diff options
Diffstat (limited to '')
-rw-r--r-- | server/templates/server/doc_create.html | 14 | ||||
-rw-r--r-- | server/templates/server/doc_edit.html | 107 | ||||
-rw-r--r-- | server/templates/server/doc_type.html | 11 | ||||
-rw-r--r-- | server/templates/server/index.html | 12 | ||||
-rw-r--r-- | server/urls.py | 1 | ||||
-rw-r--r-- | server/views.py | 191 |
6 files changed, 312 insertions, 24 deletions
diff --git a/server/templates/server/doc_create.html b/server/templates/server/doc_create.html index 9549a9d..8557f4c 100644 --- a/server/templates/server/doc_create.html +++ b/server/templates/server/doc_create.html @@ -95,6 +95,20 @@ <label for="group">Gruppo personalizzato</label> </div> </div> + <div class="row"> + <div class="input-field col l4 s12"> + <label> + <input name="staff_only" type="checkbox" class="filled-in" {{staff_only_check}}/> + <span style="color:black">Visibile solo ai capi</span> + </label> + </div> + </div> + <div class="row"> + <div class="input-field col s12"> + <textarea name="max_instances" id="max_instances" class="materialize-textarea"></textarea> + <label for="max_instances">Numero massimo di partecipanti</label> + </div> + </div> <div class="fixed-action-btn"> <a class="btn-floating btn-large {{color}}" onclick="document.getElementById('form').submit()"> <i class="large material-icons">save</i> diff --git a/server/templates/server/doc_edit.html b/server/templates/server/doc_edit.html new file mode 100644 index 0000000..fe11ab4 --- /dev/null +++ b/server/templates/server/doc_edit.html @@ -0,0 +1,107 @@ +{% extends 'registration/base_admin.html' %} + +{% block title %}Admin - Modifica Tipo{% endblock %} + +{% block breadcrumb %} + <a href="{% url 'server'%}" class="breadcrumb hide-on-med-and-down">Admin</a> + <a href="{% url 'doctype' %}" class="breadcrumb hide-on-med-and-down">Tipo Doc</a> + <a class="breadcrumb hide-on-med-and-down">Modifica Tipo</a> +{% endblock %} + +{% block content %} +<div class="row"> + <div class="col l8 offset-l2 s12"> + <div class="card-panel"> + <div class="row"> + <form id="form" action="{% url 'docedit'%}" method="post" class="col s12"> + <input type="hidden" name="doc" value="{{doc.id}}"> + {% csrf_token %} + <div class="row"> + <div class="input-field col s12"> + <input disabled name="name" value="{{doc.name}}" id="name" type="text"> + <label for="name">Nome</label> + </div> + </div> + <div class="row"> + <div class="switch col l3 s12"> + <label> + Disabilitato + <input name="enabled" type="checkbox" {{enabled_check}}> + <span class="lever"></span> + Abilitato + </label> + </div> + <div class="switch col l3 s12"> + <label> + Publico + <input name="group_private" type="checkbox" {{private_check}}> + <span class="lever"></span> + Privato + </label> + </div> + <div class="switch col l3 s12"> + <label> + Richiede firma + </label> + <label> + No + <input name="sign" type="checkbox" {{sign_check}}> + <span class="lever"></span> + Si + </label> + </div> + </div> + <div class="row"> + <div class="input-field col l4 s12"> + <label> + <input name="custom_message" type="checkbox" class="filled-in" {{custom_message_check}}/> + <span style="color:black">Messaggio personalizzato</span> + </label> + </div> + </div> + <br> + <div class="row"> + <div class="input-field col s12"> + <textarea name="custom_message_text" id="message" class="materialize-textarea">{{doc.custom_message_text}}</textarea> + <label for="message">Messaggio personalizzato</label> + </div> + </div> + <div class="row"> + <div class="input-field col s12"> + <textarea name="custom_group" id="group" class="materialize-textarea">{{group}}</textarea> + <label for="group">Gruppo personalizzato</label> + </div> + </div> + <div class="row"> + <div class="input-field col l4 s12"> + <label> + <input name="staff_only" type="checkbox" class="filled-in" {{staff_only_check}}/> + <span style="color:black">Visibile solo ai capi</span> + </label> + </div> + </div> + <div class="row"> + <div class="input-field col s12"> + <textarea name="max_instances" id="max_instances" class="materialize-textarea">{{doc.max_instances}}</textarea> + <label for="max_instances">Numero massimo di partecipanti</label> + </div> + </div> + <div class="fixed-action-btn"> + <a class="btn-floating btn-large {{color}}" onclick="document.getElementById('form').submit()"> + <i class="large material-icons">save</i> + </a> + </div> + </form> + </div> + </div> + </div> +</div> +{% endblock %} + +{% block script%} +$(document).ready(function(){ + {% if error %} + M.toast({html: '{{ error_text}}', classes: 'orange'}) + {% endif %} +}); +{% endblock %}
