From 80653d69a0dd7bb6a089b6fda05fbe98ff7ac9fb Mon Sep 17 00:00:00 2001 From: Andrea Lepori Date: Fri, 30 Oct 2020 20:47:10 +0100 Subject: renaming, max partecipant number, only "capi" docs --- client/migrations/0005_documenttype_staff_only.py | 18 ++ .../migrations/0006_documenttype_max_instances.py | 18 ++ client/models.py | 2 + client/templates/client/doc_create.html | 123 +++++++------ client/templates/client/doc_edit.html | 6 +- client/templates/client/index.html | 28 +-- client/views.py | 31 +++- server/templates/server/doc_create.html | 14 ++ server/templates/server/doc_edit.html | 107 ++++++++++++ server/templates/server/doc_type.html | 11 ++ server/templates/server/index.html | 12 +- server/urls.py | 1 + server/views.py | 191 +++++++++++++++++++-- 13 files changed, 469 insertions(+), 93 deletions(-) create mode 100644 client/migrations/0005_documenttype_staff_only.py create mode 100644 client/migrations/0006_documenttype_max_instances.py create mode 100644 server/templates/server/doc_edit.html diff --git a/client/migrations/0005_documenttype_staff_only.py b/client/migrations/0005_documenttype_staff_only.py new file mode 100644 index 0000000..3211c26 --- /dev/null +++ b/client/migrations/0005_documenttype_staff_only.py @@ -0,0 +1,18 @@ +# Generated by Django 3.1.2 on 2020-10-30 16:46 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('client', '0004_auto_20200903_1828'), + ] + + operations = [ + migrations.AddField( + model_name='documenttype', + name='staff_only', + field=models.BooleanField(default=False), + ), + ] diff --git a/client/migrations/0006_documenttype_max_instances.py b/client/migrations/0006_documenttype_max_instances.py new file mode 100644 index 0000000..750ff0e --- /dev/null +++ b/client/migrations/0006_documenttype_max_instances.py @@ -0,0 +1,18 @@ +# Generated by Django 3.1.2 on 2020-10-30 17:11 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('client', '0005_documenttype_staff_only'), + ] + + operations = [ + migrations.AddField( + model_name='documenttype', + name='max_instances', + field=models.IntegerField(default=0), + ), + ] diff --git a/client/models.py b/client/models.py index c85ca14..d14a267 100644 --- a/client/models.py +++ b/client/models.py @@ -16,6 +16,8 @@ class DocumentType(models.Model): custom_data = models.BooleanField(default=False) custom_message = models.BooleanField(default=False) custom_message_text = models.CharField(default="", max_length=250) + staff_only = models.BooleanField(default=False) + max_instances = models.IntegerField(default=0) name = models.CharField(default="", max_length=250) diff --git a/client/templates/client/doc_create.html b/client/templates/client/doc_create.html index 18940d8..04f08e6 100644 --- a/client/templates/client/doc_create.html +++ b/client/templates/client/doc_create.html @@ -1,9 +1,9 @@ {% extends 'registration/base_client.html' %} -{% block title %}Crea Documento{% endblock %} +{% block title %}Crea iscrizione{% endblock %} {% block breadcrumb %} - Crea Documento + Crea Iscrizione {% endblock %} {% block content %} @@ -23,7 +23,7 @@ {% endfor %} - + @@ -33,75 +33,100 @@ navigate_next {% else %} - -
-
- - + +
+
+ + +
-
- {% if personal_data %} + {% if no_free_places%}

- Il documento conterrà le informazioni personali, prego verificare che siano corrette e aggiornate + Siamo spiacenti abbiamo esaurito i posti disponibili per questa iscrizione.

