o Yhԑ@sBddlmZmZmZddlmZmZmZmZddl m Z m Z ddl m Z mZddlmZddlmZddlmZddlmZmZdd lmZmZdd lmZdd lmZmZdd lm Z dd l!m"Z"ddl#m$Z$ddl%m&Z&ddl'm(Z(ddl)m*Z*ddl+m,Z,ddl-m.Z.m/Z/ddl0m1Z1m2Z2m3Z3ddl4m5Z5ddl6m7Z7ddl8Z8ddl9m:Z:m;Z;ddlm?Z?ddl@Z@ddl#m-Z-e ZAe8BdZCddZDd d!ZEd"d#ZFdd$lGmHZHmIZIdd%lJmKZKeIeHeKd&d'ZLdd lmZddlmZmZmZdd(l m Z dd)lMmNZNmOZOdd*l#mPZPdd+l4mQZQdd,l-mRZRmSZSdd-l0mTZTmUZUdd.lVmWZWdd/lVmXZXe eXd0d1d2ZYe eXd0d3d4ZZe eXd0d5d6Z[e eXd0d7d8Z\d9d:Z]d;d<Z^d=d>Z_d?d@Z`dVdBdCZae dDdEZbe dFdGZcdHdIZddJdKZedLdMZfe dNdOZgdPdQZhdRdSZie e eidTdUZjdS)W)renderredirectget_object_or_404) authenticateloginlogoutupdate_session_auth_hash)login_requireduser_passes_test)AuthenticationFormSetPasswordForm)default_token_generator)get_current_site)render_to_string)urlsafe_base64_encodeurlsafe_base64_decode) force_bytes force_str)messages) JsonResponse HttpResponse)get_user_model)ValidationError)IntegrityError)settings) make_password)get_random_string) get_token) CustomUserUserActivityLog)CustomPasswordResetFormCustomSetPasswordFormProfileUpdateForm)Employee)CustomerN)PasswordResetViewPasswordResetConfirmView) reverse_lazy)send_password_reset_email)modelszaccounts.loginc Cs|jdkrm|jd}|jd}td|d|jdt|||d}|durX|jrXt||td|t j j |d d |jd|jd|jd d d t dSt d|d|jdt|dt|dS)NPOSTusernamepasswordz&Superuser login attempt for username: from IP: REMOTE_ADDRr,r- Successful superuser login for: rSuperuser login from HTTP_USER_AGENTuser activity_type description ip_address user_agentcustomers:dashboardz$Failed superuser login attempt for: zInvalid superuser credentials.zaccounts/superuser_login.html)methodr+loggerinfoMETAgetr is_superuserrr objectscreaterwarningrerrorr)requestr,r-r6rG./var/www/html/optinet_system/accounts/views.pysuperuser_login#s&        rIc Cs|jdkr|jdd}|jdd}td|d|jd|r+|s6t|dt |d Szt j j|d }t |d sWt d |t|d t |d WSt|||d}|dur|j}|jdkr~t d|t|dt |d WSt||td|tj j|dd|jd|jd|jddd|jst|dtdWStdWSt d|t|dWn=t jyt d|t|dYn&ty}ztd|dt|t|d WYd}~nd}~wwt |d S)!zEmployee login viewr+r,r4r-z%Employee login attempt for username: r.r/*Please provide both username and password.zaccounts/employee_login.htmlr,employee_profilez%Login attempt for non-employee user: zInvalid employee credentials.r0Nactive%Login attempt for inactive employee: 7Your employee account is not active. Please contact HR.Successful employee login for: rEmployee login from r3r5z>Welcome! This is your first login. Please update your profile.accounts:profiler;z#Failed employee login attempt for: Invalid username or password.z%Login attempt for non-existent user: z Error during employee login for : 1An error occurred during login. Please try again.)r<r+r@stripr=r>r?rrErUserrBhasattrrDrrLstatusrr rC last_loginsuccessr DoesNotExist Exceptionstr)rFr,r-r6authenticated_useremployeeerGrGrHemployee_login@sX                rbc Cs|jdkr|jdd}|jdd}td|d|jd|r+|s6t|dt |d Szt j j|d }t |d sWt d |t|d t |d WSt|||d}|dur|j}|jdkrt d||jdkr~t|dnt|dt |d WSt||td|tj j|dd|jd|jd|jdddtdWSt d|t|dWn=t jyt d|t|dYn&ty}ztd|dt|t|d WYd}~nd}~wwt |d S)!zCustomer login viewr+r,r4r-z%Customer login attempt for username: r.r/rJzcustomers/customer_login.htmlrKcustomer_profilez%Login attempt for non-customer user: zInvalid customer credentials.r0NrM%Login attempt for inactive customer: suspended8Your account has been suspended. Please contact support.3Your account is not active. Please contact support.Successful customer login for: rCustomer login from r3r5customers:customer_dashboardz#Failed customer login attempt for: rSz.Login attempt for non-existent customer user: z Error during customer login for rTrU)r<r+r@rVr=r>r?rrErrWrBrXrDrrcrYrr rCrr\r]r^)rFr,r-r6r_customerrarGrGrHcustomer_loginsV               rl) csrf_protectensure_csrf_cookie) never_cachec Cs|jdkr|jdd}|jdd}|r|s't|dt|dStd|d|j d zrt |||d }|d ur|j d ur`t |d d r`|j |jd<t|dtdWS|jrt||td|tjj|dd|j d |j d |j dddtdWSt|dr|jr|j}t|dr|jdkrtd|t|dt|dWSt||td|tjj|dd|j d |j d |j dddtdWSt|drM|jrM|j}t|dr |jdkr td||jd krt|d!nt|d"t|dWSt||td#|tjj|dd$|j d |j d |j dddtd%WS|jsU|jrt||td&|tjj|dd'|j d |j d |j dddtdWStd(|t|d)t|dWStd*|t|d+t|dWSty}ztd,|d-t|t|d.t|dWYd }~Sd }~wwd/t|i}t|d0|S)1zNUnified login view that handles all user types with first-time password changer+r,r4r-rJzaccounts/unified_login.htmlzLogin attempt for username: r.r/r0Nfirst_login_requiredFfirst_login_user_idz6This is your first login. Please change your password.z#accounts:first_time_password_changer1rr2r3r5r;rLrYrMrNrOrPrQrcrdrerfrgrhrirjz&Successful staff/superuser login for: zStaff login from z(Login attempt for user without profile: z4Account setup is incomplete. Please contact support.zFailed login attempt for: rSzError during login for rTrU csrf_tokenzaccounts/login.html)r<r+r@rVrrErr=r>r?rrZgetattridsessionrrArr rBrCrXrLrYrDrcis_staffr]r^r)rFr,r-r6r`rkracontextrGrGrH unified_logins                                  rx)r )Group Permission) transaction) Department)GroupPermissionManagerDepartmentPermissionAssignment)DepartmentPermissionFormAddPermissionForm)has_permission)permission_requiredmanage_settingscCs`tjjdd}i}tjD]\}}tjj|dd||<q ||tjjddd}t|d|S)z-Dashboard for managing department permissionsT) is_active)categoryr) departmentspermissions_by_categorytotal_permissionsz-accounts/permission_management_dashboard.html)r|rBfilterr}PERMISSION_CATEGORIEScountr)rFrr category_key category_namerwrGrGrHpermission_management_dashboardQs rcCstt|dd}|jdkrht|j|d}|rgtDtj j |d |j D]\}}|drD|rD|D] }tj j|||jdq7q*t|t|d|jdtd Wd S1sbwYnt|d}||d }t|d |S) z,Manage permissions for a specific departmentT)rtrr+ department permissions_)r permission assigned_byzPermissions updated for z department.(accounts:permission_management_dashboardN)rformz+accounts/manage_department_permissions.html)rr|r<rr+is_validr{atomicr~rBrdelete cleaned_dataitems startswithrCr6 _update_django_group_permissionsrr[namerr)rF department_idrr field_name permissionsrrwrGrGrHmanage_department_permissionses2     rcCs^|jdkr"t|j}|r!|}t|d|jdtdSnt}d|i}t |d|S)zAdd a new system permissionr+ Permission "z" added successfully.rrzaccounts/add_permission.html) r<rr+rsaverr[ display_namerr)rFrrrwrGrGrHadd_permissions   rcCsTtt|d}|jdkr |j}|t|d|dtdSd|i}t|d|S)zDelete a system permissionrtr+rz" deleted successfully.rrzaccounts/delete_permission.html) rr}r<rrrr[rr)rF permission_idrpermission_namerwrGrGrHdelete_permissions   rc Cstjj|jd\}}|jtjj|dd}g}|D]?