Added Cambios Permisos y Modulos
This commit is contained in:
fjrodriguez
303
IMMEX/views.py
303
IMMEX/views.py
@@ -6,10 +6,16 @@ from django.core.mail import send_mail
|
||||
from django.views.generic.edit import CreateView
|
||||
from django.views.generic.list import ListView
|
||||
from django.contrib import messages
|
||||
from django.db.models import Case, When, Value, BooleanField
|
||||
|
||||
from django.contrib.auth.models import Permission, User
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.contrib.auth import login
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
|
||||
from django.utils import timezone
|
||||
|
||||
# Imports de Django REST framework
|
||||
from rest_framework import viewsets
|
||||
from rest_framework.authentication import TokenAuthentication, BasicAuthentication
|
||||
|
||||
from rest_framework.views import APIView
|
||||
@@ -19,23 +25,32 @@ from rest_framework.response import Response
|
||||
from rest_framework import status
|
||||
from rest_framework.permissions import IsAuthenticated
|
||||
from rest_framework.pagination import PageNumberPagination
|
||||
from rest_framework import generics
|
||||
from rest_framework import generics
|
||||
|
||||
|
||||
# Imports de allauth
|
||||
from allauth.account.models import EmailConfirmation, EmailAddress
|
||||
from allauth.account.forms import SignupForm
|
||||
|
||||
# Imports de tus modelos y serializadores
|
||||
from .models import Sistemas_por_cliente_A24, ClientesA24, DeviceA24
|
||||
from .permissions import ActiveTokenSessionPerm, TokenCheckSession
|
||||
from .models import Sistemas_por_cliente_A24, ClientesA24, DeviceA24, ActiveTokenSession, Modulo
|
||||
from Sistemas.models import Sistema, BitacoraErrores
|
||||
from Sistemas.permissions import ItsAdminToken, HasAuthorizationHeader, CheckPermiso
|
||||
from .forms import ClienteForm_IMMEX
|
||||
from .serializers import ClientesA24Serailizer, SerialiazerA24, SignupSerializer, Sistema_Serializer, Sistema_Por_Cliente_Serializer
|
||||
from .serializers import (ClientesA24Serailizer, SerialiazerA24, SignupSerializer,
|
||||
Sistema_Serializer, Sistema_Por_Cliente_Serializer,
|
||||
DeviceA24_admin_Serialiazer, CustomPermissionSerializer,
|
||||
ModulosSerializer
|
||||
)
|
||||
|
||||
|
||||
# Otras bibliotecas y módulos
|
||||
import urllib.parse
|
||||
import traceback
|
||||
import json
|
||||
from io import StringIO
|
||||
import csv
|
||||
|
||||
class Sistemas_xCliente_IMMEX_ListView(UserPassesTestMixin,LoginRequiredMixin, ListView):
|
||||
model = Sistemas_por_cliente_A24
|
||||
@@ -85,11 +100,35 @@ class ClientesIMMEX_CreateView(CreateView):
|
||||
else:
|
||||
return response
|
||||
|
||||
|
||||
|
||||
"""---------API VIEWS---------"""
|
||||
|
||||
class ChecarPermisos(APIView):
|
||||
authentication_classes = [TokenAuthentication]
|
||||
permission_classes = [IsAuthenticated, HasAuthorizationHeader, TokenCheckSession]
|
||||
def get(self,request):
|
||||
if 'Response-Type' not in request.headers:
|
||||
Response({"ACCESO":"OK"})
|
||||
else:
|
||||
ct= request.headers['Response-Type']
|
||||
response = Response("ACCESS:OK", content_type=ct)
|
||||
return response
|
||||
|
||||
class LoginIMMEX(APIView):
|
||||
authentication_classes = [TokenAuthentication]
|
||||
permission_classes = [IsAuthenticated, HasAuthorizationHeader]
|
||||