- {% endif %} - {% if medical_data %}
-
-
-

- Il documento conterrà le informazioni mediche, prego verificare che siano corrette e aggiornate -

+
+ + navigate_beforeIndietro + + Annulla + cancel + +
+
+ {% else %} + {% if personal_data %} +
+
+
+
+

+ Il documento conterrà le informazioni personali, prego verificare che siano corrette e aggiornate +

+
-
- {% endif %} - {% if custom_message %} -
-
-
-
-

- {{custom_message_text}} -

+ {% endif %} + {% if medical_data %} +
+
+
+
+

+ Il documento conterrà le informazioni mediche, prego verificare che siano corrette e aggiornate +

+
-
- {% endif %} - {% if custom_data %} - {% for key in keys %} + {% endif %} + {% if custom_message %}
-
- - +
+
+
+

+ {{custom_message_text}} +

+
+
- {% endfor %} - {% endif %} -
-
-
- - navigate_beforeIndietro - - Crea - create - + {% endif %} + {% if custom_data %} + {% for key in keys %} +
+
+ + +
+
+ {% endfor %} + {% endif %} + -
+ {% endif %} {% endif %}
diff --git a/client/templates/client/doc_edit.html b/client/templates/client/doc_edit.html index 278f34c..f7e8f72 100644 --- a/client/templates/client/doc_edit.html +++ b/client/templates/client/doc_edit.html @@ -1,9 +1,9 @@ {% extends 'registration/base_client.html' %} -{% block title %}Modifica documento{% endblock %} +{% block title %}Modifica iscrizione{% endblock %} {% block breadcrumb %} - Modifica Documento + Modifica iscrizione {% endblock %} {% block content %} @@ -19,7 +19,7 @@ - +
{% if personal_data %} diff --git a/client/templates/client/index.html b/client/templates/client/index.html index b63fa49..b5d1135 100644 --- a/client/templates/client/index.html +++ b/client/templates/client/index.html @@ -5,8 +5,8 @@ {% block content %}
-
Aggiungi un documento
-

