from django.shortcuts import render from apps.hrm.models import Certificate, Employee from apps.hrm.serializers import CertificateCreateUpdateSerializer, CertificateSerializer from apps.rpm.models import Remployee, Rparty, RpartyFile, Rpeople, Rproject from apps.rpm.serializers import RemployeeCreateUpdateSerializer, RpartyAssignSerializer, RpartyCreateUpdateSerializer, RpartyFileListSerializer, RpartySerializer, RpeopleCreatesSerializer, RprojectCreateUpdateSerializer from apps.system.models import Post, User, UserPost from apps.utils.viewsets import CustomGenericViewSet, CustomModelViewSet from rest_framework.mixins import CreateModelMixin, ListModelMixin from rest_framework.decorators import action from rest_framework.response import Response from django.contrib.auth.hashers import check_password, make_password from django.db import transaction from rest_framework.exceptions import ParseError from rest_framework import serializers # Create your views here. class RpartyViewSet(CustomModelViewSet): queryset = Rparty.objects.all() create_serializer_class = RpartyCreateUpdateSerializer update_serializer_class = RpartyCreateUpdateSerializer serializer_class = RpartySerializer @action(methods=['post'], detail=True, perms_map={'post': 'rparty:assgin'}, serializer_class=RpartyAssignSerializer) @transaction.atomic def assign(self, request, *args, **kwargs): """ 分配账号 """ obj = self.get_object() username = request.data.get('username') password = make_password('0000') user = User.objects.create(username=username, password=password, type='remployee', belong_dept=obj.dept) obj.user = user obj.save() post, _ = Post.objects.get_or_create(code='rparty_admin', defaults={ 'name': '本相关方管理员', 'code': 'rparty_admin' }) UserPost.objects.create(user=user, dept=obj.dept, post=post) return Response() class RpartyFileViewSet(ListModelMixin, CustomGenericViewSet): perms_map = {'get': 'rparty_file:view'} queryset = RpartyFile.objects.all() list_serializer_class = RpartyFileListSerializer def get_queryset(self): queryset = super().get_queryset() # 防止越权,加入的逻辑,可以通过岗位控权实现 if self.request.user.type == 'remployee': queryset = queryset.filter(rparty=self.request.user.belong_dept) return queryset class RemployeeViewSet(CustomModelViewSet): queryset = Employee.objects.filter(type='remployee') create_serializer_class = RemployeeCreateUpdateSerializer update_serializer_class = RemployeeCreateUpdateSerializer def get_queryset(self): user = self.request.user queryset = super().get_queryset() if user.type == 'remployee': queryset = queryset.filter(belong_dept=user.belong_dept) return queryset @transaction.atomic def create(self, request, *args, **kwargs): """ 添加人员 """ user = self.request.user serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) vdata = serializer.validated_data if user.type == 'remployee': # 如果是相关方账号 ep = serializer.save() Remployee.objects.get_or_create(employee=ep, rparty=user.belong_dept.rparty, defaults={ "employee": ep, "rparty": user.belong_dept.rparty }) else: if 'rparty' not in vdata: raise ParseError('未指定相关方') serializer.save() return Response(serializer.data, status=201) class Rcertificate(CustomModelViewSet): queryset = Certificate.objects.filter(employee__type='remployee') create_serializer_class = CertificateCreateUpdateSerializer update_serializer_class = CertificateCreateUpdateSerializer serializer_class = CertificateSerializer def get_queryset(self): user = self.request.user queryset = super().get_queryset() if user.type == 'remployee': queryset = queryset.filter(belong_dept=user.belong_dept) return queryset class RprojectViewSet(CustomModelViewSet): queryset = Rproject.objects.all() create_serializer_class = RprojectCreateUpdateSerializer update_serializer_class = RprojectCreateUpdateSerializer def get_queryset(self): user = self.request.user queryset = super().get_queryset() if user.type == 'remployee': queryset = queryset.filter(belong_dept=user.belong_dept) return queryset def create(self, request, *args, **kwargs): user = self.request.user serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) vdata = serializer.validated_data if user.type == 'remployee': vdata['rparty'] = user.belong_dept.rparty if not vdata.get('rparty', None): raise ParseError('请指定相关方') if not vdata.get('belong_dept', None): vdata['belong_dept'] = vdata['rparty'].belong_dept return super().create(request, *args, **kwargs) def update(self, request, *args, **kwargs): obj = self.get_object() if obj.state == Rproject.RP_START: return super().update(request, *args, **kwargs) raise ParseError('项目非创建状态不可更改') class RpeopleViewSet(CustomGenericViewSet): perms_map = {'get': '*'} queryset = Rpeople.objects.all() @action(methods=['post'], detail=False, perms_map={'post': 'rproject:update'}, serializer_class=RpeopleCreatesSerializer) @transaction.atomic def creates(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) vdata = serializer.validated_data rp = vdata['rproject'] if rp.state != Rproject.RP_START: raise ParseError('项目非创建状态不可更改') for i in vdata['employees']: Rpeople.objects.create(employee=i, rproject=rp) # 有证书的添加人员证书 return Response() @action(methods=['put'], detail=True, perms_map={'put': 'rproject:update'}, serializer_class=serializers.Serializer) @transaction.atomic def make_manager(self, request): """ 设为项目负责人 """ obj = self.get_object() if obj.rproject.state != Rproject.RP_START: raise ParseError('项目非创建状态不可更改') Rpeople.objects.filter(rproject=obj.rproject).update(is_manager=False) obj.is_manager = True obj.save() return Response()