
- parent_groups = request.user.groups.values_list('name', flat=True)
- for i in request.POST.keys():
- if i.isdigit():
- docc = DocumentType.objects.get(id=i)
- if docc.group.name in parent_groups:
- selected.append(docc)
-
- for i in selected:
- if request.POST["action"] == 'delete':
- try:
- i.delete()
- except ProtectedError:
- error = True
- error_text = "Non puoi eliminare un tipo a cui é collegato uno o piú documenti"
- elif request.POST["action"] == 'hide':
- i.enabled = False
- i.save()
- elif request.POST["action"] == 'show':
- i.enabled = True
- i.save()
-
- public = "filter_public" in request.POST
- selfsign = "filter_selfsign" in request.POST
- hidden = "filter_hidden" in request.POST
- personal = "filter_personal" in request.POST
- medic = "filter_medic" in request.POST
- custom = "filter_custom" in request.POST
- message = "filter_message" in request.POST
- group_bool = "filter_group" in request.POST
-
- if request.POST["action"] == 'clear':
- public = True
- selfsign = True
- hidden = False
- personal = True
- medic = True
- custom = True
- message = True
- group_bool = True
-
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- group = Group.objects.get(name=parent_group)
- public_types = DocumentType.objects.filter(
- Q(group_private=False) | Q(group=group))
- if not public:
- public_types = public_types.filter(group_private=True)
- public_check = ""
- if not selfsign:
- public_types = public_types.filter(auto_sign=False)
- selfsign_check = ""
- if not hidden:
- public_types = public_types.filter(enabled=True)
- hidden_check = ""
- if not personal:
- public_types = public_types.filter(personal_data=False)
- personal_check = ""
- if not medic:
- public_types = public_types.filter(medical_data=False)
- medic_check = ""
- if not custom:
- public_types = public_types.filter(custom_data=False)
- custom_check = ""
- if not message:
- public_types = public_types.filter(custom_message=False)
- message_check = ""
- if not group_bool:
- public_types = public_types.filter(custom_group=False)
- group_check = ""
-
- out = []
- for doc in public_types:
- custom_keys = Keys.objects.filter(container=doc)
- ref_docs = Document.objects.filter(document_type=doc)
- out.append([doc, custom_keys, len(ref_docs)])
-
- context = {
- 'docs': out,
- 'public_check': public_check,
- 'selfsign_check': selfsign_check,
- 'hidden_check': hidden_check,
- 'personal_check': personal_check,
- 'medic_check': medic_check,
- 'custom_check': custom_check,
- 'message_check': message_check,
- 'group_check': group_check,
- 'error': error,
- 'error_text': error_text,
- }
- return render(request, 'server/doc_type.html', context)
- else:
- return render(request, 'client/index.html', context)
+ error = False
+ error_text = ""
+
+ public = True
+ selfsign = True
+ hidden = False
+ personal = True
+ medic = True
+ custom = True
+ message = True
+ group_bool = True
+ public_check = 'checked="checked"'
+ selfsign_check = 'checked="checked"'
+ hidden_check = 'checked="checked"'
+ personal_check = 'checked="checked"'
+ medic_check = 'checked="checked"'
+ custom_check = 'checked="checked"'
+ message_check = 'checked="checked"'
+ group_check = 'checked="checked"'
+ if request.method == "POST":
+ selected = []
+ parent_groups = request.user.groups.values_list('name', flat=True)
+ for i in request.POST.keys():
+ if i.isdigit():
+ docc = DocumentType.objects.get(id=i)
+ if docc.group.name in parent_groups:
+ selected.append(docc)
+
+ for i in selected:
+ if request.POST["action"] == 'delete':
+ try:
+ i.delete()
+ except ProtectedError:
+ error = True
+ error_text = "Non puoi eliminare un tipo a cui é collegato uno o piú documenti"
+ elif request.POST["action"] == 'hide':
+ i.enabled = False
+ i.save()
+ elif request.POST["action"] == 'show':
+ i.enabled = True
+ i.save()
+
+ public = "filter_public" in request.POST
+ selfsign = "filter_selfsign" in request.POST
+ hidden = "filter_hidden" in request.POST
+ personal = "filter_personal" in request.POST
+ medic = "filter_medic" in request.POST
+ custom = "filter_custom" in request.POST
+ message = "filter_message" in request.POST
+ group_bool = "filter_group" in request.POST