Usa questo bottone per creare un nuovo documento

+
Aggiungi un'iscrizione
+

Usa questo bottone per creare una nuova iscrizione

@@ -36,17 +36,17 @@ {% if doc.0.status == "wait" %}

@@ -54,8 +54,8 @@

diff --git a/client/views.py b/client/views.py index 8b0ac7b..821bc9b 100644 --- a/client/views.py +++ b/client/views.py @@ -15,7 +15,6 @@ from subprocess import check_output from datetime import datetime import pytz - def index(request): context = {} # check if user is logged @@ -138,8 +137,11 @@ def create(request): group = Group.objects.get(name=parent_group) # get available types for user - doctypes = DocumentType.objects.filter( - (Q(group_private=False) | Q(group=group)) & Q(enabled=True)) + filter = (Q(group_private=False) | Q(group=group)) & Q(enabled=True) + if not request.user.is_staff and "capi" not in request.user.groups.values_list('name',flat = True): + filter = filter & Q(staff_only=False) + + doctypes = DocumentType.objects.filter(filter) out = [] for doc in doctypes: # check if user has already that document type @@ -159,7 +161,15 @@ def create(request): context['next'] = True document_type = DocumentType.objects.get( id=request.POST["doctype"]) + context['doctype'] = document_type + + # check if there are still free spaces + context['no_free_places'] = False + if document_type.max_instances != 0: + if len(Document.objects.filter(document_type=document_type)) - len(Document.objects.filter(document_type=document_type, status="archive")) >= document_type.max_instances: + context['no_free_places'] = True + context['personal_data'] = document_type.personal_data context['medical_data'] = document_type.medical_data context['custom_data'] = document_type.custom_data @@ -177,6 +187,21 @@ def create(request): document_type = DocumentType.objects.get( id=request.POST["doctype"]) + # check if there are free spaces + if document_type.max_instances != 0: + if len(Document.objects.filter(document_type=document_type)) - len(Document.objects.filter(document_type=document_type, status="archive")) >= document_type.max_instances: + # there aren't user is cheating + return + + # check if user has permission to use that type + if document_type.staff_only and not request.user.is_staff and "capi" not in request.user.groups.values_list('name', flat = True): + # user is cheating abort + return + + if not document_type.custom_group and document_type.group.name not in request.user.groups.values_list('name', flat=True): + # user is cheating abort + return + # get list of docs with that type current_docs = Document.objects.filter(user=request.user).filter(document_type=document_type) if len(current_docs) > 0: diff --git a/server/templates/server/doc_create.html b/server/templates/server/doc_create.html index 9549a9d..8557f4c 100644 --- a/server/templates/server/doc_create.html +++ b/server/templates/server/doc_create.html @@ -95,6 +95,20 @@
+
+
+ +
+
+
+
+ + +
+
save diff --git a/server/templates/server/doc_edit.html b/server/templates/server/doc_edit.html new file mode 100644 index 0000000..fe11ab4 --- /dev/null +++ b/server/templates/server/doc_edit.html @@ -0,0 +1,107 @@ +{% extends 'registration/base_admin.html' %} + +{% block title %}Admin - Modifica Tipo{% endblock %} + +{% block breadcrumb %} + Admin + Tipo Doc + Modifica Tipo +{% endblock %} + +{% block content %} +
+
+
+
+
+ + {% csrf_token %} +
+
+ + +
+
+
+
+ +
+
+ +
+
+ + +
+
+
+
+ +
+
+
+
+
+ + +
+
+
+
+ + +
+
+
+
+ +
+
+
+
+ + +
+
+ +
+
+
+
+
+{% endblock %} + +{% block script%} +$(document).ready(function(){ + {% if error %} + M.toast({html: '{{ error_text}}', classes: 'orange'}) + {% endif %} +}); +{% endblock %} \ No newline at end of file diff --git a/server/templates/server/doc_type.html b/server/templates/server/doc_type.html index 8c3093d..c407239 100644 --- a/server/templates/server/doc_type.html +++ b/server/templates/server/doc_type.html @@ -137,10 +137,16 @@ {% if doctype.0.auto_sign %} assignment_turned_in {% endif %} + {% if doctype.0.staff_only %} + lock + {% endif %} {{doctype.0.name}} {{doctype.2}}
+ edit Modifica tipo +
+
    {% if not doctype.0.group_private %}
  • @@ -157,6 +163,11 @@ healingDati medici
  • {% endif %} + {% if doctype.0.max_instances != 0 %} +
  • + control_point_duplicateNumero massimo di partecipanti: {{doctype.0.max_instances}} +
  • + {% endif %}
{% if doctype.0.custom_data or doctype.0.custom_message %}
    diff --git a/server/templates/server/index.html b/server/templates/server/index.html index aa4681e..de28169 100644 --- a/server/templates/server/index.html +++ b/server/templates/server/index.html @@ -31,13 +31,13 @@
- Lista utenti + Utenti

