522 lines
19 KiB
Python
522 lines
19 KiB
Python
import datetime
|
|
|
|
from django.contrib import messages
|
|
from django.shortcuts import render, redirect, get_object_or_404
|
|
from django.contrib.auth import update_session_auth_hash, login, authenticate
|
|
from django.contrib.auth.forms import PasswordChangeForm, UserCreationForm
|
|
from django.contrib.auth.decorators import login_required, user_passes_test
|
|
from django.views.generic.edit import CreateView, UpdateView, DeleteView, FormView
|
|
from django.views.generic import ListView, DetailView
|
|
from django.contrib.auth.models import User
|
|
from django.utils.decorators import method_decorator
|
|
from django.urls import reverse_lazy
|
|
from django.core.exceptions import PermissionDenied
|
|
|
|
from app.models import UserProfile, Item, Category, Image, Report, ReportImage
|
|
from app.forms import UploadForm
|
|
|
|
def is_superuser(user):
|
|
return user.is_superuser
|
|
|
|
def index(request):
|
|
context = {}
|
|
return render(request, "app/frontend/index.html")
|
|
|
|
def class_view_decorator(function_decorator):
|
|
def deco(view):
|
|
view.dispatch = method_decorator(function_decorator)(view.dispatch)
|
|
return view
|
|
return deco
|
|
|
|
@login_required
|
|
def clientarea(request):
|
|
return redirect("items")
|
|
context = {"title": "Dashboard"}
|
|
return render(request, "app/backend/base.html", context)
|
|
|
|
@login_required
|
|
def userprofile(request, userid=None):
|
|
if not userid:
|
|
user = request.user
|
|
elif request.user.is_superuser:
|
|
user = User.objects.get(id=userid)
|
|
else:
|
|
raise PermissionDenied()
|
|
|
|
userprofile = UserProfile.objects.get(user=user)
|
|
if request.POST:
|
|
try:
|
|
userprofile.company = request.POST.get("company", userprofile.company)
|
|
user.email = request.POST.get("email", user.email)
|
|
first_name = request.POST.get("firstname", user.first_name)
|
|
last_name = request.POST.get("lastname", user.last_name)
|
|
userprofile.address = request.POST.get("address", userprofile.address)
|
|
userprofile.zipcode = request.POST.get("zip", userprofile.zipcode)
|
|
userprofile.city = request.POST.get("city", userprofile.city)
|
|
userprofile.country = request.POST.get("country", userprofile.country)
|
|
userprofile.mobile = request.POST.get("mobile", userprofile.mobile)
|
|
user.save()
|
|
userprofile.save()
|
|
messages.success(request, "Das Profil wurde erfolgreich bearbeitet!")
|
|
return redirect(reverse_lazy("userprofilebyid", kwargs={"userid": user.id}))
|
|
except:
|
|
messages.error(request, "Das Profil konnte nicht bearbeitet werden!")
|
|
return redirect(reverse_lazy("userprofilebyid", kwargs={"userid": user.id}))
|
|
context = { "title": "Benutzerprofil", "user": user }
|
|
return render(request, "app/backend/user.html", context)
|
|
|
|
def protect(request):
|
|
context = {"title": "Schützen"}
|
|
return render(request, "app/frontend/protect.html", context)
|
|
|
|
def check(request):
|
|
if request.method == "POST" and request.POST.get("id"):
|
|
try:
|
|
item = Item.objects.get(iid=request.POST.get("id"), status__gt=-1)
|
|
return redirect("checkitem", uuid=item.uuid)
|
|
except:
|
|
pass
|
|
|
|
context = {"title": "Überprüfen", "categories": Category.objects.all()}
|
|
return render(request, "app/frontend/check.html", context)
|
|
|
|
def privacy(request):
|
|
context = {"title": "Datenschutzerklärung"}
|
|
return render(request, "app/frontend/privacy.html", context)
|
|
|
|
def faq(request):
|
|
context = {"title": "Häufige Fragen"}
|
|
return render(request, "app/frontend/faq.html", context)
|
|
|
|
def legal(request):
|
|
context = {"title": "Impressum"}
|
|
return render(request, "app/frontend/legal.html", context)
|
|
|
|
def success(request):
|
|
context = {"title": "Meldung erfolgreich"}
|
|
return render(request, "app/frontend/success.html", context)
|
|
|
|
@login_required
|
|
def changepassword(request):
|
|
if request.method == 'POST':
|
|
form = PasswordChangeForm(request.user, request.POST)
|
|
if form.is_valid():
|
|
user = form.save()
|
|
update_session_auth_hash(request, user)
|
|
messages.success(request, 'Dein Passwort wurde erfolgreich geändert!')