+
+ if request.POST["action"] == 'clear':
+ public = True
+ selfsign = True
+ hidden = False
+ personal = True
+ medic = True
+ custom = True
+ message = True
+ group_bool = True
+
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ group = Group.objects.get(name=parent_group)
+ public_types = DocumentType.objects.filter(
+ Q(group_private=False) | Q(group=group))
+ if not public:
+ public_types = public_types.filter(group_private=True)
+ public_check = ""
+ if not selfsign:
+ public_types = public_types.filter(auto_sign=False)
+ selfsign_check = ""
+ if not hidden:
+ public_types = public_types.filter(enabled=True)
+ hidden_check = ""
+ if not personal:
+ public_types = public_types.filter(personal_data=False)
+ personal_check = ""
+ if not medic:
+ public_types = public_types.filter(medical_data=False)
+ medic_check = ""
+ if not custom:
+ public_types = public_types.filter(custom_data=False)
+ custom_check = ""
+ if not message:
+ public_types = public_types.filter(custom_message=False)
+ message_check = ""
+ if not group_bool:
+ public_types = public_types.filter(custom_group=False)
+ group_check = ""
+
+ out = []
+ for doc in public_types:
+ custom_keys = Keys.objects.filter(container=doc)
+ ref_docs = Document.objects.filter(document_type=doc)
+ out.append([doc, custom_keys, len(ref_docs)])
+
+ context = {
+ 'docs': out,
+ 'public_check': public_check,
+ 'selfsign_check': selfsign_check,
+ 'hidden_check': hidden_check,
+ 'personal_check': personal_check,
+ 'medic_check': medic_check,
+ 'custom_check': custom_check,
+ 'message_check': message_check,
+ 'group_check': group_check,
+ 'error': error,
+ 'error_text': error_text,
+ }
+ return render(request, 'server/doc_type.html', context)
+@staff_member_required
def doccreate(request):
context = {}
- if request.user.is_staff:
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- group = Group.objects.get(name=parent_group)
- enabled = False
- group_private = False
- personal_data = False
- medical_data = False
- custom_data = False
- custom_group_bool = False
- name = ""
- custom_group = ""
-
- enabled_check = 'checked="checked"'
- private_check = 'checked="checked"'
- personal_check = 'checked="checked"'
- sign_check = 'checked="checked"'
- medical_check = ""
- custom_check = ""
- custom_message_check = ""
- context = {
- "enabled_check": enabled_check,
- "private_check": private_check,
- "sign_check": sign_check,
- "personal_check": personal_check,
- "medical_check": medical_check,
- "custom_check": custom_check,
- "custom_message_check": custom_message_check,
- }
- if request.method == "POST":
- enabled = "enabled" in request.POST.keys()
- auto_sign = "sign" not in request.POST.keys()
- group_private = "group_private" in request.POST.keys()
- personal_data = "personal_data" in request.POST.keys()
- medical_data = "medical_data" in request.POST.keys()
- custom_data = "custom_data" in request.POST.keys()
- custom_message = "custom_message" in request.POST.keys()
- custom_message_text = request.POST["custom_message_text"]
- name = request.POST["name"]
- custom_group = request.POST["custom_group"]
-
- if custom_group != "":
- print("here")
- if custom_group not in request.user.groups.values_list('name', flat=True):
- context["error"] = "true"
- context["error_text"] = "Non puoi creare un tipo assegnato ad un gruppo di cui non fai parte"
- return render(request, 'server/doc_create.html', context)
- else:
- group = Group.objects.filter(name=custom_group)[0]
- custom_group_bool = True
-
- doctype = DocumentType(
- custom_group=custom_group_bool, auto_sign=auto_sign, custom_message=custom_message, custom_message_text=custom_message_text, name=request.POST["name"], enabled=enabled, group_private=group_private, group=group, personal_data=personal_data, medical_data=medical_data, custom_data=custom_data)
- doctype.save()
- if custom_data:
- custom = request.POST["custom"]
- custom.replace("\r", "")
- custom = custom.split("\n")
- for i in custom:
- key = Keys(key=i, container=doctype)
- key.save()
- return HttpResponseRedirect('doctype')
-
- return render(request, 'server/doc_create.html', context)
- else:
- return render(request, 'client/index.html', context)