permission_classes = [IsAuthenticated, HasAuthorizationHeader, ActiveTokenSessionPerm]
|
||||
|
||||
def get(self,request):
|
||||
if 'Response-Type' not in request.headers:
|
||||
return Response({'username':request.user.username})
|
||||
else:
|
||||
|
||||
print(request.headers['Response-Type'])
|
||||
ct= request.headers['Response-Type']
|
||||
response = Response("ACCESS:OK", content_type=ct)
|
||||
return response
|
||||
|
||||
def post(self, request):
|
||||
try:
|
||||
username = request.data.get('username')
|
||||
@@ -119,7 +158,8 @@ class LoginIMMEX(APIView):
|
||||
|
||||
|
||||
class RegistroUsuarios(APIView):
|
||||
permission_classes = [ItsAdminToken]
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[IsAuthenticated,ItsAdminToken]
|
||||
|
||||
def post(self,request, *args, **kwargs):
|
||||
try:
|
||||
@@ -156,7 +196,9 @@ class RegistroUsuarios(APIView):
|
||||
)
|
||||
class Check_IMMEX_RFC(APIView):
|
||||
"""Verifica que el cliente pueda Timbrar"""
|
||||
permission_classes = [IsAuthenticated,ItsAdminToken]
|
||||
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[IsAuthenticated]
|
||||
|
||||
def post(self,request,*args, **kwargs):
|
||||
rfc= request.data.get('RFC')
|
||||
@@ -174,6 +216,8 @@ class Check_IMMEX_RFC(APIView):
|
||||
except Exception as E:
|
||||
return Response({'Error':f'check_RFC:{E} RFC:{rfc}','isError':True})
|
||||
|
||||
|
||||
|
||||
class RegisterIMMEX_Device_APIView(APIView):
|
||||
"""Register IMMEX Devices
|
||||
se manda el siguiente JSON
|
||||
@@ -189,34 +233,32 @@ class RegisterIMMEX_Device_APIView(APIView):
|
||||
este es un ejemplo, el clienteA24 y sistema deben ser nombres validos para
|
||||
sus tablas en IMMEX, es decir deben estar dados de alta en AS Admin en IMMEX
|
||||
"""
|
||||
permissions_classes=[IsAuthenticated, ItsAdminToken]
|
||||
#authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
#permission_classes=[ItsAdminToken]
|
||||
def post(self,request):
|
||||
try:
|
||||
serializer = SerialiazerA24(data=request.data, context={'request':request})
|
||||
if serializer.is_valid():
|
||||
instance =serializer.save()
|
||||
token = instance.token.key
|
||||
return Response({'token':token}, status=status.HTTP_201_CREATED)
|
||||
if 'Response-Type' not in request.headers:
|
||||
|
||||
return Response({'token':token}, status=status.HTTP_201_CREATED)
|
||||
else:
|
||||
response = Response(instance.token.key, content_type='text/plain')
|
||||
return response
|
||||
else:
|
||||
return Response({'Error':f'{serializer.errors}','isError':True}, status=status.HTTP_200_OK)
|
||||
|
||||
except Exception as ex:
|
||||
data_json = json.dumps(request.data)
|
||||
|
||||
traceback_info = f'{data_json}\n{traceback.format_exc()}'
|
||||
|
||||
BitacoraErrores.objects.create(level=2, message=str(ex), traceback=traceback_info,
|
||||
view='IMMEX.RegisterIMMEX_Device_APIView')
|
||||
return Response({'Error':f'{ex}','isError':True}, status=status.HTTP_200_OK)
|
||||
|
||||
|
||||
class Sistemas_IMMEX_List_APIView(APIView):
|
||||
def get(self, request):
|
||||
sistemas = Sistema.objects.all()
|
||||
serializer = Sistema_Serializer(sistemas,many=True)
|
||||
return Response(serializer.data, status=status.HTTP_200_OK)
|
||||
|
||||
|
||||
class Sistema_por_cliente_APIView(APIView):
|
||||
def get(self, request):
|
||||
nombre_sistema = request.query_params.get('nombre_sistema')
|
||||
cliente_rfc = request.query_params.get('cliente_rfc')