Approva utente @@ -75,17 +75,17 @@
- Lista tipo doc + Tipi

- Lista documenti + Documenti

Approva documento diff --git a/server/urls.py b/server/urls.py index 2095450..3c4f66f 100644 --- a/server/urls.py +++ b/server/urls.py @@ -9,6 +9,7 @@ urlpatterns = [ path('ulist', views.ulist, name='ulist'), path('doctype', views.doctype, name='doctype'), path('doccreate', views.doccreate, name='doccreate'), + path('docedit', views.docedit, name='docedit'), path('doclist', views.doclist, name='doclist'), path('docapprove', views.docapprove, name='docapprove'), path('docupload', views.upload_doc, name='docupload'), diff --git a/server/views.py b/server/views.py index 27618d9..9ea1d3f 100644 --- a/server/views.py +++ b/server/views.py @@ -64,8 +64,13 @@ def index(request): # count documents of that type to show statistics docs = [] for doc in public_types: - ref_docs = Document.objects.filter(document_type=doc) - docs.append([doc, len(ref_docs)]) + doc_count = str(len(Document.objects.filter(document_type=doc))) + ref_docs_archived = len(Document.objects.filter(document_type=doc, status="archive")) + if ref_docs_archived > 0: + doc_count += "-" + str(ref_docs_archived) + if doc.max_instances != 0: + doc_count += "/" + str(doc.max_instances) + docs.append([doc, doc_count]) # don't list users if user is staff of not primary if request.user.is_staff: @@ -313,14 +318,37 @@ def doctype(request): message_check = 'checked="checked"' group_check = 'checked="checked"' + # if user not staff of primary get only non primary groups + if request.user.is_staff: + parent_groups = request.user.groups.values_list('name', flat=True) + else: + parent_groups = request.user.groups.values_list('name', flat=True)[ + 1:] + if request.method == "POST": selected = [] - # if user not staff of primary get only non primary groups - if request.user.is_staff: - parent_groups = request.user.groups.values_list('name', flat=True) - else: - parent_groups = request.user.groups.values_list('name', flat=True)[ - 1:] + + # check if request to edit + if request.POST["action"][0] == 'e': + document_type = DocumentType.objects.get(id=request.POST["action"][1:]) + + enabled_check = 'checked="checked"' if document_type.enabled else "" + sign_check = 'checked="checked"' if not document_type.auto_sign else "" + custom_message_check = 'checked="checked"' if document_type.custom_message else "" + staff_only_check = 'checked="checked"' if document_type.staff_only else "" + private_check = 'checked="checked"' if document_type.group_private else "" + + context = { + 'doc': document_type, + "group": document_type.group.name, + "enabled_check": enabled_check, + "private_check": private_check, + "sign_check": sign_check, + "staff_only_check": staff_only_check, + "custom_message_check": custom_message_check, + } + + return docedit_wrapper(request, context) # list all selected types for i in request.POST.keys(): @@ -374,13 +402,12 @@ def doctype(request): 0] group = Group.objects.get(name=parent_group) - # if user not staff of primary group show only public types - if request.user.is_staff: - public_types = DocumentType.objects.filter( - Q(group_private=False) | Q(group=group)) - else: - public_types = DocumentType.objects.filter( - Q(group_private=False)) + # get documents from the list + q_obj = Q() + for i in parent_groups: + q_obj |= Q(group__name=i) + + public_types = DocumentType.objects.filter(q_obj) # apply filters if not public: @@ -412,8 +439,14 @@ def doctype(request): out = [] for doc in public_types: custom_keys = Keys.objects.filter(container=doc) - ref_docs = Document.objects.filter(document_type=doc) - out.append([doc, custom_keys, len(ref_docs)]) + doc_count = str(len(Document.objects.filter(document_type=doc))) + ref_docs_archived = len(Document.objects.filter(document_type=doc, status="archive")) + if ref_docs_archived > 0: + doc_count += "-" + str(ref_docs_archived) + if doc.max_instances != 0: + doc_count += "/" + str(doc.max_instances) + + out.append([doc, custom_keys, doc_count]) context = { 'docs': out, @@ -458,8 +491,10 @@ def doccreate(request): medical_data = False custom_data = False custom_group_bool = False + staff_only = False name = "" custom_group = "" + max_instances = 0 enabled_check = 'checked="checked"' personal_check = 'checked="checked"' @@ -467,6 +502,7 @@ def doccreate(request): medical_check = "" custom_check = "" custom_message_check = "" + staff_only_check = "" # if type create request sent if request.method == "POST": @@ -478,10 +514,19 @@ def doccreate(request): medical_data = "medical_data" in request.POST.keys() custom_data = "custom_data" in request.POST.keys() custom_message = "custom_message" in request.POST.keys() + staff_only = "staff_only" in request.POST.keys() custom_message_text = request.POST["custom_message_text"] name = request.POST["name"] custom_group = request.POST["custom_group"] + if request.POST["max_instances"]: + max_instances = request.POST["max_instances"] + if not max_instances.isdigit(): + context["error"] = "true" + context["error_text"] = "Il numero massimo di iscritti deve