|
|
return redirect('userprofile')
|
|
else:
|
|
messages.error(request, 'Dein Passwort konnte nicht geändert werden!')
|
|
return redirect('userprofile')
|
|
else:
|
|
form = PasswordChangeForm(request.user)
|
|
|
|
context = {"form": form}
|
|
return render(request, "app/backend/password.html", context)
|
|
|
|
@login_required
|
|
def items(request):
|
|
try:
|
|
iid = request.POST["id"]
|
|
if request.user.is_superuser:
|
|
try:
|
|
return redirect(reverse_lazy("edititem", kwargs={"uuid": Item.objects.get(iid=iid).uuid}))
|
|
except:
|
|
messages.error(request, "Dieser Gegenstand wurde nicht gefunden.")
|
|
else:
|
|
try:
|
|
return redirect(reverse_lazy("edititem", kwargs={"uuid": Item.objects.get(iid=iid, owner=request.user).uuid}))
|
|
except:
|
|
messages.error(request, "Dieser Gegenstand wurde nicht gefunden oder gehört nicht dir.")
|
|
except:
|
|
pass
|
|
context = {"title": "Gegenstände"}
|
|
return render(request, "app/backend/items.html", context)
|
|
|
|
@class_view_decorator(login_required)
|
|
class ItemCreateView(CreateView):
|
|
model = Item
|
|
fields = ["name", "description", "cats", "reward"]
|
|
template_name = "app/backend/additem.html"
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(ItemCreateView, self).get_context_data(**kwargs)
|
|
ctx['title'] = "Gegenstand hinzufügen"
|
|
return ctx
|
|
|
|
def form_valid(self, form):
|
|
form.instance.owner = self.request.user
|
|
return super(ItemCreateView, self).form_valid(form)
|
|
|
|
def form_invalid(self, form):
|
|
messages.error(self.request, "Der Gegenstand konnte nicht hinzugefügt werden!")
|
|
return redirect("items")
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class UserListView(ListView):
|
|
model = User
|
|
template_name = "app/backend/users.html"
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(UserListView, self).get_context_data(**kwargs)
|
|
ctx['title'] = "Benutzerverwaltung"
|
|
return ctx
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class CategoryListView(ListView):
|
|
model = Category
|
|
template_name = "app/backend/categories.html"
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(CategoryListView, self).get_context_data(**kwargs)
|
|
ctx['title'] = "Kategorien"
|
|
return ctx
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class CategoryCreateView(CreateView):
|
|
model = Category
|
|
fields = ["name"]
|
|
template_name = "app/backend/addcategory.html"
|
|
success_url = reverse_lazy("categories")
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(CategoryCreateView, self).get_context_data(**kwargs)
|
|
ctx['title'] = "Kategorie hinzufügen"
|
|
return ctx
|
|
|
|
def form_invalid(self, form):
|
|
messages.error(self.request, "Die Kategorie konnte nicht hinzugefügt werden!")