|
||||
@@ -224,7 +266,7 @@ class Sistema_por_cliente_APIView(APIView):
|
||||
MAC = request.query_params.get('MAC')
|
||||
|
||||
sistemas_por_cliente = Sistemas_por_cliente_A24.objects.all()
|
||||
|
||||
|
||||
if nombre_sistema:
|
||||
sistemas_por_cliente = sistemas_por_cliente.filter(id_sistema__nombre_sistema=nombre_sistema)
|
||||
|
||||
@@ -232,7 +274,71 @@ class Sistema_por_cliente_APIView(APIView):
|
||||
sistemas_por_cliente = sistemas_por_cliente.filter(cliente__RFC=cliente_rfc)
|
||||
|
||||
dispositivos = DeviceA24.objects.filter(sistema__nombre_sistema=nombre_sistema, clienteA24__RFC=cliente_rfc)
|
||||
print('dispositivos:',dispositivos)
|
||||
serializer = Sistema_Por_Cliente_Serializer(sistemas_por_cliente, many=True,
|
||||
context={'request': request})
|
||||
data=serializer.data
|
||||
for item in data:
|
||||
del item['id_sistema']
|
||||
del item['cliente']
|
||||
if 'Response-Type' not in request.headers:
|
||||
|
||||
return Response(data, status=status.HTTP_200_OK)
|
||||
else:
|
||||
print(request.headers['Response-Type'])
|
||||
csv_buffer = StringIO()
|
||||
|
||||
writer = csv.DictWriter(csv_buffer, fieldnames=serializer.child.fields.keys())
|
||||
|
||||
# Escribe los encabezados del CSV
|
||||
#writer.writeheader()
|
||||
|
||||
# Escribe los datos en el CSV
|
||||
for row in data:
|
||||
|
||||
writer.writerow(row)
|
||||
|
||||
# Coloca el puntero del archivo al principio del archivo
|
||||
csv_buffer.seek(0)
|
||||
|
||||
# Lee la cadena CSV desde el objeto StringIO y devuelve como respuesta HTTP
|
||||
csv_data = csv_buffer.getvalue()
|
||||
print(csv_data)
|
||||
csv_data = csv_data.replace("\r\n", "")
|
||||
response = Response(csv_data, content_type='text/csv')
|
||||
return response
|
||||
|
||||
class Sistemas_IMMEX_List_APIView(APIView):
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[IsAuthenticated]
|
||||
|
||||
def get(self, request):
|
||||
sistemas = Sistema.objects.all()
|
||||
serializer = Sistema_Serializer(sistemas,many=True)
|
||||
return Response(serializer.data, status=status.HTTP_200_OK)
|
||||
|
||||
|
||||
class Sistema_por_cliente_APIView(APIView):
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[IsAuthenticated]
|
||||
|
||||
|
||||
def get(self, request):
|
||||
nombre_sistema = request.query_params.get('nombre_sistema')
|
||||
cliente_rfc = request.query_params.get('cliente_rfc')
|
||||
db = request.query_params.get('db')
|
||||
MAC = request.query_params.get('MAC')
|
||||
|
||||
sistemas_por_cliente = Sistemas_por_cliente_A24.objects.all()
|
||||
|
||||
if nombre_sistema:
|
||||
sistemas_por_cliente = sistemas_por_cliente.filter(id_sistema__nombre_sistema=nombre_sistema)
|
||||
|
||||
if cliente_rfc:
|
||||
sistemas_por_cliente = sistemas_por_cliente.filter(cliente__RFC=cliente_rfc)
|
||||
|
||||
dispositivos = DeviceA24.objects.filter(sistema__nombre_sistema=nombre_sistema, clienteA24__RFC=cliente_rfc)
|
||||
|
||||
serializer = Sistema_Por_Cliente_Serializer(sistemas_por_cliente, many=True,
|
||||
context={'request': request})
|
||||
data=serializer.data
|
||||
@@ -240,7 +346,8 @@ class Sistema_por_cliente_APIView(APIView):
|
||||
del item['id_sistema']
|
||||
del item['cliente']
|
||||
return Response(serializer.data, status=status.HTTP_200_OK)
|
||||
|
||||
|
||||
|
||||
def post(self, request):
|
||||
try:
|
||||
context = {
|
||||