essere un numero" + return render(request, 'server/doc_create.html', context) + max_instances = int(max_instances) + # if group not primary and not public throw error if group_private == True and not request.user.is_staff: context["error"] = "true" @@ -510,7 +555,7 @@ def doccreate(request): # create type doctype = DocumentType( - custom_group=custom_group_bool, auto_sign=auto_sign, custom_message=custom_message, custom_message_text=custom_message_text, name=request.POST["name"], enabled=enabled, group_private=group_private, group=group, personal_data=personal_data, medical_data=medical_data, custom_data=custom_data) + custom_group=custom_group_bool, auto_sign=auto_sign, custom_message=custom_message, custom_message_text=custom_message_text, name=request.POST["name"], enabled=enabled, group_private=group_private, group=group, personal_data=personal_data, medical_data=medical_data, custom_data=custom_data, staff_only=staff_only, max_instances=max_instances) doctype.save() # create custom keys @@ -532,11 +577,121 @@ def doccreate(request): "personal_check": personal_check, "medical_check": medical_check, "custom_check": custom_check, + "staff_only_check": staff_only_check, "custom_message_check": custom_message_check, } return render(request, 'server/doc_create.html', context) +@user_passes_test(isStaff) +def docedit(request): + # create an edit page with empty context + return docedit_wrapper(request, {}) + +@user_passes_test(isStaff) +def docedit_wrapper(request, context): + + if request.user.is_staff and "group" in context.keys(): + base_group = request.user.groups.values_list('name', flat=True)[0] + if context["group"] == base_group: + context["group"] = "" + + if request.method == "POST": + if "action" not in request.POST.keys(): + # get groups on which the user has control + if request.user.is_staff: + groups = request.user.groups.values_list('name', flat=True) + else: + groups = request.user.groups.values_list('name', flat=True)[1:] + + group = Group.objects.get(name=groups[0]) + + # get document + doc = DocumentType.objects.get(id=request.POST["doc"]) + + # check if user can edit type + if doc.group.name not in groups: + # user is cheating abort + return + + # init variables + custom_group_bool = False + custom_group = "" + max_instances = 0 + + enabled_check = 'checked="checked"' if doc.enabled else "" + sign_check = 'checked="checked"' if not doc.auto_sign else "" + custom_message_check = 'checked="checked"' if doc.custom_message else "" + staff_only_check = 'checked="checked"' if doc.staff_only else "" + private_check = 'checked="checked"' if doc.group_private else "" + + context = { + 'doc': doc, + "group": doc.group.name, + "enabled_check": enabled_check, + "private_check": private_check, + "sign_check": sign_check, + "staff_only_check": staff_only_check, + "custom_message_check": custom_message_check, + } + + if request.user.is_staff: + if context["group"] == group.name: + context["group"] = "" + + # gather inserted data + enabled = "enabled" in request.POST.keys() + auto_sign = "sign" not in request.POST.keys() + group_private = "group_private" in request.POST.keys() + custom_message = "custom_message" in request.POST.keys() + staff_only = "staff_only" in request.POST.keys() + custom_message_text = request.POST["custom_message_text"] + custom_group = request.POST["custom_group"] + + if request.POST["max_instances"]: + max_instances = request.POST["max_instances"] + if not max_instances.isdigit(): + context["error"] = "true" + context["error_text"] = "Il numero massimo di iscritti deve essere un numero" + return render(request, 'server/doc_edit.html', context) + max_instances = int(max_instances) + + # if group not primary and not public throw error + if group_private == True and not request.user.is_staff: + context["error"] = "true" + context["error_text"] = "Non puoi creare un documento non pubblico per un gruppo non primario" + return render(request, 'server/doc_edit.html', context) + + # check if custom group permissions not met or non public document + if custom_group != "": + if group_private == True: + context["error"] = "true" + context["error_text"] = "Non puoi creare un documento non pubblico per un gruppo non primario" + return render(request, 'server/doc_edit.html', context) + if custom_group not in groups: + context["error"] = "true" + context["error_text"] = "Non puoi creare un tipo assegnato ad un gruppo di cui non fai parte" + return render(request, 'server/doc_edit.html', context) + else: + group = Group.objects.filter(name=custom_group)[0] + custom_group_bool = True + + # edit type + doc.custom_group = custom_group_bool + doc.auto_sign = auto_sign + doc.custom_message = custom_message + doc.custom_message_text = custom_message_text + doc.enabled = enabled + doc.group_private = group_private + doc.group = group + doc.staff_only = staff_only + doc.max_instances = max_instances + + doc.save() + + return HttpResponseRedirect('doctype') + + return render(request, 'server/doc_edit.html', context) @user_passes_test(isStaff) def doclist(request): -- cgit v1.2.1