import logging from django.contrib import messages from django.contrib.auth import authenticate from django.contrib.auth.decorators import login_required from django.shortcuts import redirect from accounts.models import CompanyUser logger = logging.getLogger("account_logger") @login_required def delete_company_user(request, company_user_id): if not company_user_id: logger.warning("Missing user_id in the request.") messages.error(request, "Missing user_id in the request.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Missing user_id.'}, status=400) try: company = request.user.company user_to_remove = CompanyUser.objects.get(id=company_user_id, company=company) if user_to_remove.is_deleted: logger.warning(f"User {user_to_remove.name} is already inactive or deleted.") messages.error(request, "User is already inactive or deleted.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'User is already inactive or deleted.'}, status=400) user_to_remove.is_active = False user_to_remove.is_deleted = True user_to_remove.save() logger.info(f"User {user_to_remove.name} removed successfully from company {company.name}") except CompanyUser.DoesNotExist: logger.error(f"User with id {company_user_id} does not exist or does not belong to company {company.name}.") messages.error(request, "User does not exist or does not belong to this company.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'User does not exist or does not belong to this company.'}, status=404) except Exception as e: logger.error(f"Error removing user: {str(e)}") messages.error(request, "Error removing user.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Error removing user.'}, status=500) messages.error(request, "User deleted successfully.", extra_tags="success") return redirect("/manage_company_user") # return JsonResponse({'success': 'User removed successfully.'}) @login_required def update_company_user(request): if request.method != 'POST': logger.warning(f"Invalid request method: {request.method}") messages.error(request, "Invalid request method.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Invalid request method.'}, status=405) user_id = request.POST.get('user_id') if not user_id: logger.warning("Missing user_id in the request.") messages.error(request, "Missing user_id.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Missing user_id.'}, status=400) try: company = request.user.company try: user = CompanyUser.objects.get(id=user_id, company=company) except Exception as e: print(e) messages.error(request, "User does not exist or does not belong to this company.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'User does not exist or does not belong to this company.'}, status=404) name = request.POST.get('name') email = request.POST.get('email') phone = request.POST.get('phone') role = request.POST.get('role') address = request.POST.get('address') if 'is_active' in request.POST: is_active = request.POST.get('is_active', None) if is_active == "on": user.is_active = True if is_active == "off": user.is_active = False if name: user.name = name if email: if CompanyUser.objects.filter(email=email).exclude(id=user_id).exists(): logger.warning(f"Email already exists: {email}") messages.error(request, "Email already exists.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Email already exists.'}, status=400) user.email = email if phone: if CompanyUser.objects.filter(phone=phone).exclude(id=user_id).exists(): logger.warning(f"Phone number already exists: {phone}") messages.error(request, "Phone number already exists.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Phone number already exists.'}, status=400) user.phone = phone if role: user.role = role.lower() if address: user.address = address user.save() logger.info(f"User {user.name} updated successfully for company {company.name}") except CompanyUser.DoesNotExist: logger.error(f"User with id {user_id} does not exist or does not belong to company {company.name}.") messages.error(request, "User does not exist or does not belong to this company.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'User does not exist or does not belong to this company.'}, status=404) except Exception as e: logger.error(f"Error updating user: {str(e)}") messages.error(request, "Error updating user.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Error updating user.'}, status=500) messages.error(request, "User updated successfully.", extra_tags="success") return redirect("/manage_company_user") # return JsonResponse({'success': 'User updated successfully.'}) @login_required def change_user_password(request): if request.method != 'POST': logger.warning(f"Invalid request method: {request.method}") messages.error(request, "Invalid request method.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Invalid request method.'}, status=405) user_id = request.POST.get('user_id') new_password = request.POST.get('password') confirm_password = request.POST.get('confirm_password') if not new_password== confirm_password: logger.warning("Passwords do not match") messages.error(request, "Passwords do not match", extra_tags="danger") return redirect("/staff_profile/"+str(user_id)) if not user_id or not new_password: logger.warning("Missing user_id or new_password in the request.") messages.error(request, "Missing user_id or new_password.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Missing user_id or new_password.'}, status=400) try: company = request.user.company user = CompanyUser.objects.get(id=user_id, company=company) user.set_password(new_password) user.save() logger.info(f"Password for user {user.name} changed successfully for company {company.name}") except CompanyUser.DoesNotExist: logger.error(f"User with id {user_id} does not exist or does not belong to company {company.name}.") messages.error(request, "User does not exist or does not belong to this company.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'User does not exist or does not belong to this company.'}, status=404) except Exception as e: logger.error(f"Error changing password: {str(e)}") messages.error(request, "Error changing password.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Error changing password.'}, status=500) messages.error(request, "Password changed successfully.", extra_tags="success") return redirect("/manage_company_user") # return JsonResponse({'success': 'Password changed successfully.'}) @login_required def change_user_password_self(request): if request.method != 'POST': logger.warning(f"Invalid request method: {request.method}") messages.error(request, "Invalid request method.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Invalid request method.'}, status=405) user_id = request.POST.get('user_id') new_password = request.POST.get('new_password') confirm_password = request.POST.get('confirm_password') current_password = request.POST.get('current_password') if new_password == confirm_password: if not user_id or not new_password: logger.warning("Missing user_id or new_password in the request.") messages.error(request, "Missing user_id or new_password.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Missing user_id or new_password.'}, status=400) try: company = request.user.company user = CompanyUser.objects.get(id=user_id, company=company) if authenticate(request, email=user.email, password=current_password): user.set_password(new_password) user.save() logger.info(f"Password for user {user.name} changed successfully for company {company.name}") else: messages.error(request, "Current password do not match with database", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Current password do not match with database'}, status=404) except CompanyUser.DoesNotExist: logger.error(f"User with id {user_id} does not exist or does not belong to company {company.name}.") messages.error(request, "User does not exist or does not belong to this company.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'User does not exist or does not belong to this company.'}, status=404) except Exception as e: logger.error(f"Error changing password: {str(e)}") messages.error(request, "Error changing password.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'error': 'Error changing password.'}, status=500) messages.error(request, "Password changed successfully.", extra_tags="success") return redirect("/manage_company_user") # return JsonResponse({'success': 'Password changed successfully.'}) else: messages.error(request, "Passwords do not match.", extra_tags="danger") return redirect("/manage_company_user") # return JsonResponse({'Failed': 'Passwords do not match.'})