init

2023-05-16 17:14:16 +03:00
commit c17da7eaab
157 changed files with 14503 additions and 0 deletions
--- a/AuthApp/api/v1/permissions/personal_api_permissions.py
+++ b/AuthApp/api/v1/permissions/personal_api_permissions.py
@@ -0,0 +1,116 @@
+# coding=utf-8
+from rest_framework.permissions import BasePermission
+from rest_framework.exceptions import PermissionDenied
+from tEDataProj.inter import check_user_key_inter
+from AuthApp.models import User
+
+
+def check_of_user_is_manager_of_company(user, view):
+    if not 'pk' in view.kwargs:
+        return False
+
+    try:
+        objs = User.objects.get(
+            user_profile__company_obj__manager_obj=user,
+            id=view.kwargs['pk']
+        )
+    except:
+        return False
+
+    return objs
+
+
+def check_of_user_is_company_staff(user, view):
+    if not 'pk' in view.kwargs:
+        return False
+
+    try:
+        objs = User.objects.get(
+            user_profile__company_obj=user.user_profile.company_obj,
+            id=view.kwargs['pk']
+        )
+    except:
+        return False
+
+    return objs
+
+
+class Personal_API_perms(BasePermission):
+    """
+    Allows access only users w full access.
+    """
+
+    def has_permission(self, request, view):
+
+        if not request.user or request.user.is_anonymous or not request.user.is_active:
+            return False
+
+        # auth_data = request.query_params
+        # if not check_user_key_inter(auth_data):
+        #     raise PermissionDenied(code=403)
+
+        user = request.user
+        groups = user.groups.all()
+
+        groups_name_list = groups.values_list('name', flat=True)
+
+        if u'API 1С импорт' in groups_name_list:
+            return False
+
+        if view.basename == u'user':
+
+            if view.action in ('create',):
+                perm = user.has_perm('AuthApp.UI_company_staff_create')
+                return perm
+
+            if view.action in (
+                    'update', 'partial_update', 'add_communication_item', 'get_connected_mailings', 'possible_mailings',
+                    'change_mailing_status'):
+                # perm = user.has_perm('AuthApp.UI_managers_modify')
+                # return perm
+                if not user.is_staff:
+                    # персонал компании
+                    if user.has_perm('AuthApp.UI_company_staff_modify_if_staff_company'):
+                        return check_of_user_is_company_staff(user, view)
+
+                    return False
+
+                # если персонал
+                else:
+                    if check_of_user_is_manager_of_company(user, view) and user.has_perm(
+                            'AuthApp.UI_company_staff_modify_if_manager'):
+                        return True
+                    elif user.has_perm('AuthApp.UI_company_staff_modify_any'):
+                        return True
+
+            if view.action in ('destroy',):
+                perm = user.has_perm('AuthApp.UI_company_staff_delete')
+                return perm
+
+            if view.action in (
+                    'retrieve', 'list', 'list_by_company_id', 'list_by_office_id',
+                    'possible_departaments_list', 'possible_company_positions_list'
+            ):
+                perm = user.has_perm('AuthApp.UI_company_staff_retrieve_any_no_staff')
+                if not perm:
+                    perm = user.has_perm('AuthApp.UI_company_staff_retrieve')
+                return perm
+
+        # if view.basename == u'userprofile':
+        #
+        #     if view.action in ('create',):
+        #         perm = user.has_perm('AuthApp.add_userprofile')
+        #         return perm
+        #
+        #     if view.action in ('update', 'partial_update'):
+        #         perm = user.has_perm('AuthApp.change_userprofile')
+        #         return perm
+        #
+        #     if view.action in ('destroy',):
+        #         perm = user.has_perm('AuthApp.delete_userprofile')
+        #         return perm
+        #
+        #     if view.action in ('retrieve', 'list'):
+        #         return True
+
+        return False
--- a/AuthApp/api/v1/user/user_api_serializars.py
+++ b/AuthApp/api/v1/user/user_api_serializars.py
@@ -0,0 +1,124 @@
+from rest_framework import serializers
+from ....models import *
+from ....funcs import fullname_for_user
+
+
+class Personal_change_mailing_status_Serializer(serializers.Serializer):
+    mailing_ID = serializers.IntegerField()
+    mailing_status = serializers.BooleanField()
+
+
+class User_sync_Serializer(serializers.ModelSerializer):
+    id_1s = serializers.SerializerMethodField()
+
+    def get_id_1s(self, obj):
+        return obj.user_profile.id_1s
+
+    class Meta:
+        model = User
+        fields = (
+            'id_1s',
+        )
+
+
+class Profile_list_Serializer(serializers.ModelSerializer):
+    from GeneralApp.api.v1.communications.communications_api_serializers import Communications_create_Serializer
+
+    office_name = serializers.SerializerMethodField(required=False)
+    company_name = serializers.SerializerMethodField(required=False)
+    manager_name = serializers.SerializerMethodField(required=False)
+    company_client_type = serializers.SerializerMethodField(required=False)
+
+    communications = Communications_create_Serializer(many=True)
+
+    def get_company_client_type(self, obj):
+        try:
+            if obj and obj.company_obj:
+                return obj.company_obj.client_type
+            else:
+                return None
+        except:
+            return None
+
+    def get_office_name(self, obj):
+        try:
+            if obj and obj.office:
+                return obj.office.name
+        except:
+            return None
+
+        return None
+
+    def get_company_name(self, obj):
+        try:
+            if obj and obj.company_obj:
+                return obj.company_obj.name
+        except:
+            return None
+
+        return None
+
+    def get_manager_name(self, obj):
+        try:
+            if obj and obj.company_obj and obj.company_obj.manager_obj:
+                return '{0} {1}'.format(obj.company_obj.manager_obj.last_name, obj.company_obj.manager_obj.first_name)
+        except:
+            return None
+
+        return None
+
+    class Meta:
+        model = UserProfile
+        fields = (
+            'id',
+            'enable',
+            'company_obj', 'company_name',
+            'company_position', 'company_client_type',
+            'phone',
+            'delivery_address',
+            'office', 'office_name',
+            'departament',
+            'document_sign_person',
+            'work_start_D',
+            'work_finish_D',
+            'birthdate',
+            'comment',
+            'communications',
+            'priority_connect_type',
+            'modifiedDT',
+            'mailing_sets',
+            'manager_name'
+        )
+
+
+class User_list_Serializer(serializers.ModelSerializer):
+    full_name = serializers.SerializerMethodField('get_full_name_user', required=False)
+
+    # user_profile = Profile_list_Serializer()
+
+    def get_full_name_user(self, obj):
+        name = fullname_for_user(obj)
+        if not name:
+            name = obj.email
+        return name
+
+    class Meta:
+        model = User
+        fields = (
+            'id', 'full_name'
+        )
+
+
+class Personal_list_Serializer(User_list_Serializer):
+    user_profile = Profile_list_Serializer()
+
+    class Meta:
+        model = User
+        fields = (
+            'id', 'full_name', 'first_name', 'last_name', 'is_active', 'is_staff', 'user_profile', 'email'
+        )
+        extra_kwargs = {
+            'email': {'required': 'False'},
+            'first_name': {'required': 'False'},
+            'last_name': {'required': 'False'},
+        }
--- a/AuthApp/api/v1/user/user_api_views.py
+++ b/AuthApp/api/v1/user/user_api_views.py