factory/apps/rpm/views.py

from django.shortcuts import render
from apps.hrm.models import Certificate, Employee
from apps.hrm.serializers import CertificateCreateUpdateSerializer, CertificateSerializer, EmployeeSerializer
from apps.rpm.models import Rcertificate, Remployee, Rparty, Rfile, Rpjfile, Rpjmember, Rpj
from apps.rpm.serializers import RcertificateCreateUpdateSerializer, RcertificateSerializer, RemployeeCreateSerializer, RemployeeSerializer, RpartyAssignSerializer, RpartyCreateUpdateSerializer, RfileListSerializer, RpartySerializer, RpjListSerializer, RpjfileSerializer, RpjfileUpdateSerializer, RpjmemberCreateSerializer, RpjmemberCreatesSerializer, RpjCreateUpdateSerializer, RpjmemberSerializer, RpjmemberUpdateSerializer
from apps.system.models import Post, User, UserPost
from apps.utils.viewsets import CustomGenericViewSet, CustomModelViewSet
from rest_framework.mixins import CreateModelMixin, ListModelMixin, RetrieveModelMixin, DestroyModelMixin, UpdateModelMixin
from apps.utils.mixins import CustomDestoryModelMixin
from rest_framework.decorators import action
from rest_framework.response import Response
from django.contrib.auth.hashers import check_password, make_password
from django.db import transaction
from rest_framework.exceptions import ParseError
from rest_framework import serializers


# Create your views here.
class RpartyViewSet(CustomModelViewSet):
    queryset = Rparty.objects.all()
    create_serializer_class = RpartyCreateUpdateSerializer
    update_serializer_class = RpartyCreateUpdateSerializer
    serializer_class = RpartySerializer

    @action(methods=['post'], detail=True, perms_map={'post': 'rparty:assgin'}, serializer_class=RpartyAssignSerializer)
    @transaction.atomic
    def assign(self, request, *args, **kwargs):
        """
        分配账号
        """
        obj = self.get_object()
        username = request.data.get('username')
        password = make_password('0000')
        user = User.objects.create(username=username,
                                   password=password,
                                   type='remployee',
                                   belong_dept=obj.dept)
        obj.user = user
        obj.save()
        post, _ = Post.objects.get_or_create(code='rparty_admin',
                                             defaults={
                                                 'name': '本相关方管理员',
                                                 'code': 'rparty_admin'
                                             })
        UserPost.objects.create(user=user, dept=obj.dept,
                                post=post)
        return Response()


class RfileViewSet(ListModelMixin, CustomGenericViewSet):
    perms_map = {'get': 'rparty_file:view'}
    queryset = Rfile.objects.all()
    list_serializer_class = RfileListSerializer

    def get_queryset(self):
        queryset = super().get_queryset()
        # 防止越权,加入的逻辑,可以通过岗位控权实现
        if self.request.user.type == 'remployee':
            queryset = queryset.filter(rparty=self.request.user.belong_dept)
        return queryset


class RemployeeViewSet(ListModelMixin, RetrieveModelMixin, CreateModelMixin, CustomDestoryModelMixin,
                       CustomGenericViewSet):
    queryset = Remployee.objects.all()
    create_serializer_class = RemployeeCreateSerializer
    serializer_class = RemployeeSerializer

    def get_queryset(self):
        user = self.request.user
        queryset = super().get_queryset()
        if user.type == 'remployee':
            queryset = queryset.filter(rparty=self.request.user.belong_dept)
        return queryset

    # @transaction.atomic
    # def create(self, request, *args, **kwargs):
    #     """
    #     添加人员
    #     """
    #     user = self.request.user
    #     serializer = self.get_serializer(data=request.data)
    #     serializer.is_valid(raise_exception=True)
    #     vdata = serializer.validated_data
    #     if user.type == 'remployee':  # 如果是相关方账号
    #         ep = serializer.save()
    #         Remployee.objects.get_or_create(employee=ep, rparty=user.belong_dept.rparty,
    #                                         defaults={
    #                                             "employee": ep,
    #                                             "rparty": user.belong_dept.rparty
    #                                         })
    #     else:
    #         if 'rparty' not in vdata:
    #             raise ParseError('未指定相关方')
    #         serializer.save()
    #     return Response(serializer.data, status=201)


class RcertificateViewSet(CustomModelViewSet):
    queryset = Rcertificate.objects.all()
    create_serializer_class = RcertificateCreateUpdateSerializer
    update_serializer_class = RcertificateCreateUpdateSerializer
    serializer_class = RcertificateSerializer

    def get_queryset(self):
        user = self.request.user
        queryset = super().get_queryset()
        if user.type == 'remployee':
            queryset = queryset.filter(remployee__rparty=user.belong_dept)
        return queryset


class RpjViewSet(CustomModelViewSet):
    queryset = Rpj.objects.all()
    create_serializer_class = RpjCreateUpdateSerializer
    update_serializer_class = RpjCreateUpdateSerializer
    serializer_class = RpjListSerializer

    def get_queryset(self):
        user = self.request.user
        queryset = super().get_queryset()
        if user.type == 'remployee':
            queryset = queryset.filter(belong_dept=user.belong_dept)
        return queryset

    def create(self, request, *args, **kwargs):
        user = self.request.user
        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        vdata = serializer.validated_data
        if user.type == 'remployee':
            vdata['rparty'] = user.belong_dept.rparty
        if not vdata.get('rparty', None):
            raise ParseError('请指定相关方')
        if not vdata.get('belong_dept', None):
            vdata['belong_dept'] = vdata['rparty'].belong_dept
        return super().create(request, *args, **kwargs)

    def update(self, request, *args, **kwargs):
        obj = self.get_object()
        if obj.state != Rpj.RPJ_CREATE:
            raise ParseError('项目非创建状态不可更改')
        return super().update(request, *args, **kwargs)

    def destroy(self, request, *args, **kwargs):
        obj = self.get_object()
        if obj.state != Rpj.RPJ_CREATE:
            raise ParseError('项目非创建状态不可删除')
        return super().destroy(request, *args, **kwargs)


class RpjmemberViewSet(CustomModelViewSet):
    perms_map = {'get': '*', 'post': 'rpj:update', 'put': 'rpj:update', 'delete': 'rpj:update'}
    queryset = Rpjmember.objects.all()
    create_serializer_class = RpjmemberCreateSerializer
    update_serializer_class = RpjmemberUpdateSerializer
    serializer_class = RpjmemberSerializer

    def destroy(self, request, *args, **kwargs):
        obj = self.get_object()
        if obj.rpj.state == Rpj.RPJ_CREATE:
            raise ParseError('项目非创建状态不可删除')
        return super().destroy(request, *args, **kwargs)


class RpjfileViewSet(UpdateModelMixin, DestroyModelMixin, ListModelMixin, CustomGenericViewSet):
    perms_map = {'get': '*', 'put': 'rpj:update', 'delete': 'rpj:update'}
    queryset = Rpjfile.objects.all()
    update_serializer_class = RpjfileUpdateSerializer
    serializer_class = RpjfileSerializer

    def update(self, request, *args, **kwargs):
        obj = self.get_object()
        if obj.rpj.state == Rpj.RPJ_CREATE:
            raise ParseError('项目非创建状态不可修改')
        return super().update(request, *args, **kwargs)

    def destroy(self, request, *args, **kwargs):
        obj = self.get_object()
        if obj.rpj.state == Rpj.RPJ_CREATE:
            raise ParseError('项目非创建状态不可删除')
        return super().destroy(request, *args, **kwargs)