}|j j}t jj|d}| || dd dd dd d d d d}d D]} | |} t jj| d}| |qGqt |D]} |j| qa||_|d S) z?Update Django group permissions based on department assignments)rrr)codenamemanage_r4view_add_change_delete_)rrrrN)ryrB get_or_createrrclearr~rselect_relatedrrzextendreplacesetadd user_groupr) rgroupcreatedassigned_permissionsdjango_permissions assignmentrmatching_perms base_nameprefixperm_variationpermrGrGrHrs,  ,    rcCsf|jd}|s tdSz tjj|d}Wntjy#tdYSw|jdkr|jd}|jd}||krGt |dt |dd |iSt |d kr[t |d t |dd |iS| |d |_ ||jd=d }|jrsd}nt|dr~|jr~d}n t|dr|jrd}nd}t|||dt|d|jst|dr|jrtdStdSt |dd |iS)z!Handle first-time password changerqaccounts:loginrr+ new_passwordconfirm_passwordPasswords do not match.z(accounts/first_time_password_change.htmlr6,Password must be at least 8 characters long.FNz&accounts.backends.SuperuserAuthBackendrLz%accounts.backends.EmployeeAuthBackendrcz%accounts.backends.CustomerAuthBackendz)django.contrib.auth.backends.ModelBackend)backendz5Password changed successfully! Welcome to the system.r;)rur@rrWrBr\r<r+rrErlen set_passwordrprrArXrLrcrr[)rFuser_idr6rrrrGrGrHfirst_time_password_changesF          rc Csp|jdkr3|jdkr/zt|j}|dd}Wntjtfy.t dddYSw|j dd}|sQ|jdkrFt dddSt |dt |d Sztjj|d d }d}|D]}}t|}tt|j}t|}|d |d |d } z@ddlm} | } | j|dd|p|jd| dd|p|jd\} } | rtd|d }n t d|d| Wq^ty}zt d|dt |WYd}~q^d}~ww|jdkrt d ddWSt !|dt |d WSty2}z1t d|dt ||jdkrt dddWYd}~St |dt |d WYd}~Sd}~wwt |d S)zEnhanced password reset requestr+zapplication/jsonemailr4FzInvalid JSON data.r[rEz Please provide an email address.z!accounts/password_reset_form.htmlT)rrz!/accounts/password-reset-confirm//r EmailServicez Password Reset Request - OptiNetz Dear z, You have requested to reset your password for your OptiNet account. Click the link below to reset your password: a This link will expire in 24 hours. If you did not request this password reset, please ignore this email. Best regards, OptiNet Support Team password_reset)recipient_emailsubjectcontent email_typerecipient_namezPassword reset email sent to z'Failed to send password reset email to rTz&Error sending password reset email to NzQIf an account with that email exists, password reset instructions have been sent.r[messagezError in password reset for zHAn error occurred while processing your request. Please try again later.)"r< content_typejsonloadsbodyr@rVJSONDecodeError ValueErrorrr+rrErrWrBrr make_tokenrrpkrbuild_absolute_urinotifications.email_servicer send_email get_full_namer,r=r>r]r^r[)rFdatarusers email_sentr6tokenuid current_site reset_urlr email_servicer[ error_msg email_errorrarGrGrHpassword_reset_requests           &      rc Csztt|}tjj|d}Wnttttjfyd}Ynw|durt ||r|j dkry|j d}|j d}||krMt |dt|ddd iSt|d krat |d t|ddd iS|||t||t |d td St|ddd iSt|dddiS)zPassword reset confirmation)rNr+rrrz$accounts/password_reset_confirm.html valid_linkTrrz9Your password has been reset successfully! Please log in.rF)rrrWrBr@ TypeErrorr OverflowErrorr\r check_tokenr<r+rrErrrrrr[r)rFuidb64rrr6rrrGrGrHpassword_reset_confirmds.          