@@ -258,22 +365,20 @@ class Sistema_por_cliente_APIView(APIView):
|
||||
data_json = json.dumps(request.data)
|
||||
traceback_info = f'{data_json}\n{traceback.format_exc()}'
|
||||
|
||||
BitacoraErrores.objects.create(level=2, message=str(ex), traceback=traceback_info,
|
||||
BitacoraErrores.objects.create(level=2, message=str(ex), traceback=traceback_info, \
|
||||
view='IMMEX.Sistema_por_cliente_APIView')
|
||||
return Response({'Error':f'{ex}','isError':True}, status=status.HTTP_200_OK)
|
||||
|
||||
|
||||
return Response({'Error':f'{ex}','isError':True}, status=status.HTTP_200_OK)
|
||||
|
||||
#CRUD Clientes IMMEX
|
||||
class MyPage(PageNumberPagination):
|
||||
page_size = 100
|
||||
page_size =1
|
||||
page_size_query_param = 'page_size'
|
||||
max_page_size = 100
|
||||
max_page_size = 1
|
||||
|
||||
|
||||
class ClientesA24List(generics.ListCreateAPIView):
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[IsAuthenticated,CheckPermiso]
|
||||
permission_classes=[ItsAdminToken]
|
||||
|
||||
|
||||
|
||||
@@ -302,8 +407,8 @@ class ClientesA24List(generics.ListCreateAPIView):
|
||||
|
||||
|
||||
class ClientesA24Detail(APIView):
|
||||
authentication_classes = [TokenAuthentication]
|
||||
permission_classes = [IsAuthenticated, HasAuthorizationHeader]
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[ ItsAdminToken]
|
||||
|
||||
def get_object(self, pk):
|
||||
try:
|
||||
@@ -334,3 +439,145 @@ class ClientesA24Detail(APIView):
|
||||
cliente.delete()
|
||||
return Response({"pk":pk},status=status.HTTP_200_OK)
|
||||
|
||||
#-----ADMIN AREA
|
||||
class DeviceA24List(generics.ListCreateAPIView):
|
||||
#queryset = DeviceA24.objects.all()
|
||||
serializer_class = DeviceA24_admin_Serialiazer
|
||||
pagination_class = MyPage
|
||||
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[ ItsAdminToken]
|
||||
def get_queryset(self):
|
||||
queryset = DeviceA24.objects.all()
|
||||
# Filtrar por clienteA24 si se proporciona como parámetro de consulta
|
||||
clienteA24 = self.request.query_params.get('clienteA24')
|
||||
|
||||
|
||||
|
||||
if clienteA24:
|
||||
queryset = queryset.filter(clienteA24__RFC__icontains=clienteA24)
|
||||
|
||||
# # Aplicar ordenación si se proporciona como parámetro de consulta
|
||||
# ordering = self.request.query_params.get('ordering')
|
||||
|
||||
# if ordering:
|
||||
# queryset = queryset.order_by(ordering)
|
||||
|
||||
return queryset
|
||||
|
||||
class DeviceA24Detail(generics.RetrieveUpdateDestroyAPIView):
|
||||
queryset = DeviceA24.objects.all()
|
||||
serializer_class = DeviceA24_admin_Serialiazer
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[ ItsAdminToken]
|
||||
|
||||
# Método para recuperar un registro
|
||||
def retrieve(self, request, *args, **kwargs):
|
||||
instance = self.get_object()
|
||||
serializer = self.get_serializer(instance)
|
||||
return Response(serializer.data)
|
||||
|
||||
# Método para actualizar un registro
|
||||
def update(self, request, *args, **kwargs):
|
||||
instance = self.get_object()
|
||||
serializer = self.get_serializer(instance, data=request.data)
|
||||
serializer.is_valid(raise_exception=True)
|
||||
serializer.save()
|
||||
return Response(serializer.data)
|
||||
|
||||
# Método para eliminar un registro
|
||||
def destroy(self, request, *args, **kwargs):
|
||||
instance = self.get_object()
|
||||
instance.delete()
|
||||