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ group = Group.objects.get(name=parent_group)
+ enabled = False
+ group_private = False
+ personal_data = False
+ medical_data = False
+ custom_data = False
+ custom_group_bool = False
+ name = ""
+ custom_group = ""
+
+ enabled_check = 'checked="checked"'
+ private_check = 'checked="checked"'
+ personal_check = 'checked="checked"'
+ sign_check = 'checked="checked"'
+ medical_check = ""
+ custom_check = ""
+ custom_message_check = ""
+ context = {
+ "enabled_check": enabled_check,
+ "private_check": private_check,
+ "sign_check": sign_check,
+ "personal_check": personal_check,
+ "medical_check": medical_check,
+ "custom_check": custom_check,
+ "custom_message_check": custom_message_check,
+ }
+ if request.method == "POST":
+ enabled = "enabled" in request.POST.keys()
+ auto_sign = "sign" not in request.POST.keys()
+ group_private = "group_private" in request.POST.keys()
+ personal_data = "personal_data" in request.POST.keys()
+ medical_data = "medical_data" in request.POST.keys()
+ custom_data = "custom_data" in request.POST.keys()
+ custom_message = "custom_message" in request.POST.keys()
+ custom_message_text = request.POST["custom_message_text"]
+ name = request.POST["name"]
+ custom_group = request.POST["custom_group"]
+
+ if custom_group != "":
+ print("here")
+ if custom_group not in request.user.groups.values_list('name', flat=True):
+ context["error"] = "true"
+ context["error_text"] = "Non puoi creare un tipo assegnato ad un gruppo di cui non fai parte"
+ return render(request, 'server/doc_create.html', context)
+ else:
+ group = Group.objects.filter(name=custom_group)[0]
+ custom_group_bool = True
+
+ doctype = DocumentType(
+ custom_group=custom_group_bool, auto_sign=auto_sign, custom_message=custom_message, custom_message_text=custom_message_text, name=request.POST["name"], enabled=enabled, group_private=group_private, group=group, personal_data=personal_data, medical_data=medical_data, custom_data=custom_data)
+ doctype.save()
+ if custom_data:
+ custom = request.POST["custom"]
+ custom.replace("\r", "")
+ custom = custom.split("\n")
+ for i in custom:
+ key = Keys(key=i, container=doctype)
+ key.save()
+ return HttpResponseRedirect('doctype')
+ return render(request, 'server/doc_create.html', context)
+
+@staff_member_required
def doclist(request):
context = {}
- if request.user.is_staff:
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- group = Group.objects.get(name=parent_group)
- zurich = pytz.timezone('Europe/Zurich')
- error = False
- error_text = ""
-
- hidden = False
- wait = True
- selfsign = True
- ok = True
-
- hidden_check = 'checked="checked"'
- wait_check = 'checked="checked"'
- selfsign_check = 'checked="checked"'
- ok_check = 'checked="checked"'
- newer = zurich.localize(dateparser.parse("1970-01-01"))
- older = zurich.localize(datetime.now())
- owner = []
- types = []
- groups = []
- chips_owner = []
- chips_types = []
- chips_groups = []
-
- if request.method == "POST":
- if request.POST["action"][0] == 'k':
- document = Document.objects.get(id=request.POST["action"][1:])
- if document.group == group:
- template = get_template('server/download_doc.html')
- doc = [document, KeyVal.objects.filter(container=document), document.personal_data, document.medical_data, parent_group]
- context = {'doc': doc}
- html = template.render(context)
- pdf = pdfkit.from_string(html, False)
- result = BytesIO(pdf)
- result.seek(0)
-
- return FileResponse(result, as_attachment=True, filename=document.user.username+"_"+document.document_type.name+".pdf")
-
- selected = []
- parent_groups = request.user.groups.values_list('name', flat=True)
- for i in request.POST.keys():
- if i.isdigit():
- docc = Document.objects.get(id=i)
- if docc.group.name in parent_groups:
- selected.append(docc)
-
- for i in selected:
- if request.POST["action"] == 'delete':
- i.delete()
- elif request.POST["action"] == 'approve':
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ group = Group.objects.get(name=parent_group)
+ zurich = pytz.timezone('Europe/Zurich')
+ error = False
+ error_text = ""
+
+ hidden = False