\ No newline at end of file diff --git a/server/templates/server/doc_type.html b/server/templates/server/doc_type.html index 8c3093d..c407239 100644 --- a/server/templates/server/doc_type.html +++ b/server/templates/server/doc_type.html @@ -137,10 +137,16 @@ {% if doctype.0.auto_sign %} <i class="material-icons">assignment_turned_in</i> {% endif %} + {% if doctype.0.staff_only %} + <i class="material-icons">lock</i> + {% endif %} {{doctype.0.name}} <span class="new badge {{color}}" data-badge-caption="">{{doctype.2}}</span> </div> <div class="collapsible-body"><span> + <a class="waves-effect waves-light btn {{color}}" onclick="send('e{{doctype.0.id}}')"><i class="material-icons left">edit</i> Modifica tipo</a> + <br> + <br> <ul class="collection"> {% if not doctype.0.group_private %} <li class="collection-item"> @@ -157,6 +163,11 @@ <i class="material-icons left">healing</i>Dati medici </li> {% endif %} + {% if doctype.0.max_instances != 0 %} + <li class="collection-item"> + <i class="material-icons left">control_point_duplicate</i>Numero massimo di partecipanti: {{doctype.0.max_instances}} + </li> + {% endif %} </ul> {% if doctype.0.custom_data or doctype.0.custom_message %} <ul class="collapsible"> diff --git a/server/templates/server/index.html b/server/templates/server/index.html index aa4681e..de28169 100644 --- a/server/templates/server/index.html +++ b/server/templates/server/index.html @@ -31,13 +31,13 @@ </div> <div class="card-action"> <div class="hide-on-med-and-down"> - <a class="waves-effect waves-light btn {{color}}" href="{% url 'ulist' %}">Lista utenti</a> + <a class="waves-effect waves-light btn {{color}}" href="{% url 'ulist' %}">Utenti</a> <a class="waves-effect waves-light btn {{color}}" href="{% url 'uapprove' %}">Approva utente</a> <a class="waves-effect waves-light btn {{color}}" href="{% url 'request' %}">Richiedi dati</a> </div> <div class="hide-on-large-only"> - <a class="col s12 waves-effect waves-light btn {{color}}" href="{% url 'ulist' %}">Lista utenti</a> + <a class="col s12 waves-effect waves-light btn {{color}}" href="{% url 'ulist' %}">Utenti</a> <br> <br> <a class="col s12 waves-effect waves-light btn {{color}}" href="{% url 'uapprove' %}">Approva utente</a> @@ -75,17 +75,17 @@ </div> <div class="card-action"> <div class="hide-on-med-and-down"> - <a class="waves-effect waves-light btn {{color}}" href="{% url 'doctype' %}">Lista tipo doc</a> - <a class="waves-effect waves-light btn {{color}}" href="{% url 'doclist' %}">Lista documenti</a> + <a class="waves-effect waves-light btn {{color}}" href="{% url 'doctype' %}">Tipi</a> + <a class="waves-effect waves-light btn {{color}}" href="{% url 'doclist' %}">Documenti</a> <a class="waves-effect waves-light btn {{color}}" href="{% url 'docapprove' %}">Approva documento</a> <a class="waves-effect waves-light btn {{color}}" href="{% url 'docupload' %}">Carica firma</a> </div> <div class="hide-on-large-only"> - <a class="col s12 waves-effect waves-light btn {{color}}" href="{% url 'doctype' %}">Lista tipo doc</a> + <a class="col s12 waves-effect waves-light btn {{color}}" href="{% url 'doctype' %}">Tipi</a> <br> <br> - <a class="col s12 waves-effect waves-light btn {{color}}" href="{% url 'doclist' %}">Lista documenti</a> + <a class="col s12 waves-effect waves-light btn {{color}}" href="{% url 'doclist' %}">Documenti</a> <br> <br> <a class="col s12 waves-effect waves-light btn {{color}}" href="{% url 'docapprove' %}">Approva documento</a> diff --git a/server/urls.py b/server/urls.py index 2095450..3c4f66f 100644 --- a/server/urls.py +++ b/server/urls.py @@ -9,6 +9,7 @@ urlpatterns = [ path('ulist', views.ulist, name='ulist'), path('doctype', views.doctype, name='doctype'), path('doccreate', views.doccreate, name='doccreate'), + path('docedit', views.docedit, name='docedit'), path('doclist', views.doclist, name='doclist'), path('docapprove', views.docapprove, name='docapprove'), path('docupload', views.upload_doc, name='docupload'), diff --git a/server/views.py b/server/views.py index 27618d9..9ea1d3f 100644 --- a/server/views.py +++ b/server/views.py @@ -64,8 +64,13 @@ def index(request): # count documents of that type to show statistics docs = [] for doc in public_types: - ref_docs = Document.objects.filter(document_type=doc) - docs.append([doc, len(ref_docs)]) + doc_count = str(len(Document.objects.filter(document_type=doc))) + ref_docs_archived = len(Document.objects.filter(document_type=doc, status="archive")) + if