return Response(status=204)
|
||||
|
||||
# Método para listar registros (opcional, dependiendo de tus necesidades)
|
||||
def list(self, request, *args, **kwargs):
|
||||
queryset = self.get_queryset()
|
||||
serializer = self.get_serializer(queryset, many=True)
|
||||
return Response(serializer.data)
|
||||
|
||||
class PermissionListCreateAPIView(viewsets.ModelViewSet):
|
||||
queryset = Permission.objects.all()
|
||||
# Asegúrate de tener un serializer adecuado
|
||||
serializer_class = CustomPermissionSerializer
|
||||
|
||||
authentication_classes = (BasicAuthentication, TokenAuthentication, )
|
||||
permission_classes=[ ItsAdminToken]
|
||||
|
||||
|
||||
def get_queryset(self):
|
||||
app_label = self.request.query_params.get('app_label')
|
||||
user_id = self.request.query_params.get('user_id')
|
||||
|
||||
queryset = Permission.objects.all()
|
||||
|
||||
if app_label:
|
||||
content_types = ContentType.objects.filter(app_label=app_label)
|
||||
queryset = queryset.filter(content_type__in=content_types)
|
||||
|
||||
if user_id:
|
||||
param_user = User.objects.get(id=user_id)
|
||||
# Anotamos los permisos con True si el usuario los tiene, False en caso contrario
|
||||
queryset = queryset.annotate(
|
||||
activo=Case(
|
||||
When(user=param_user, then=Value(True)),
|
||||
default=Value(False),
|
||||
output_field=BooleanField()
|
||||
)
|
||||
)
|
||||
|
||||
return queryset
|
||||
|
||||
|
||||
def list(self, request, *args, **kwargs):
|
||||
|
||||
# Obtén la lista de permisos
|
||||
queryset = self.get_queryset()
|
||||
serializer = self.get_serializer(queryset, many=True)
|
||||
|
||||
# Agrega datos personalizados a la respuesta
|
||||
data = {
|
||||
"status": "success",
|
||||
"message": "Lista de permisos recuperada exitosamente",
|
||||
"data": serializer.data
|
||||
}
|
||||
|
||||
return Response(data, status=status.HTTP_200_OK)
|
||||
|
||||
def create(self, request, *args, **kwargs):
|
||||
# Obtén el ID del usuario del JSON de la solicitud
|
||||
user_id = request.data.get('user_id')
|
||||
|
||||
try:
|
||||
# Recupera el usuario por su ID
|
||||
user = User.objects.get(id=user_id)
|
||||
|
||||
# Obtén la lista de permisos del JSON de la solicitud
|
||||
permissions_data = request.data.get('permissions', [])
|
||||
|
||||
for perm_data in permissions_data:
|
||||
# Recupera el ID del permiso de cada objeto en la lista
|
||||
permission_id = perm_data.get('id')
|
||||
print(permission_id)
|
||||
try:
|
||||
# Recupera el permiso por su ID
|
||||
permission = Permission.objects.get(id=permission_id)
|
||||
|
||||
# Asigna el permiso al usuario
|
||||
user.user_permissions.add(permission)
|
||||
except Permission.DoesNotExist:
|
||||
return Response({"error": f"El permiso con ID {permission_id} no existe"}, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
return Response({"message": "Permisos asignados correctamente al usuario"}, status=status.HTTP_201_CREATED)
|
||||
except User.DoesNotExist:
|
||||
return Response({"error": "El usuario no existe"}, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
class ModulosListCreateAPIView(viewsets.ModelViewSet):
|
||||
queryset = Modulo.objects.all()
|
||||
pagination_class = MyPage
|
||||
serializer_class = ModulosSerializer
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = Modulo.objects.all()
|
||||
return queryset
|
||||
Reference in New Issue
Block a user