+ wait = True
+ selfsign = True
+ ok = True
+
+ hidden_check = 'checked="checked"'
+ wait_check = 'checked="checked"'
+ selfsign_check = 'checked="checked"'
+ ok_check = 'checked="checked"'
+ newer = zurich.localize(dateparser.parse("1970-01-01"))
+ older = zurich.localize(datetime.now())
+ owner = []
+ types = []
+ groups = []
+ chips_owner = []
+ chips_types = []
+ chips_groups = []
+
+ if request.method == "POST":
+ if request.POST["action"][0] == 'k':
+ document = Document.objects.get(id=request.POST["action"][1:])
+ if document.group == group:
+ template = get_template('server/download_doc.html')
+ doc = [document, KeyVal.objects.filter(container=document), document.personal_data, document.medical_data, parent_group]
+ context = {'doc': doc}
+ html = template.render(context)
+ pdf = pdfkit.from_string(html, False)
+ result = BytesIO(pdf)
+ result.seek(0)
+
+ return FileResponse(result, as_attachment=True, filename=document.user.username+"_"+document.document_type.name+".pdf")
+
+ selected = []
+ parent_groups = request.user.groups.values_list('name', flat=True)
+ for i in request.POST.keys():
+ if i.isdigit():
+ docc = Document.objects.get(id=i)
+ if docc.group.name in parent_groups:
+ selected.append(docc)
+
+ for i in selected:
+ if request.POST["action"] == 'delete':
+ i.delete()
+ elif request.POST["action"] == 'approve':
+ i.status = 'ok'
+ i.save()
+ elif request.POST["action"] == 'archive':
+ if i.status == 'ok':
+ i.status = 'archive'
+ i.save()
+ else:
+ error = True
+ error_text = "Non puoi archiviare un documento non approvato"
+ elif request.POST["action"] == 'unarchive':
+ if i.status == 'archive':
i.status = 'ok'
i.save()
- elif request.POST["action"] == 'archive':
- if i.status == 'ok':
- i.status = 'archive'
- i.save()
- else:
- error = True
- error_text = "Non puoi archiviare un documento non approvato"
- elif request.POST["action"] == 'unarchive':
- if i.status == 'archive':
- i.status = 'ok'
- i.save()
- else:
- error = True
- error_text = "Non puoi dearchiviare un documento non archiviato"
-
- hidden = "filter_hidden" in request.POST
- wait = "filter_wait" in request.POST
- selfsign = "filter_selfsign" in request.POST
- ok = "filter_ok" in request.POST
- newer = zurich.localize(dateparser.parse(request.POST["newer"]))
- older = zurich.localize(dateparser.parse(request.POST["older"]) + timedelta(days=1))
- owner = request.POST["owner"].split("^|")
- types = request.POST["type"].split("^|")
- groups = request.POST["groups"].split("^|")
-
- if request.POST["action"] == 'clear':
- hidden = False
- wait = True
- selfsign = True
- ok = True
- newer = zurich.localize(dateparser.parse("1970-01-01"))
- older = zurich.localize(datetime.now())
- owner = []
- types = []
- groups = []
-
- parent_groups = request.user.groups.values_list('name', flat=True)
- q_obj = Q()
- for i in parent_groups:
- q_obj |= Q(group__name=i)
-
- documents = Document.objects.filter(q_obj)
-
- if not hidden:
- documents = documents.filter(~Q(status="archive"))
- hidden_check = ""
- if not wait:
- documents = documents.filter(~Q(status="wait"))
- wait_check = ""
- if not selfsign:
- documents = documents.filter(~Q(status="autosign"))
- selfsign_check = ""
- if not ok:
- documents = documents.filter(~Q(status="ok"))
- ok_check = ""
-
- documents = documents.filter(compilation_date__range=[newer, older])
-
- if len(types) > 0:
- if types[0] != "":
- q_obj = Q()
- for t in types:
- q_obj |= Q(document_type__name=t)
- chips_types.append(t)
-
- documents = documents.filter(q_obj)
-
- if len(owner) > 0:
- if owner[0] != "":
- q_obj = Q()
- for u in owner:
- user = u.split("(")[0][:-1]
- q_obj |= Q(user__username=user)
- chips_owner.append(u)
-
- documents = documents.filter(q_obj)
-
- if len(groups) > 0:
- if groups[0] != "":
- q_obj = Q()
- for g in groups:
- q_obj |= Q(group__name=g)
- chips_groups.append(g)
-
- documents = documents.filter(q_obj)
-
- out = []
- for i in documents:
- personal = None
- medical = None
- if i.document_type.personal_data:
- personal = i.personal_data
- if i.document_type.medical_data:
- medical = i.medical_data
-
- doc_group = i.user.groups.values_list('name', flat=True)[0]
