from django.http import JsonResponse from django.views.decorators.csrf import csrf_exempt from django.contrib.auth.decorators import login_required from django.db.models import Q import json from customers.models import Customer from billing.models import Invoice from tickets.models import Ticket from hr.models import Employee @login_required @csrf_exempt def global_search(request): if request.method != 'POST': return JsonResponse({'error': 'Method not allowed'}, status=405) try: data = json.loads(request.body) query = data.get('query', '').strip() if len(query) < 2: return JsonResponse({'results': []}) results = [] # Search customers (if user has permission) if request.user.is_staff: customers = Customer.objects.filter( Q(full_name__icontains=query) | Q(email__icontains=query) | Q(customer_id__icontains=query) | Q(phone__icontains=query) )[:5] for customer in customers: results.append({ 'type': 'customer', 'title': customer.full_name, 'subtitle': f'{customer.customer_id} - {customer.email}', 'url': f'/customers/{customer.id}/', 'icon': 'bi-person' }) # Search invoices if request.user.is_staff: invoices = Invoice.objects.filter( Q(invoice_number__icontains=query) | Q(customer__full_name__icontains=query) ).select_related('customer')[:5] else: # Customer can only see their own invoices invoices = Invoice.objects.filter( customer__user=request.user ).filter( Q(invoice_number__icontains=query) )[:5] for invoice in invoices: results.append({ 'type': 'invoice', 'title': f'Invoice #{invoice.invoice_number}', 'subtitle': f'{invoice.customer.full_name} - ${invoice.total_amount}', 'url': f'/billing/invoices/{invoice.id}/', 'icon': 'bi-receipt' }) # Search tickets if request.user.is_staff: tickets = Ticket.objects.filter( Q(title__icontains=query) | Q(ticket_number__icontains=query) | Q(customer__full_name__icontains=query) ).select_related('customer')[:5] else: # Customer can only see their own tickets tickets = Ticket.objects.filter( customer__user=request.user ).filter( Q(title__icontains=query) | Q(ticket_number__icontains=query) )[:5] for ticket in tickets: results.append({ 'type': 'ticket', 'title': ticket.title, 'subtitle': f'{ticket.ticket_number} - {ticket.get_status_display()}', 'url': f'/tickets/{ticket.id}/', 'icon': 'bi-headset' }) # Search employees (staff only) if request.user.is_staff: employees = Employee.objects.filter( Q(full_name__icontains=query) | Q(email__icontains=query) | Q(employee_id__icontains=query) )[:5] for employee in employees: results.append({ 'type': 'employee', 'title': employee.full_name, 'subtitle': f'{employee.employee_id} - {employee.department.name if employee.department else "No Department"}', 'url': f'/hr/employees/{employee.id}/', 'icon': 'bi-person-badge' }) return JsonResponse({'results': results[:15]}) # Limit to 15 results except Exception as e: return JsonResponse({'error': str(e)}, status=500)