From 5c126892eab7559b7a8f55d8c4af5244a166277d Mon Sep 17 00:00:00 2001 From: Horilla Date: Fri, 18 Oct 2024 09:16:31 +0530 Subject: [PATCH] [FIX] HORILLA API: Changed the action type api workflow from base to employee module --- horilla_api/api_methods/employee/methods.py | 6 -- .../api_serializers/base/serializers.py | 11 --- .../api_serializers/employee/serializers.py | 7 ++ horilla_api/api_urls/base/urls.py | 11 +-- horilla_api/api_urls/employee/urls.py | 10 ++ horilla_api/api_views/base/views.py | 59 +++-------- horilla_api/api_views/employee/views.py | 98 ++++++++++++++++++- 7 files changed, 126 insertions(+), 76 deletions(-) diff --git a/horilla_api/api_methods/employee/methods.py b/horilla_api/api_methods/employee/methods.py index 503e8687a..10fdcdfa4 100644 --- a/horilla_api/api_methods/employee/methods.py +++ b/horilla_api/api_methods/employee/methods.py @@ -1,12 +1,7 @@ import re -from django.http import QueryDict -from responses import logger -from rest_framework.pagination import PageNumberPagination - from base.models import * from employee.models import * -from employee.models import Employee def get_next_badge_id(): @@ -54,6 +49,5 @@ def get_next_badge_id(): prefix.insert(0, str(item)) prefix = "".join(prefix) except Exception as e: - logger.exception(e) prefix = get_initial_prefix(None)["get_initial_prefix"] return prefix diff --git a/horilla_api/api_serializers/base/serializers.py b/horilla_api/api_serializers/base/serializers.py index 54ce1939a..8f6fbcd4c 100644 --- a/horilla_api/api_serializers/base/serializers.py +++ b/horilla_api/api_serializers/base/serializers.py @@ -1,11 +1,7 @@ import datetime -from datetime import date, timezone -import django from django.core.exceptions import ValidationError as DjangoValidationError -from django.http import QueryDict from rest_framework import serializers -from rest_framework.serializers import ValidationError from base.models import ( Company, @@ -23,7 +19,6 @@ from base.models import ( WorkType, WorkTypeRequest, ) -from employee.models import Actiontype, Employee from horilla import horilla_middlewares @@ -446,9 +441,3 @@ class ShiftRequestSerializer(serializers.ModelSerializer): class Meta: model = ShiftRequest fields = "__all__" - - -class ActiontypeSerializer(serializers.ModelSerializer): - class Meta: - model = Actiontype - fields = ["id", "title", "action_type"] diff --git a/horilla_api/api_serializers/employee/serializers.py b/horilla_api/api_serializers/employee/serializers.py index 75a5d4cb1..68d1554d1 100644 --- a/horilla_api/api_serializers/employee/serializers.py +++ b/horilla_api/api_serializers/employee/serializers.py @@ -2,6 +2,7 @@ from rest_framework import serializers from base.models import Department, EmployeeType, JobPosition from employee.models import ( + Actiontype, DisciplinaryAction, Employee, EmployeeBankDetails, @@ -13,6 +14,12 @@ from horilla_documents.models import Document, DocumentRequest from ...api_methods.employee.methods import get_next_badge_id +class ActiontypeSerializer(serializers.ModelSerializer): + class Meta: + model = Actiontype + fields = ["id", "title", "action_type"] + + class EmployeeListSerializer(serializers.ModelSerializer): job_position_name = serializers.CharField( source="employee_work_info.job_position_id.job_position", read_only=True diff --git a/horilla_api/api_urls/base/urls.py b/horilla_api/api_urls/base/urls.py index 126bb11d8..89435a43d 100644 --- a/horilla_api/api_urls/base/urls.py +++ b/horilla_api/api_urls/base/urls.py @@ -223,16 +223,6 @@ urlpatterns = [ views.RotatingShiftAssignBulkDelete.as_view(), name="rotating-shift-assigns-bulk-delete", ), - path( - "disciplinary-action-type/", - views.ActiontypeView.as_view(), - name="disciplinary-action-type", - ), - path( - "disciplinary-action-type//", - views.ActiontypeView.as_view(), - name="disciplinary-action-type", - ), path( "rotating-worktype-create-permission-check/", views.RotatingWorKTypePermissionCheck.as_view(), @@ -258,4 +248,5 @@ urlpatterns = [ views.EmployeeTabPermissionCheck.as_view(), name="rotating-shift-create-permission-check", ), + path("check-user-level", views.CheckUserLevel.as_view(), name="check-user-level"), ] diff --git a/horilla_api/api_urls/employee/urls.py b/horilla_api/api_urls/employee/urls.py index 6c050f6da..c5d915a2c 100644 --- a/horilla_api/api_urls/employee/urls.py +++ b/horilla_api/api_urls/employee/urls.py @@ -56,6 +56,16 @@ urlpatterns = [ views.DisciplinaryActionAPIView.as_view(), name="disciplinary-action-detail", ), + path( + "disciplinary-action-type/", + views.ActiontypeView.as_view(), + name="disciplinary-action-type", + ), + path( + "disciplinary-action-type//", + views.ActiontypeView.as_view(), + name="disciplinary-action-type", + ), path("policies/", views.PolicyAPIView.as_view(), name="policy-list"), path("policies//", views.PolicyAPIView.as_view(), name="policy-detail"), path( diff --git a/horilla_api/api_views/base/views.py b/horilla_api/api_views/base/views.py index b3a30c90e..ea522cd77 100644 --- a/horilla_api/api_views/base/views.py +++ b/horilla_api/api_views/base/views.py @@ -44,7 +44,6 @@ from ...api_decorators.base.decorators import ( ) from ...api_methods.base.methods import groupby_queryset, permission_based_queryset from ...api_serializers.base.serializers import ( - ActiontypeSerializer, CompanySerializer, DepartmentSerializer, EmployeeShiftScheduleSerializer, @@ -1203,48 +1202,6 @@ class RotatingShiftAssignBulkDelete(APIView): return Response({"error": str(E)}, status=400) -class ActiontypeView(APIView): - serializer_class = ActiontypeSerializer - permission_classes = [IsAuthenticated] - - def get(self, request, pk=None): - if pk: - action_type = object_check(Actiontype, pk) - if action_type is None: - return Response({"error": "Actiontype not found"}, status=404) - serializer = self.serializer_class(action_type) - return Response(serializer.data, status=200) - action_types = Actiontype.objects.all() - paginater = PageNumberPagination() - page = paginater.paginate_queryset(action_types, request) - serializer = self.serializer_class(page, many=True) - return paginater.get_paginated_response(serializer.data) - - def post(self, request): - serializer = self.serializer_class(data=request.data) - if serializer.is_valid(): - serializer.save() - return Response(serializer.data, status=201) - return Response(serializer.errors, status=400) - - def put(self, request, pk): - action_type = object_check(Actiontype, pk) - if action_type is None: - return Response({"error": "Actiontype not found"}, status=404) - serializer = self.serializer_class(action_type, data=request.data) - if serializer.is_valid(): - serializer.save() - return Response(serializer.data, status=200) - return Response(serializer.errors, status=400) - - def delete(self, request, pk): - action_type = object_check(Actiontype, pk) - if action_type is None: - return Response({"error": "Actiontype not found"}, status=404) - response, status_code = object_delete(Actiontype, pk) - return Response(response, status=status_code) - - class RotatingWorKTypePermissionCheck(APIView): permission_classes = [IsAuthenticated] @@ -1275,7 +1232,7 @@ class WorktypeRequestApprovePermissionCheck(APIView): permission_classes = [IsAuthenticated] def get(self, request): - instance = request.user.employee_get + instance = Employee.objects.filter(id=request.GET.get("employee_id")).first() if ( _is_reportingmanger(request, instance) or request.user.has_perm("approve_shiftrequest") @@ -1289,7 +1246,7 @@ class ShiftRequestApprovePermissionCheck(APIView): permission_classes = [IsAuthenticated] def get(self, request): - instance = request.user.employee_get + instance = Employee.objects.filter(id=request.GET.get("employee_id")).first() if ( _is_reportingmanger(request, instance) or request.user.has_perm("approve_shiftrequest") @@ -1307,10 +1264,20 @@ class EmployeeTabPermissionCheck(APIView): instance = Employee.objects.filter(id=request.GET.get("employee_id")).first() if _is_reportingmanger(request, instance) or request.user.has_perms( [ - "attendance.view_worktyperequest", + "view.view_worktyperequest", "attendance.view_shiftrequest", "employee.change_employee", ] ): return Response(status=200) return Response({"message": "No permission"}, status=400) + + +class CheckUserLevel(APIView): + def get(self, request): + perm = request.GET.get("perm") + instance = Employee.objects.filter(id=request.GET.get("employee_id")).first() + if _is_reportingmanger(request, instance) or request.user.has_perm(perm): + + return Response(status=200) + return Response({"error": "No permission"}, status=400) diff --git a/horilla_api/api_views/employee/views.py b/horilla_api/api_views/employee/views.py index 796b33136..83cc0ab0c 100644 --- a/horilla_api/api_views/employee/views.py +++ b/horilla_api/api_views/employee/views.py @@ -14,6 +14,7 @@ from employee.filters import ( EmployeeFilter, ) from employee.models import ( + Actiontype, DisciplinaryAction, Employee, EmployeeBankDetails, @@ -35,6 +36,7 @@ from ...api_decorators.base.decorators import ( from ...api_decorators.employee.decorators import or_condition from ...api_methods.base.methods import groupby_queryset, permission_based_queryset from ...api_serializers.employee.serializers import ( + ActiontypeSerializer, DisciplinaryActionSerializer, DocumentRequestSerializer, DocumentSerializer, @@ -48,6 +50,22 @@ from ...api_serializers.employee.serializers import ( ) +def object_check(cls, pk): + try: + obj = cls.objects.get(id=pk) + return obj + except cls.DoesNotExist: + return None + + +def object_delete(cls, pk): + try: + cls.objects.get(id=pk).delete() + return "", 200 + except Exception as e: + return {"error": str(e)}, 400 + + class EmployeeTypeAPIView(APIView): """ Retrieves employee types. @@ -404,6 +422,48 @@ class EmployeeBulkUpdateView(APIView): return Response({"status": "success"}, status=200) +class ActiontypeView(APIView): + serializer_class = ActiontypeSerializer + permission_classes = [IsAuthenticated] + + def get(self, request, pk=None): + if pk: + action_type = object_check(Actiontype, pk) + if action_type is None: + return Response({"error": "Actiontype not found"}, status=404) + serializer = self.serializer_class(action_type) + return Response(serializer.data, status=200) + action_types = Actiontype.objects.all() + paginater = PageNumberPagination() + page = paginater.paginate_queryset(action_types, request) + serializer = self.serializer_class(page, many=True) + return paginater.get_paginated_response(serializer.data) + + def post(self, request): + serializer = self.serializer_class(data=request.data) + if serializer.is_valid(): + serializer.save() + return Response(serializer.data, status=201) + return Response(serializer.errors, status=400) + + def put(self, request, pk): + action_type = object_check(Actiontype, pk) + if action_type is None: + return Response({"error": "Actiontype not found"}, status=404) + serializer = self.serializer_class(action_type, data=request.data) + if serializer.is_valid(): + serializer.save() + return Response(serializer.data, status=200) + return Response(serializer.errors, status=400) + + def delete(self, request, pk): + action_type = object_check(Actiontype, pk) + if action_type is None: + return Response({"error": "Actiontype not found"}, status=404) + response, status_code = object_delete(Actiontype, pk) + return Response(response, status=status_code) + + class DisciplinaryActionAPIView(APIView): """ Endpoint for managing disciplinary actions. @@ -436,12 +496,44 @@ class DisciplinaryActionAPIView(APIView): def get(self, request, pk=None): if pk: + employee = request.user.employee_get disciplinary_action = self.get_object(pk) - serializer = DisciplinaryActionSerializer(disciplinary_action) - return Response(serializer.data, status=200) + is_manager = ( + True + if employee.get_subordinate_employees() + & disciplinary_action.employee_id.all() + else False + ) + if ( + (employee == disciplinary_action.employee_id) + or is_manager + or request.user.has_perm("employee.view_disciplinaryaction") + ): + serializer = DisciplinaryActionSerializer(disciplinary_action) + return Response(serializer.data, status=200) + return Response({"error": "No permission"}, status=400) else: + employee = request.user.employee_get + is_manager = EmployeeWorkInformation.objects.filter( + reporting_manager_id=employee + ).exists() + subordinates = employee.get_subordinate_employees() + + if request.user.has_perm("employee.view_disciplinaryaction"): + queryset = DisciplinaryAction.objects.all() + elif is_manager: + queryset_subordinates = DisciplinaryAction.objects.filter( + employee_id__in=subordinates + ) + queryset_employee = DisciplinaryAction.objects.filter( + employee_id=employee + ) + queryset = queryset_subordinates | queryset_employee + else: + queryset = DisciplinaryAction.objects.filter(employee_id=employee) + paginator = PageNumberPagination() - disciplinary_actions = DisciplinaryAction.objects.all() + disciplinary_actions = queryset disciplinary_action_filter_queryset = self.filterset_class( request.GET, queryset=disciplinary_actions ).qs