-
- out.append([i, KeyVal.objects.filter(container=i), personal, medical, doc_group])
-
- auto_types = DocumentType.objects.filter(Q(group_private=False) | Q(group=group))
- users = User.objects.filter(groups__name=parent_group)
- context = {
- "types": auto_types,
- "users": users,
- "groups": parent_groups,
- "docs": out,
- "hidden_check": hidden_check,
- "wait_check": wait_check,
- "selfsign_check": selfsign_check,
- "ok_check": ok_check,
- "newer": newer,
- "older": older,
- "chips_owner": chips_owner,
- "chips_type": chips_types,
- "chips_groups": chips_groups,
- 'error': error,
- 'error_text': error_text,
- 'settings': settings,
- }
- return render(request, 'server/doc_list.html', context)
- else:
- return render(request, 'client/index.html', context) \ No newline at end of file
+ else:
+ error = True
+ error_text = "Non puoi dearchiviare un documento non archiviato"
+
+ hidden = "filter_hidden" in request.POST
+ wait = "filter_wait" in request.POST
+ selfsign = "filter_selfsign" in request.POST
+ ok = "filter_ok" in request.POST
+ newer = zurich.localize(dateparser.parse(request.POST["newer"]))
+ older = zurich.localize(dateparser.parse(request.POST["older"]) + timedelta(days=1))
+ owner = request.POST["owner"].split("^|")
+ types = request.POST["type"].split("^|")
+ groups = request.POST["groups"].split("^|")
+
+ if request.POST["action"] == 'clear':
+ hidden = False
+ wait = True
+ selfsign = True
+ ok = True
+ newer = zurich.localize(dateparser.parse("1970-01-01"))
+ older = zurich.localize(datetime.now())
+ owner = []
+ types = []
+ groups = []
+
+ parent_groups = request.user.groups.values_list('name', flat=True)
+ q_obj = Q()
+ for i in parent_groups:
+ q_obj |= Q(group__name=i)
+
+ documents = Document.objects.filter(q_obj)
+
+ if not hidden:
+ documents = documents.filter(~Q(status="archive"))
+ hidden_check = ""
+ if not wait:
+ documents = documents.filter(~Q(status="wait"))
+ wait_check = ""
+ if not selfsign:
+ documents = documents.filter(~Q(status="autosign"))
+ selfsign_check = ""
+ if not ok:
+ documents = documents.filter(~Q(status="ok"))
+ ok_check = ""
+
+ documents = documents.filter(compilation_date__range=[newer, older])
+
+ if len(types) > 0:
+ if types[0] != "":
+ q_obj = Q()
+ for t in types:
+ q_obj |= Q(document_type__name=t)
+ chips_types.append(t)
+
+ documents = documents.filter(q_obj)
+
+ if len(owner) > 0:
+ if owner[0] != "":
+ q_obj = Q()
+ for u in owner:
+ user = u.split("(")[0][:-1]
+ q_obj |= Q(user__username=user)
+ chips_owner.append(u)
+
+ documents = documents.filter(q_obj)
+
+ if len(groups) > 0:
+ if groups[0] != "":
+ q_obj = Q()
+ for g in groups:
+ q_obj |= Q(group__name=g)
+ chips_groups.append(g)
+
+ documents = documents.filter(q_obj)
+
+ out = []
+ for i in documents:
+ personal = None
+ medical = None
+ if i.document_type.personal_data:
+ personal = i.personal_data
+ if i.document_type.medical_data:
+ medical = i.medical_data
+
+ doc_group = i.user.groups.values_list('name', flat=True)[0]
+
+ out.append([i, KeyVal.objects.filter(container=i), personal, medical, doc_group])
+
+ auto_types = DocumentType.objects.filter(Q(group_private=False) | Q(group=group))
+ users = User.objects.filter(groups__name=parent_group)
+ context = {
+ "types": auto_types,
+ "users": users,
+ "groups": parent_groups,
+ "docs": out,
+ "hidden_check": hidden_check,
+ "wait_check": wait_check,
+ "selfsign_check": selfsign_check,
+ "ok_check": ok_check,
+ "newer": newer,
+ "older": older,
+ "chips_owner": chips_owner,
+ "chips_type": chips_types,
+ "chips_groups": chips_groups,
+ 'error': error,
+ 'error_text': error_text,
+ 'settings': settings,
+ }
+ return render(request, 'server/doc_list.html', context) \ No newline at end of file
diff --git a/templates/registration/password_reset_complete.html b/templates/registration/password_reset_complete.html
new file mode 100644
index 0000000..c0bccc1
--- /dev/null
+++ b/templates/registration/password_reset_complete.html
@@ -0,0 +1,7 @@
+{% extends 'registration/base_simple.html' %}
+
+{% block content %}
+ <p>
+ Your password has been set. You may go ahead and <a href="{% url 'signin' %}">sign in</a> now.