ref_docs_archived > 0: + doc_count += "-" + str(ref_docs_archived) + if doc.max_instances != 0: + doc_count += "/" + str(doc.max_instances) + docs.append([doc, doc_count]) # don't list users if user is staff of not primary if request.user.is_staff: @@ -313,14 +318,37 @@ def doctype(request): message_check = 'checked="checked"' group_check = 'checked="checked"' + # if user not staff of primary get only non primary groups + if request.user.is_staff: + parent_groups = request.user.groups.values_list('name', flat=True) + else: + parent_groups = request.user.groups.values_list('name', flat=True)[ + 1:] + if request.method == "POST": selected = [] - # if user not staff of primary get only non primary groups - if request.user.is_staff: - parent_groups = request.user.groups.values_list('name', flat=True) - else: - parent_groups = request.user.groups.values_list('name', flat=True)[ - 1:] + + # check if request to edit + if request.POST["action"][0] == 'e': + document_type = DocumentType.objects.get(id=request.POST["action"][1:]) + + enabled_check = 'checked="checked"' if document_type.enabled else "" + sign_check = 'checked="checked"' if not document_type.auto_sign else "" + custom_message_check = 'checked="checked"' if document_type.custom_message else "" + staff_only_check = 'checked="checked"' if document_type.staff_only else "" + private_check = 'checked="checked"' if document_type.group_private else "" + + context = { + 'doc': document_type, + "group": document_type.group.name, + "enabled_check": enabled_check, + "private_check": private_check, + "sign_check": sign_check, + "staff_only_check": staff_only_check, + "custom_message_check": custom_message_check, + } + + return docedit_wrapper(request, context) # list all selected types for i in request.POST.keys(): @@ -374,13 +402,12 @@ def doctype(request): 0] group = Group.objects.get(name=parent_group) - # if user not staff of primary group show only public types - if request.user.is_staff: - public_types = DocumentType.objects.filter( - Q(group_private=False) | Q(group=group)) - else: - public_types = DocumentType.objects.filter( - Q(group_private=False)) + # get documents from the list + q_obj = Q() + for i in parent_groups: + q_obj |= Q(group__name=i) + + public_types = DocumentType.objects.filter(q_obj) # apply filters if not public: @@ -412,8 +439,14 @@ def doctype(request): out = [] for doc in public_types: custom_keys = Keys.objects.filter(container=doc) - ref_docs = Document.objects.filter(document_type=doc) - out.append([doc, custom_keys, len(ref_docs)]) + doc_count = str(len(Document.objects.filter(document_type=doc))) + ref_docs_archived = len(Document.objects.filter(document_type=doc, status="archive")) + if ref_docs_archived > 0: + doc_count += "-" + str(ref_docs_archived) + if doc.max_instances != 0: + doc_count += "/" + str(doc.max_instances) + + out.append([doc, custom_keys, doc_count]) context = { 'docs': out, @@ -458,8 +491,10 @@ def doccreate(request): medical_data = False custom_data = False custom_group_bool = False + staff_only = False name = "" custom_group = "" + max_instances = 0 enabled_check = 'checked="checked"' personal_check = 'checked="checked"' @@ -467,6 +502,7 @@ def doccreate(request): medical_check = "" custom_check = "" custom_message_check = "" + staff_only_check = "" # if type create request sent if request.method == "POST": @@ -478,10 +514,19 @@ def doccreate(request): medical_data = "medical_data" in request.POST.keys() custom_data = "custom_data" in request.POST.keys() custom_message = "custom_message" in request.POST.keys() + staff_only = "staff_only" in request.POST.keys() custom_message_text = request.POST["custom_message_text"] name = request.POST["name"] custom_group = request.POST["custom_group"] + if request.POST["max_instances"]: + max_instances = request.POST["max_instances"] + if not max_instances.isdigit(): + context["error"] = "true" + context["error_text"] = "Il numero massimo di iscritti deve essere un numero" + return render(request, 'server/doc_create.html', context) + max_instances = int(max_instances) + # if group not primary and not public throw error if group_private == True and not request.user.is_staff: context["error"] = "true" @@ -510,7 +555,7 @@ def doccreate(request): # create type doctype = DocumentType( - custom_group=custom_group_bool, auto_sign=auto_sign, custom_message=custom_message, custom_message_text=custom_message_text, name=request.POST["name"], enabled=enabled, group_private=group_private, group=group, personal_data=personal_data, medical_data=medical_data, custom_data=custom_data) + custom_group=custom_group_bool, auto_sign=auto_sign, custom_message=custom_message, custom_message_text=custom_message_text, name=request.POST["name"], enabled=enabled, group_private=group_private, group=group, personal_data=personal_data, medical_data=medical_data, custom_data=custom_data, staff_only=staff_only, max_instances=max_instances) doctype.save() # create custom keys @@ -532,11 +577,121 @@ def doccreate(request): "personal_check": personal_check, "medical_check": medical_check, "custom_check": custom_check, + "staff_only_check": staff_only_check, "custom_message_check": custom_message_check, } return render(request, 'server/doc_create.html', context) +@user_passes_test(isStaff) +def docedit(request): + # create an edit page with empty context + return docedit_wrapper(request, {}) + +@user_passes_test(isStaff) +def docedit_wrapper(request, context): + + if request.user.is_staff and "group" in context.keys(): + base_group = request.user.groups.values_list('name', flat=True)[0] + if context["group"] == base_group: + context["group"] = "" + + if request.method == "POST": + if "action" not in request.POST.keys(): + # get groups on which the user has control + if request.user.is_staff: + groups = request.user.groups.values_list('name', flat=True) + else: + groups = request.user.groups.values_list('name', flat=True)[1:] + + group = Group.objects.get(name=groups[0]) + + # get document + doc = DocumentType.objects.get(id=request.POST["doc"]) + + # check if user can edit type + if doc.group.name not in groups: + # user is cheating abort + return + + # init variables + custom_group_bool = False + custom_group = "" + max_instances = 0 + + enabled_check = 'checked="checked"' if doc.enabled else "" + sign_check = 'checked="checked"' if not doc.auto_sign else "" + custom_message_check = 'checked="checked"' if doc.custom_message else "" + staff_only_check = 'checked="checked"' if doc.staff_only else "" + private_check = 'checked="checked"' if doc.group_private else "" + + context = { + 'doc': doc, + "group": doc.group.name, + "enabled_check": enabled_check, + "private_check": private_check, + "sign_check": sign_check, + "staff_only_check": staff_only_check, + "custom_message_check": custom_message_check, + } + + if request.user.is_staff: + if context["group"] == group.name: + context["group"] = "" + + # gather inserted data + enabled = "enabled" in request.POST.keys() + auto_sign = "sign" not in request.POST.keys() + group_private = "group_private" in request.POST.keys() + custom_message = "custom_message" in request.POST.keys() + staff_only = "staff_only" in request.POST.keys() + custom_message_text = request.POST["custom_message_text"] + custom_group = request.POST["custom_group"] + + if request.POST["max_instances"]: + max_instances = request.POST["max_instances"] + if not max_instances.isdigit(): + context["error"] = "true" + context["error_text"] = "Il numero massimo di iscritti deve essere un numero" + return render(request, 'server/doc_edit.html', context) + max_instances = int(max_instances) + + # if group not primary and not public throw error + if group_private == True and not request.user.is_staff: + context["error"] = "true" + context["error_text"] = "Non puoi creare un documento non pubblico per un gruppo non primario" + return render(request, 'server/doc_edit.html', context) + + # check if custom group permissions not met or non public document + if custom_group != "": + if group_private == True: + context["error"] = "true" + context["error_text"] = "Non puoi creare un documento non pubblico per un gruppo non primario" + return render(request, 'server/doc_edit.html', context) + if custom_group not in groups: + context["error"] = "true" + context["error_text"] = "Non puoi creare un tipo assegnato ad un gruppo di cui non fai parte" + return render(request, 'server/doc_edit.html', context) + else: + group = Group.objects.filter(name=custom_group)[0] + custom_group_bool = True + + # edit type + doc.custom_group = custom_group_bool + doc.auto_sign = auto_sign + doc.custom_message = custom_message + doc.custom_message_text = custom_message_text + doc.enabled = enabled + doc.group_private = group_private + doc.group = group + doc.staff_only = staff_only + doc.max_instances = max_instances + + doc.save() + + return HttpResponseRedirect('doctype') + + return render(request, 'server/doc_edit.html', context) @user_passes_test(isStaff) def doclist(request): |