recruitment/decorators.py

"""
decorators.py

Custom decorators for permission and manager checks in the application.
"""

from functools import wraps

from django.contrib import messages
from django.http import HttpResponse, HttpResponseRedirect
from django.shortcuts import redirect, render

from employee.models import Employee
from recruitment.models import Recruitment, Stage


def decorator_with_arguments(decorator):
    """
    Decorator that allows decorators to accept arguments and keyword arguments.

    Args:
        decorator (function): The decorator function to be wrapped.

    Returns:
        function: The wrapper function.

    """

    def wrapper(*args, **kwargs):
        """
        Wrapper function that captures the arguments and keyword arguments.

        Args:
            *args: Variable length argument list.
            **kwargs: Arbitrary keyword arguments.

        Returns:
            function: The inner wrapper function.

        """

        def inner_wrapper(func):
            """
            Inner wrapper function that applies the decorator to the function.

            Args:
                func (function): The function to be decorated.

            Returns:
                function: The decorated function.

            """
            return decorator(func, *args, **kwargs)

        return inner_wrapper

    return wrapper


@decorator_with_arguments
def manager_can_enter(function, perm=None, perms=None):
    """
    Decorator that checks if the user has the specified permission(s) or is a manager.

    Args:
        perm (str): A single permission string.
        perms (list): A list of permission strings.

    Returns:
        function: The decorated view.
    """

    def _function(request, *args, **kwargs):
        user = request.user
        employee = Employee.objects.filter(employee_user_id=user).first()

        is_manager = (
            Stage.objects.filter(stage_managers=employee).exists()
            or Recruitment.objects.filter(recruitment_managers=employee).exists()
        )

        # Combine perm and perms into one list to check
        all_perms = []
        if perm:
            all_perms.append(perm)
        if perms:
            all_perms.extend(perms)

        has_required_perm = any(user.has_perm(p) for p in all_perms)

        if has_required_perm or is_manager:
            return function(request, *args, **kwargs)

        messages.info(request, "You don't have permission.")
        previous_url = request.META.get("HTTP_REFERER", "/")

        if request.META.get("HTTP_HX_REQUEST"):
            return render(request, "decorator_404.html")

        return HttpResponse(f'<script>window.location.href = "{previous_url}"</script>')

    return _function


@decorator_with_arguments
def recruitment_manager_can_enter(function, perm):
    """
    Decorator that checks if the user has the specified permission or is a recruitment manager.

    Args:
        perm (str): The permission to check.

    Returns:
        function: The decorated function.

    Raises:
        None

    """

    def _function(request, *args, **kwargs):
        """
        Inner function that performs the permission and manager check.

        Args:
            request (HttpRequest): The request object.
            *args: Variable length argument list.
            **kwargs: Arbitrary keyword arguments.

        Returns:
            HttpResponse: The response from the decorated function.
        """
        user = request.user
        employee = Employee.objects.filter(employee_user_id=user).first()
        is_manager = Recruitment.objects.filter(recruitment_managers=employee).exists()
        if user.has_perm(perm) or is_manager:
            return function(request, *args, **kwargs)
        messages.info(request, "You dont have permission.")
        previous_url = request.META.get("HTTP_REFERER", "/")
        script = f'<script>window.location.href = "{previous_url}"</script>'
        key = "HTTP_HX_REQUEST"
        if key in request.META.keys():
            return render(request, "decorator_404.html")
        return HttpResponse(script)

    return _function


def candidate_login_required(view_func):
    @wraps(view_func)
    def _wrapped_view(request, *args, **kwargs):

        if request.user.has_perm("recruitment.view_candidate"):
            return view_func(request, *args, **kwargs)
        if request.user:
            if request.user.is_authenticated:
                if (
                    request.user.employee_get.stage_set.exists()
                    or request.user.employee_get.recruitment_set.exists()
                ):
                    return view_func(request, *args, **kwargs)

        if "candidate_id" in request.session:
            return view_func(request, *args, **kwargs)
        return redirect("candidate-login")

    return _wrapped_view
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30			`"""`
			`decorators.py`

			`Custom decorators for permission and manager checks in the application.`
			`"""`
Formatting and Cleaning code base (#110) 2024-03-10 19:37:46 +05:30
[UPDT] RECRUITMENT: Candidate self tracking in recruitment 2024-11-29 12:14:44 +05:30			`from functools import wraps`

[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30			`from django.contrib import messages`
[UPDT] GENERAL: Access denied page redirection 2024-02-05 13:59:30 +05:30			`from django.http import HttpResponse, HttpResponseRedirect`
[UPDT] RECRUITMENT: Candidate self tracking in recruitment 2024-11-29 12:14:44 +05:30			`from django.shortcuts import redirect, render`
Added Pre-Commit Hooks (#175) * Added pre commit hook * Run pre commit hook on all files --------- Co-authored-by: Horilla <131998600+horilla-opensource@users.noreply.github.com> 2024-05-07 12:23:36 +05:30
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30			`from employee.models import Employee`
			`from recruitment.models import Recruitment, Stage`


			`def decorator_with_arguments(decorator):`
			`"""`
			`Decorator that allows decorators to accept arguments and keyword arguments.`

			`Args:`
			`decorator (function): The decorator function to be wrapped.`

			`Returns:`
			`function: The wrapper function.`

			`"""`

			`def wrapper(args, *kwargs):`
			`"""`
			`Wrapper function that captures the arguments and keyword arguments.`