+ </p>
+{% endblock %} \ No newline at end of file
diff --git a/templates/registration/password_reset_confirm.html b/templates/registration/password_reset_confirm.html
new file mode 100644
index 0000000..6838eb8
--- /dev/null
+++ b/templates/registration/password_reset_confirm.html
@@ -0,0 +1,17 @@
+{% extends 'registration/base_simple.html' %}
+
+{% block content %}
+ {% if validlink %}
+ <h3>Change password</h3>
+ <form method="post">
+ {% csrf_token %}
+ {{ form.as_p }}
+ <button type="submit">Change password</button>
+ </form>
+ {% else %}
+ <p>
+ The password reset link was invalid, possibly because it has already been used.
+ Please request a new password reset.
+ </p>
+ {% endif %}
+{% endblock %} \ No newline at end of file
diff --git a/templates/registration/password_reset_done.html b/templates/registration/password_reset_done.html
new file mode 100644
index 0000000..6abc3e1
--- /dev/null
+++ b/templates/registration/password_reset_done.html
@@ -0,0 +1,12 @@
+{% extends 'registration/base_simple.html' %}
+
+{% block content %}
+ <p>
+ We've emailed you instructions for setting your password, if an account exists with the email you entered.
+ You should receive them shortly.
+ </p>
+ <p>
+ If you don't receive an email, please make sure you've entered the address you registered with,
+ and check your spam folder.
+ </p>
+{% endblock %} \ No newline at end of file
diff --git a/templates/registration/password_reset_email.html b/templates/registration/password_reset_email.html
new file mode 100644
index 0000000..da2c169
--- /dev/null
+++ b/templates/registration/password_reset_email.html
@@ -0,0 +1,12 @@
+{% autoescape off %}
+To initiate the password reset process for your {{ user.get_username }} TestSite Account,
+click the link below:
+
+{{ protocol }}://{{ domain }}{% url 'password_reset_confirm' uidb64=uid token=token %}
+
+If clicking the link above doesn't work, please copy and paste the URL in a new browser
+window instead.
+
+Sincerely,
+The TestSite Team
+{% endautoescape %} \ No newline at end of file
diff --git a/templates/registration/password_reset_form.html b/templates/registration/password_reset_form.html
new file mode 100644
index 0000000..d0d6250
--- /dev/null
+++ b/templates/registration/password_reset_form.html
@@ -0,0 +1,10 @@
+{% extends 'registration/base_simple.html' %}
+
+{% block content %}
+ <h3>Forgot password</h3>
+ <form method="post">
+ {% csrf_token %}
+ {{ form.as_p }}
+ <button type="submit">Submit</button>
+ </form>
+{% endblock %} \ No newline at end of file
diff --git a/templates/registration/password_reset_subject.txt b/templates/registration/password_reset_subject.txt
new file mode 100644
index 0000000..7b5a65b
--- /dev/null
+++ b/templates/registration/password_reset_subject.txt
@@ -0,0 +1 @@
+TestSite password reset \ No newline at end of file