rrkcCs6td}tjj||t|dd}d|_|||fS)z2Helper function for admins to create user accounts T)r,rr-r)rrWrBrCrrpr)r,r user_typerLrc temp_passwordr6rGrGrHcreate_user_accountsrc Cs|jdkr|jd}|jd}|jd}|j|s(t|dt|dS||kr7t|dt|dSt|dkrHt|d t|dS|j ||j t ||jt j j|jd d |jd |jd |jd ddt|dtdSt|dS)zChange password viewr+ old_passwordrrzCurrent password is incorrect.zaccounts/change_password.htmlzNew passwords do not match.rrpassword_changezPassword changed from r/r3r4r5zPassword changed successfully!rR)r<r+r@r6check_passwordrrErrrrrr rBrCr?r[r)rFrrrrGrGrHchange_passwords4                   rcCsZ|jdkr t|j|jd}|r|t|dtdSnt|jd}ddid}|jj r5d|d <n]t |jd rdd |d <|jj |d <|jj j |jj j rT|jj j jnd |jj j|jj d|d<n.t |jdrd|d <|jj|d <|jjj|jjjr|jjjjnd|jj|jjjd|d<tjj|jdddd}|||d}t|d|S)zUser profile view and updater+)instancezProfile updated successfully!rRUnknownN)rprofileadditional_info SuperuserrrLr$rz Not assigned) employee_idrpositionrYrrcr%z No service) customer_idservicerYaccount_balancer6 -timestamp )r user_inforecent_activityzaccounts/profile.html)r<r#r+r6rrrr[rrArXrLrrrrget_status_displayrcrrrr rBrorder_byr)rFrr r rwrGrGrH profile_viewsH            rc Csp|jjr4tjj|jdd|jd|jd|jdddtd|jj t |t |dt d S) z(Custom logout view with activity loggingrzUser logout from r/r3r4r5z User logout: z&You have been successfully logged out.r)r6is_authenticatedr rBrCr?r@r=r>r,rrr[rrFrGrGrH custom_logouts   rcCstdS)z#Redirect admin logout to main loginr)rrrGrGrHadmin_logout_redirectrcCst|S)z1Admin logout view - same as admin_logout_redirect)rrrGrGrHadmin_logout_viewrrc Cs|jjs tdddSz$ddlm}|}|j|jj|jd\}}t||r'dnd|d WStyW}zt d t |tdd t |dWYd }~Sd }~ww) z&Test email functionality for debuggingFzPermission deniedrrr)rsent_byzTest email sent successfully!zFailed to send test email: rzError in test email view: zError sending test email: N) r6rArrrsend_test_emailrr]r=rEr^)rFrrr[rrarGrGrHtest_email_view s*    rcCs |jo|jS)zCheck if user is superuser)rrAr rGrGrHrA's rAcCs6|jsdS|jp|jpt|do|jjo|jjjdkS)z$Check if user is admin or managementFrL Management)rrArvrXrLrrr rGrGrHis_admin_or_management+s  rc Cstjd}|jd}|r$z|j|d}Wn ttfy#Ynw|jd}|r2|j|d}|jd}|rO|t j |dt j |dBt j |d B}d d l m }||d }|jd }| |}tjjddd} || tj|||pzdd} t|d| S)zView user activity logsr r6)rr7)r7search)user__username__icontains)description__icontains)ip_address__icontainsr) Paginator2pageF)useractivitylog__isnullr,r4)logsractivity_types selected_userselected_activity_type search_queryzaccounts/activity_logs.html)r rBallrGETr@rrrr*Qdjango.core.paginatorr get_pagerWdistinctACTIVITY_TYPESr) rFr$rr7rr  paginator page_number page_logsrrwrGrGrHuser_activity_logs5sJ             r3)rkNN)kdjango.shortcutsrrrdjango.contrib.authrrrrdjango.contrib.auth.decoratorsr r django.contrib.auth.formsr r django.contrib.auth.tokensr django.contrib.sites.shortcutsrdjango.template.loaderrdjango.utils.httprrdjango.utils.encodingrrdjango.contribr django.httprrrdjango.core.exceptionsr django.dbr django.confrdjango.contrib.auth.hashersrdjango.utils.cryptordjango.middleware.csrfrr*rr formsr!r"r# hr.modelsr$customers.modelsr%loggingdjango.contrib.auth.viewsr&r' django.urlsr(settings.utilsr)rrW getLoggerr=rIrbrldjango.views.decorators.csrfrmrndjango.views.decorators.cacherorxdjango.contrib.auth.modelsryrzr{r|r}r~rrrrrrrrrrrrrrrrrrrrrArr3rGrGrGrHs                 A?         #   %6`  & 2