|
|
return redirect("categories")
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class CategoryDeleteView(DeleteView):
|
|
model = Category
|
|
pk_url_kwarg = "slug"
|
|
template_name = "app/backend/deletecategory.html"
|
|
success_url = reverse_lazy("categories")
|
|
|
|
@class_view_decorator(login_required)
|
|
class ItemDetailView(DetailView):
|
|
model = Item
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/item.html"
|
|
|
|
def form_valid(self, form):
|
|
form.instance.user = self.request.user
|
|
return super(ItemDetailView, self).form_valid(form)
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(ItemDetailView, self).get_context_data(**kwargs)
|
|
ctx['title'] = self.title
|
|
return ctx
|
|
|
|
def get_object(self, queryset = None):
|
|
obj = super(ItemDetailView, self).get_object(queryset)
|
|
if self.request.user != obj.owner and not self.request.user.is_superuser:
|
|
raise PermissionDenied()
|
|
self.title = obj.name
|
|
return obj
|
|
|
|
@class_view_decorator(login_required)
|
|
class ImageCreateView(CreateView):
|
|
model = Image
|
|
template_name = "app/backend/upload.html"
|
|
fields = ["image", "description"]
|
|
|
|
def form_valid(self, form):
|
|
item = Item.objects.get(uuid=self.kwargs['uuid'])
|
|
if (self.request.user != item.owner) and (not self.request.user.is_superuser):
|
|
raise PermissionDenied()
|
|
form.instance.item = item
|
|
return super(ImageCreateView, self).form_valid(form)
|
|
|
|
class StolenItemListView(ListView):
|
|
model = Item
|
|
template_name = "app/frontend/items.html"
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(StolenItemListView, self).get_context_data(**kwargs)
|
|
ctx['category'] = Category.objects.get(slug=self.kwargs["slug"]).name
|
|
return ctx
|
|
|
|
def get_queryset(self):
|
|
return Item.objects.filter(cats__slug=self.kwargs["slug"], status=1)
|
|
|
|
class StolenItemView(DetailView):
|
|
model = Item
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/frontend/item.html"
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(StolenItemView, self).get_context_data(**kwargs)
|
|
ctx['title'] = self.title
|
|
return ctx
|
|
|
|
def get_object(self, queryset = None):
|
|
obj = super(StolenItemView, self).get_object(queryset)
|
|
self.title = obj.name
|
|
return obj
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class ReportDetailView(DetailView):
|
|
model = Report
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/report.html"
|
|
|
|
class ReportDeleteView(DeleteView):
|
|
model = Report
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/deletereport.html"
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class ReportListView(ListView):
|
|
model = Report
|
|
template_name = "app/backend/reports.html"
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(ReportListView, self).get_context_data(**kwargs)
|
|
ctx['title'] = "Berichte"
|
|
return ctx
|
|
|
|
class ReportCreateView(CreateView):
|
|
model = Report
|
|
template_name = "app/frontend/report.html"
|
|
fields = ["name", "mail", "phone", "found_on", "found_at", "message"]
|
|
|
|
def post(self, request, **kwargs):
|
|
request.POST = request.POST.copy()
|
|
request.POST["found_on"] = datetime.datetime.strptime(request.POST["found_on"], "%d.%m.%Y %H:%M").strftime('%Y-%m-%d %H:%M:%S')
|
|
|
|
return super(ReportCreateView, self).post(request, **kwargs)
|
|
|
|
def get_initial(self, *args, **kwargs):
|
|
initial = super(ReportCreateView, self).get_initial(**kwargs)
|
|
if self.request.user.is_authenticated:
|
|
initial["name"] = self.request.user.get_full_name()
|
|
initial["phone"] = self.request.user.userprofile.mobile
|
|
initial["mail"] = self.request.user.email
|
|
return initial
|
|
|
|
def form_valid(self, form):
|
|
form.instance.item = Item.objects.get(uuid=self.kwargs['uuid'])
|
|
form.instance.save()
|
|
imageform = UploadForm(self.request.POST, self.request.FILES)
|
|
if imageform.is_valid():
|
|
for image in [imageform.cleaned_data["image%i" % i] for i in range(1, 5)]:
|
|
if image:
|
|
ReportImage.objects.create(image=image, report=form.instance)
|
|
messages.success(self.request, "Vielen Dank für deine Meldung - wir werden sie prüfen und uns bald bei dir melden!")