			`Args:`
			`*args: Variable length argument list.`
			`**kwargs: Arbitrary keyword arguments.`

			`Returns:`
			`function: The inner wrapper function.`

			`"""`

			`def inner_wrapper(func):`
			`"""`
			`Inner wrapper function that applies the decorator to the function.`

			`Args:`
			`func (function): The function to be decorated.`

			`Returns:`
			`function: The decorated function.`

			`"""`
			`return decorator(func, args, *kwargs)`

			`return inner_wrapper`

			`return wrapper`

[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30
			`@decorator_with_arguments`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30			`def manager_can_enter(function, perm=None, perms=None):`
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30			`"""`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30			`Decorator that checks if the user has the specified permission(s) or is a manager.`
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30
			`Args:`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30			`perm (str): A single permission string.`
			`perms (list): A list of permission strings.`
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30
			`Returns:`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30			`function: The decorated view.`
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30			`"""`
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30			`def _function(request, args, *kwargs):`
			`user = request.user`
			`employee = Employee.objects.filter(employee_user_id=user).first()`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30			`is_manager = (`
			`Stage.objects.filter(stage_managers=employee).exists()`
			`or Recruitment.objects.filter(recruitment_managers=employee).exists()`
			`)`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30
			`# Combine perm and perms into one list to check`
			`all_perms = []`
			`if perm:`
			`all_perms.append(perm)`
			`if perms:`
			`all_perms.extend(perms)`

			`has_required_perm = any(user.has_perm(p) for p in all_perms)`

			`if has_required_perm or is_manager:`
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30			`return function(request, args, *kwargs)`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30
			`messages.info(request, "You don't have permission.")`
[UPDT] GENERAL: Access denied page redirection 2024-02-05 13:59:30 +05:30			`previous_url = request.META.get("HTTP_REFERER", "/")`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30
			`if request.META.get("HTTP_HX_REQUEST"):`
Formatting and Cleaning code base (#110) 2024-03-10 19:37:46 +05:30			`return render(request, "decorator_404.html")`
[FIX] ONBOARDING: #808 2025-07-07 14:19:54 +05:30
			`return HttpResponse(f'<script>window.location.href = "{previous_url}"</script>')`
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30			`return _function`
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30

			`@decorator_with_arguments`
			`def recruitment_manager_can_enter(function, perm):`
			`"""`
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30			`Decorator that checks if the user has the specified permission or is a recruitment manager.`

			`Args:`
			`perm (str): The permission to check.`

			`Returns:`
			`function: The decorated function.`

			`Raises:`
			`None`

[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30			`"""`
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30			`def _function(request, args, *kwargs):`
[UPDT]summer note in recruitment (#9) * [UPDT]candidate update stage * [FIX]typo in notification - email sent * [UPDT]recruitment updates * [UPDT]onboarding updates * [UPDT]attendance updates * [UPDT]employee updates * [UPDT]updated static files for summernote --------- Co-authored-by: NIKHIL RAVI <nikhil.ravi10@gmail.com> 2023-06-06 12:27:41 +05:30			`"""`
			`Inner function that performs the permission and manager check.`

			`Args:`
			`request (HttpRequest): The request object.`
			`*args: Variable length argument list.`
			`**kwargs: Arbitrary keyword arguments.`

			`Returns:`
			`HttpResponse: The response from the decorated function.`
			`"""`
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30			`user = request.user`
			`employee = Employee.objects.filter(employee_user_id=user).first()`
			`is_manager = Recruitment.objects.filter(recruitment_managers=employee).exists()`
			`if user.has_perm(perm) or is_manager:`
			`return function(request, args, *kwargs)`
[UPDT] GENERAL: Access denied page redirection 2024-02-05 13:59:30 +05:30			`messages.info(request, "You dont have permission.")`
			`previous_url = request.META.get("HTTP_REFERER", "/")`
			`script = f'<script>window.location.href = "{previous_url}"</script>'`
			`key = "HTTP_HX_REQUEST"`
			`if key in request.META.keys():`
Formatting and Cleaning code base (#110) 2024-03-10 19:37:46 +05:30			`return render(request, "decorator_404.html")`
[UPDT] GENERAL: Access denied page redirection 2024-02-05 13:59:30 +05:30			`return HttpResponse(script)`
[INITIAL COMMIT] 2023-05-10 15:06:57 +05:30
			`return _function`
[UPDT] RECRUITMENT: Candidate self tracking in recruitment 2024-11-29 12:14:44 +05:30

			`def candidate_login_required(view_func):`
			`@wraps(view_func)`
			`def _wrapped_view(request, args, *kwargs):`

			`if request.user.has_perm("recruitment.view_candidate"):`
			`return view_func(request, args, *kwargs)`
[FIX] RECRUITMENT: Fixed candidate login page displaying on document tab 2024-12-03 14:03:56 +05:30			`if request.user:`
[FIX] RECRUITMENT: Fixed the self tracking login issue 2025-01-14 16:09:57 +05:30			`if request.user.is_authenticated:`
			`if (`
			`request.user.employee_get.stage_set.exists()`
			`or request.user.employee_get.recruitment_set.exists()`
			`):`
			`return view_func(request, args, *kwargs)`
[UPDT] RECRUITMENT: Candidate self tracking in recruitment 2024-11-29 12:14:44 +05:30
			`if "candidate_id" in request.session:`
			`return view_func(request, args, *kwargs)`
			`return redirect("candidate-login")`

			`return _wrapped_view`