aboutsummaryrefslogtreecommitdiffstats
path: root/client
diff options
context:
space:
mode:
authorAndrea Lepori <alepori@student.ethz.ch>2020-06-25 18:18:20 +0200
committerAndrea Lepori <alepori@student.ethz.ch>2020-06-25 18:18:20 +0200
commit4bbe761215dbe989e8b2efc3823740416f403e71 (patch)
tree11f6f8c419516f196c525e25e11ec8ca4f086c42 /client
parentNicer user list, multi group support (diff)
downloadscout-subs-4bbe761215dbe989e8b2efc3823740416f403e71.tar.gz
scout-subs-4bbe761215dbe989e8b2efc3823740416f403e71.zip
reset password and decorators for login check
Diffstat (limited to '')
-rw-r--r--client/views.py211
1 files changed, 105 insertions, 106 deletions
diff --git a/client/views.py b/client/views.py
index 17d9e0a..76672cd 100644
--- a/client/views.py
+++ b/client/views.py
@@ -3,6 +3,7 @@ from django.contrib.auth.models import Group, Permission, User
from client.models import UserCode, Keys, DocumentType, Document, PersonalData, KeyVal, MedicalData
from django.db.models import Q
from django.http import HttpResponseRedirect, FileResponse
+from django.contrib.auth.decorators import login_required
from django.shortcuts import render
@@ -87,6 +88,7 @@ def index(request):
return render(request, 'client/index.html', context)
+@login_required
def approve(request):
context = {}
if not (request.user.is_staff or request.user.has_perm('approved')):
@@ -99,123 +101,120 @@ def approve(request):
else:
return render(request, 'client/index.html', context)
+@login_required
def create(request):
context = {}
- if request.user.is_authenticated:
- parent_group = request.user.groups.values_list('name', flat=True)[
- 0]
- group = Group.objects.get(name=parent_group)
- doctypes = DocumentType.objects.filter(
- (Q(group_private=False) | Q(group=group)) & Q(enabled=True))
- out = []
- for doc in doctypes:
- if len(Document.objects.filter(Q(user=request.user) & Q(document_type=doc))) == 0:
- out.append(doc)
-
- context['docs'] = out
- if request.method == "POST":
- if request.POST["action"] == "details":
- if "doctype" not in request.POST.keys():
- context['error'] = True
- context['error_text'] = "Seleziona un documento"
- else:
- context['next'] = True
- document_type = DocumentType.objects.get(
- id=request.POST["doctype"])
- context['doctype'] = document_type
- context['personal_data'] = document_type.personal_data
- context['medical_data'] = document_type.medical_data
- context['custom_data'] = document_type.custom_data
- keys = Keys.objects.filter(container=document_type)
- out_keys = []
- for i in keys:
- out_keys.append([i, ""])
- context['keys'] = out_keys
- context['custom_message'] = document_type.custom_message
- context['custom_message_text'] = document_type.custom_message_text
- elif request.POST["action"] == "save":
- usercode = UserCode.objects.filter(user=request.user)[0]
- code = 0
- status = "wait"
- personal_data = None
- medical_data = None
+ parent_group = request.user.groups.values_list('name', flat=True)[
+ 0]
+ group = Group.objects.get(name=parent_group)
+ doctypes = DocumentType.objects.filter(
+ (Q(group_private=False) | Q(group=group)) & Q(enabled=True))
+ out = []
+ for doc in doctypes:
+ if len(Document.objects.filter(Q(user=request.user) & Q(document_type=doc))) == 0:
+ out.append(doc)
+
+ context['docs'] = out
+ if request.method == "POST":
+ if request.POST["action"] == "details":
+ if "doctype" not in request.POST.keys():
+ context['error'] = True
+ context['error_text'] = "Seleziona un documento"
+ else:
+ context['next'] = True
document_type = DocumentType.objects.get(
id=request.POST["doctype"])
+ context['doctype'] = document_type
+ context['personal_data'] = document_type.personal_data
+ context['medical_data'] = document_type.medical_data
+ context['custom_data'] = document_type.custom_data
+ keys = Keys.objects.filter(container=document_type)
+ out_keys = []
+ for i in keys:
+ out_keys.append([i, ""])
+ context['keys'] = out_keys
+ context['custom_message'] = document_type.custom_message
+ context['custom_message_text'] = document_type.custom_message_text
+ elif request.POST["action"] == "save":
+ usercode = UserCode.objects.filter(user=request.user)[0]
+ code = 0
+ status = "wait"
+ personal_data = None
+ medical_data = None
+ document_type = DocumentType.objects.get(
+ id=request.POST["doctype"])
+
+ if document_type.auto_sign:
+ status = "autosign"
+
+ keys = []
+ if document_type.personal_data:
+ personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country,
+ nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone)
+ personal_data.save()
+
+ if document_type.medical_data:
+ medic = usercode.medic
+ medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc)
+ medical_data.save()
- if document_type.auto_sign:
- status = "autosign"
-
- keys = []
- if document_type.personal_data:
- personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country,
- nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone)
- personal_data.save()
-
- if document_type.medical_data:
- medic = usercode.medic
- medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc)
- medical_data.save()
-
- while (True):
- code = randint(100000, 999999)
- if len(Document.objects.filter(code=code)) == 0:
- break
+ while (True):
+ code = randint(100000, 999999)
+ if len(Document.objects.filter(code=code)) == 0:
+ break
- document = Document(
- user=request.user, group=document_type.group, code=code, status=status, document_type=document_type, personal_data=personal_data, medical_data=medical_data)
- document.save()
+ document = Document(
+ user=request.user, group=document_type.group, code=code, status=status, document_type=document_type, personal_data=personal_data, medical_data=medical_data)
+ document.save()
- if document_type.custom_data:
- for i in request.POST.keys():
- if i == "doctype" or i=="csrfmiddlewaretoken" or i=="action":
- continue
- key = KeyVal(container=document, key=Keys.objects.get(id=i).key, value=request.POST[i])
- key.save()
+ if document_type.custom_data:
+ for i in request.POST.keys():
+ if i == "doctype" or i=="csrfmiddlewaretoken" or i=="action":
+ continue
+ key = KeyVal(container=document, key=Keys.objects.get(id=i).key, value=request.POST[i])
+ key.save()
- return HttpResponseRedirect('/')
+ return HttpResponseRedirect('/')
- return render(request, 'client/doc_create.html', context)
- else:
- return render(request, 'client/index.html', context)
+ return render(request, 'client/doc_create.html', context)
+@login_required
def edit(request):
return edit_wrapper(request, {})
+@login_required
def edit_wrapper(request, context):
- if request.user.is_authenticated:
- if request.method == "POST":
- if "action" not in request.POST.keys():
- document = Document.objects.get(id=request.POST["doc"])
- usercode = UserCode.objects.filter(user=document.user)[0]
-
- if document.document_type.personal_data:
- personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country,
- nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone)
- personal_data.save()
- old_data = document.personal_data
- document.personal_data = personal_data
- document.save()
- old_data.delete()
-
- if document.document_type.medical_data:
- medic = usercode.medic
- medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc)
- medical_data.save()
- old_data = document.medical_data
- document.medical_data = medical_data
- document.save()
- old_data.delete()
-
- if document.document_type.custom_data:
- for i in request.POST.keys():
- if i == "doc" or i=="csrfmiddlewaretoken":
- continue
- key = KeyVal.objects.filter(Q(container=document) & Q(key=Keys.objects.get(id=i).key))[0]
- key.value = request.POST[i]
- key.save()
-
- return HttpResponseRedirect('/')
-
- return render(request, 'client/doc_edit.html', context)
- else:
- return render(request, 'client/index.html', context)
+ if request.method == "POST":
+ if "action" not in request.POST.keys():
+ document = Document.objects.get(id=request.POST["doc"])
+ usercode = UserCode.objects.filter(user=document.user)[0]
+
+ if document.document_type.personal_data:
+ personal_data = PersonalData(email=request.user.email, parent_name=usercode.parent_name, via=usercode.via, cap=usercode.cap, country=usercode.country,
+ nationality=usercode.nationality, born_date=usercode.born_date, home_phone=usercode.home_phone, phone=usercode.phone)
+ personal_data.save()
+ old_data = document.personal_data
+ document.personal_data = personal_data
+ document.save()
+ old_data.delete()
+
+ if document.document_type.medical_data:
+ medic = usercode.medic
+ medical_data = MedicalData(emer_name=medic.emer_name, emer_relative=medic.emer_relative, cell_phone=medic.cell_phone, address=medic.address, emer_phone=medic.emer_phone, health_care=medic.health_care, injuries=medic.injuries, rc=medic.rc, rega=medic.rega, medic_name=medic.medic_name, medic_phone=medic.medic_phone, medic_address=medic.medic_address, sickness=medic.sickness, vaccine=medic.vaccine, tetanus_date=medic.tetanus_date, allergy=medic.allergy, drugs_bool=medic.drugs_bool, drugs=medic.drugs, misc_bool=medic.misc_bool, misc=medic.misc)
+ medical_data.save()
+ old_data = document.medical_data
+ document.medical_data = medical_data
+ document.save()
+ old_data.delete()
+
+ if document.document_type.custom_data:
+ for i in request.POST.keys():
+ if i == "doc" or i=="csrfmiddlewaretoken":
+ continue
+ key = KeyVal.objects.filter(Q(container=document) & Q(key=Keys.objects.get(id=i).key))[0]
+ key.value = request.POST[i]
+ key.save()
+
+ return HttpResponseRedirect('/')
+
+ return render(request, 'client/doc_edit.html', context)