|
|
return redirect(reverse_lazy("checkitem", kwargs={"uuid": self.kwargs['uuid']}))
|
|
|
|
def form_invalid(self, form):
|
|
messages.error(self.request, "Leider konnte deine Eingabe nicht verarbeitet werden. Bitte stelle sicher, dass die angegebenen Daten korrekt sind und versuche es nochmals!")
|
|
return redirect(reverse_lazy("checkitem", kwargs={"uuid": self.kwargs['uuid']}))
|
|
|
|
def get_context_data(self, **kwargs):
|
|
ctx = super(ReportCreateView, self).get_context_data(**kwargs)
|
|
ctx['imageform'] = UploadForm(self.request.POST, self.request.FILES)
|
|
return ctx
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class ReportRefuseView(UpdateView):
|
|
model = Report
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/refuse.html"
|
|
fields = []
|
|
|
|
def form_valid(self, form):
|
|
form.instance.status = -1
|
|
return super(ReportRefuseView, self).form_valid(form)
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class ReportProcessingView(UpdateView):
|
|
model = Report
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/processing.html"
|
|
fields = []
|
|
|
|
def form_valid(self, form):
|
|
form.instance.status = 1
|
|
return super(ReportProcessingView, self).form_valid(form)
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class ReportFinalizeView(UpdateView):
|
|
model = Report
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/finalize.html"
|
|
fields = []
|
|
|
|
def form_valid(self, form):
|
|
form.instance.status = 2
|
|
return super(ReportFinalizeView, self).form_valid(form)
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class ReportDeleteView(DeleteView):
|
|
model = Report
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/deletereport.html"
|
|
success_url = reverse_lazy("reports")
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class UserDeleteView(DeleteView):
|
|
model = User
|
|
pk_url_kwarg = "id"
|
|
template_name = "app/backend/deleteuser.html"
|
|
success_url = reverse_lazy("users")
|
|
|
|
@class_view_decorator(login_required)
|
|
class ItemStolenView(UpdateView):
|
|
model = Item
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/stolen.html"
|
|
fields = ["stolen_on", "stolen_at"]
|
|
|
|
def post(self, request, **kwargs):
|
|
request.POST = request.POST.copy()
|
|
request.POST["stolen_on"] = datetime.datetime.strptime(request.POST["stolen_on"], "%d.%m.%Y %H:%M").strftime('%Y-%m-%d %H:%M:%S')
|
|
|
|
return super(ItemStolenView, self).post(request, **kwargs)
|
|
|
|
def form_valid(self, form):
|
|
form.instance.status = 1
|
|
return super(ItemStolenView, self).form_valid(form)
|
|
|
|
def form_invalid(self, form):
|
|
return redirect(reverse_lazy("item", uuid=self.form.instance.uuid))
|
|
|
|
def get_object(self, queryset = None):
|
|
obj = super(ItemStolenView, self).get_object(queryset)
|
|
if self.request.user != obj.owner and not self.request.user.is_superuser:
|
|
raise PermissionDenied()
|
|
return obj
|
|
|
|
@class_view_decorator(login_required)
|
|
class ItemFoundView(UpdateView):
|
|
model = Item
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/found.html"
|
|
fields = []
|
|
|
|
def form_valid(self, form):
|
|
form.instance.stolen_on = None
|
|
form.instance.stolen_at = None
|
|
form.instance.status = 0
|
|
return super(ItemFoundView, self).form_valid(form)
|
|
|
|
def get_object(self, queryset = None):
|
|
obj = super(ItemFoundView, self).get_object(queryset)
|
|
if self.request.user != obj.owner and not self.request.user.is_superuser:
|
|
raise PermissionDenied()
|
|
return obj
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class ItemActivateView(UpdateView):
|
|
model = Item
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/activate.html"
