diff options
author | Andrea Lepori <alepori@student.ethz.ch> | 2020-06-25 18:18:20 +0200 |
---|---|---|
committer | Andrea Lepori <alepori@student.ethz.ch> | 2020-06-25 18:18:20 +0200 |
commit | 4bbe761215dbe989e8b2efc3823740416f403e71 (patch) | |
tree | 11f6f8c419516f196c525e25e11ec8ca4f086c42 /client/views.py | |
parent | Nicer user list, multi group support (diff) | |
download | scout-subs-4bbe761215dbe989e8b2efc3823740416f403e71.tar.gz scout-subs-4bbe761215dbe989e8b2efc3823740416f403e71.zip |
reset password and decorators for login check
Diffstat (limited to 'client/views.py')
-rw-r--r-- | client/views.py | 211 |
1 files changed, 105 insertions, 106 deletions
diff --git a/client/views.py b/client/views.py index 17d9e0a..76672cd 100644 --- a/client/views.py +++ b/client/views.py @@ -3,6 +3,7 @@ from django.contrib.auth.models import Group, Permission, User from client.models import UserCode, Keys, DocumentType, Document, PersonalData, KeyVal, MedicalData from django.db.models import Q from django.http import HttpResponseRedirect, FileResponse +from django.contrib.auth.decorators import login_required from django.shortcuts import render @@ -87,6 +88,7 @@ def index(request): return render(request, 'client/index.html', context) +@login_required def approve(request): context = {} if not (request.user.is_staff or request.user.has_perm('approved')): @@ -99,123 +101,120 @@ def approve(request): else: return render(request, 'client/index.html', context) +@login_required def create(request): context = {} - if request.user.is_authenticated: - parent_group = request.user.groups.values_list('name', flat=True)[ - 0] - group = Group.objects.get(name=parent_group) - doctypes = DocumentType.objects.filter( - (Q(group_private=False) | Q(group=group)) & Q(enabled=True)) - out = [] - for doc in doctypes: - if len(Document.objects.filter(Q(user=request.user) & Q(document_type=doc))) == 0: - out.append(doc) - - context['docs'] = out - if request.method == "POST": - if request.POST["action"] == "details": - if "doctype" not in request.POST.keys(): - context['error'] = True - context['error_text'] = "Seleziona un documento" - else: - context['next'] = True - document_type = DocumentType.objects.get( - id=request.POST["doctype"]) - context['doctype'] = document_type - context['personal_data'] = document_type.personal_data - context['medical_data'] = document_type.medical_data - context['custom_data'] = document_type.custom_data - keys = Keys.objects.filter(container=document_type) - out_keys = [] - for i in keys: - out_keys.append([i, ""]) - context['keys'] = out_keys - context['custom_message'] = document_type.custom_message - context['custom_message_text'] = document_type.custom_message_text - elif request.POST["action"] == "save": - usercode = UserCode.objects.filter(user=request.user)[0] - code = 0 - status = "wait" - personal_data = None - medical_data = None + parent_group = request.user.groups.values_list('name', flat=True)[ + 0] + group = Group.objects.get(name=parent_group) + doctypes = DocumentType.objects.filter( + (Q(group_private=False) | Q(group=group)) & Q(enabled=True)) + out = [] + for doc in doctypes: + if len(Document.objects.filter(Q(user=request.user) & Q(document_type=doc))) == 0: + out.append(doc) + + context['docs'] = out + if request.method == "POST": + if request.POST["action"] == "details": + if "doctype" not in request.POST.keys(): + context['error'] = True + context['error_text'] = "Seleziona un documento" + else: + context['next'] = True document_type = DocumentType.objects.get( id=request.POST["doctype"]) + context['doctype'] = document_type + context['personal_data'] = document_type.personal_data + context['medical_data'] = document_type.medical_data + context['custom_data'] = document_type.custom_data + keys = Keys.objects.filter(container=document_type) + out_keys = [] + for i in keys: + out_keys.append([i, ""]) + context['keys'] = out_keys + context['custom_message'] = document_type.custom_message + context['custom_message_text'] = document_type.custom_message_text + elif request.POST["action"] == "save": + usercode = UserCode.objects.filter(user=request.user)[0] + code = 0 + status = "wait" + personal_data = None + medical_data = None + document_type = DocumentType.objects.get( + id=request.POST["doctype"]) + + if document_type.auto_sign: + status = "autosign" + + keys = [] + if document_type.personal_data: + personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country, + nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone) + personal_data.save() + + if document_type.medical_data: + medic = usercode.medic + medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc) + medical_data.save() - if document_type.auto_sign: - status = "autosign" - - keys = [] - if document_type.personal_data: - personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country, - nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone) - personal_data.save() - - if document_type.medical_data: - medic = usercode.medic - medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc) - medical_data.save() - - while (True): - code = randint(100000, 999999) - if len(Document.objects.filter(code=code)) == 0: - break + while (True): + code = randint(100000, 999999) + if len(Document.objects.filter(code=code)) == 0: + break - document = Document( - user=request.user, group=document_type.group, code=code, status=status, document_type=document_type, personal_data=personal_data, medical_data=medical_data) - document.save() + document = Document( + user=request.user, group=document_type.group, code=code, status=status, document_type=document_type, personal_data=personal_data, medical_data=medical_data) + document.save() - if document_type.custom_data: - for i in request.POST.keys(): - if i == "doctype" or i=="csrfmiddlewaretoken" or i=="action": - continue - key = KeyVal(container=document, key=Keys.objects.get(id=i).key, value=request.POST[i]) - key.save() + if document_type.custom_data: + for i in request.POST.keys(): + if i == "doctype" or i=="csrfmiddlewaretoken" or i=="action": + continue + key = KeyVal(container=document, key=Keys.objects.get(id=i).key, value=request.POST[i]) + key.save() - return HttpResponseRedirect('/') + return HttpResponseRedirect('/') - return render(request, 'client/doc_create.html', context) - else: - return render(request, 'client/index.html', context) + return render(request, 'client/doc_create.html', context) +@login_required def edit(request): return edit_wrapper(request, {}) +@login_required def edit_wrapper(request, context): - if request.user.is_authenticated: - if request.method == "POST": - if "action" not in request.POST.keys(): - document = Document.objects.get(id=request.POST["doc"]) - usercode = UserCode.objects.filter(user=document.user)[0] - - if document.document_type.personal_data: - personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country, - nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone) - personal_data.save() - old_data = document.personal_data - document.personal_data = personal_data - document.save() - old_data.delete() - - if document.document_type.medical_data: - medic = usercode.medic - medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc) - medical_data.save() - old_data = document.medical_data - document.medical_data = medical_data - document.save() - old_data.delete() - - if document.document_type.custom_data: - for i in request.POST.keys(): - if i == "doc" or i=="csrfmiddlewaretoken": - continue - key = KeyVal.objects.filter(Q(container=document) & Q(key=Keys.objects.get(id=i).key))[0] - key.value = request.POST[i] - key.save() - - return HttpResponseRedirect('/') - - return render(request, 'client/doc_edit.html', context) - else: - return render(request, 'client/index.html', context) + if request.method == "POST": + if "action" not in request.POST.keys(): + document = Document.objects.get(id=request.POST["doc"]) + usercode = UserCode.objects.filter(user=document.user)[0] + + if document.document_type.personal_data: + personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country, + nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone) + personal_data.save() + old_data = document.personal_data + document.personal_data = personal_data + document.save() + old_data.delete() + + if document.document_type.medical_data: + medic = usercode.medic + medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc) + medical_data.save() + old_data = document.medical_data + document.medical_data = medical_data + document.save() + old_data.delete() + + if document.document_type.custom_data: + for i in request.POST.keys(): + if i == "doc" or i=="csrfmiddlewaretoken": + continue + key = KeyVal.objects.filter(Q(container=document) & Q(key=Keys.objects.get(id=i).key))[0] + key.value = request.POST[i] + key.save() + + return HttpResponseRedirect('/') + + return render(request, 'client/doc_edit.html', context) |