|
|
fields = []
|
|
|
|
def form_valid(self, form):
|
|
form.instance.status = 0
|
|
return super(ItemActivateView, self).form_valid(form)
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class ItemDeleteView(DeleteView):
|
|
model = Item
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/deleteitem.html"
|
|
|
|
def get_object(self, queryset = None):
|
|
obj = super(ItemDeleteView, self).get_object(queryset)
|
|
if not self.request.user.is_superuser:
|
|
raise PermissionDenied()
|
|
return obj
|
|
|
|
@class_view_decorator(login_required)
|
|
class ItemSoldView(UpdateView):
|
|
model = Item
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/sold.html"
|
|
fields = []
|
|
|
|
def get_object(self, queryset = None):
|
|
obj = super(ItemSoldView, self).get_object(queryset)
|
|
if self.request.user != obj.owner and not self.request.user.is_superuser:
|
|
raise PermissionDenied()
|
|
return obj
|
|
|
|
def form_valid(self, form):
|
|
form.instance.status = 2
|
|
return super(ItemSoldView, self).form_valid(form)
|
|
|
|
@class_view_decorator(login_required)
|
|
class ItemTransferView(UpdateView):
|
|
model = Item
|
|
pk_url_kwarg = "uuid"
|
|
template_name = "app/backend/transfer.html"
|
|
fields = []
|
|
|
|
def get(self, request, *args, **kwargs):
|
|
return redirect(reverse_lazy("item", uuid=self.get_object().uuid))
|
|
|
|
def form_valid(self, form):
|
|
try:
|
|
new = User.objects.get(email=form.data["id_email"])
|
|
if new != form.instance.owner:
|
|
form.instance.owner = new
|
|
form.instance.save()
|
|
messages.success(self.request, "Der Gegenstand wurde erfolgreich übertragen und ist ab sofort im Empfängeraccount verfügbar!")
|
|
else:
|
|
messages.info(self.request, "Wieso willst du dir diesen Gegenstand selbst übertragen?")
|
|
return redirect(reverse_lazy("items"))
|
|
except:
|
|
messages.error(self.request, "Diese E-Mail-Adresse wurde in unserem System nicht gefunden! Wenn die Person, an die du den Gegenstand übergeben hast, bereits einen Account besitzt, überprüfe bitte nochmals die E-Mail-Adresse. Ansonsten bitte sie darum, einen Account zu erstellen.")
|
|
return super(ItemTransferView, self).form_valid(form)
|
|
|
|
def get_object(self, queryset = None):
|
|
obj = super(ItemTransferView, self).get_object(queryset)
|
|
if self.request.user != obj.owner and not self.request.user.is_superuser:
|
|
raise PermissionDenied()
|
|
return obj
|
|
|
|
class UserRegisterView(CreateView):
|
|
model = User
|
|
form_class = UserCreationForm
|
|
template_name = "app/backend/register.html"
|
|
success_url = reverse_lazy("userprofile")
|
|
|
|
def form_valid(self, form):
|
|
res = super(UserRegisterView, self).form_valid(form)
|
|
login(self.request, form.instance)
|
|
return res
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class UserCreateView(CreateView):
|
|
model = User
|
|
form_class = UserCreationForm
|
|
template_name = "app/backend/adduser.html"
|
|
|
|
def form_valid(self, form):
|
|
return redirect(reverse_lazy("userprofilebyid", kwargs={"userid": form.instance.id}))
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class UserPromoteView(UpdateView):
|
|
model = User
|
|
pk_url_kwarg = "userid"
|
|
template_name = "app/backend/promote.html"
|
|
fields = []
|
|
|
|
def form_valid(self, form):
|
|
form.instance.is_superuser = True
|
|
return super(UserPromoteView, self).form_valid(form)
|
|
|
|
@class_view_decorator(user_passes_test(is_superuser))
|
|
class UserDemoteView(UpdateView):
|
|
model = User
|
|
pk_url_kwarg = "userid"
|
|
template_name = "app/backend/demote.html"
|
|
fields = []
|
|
|
|
def form_valid(self, form):
|
|
form.instance.is_superuser = False
|
|
return super(UserDemoteView, self).form_valid(form)
|