diff --git a/horilla_api/api_methods/employee/methods.py b/horilla_api/api_methods/employee/methods.py index a1234bb1a..503e8687a 100644 --- a/horilla_api/api_methods/employee/methods.py +++ b/horilla_api/api_methods/employee/methods.py @@ -1,4 +1,7 @@ +import re + from django.http import QueryDict +from responses import logger from rest_framework.pagination import PageNumberPagination from base.models import * @@ -10,26 +13,47 @@ def get_next_badge_id(): """ This method is used to generate badge id """ - try: - highest_badge_id = ( - Employee.objects.filter(badge_id__isnull=False) - .order_by("-badge_id") - .first() - .badge_id - ) - except AttributeError: - highest_badge_id = None + from base.context_processors import get_initial_prefix + from employee.methods.methods import get_ordered_badge_ids - # Increment the badge_id if it exists, otherwise start from '1' - if highest_badge_id: - if "#" in highest_badge_id: - prefix, number = highest_badge_id.split("#") # Split prefix and number - # Increment the number - new_number = str(int(number) + 1).zfill(len(number)) - new_badge_id = f"{prefix}#{new_number}" - else: - # Add number to existing prefix - new_badge_id = f"{highest_badge_id}#001" - else: - new_badge_id = "EMP#001" # Default start badge ID if no employees exist - return new_badge_id + prefix = get_initial_prefix(None)["get_initial_prefix"] + data = get_ordered_badge_ids() + result = [] + try: + for sublist in data: + for item in sublist: + if isinstance(item, str) and item.lower().startswith(prefix.lower()): + # Find the index of the item in the sublist + index = sublist.index(item) + # Check if there is a next item in the sublist + if index + 1 < len(sublist): + result = sublist[index + 1] + result = re.findall(r"[a-zA-Z]+|\d+|[^a-zA-Z\d\s]", result) + + if result: + prefix = [] + incremented = False + for item in reversed(result): + total_letters = len(item) + total_zero_leads = 0 + for letter in item: + if letter == "0": + total_zero_leads = total_zero_leads + 1 + continue + break + + if total_zero_leads: + item = item[total_zero_leads:] + if isinstance(item, list): + item = item[-1] + if not incremented and isinstance(eval(str(item)), int): + item = int(item) + 1 + incremented = True + if isinstance(item, int): + item = "{:0{}d}".format(item, total_letters) + prefix.insert(0, str(item)) + prefix = "".join(prefix) + except Exception as e: + logger.exception(e) + prefix = get_initial_prefix(None)["get_initial_prefix"] + return prefix diff --git a/horilla_api/api_urls/employee/urls.py b/horilla_api/api_urls/employee/urls.py index 3a7f2579a..6c050f6da 100644 --- a/horilla_api/api_urls/employee/urls.py +++ b/horilla_api/api_urls/employee/urls.py @@ -16,11 +16,6 @@ urlpatterns = [ views.EmployeeListAPIView.as_view(), name="employee-list-detailed", ), # Alternative endpoint for listing employees - path( - "employee-bank-details/", - views.EmployeeBankDetailsAPIView.as_view(), - name="employee-bank-details-list", - ), path( "employee-bank-details//", views.EmployeeBankDetailsAPIView.as_view(), diff --git a/horilla_api/api_views/base/views.py b/horilla_api/api_views/base/views.py index d59ce0830..f1cc1ca40 100644 --- a/horilla_api/api_views/base/views.py +++ b/horilla_api/api_views/base/views.py @@ -357,6 +357,8 @@ class WorkTypeRequestView(APIView): return Response(serializer.data, status=200) # permission based queryset work_type_requests = self.get_queryset(request) + print("work_type_requests: ", work_type_requests) + # filtering queryset work_type_request_filter_queryset = self.filterset_class( request.GET, queryset=work_type_requests @@ -1362,9 +1364,14 @@ class EmployeeTabPermissionCheck(APIView): permission_classes = [IsAuthenticated] def get(self, request): - instance = request.user.employee_get + + instance = Employee.objects.filter(id=request.GET.get("employee_id")).first() if _is_reportingmanger(request, instance) or request.user.has_perms( - ["attendance.view_worktyperequest", "perms.attendance.view_shiftrequest"] + [ + "attendance.view_worktyperequest", + "attendance.view_shiftrequest", + "employee.change_employee", + ] ): return Response(status=200) - return Response(status=400) + return Response({"message": "No permission"}, status=400) diff --git a/horilla_api/api_views/employee/views.py b/horilla_api/api_views/employee/views.py index bcbd835fd..f9caba777 100644 --- a/horilla_api/api_views/employee/views.py +++ b/horilla_api/api_views/employee/views.py @@ -24,6 +24,7 @@ from employee.models import ( ) from employee.views import work_info_export, work_info_import from horilla.decorators import owner_can_enter +from horilla_api.api_methods.employee.methods import get_next_badge_id from horilla_documents.models import Document, DocumentRequest from notifications.signals import notify @@ -89,7 +90,6 @@ class EmployeeAPIView(APIView): permission_classes = [IsAuthenticated] def get(self, request, pk=None): - if pk: try: employee = Employee.objects.get(pk=pk) @@ -215,22 +215,19 @@ class EmployeeBankDetailsAPIView(APIView): return queryset def get(self, request, pk=None): - if pk: - try: - bank_detail = EmployeeBankDetails.objects.get(pk=pk) - except EmployeeBankDetails.DoesNotExist: - return Response( - {"error": "Bank details do not exist"}, - status=status.HTTP_404_NOT_FOUND, - ) + bank_detail = EmployeeBankDetails.objects.get(pk=pk) + if ( + request.user.employee_get + in [ + bank_detail.employee_id, + bank_detail.employee_id.get_reporting_manager(), + ] + ) or request.user.has_perm("employee.view_employeebankdetails"): serializer = EmployeeBankDetailsSerializer(bank_detail) return Response(serializer.data) - paginator = PageNumberPagination() - employee_bank_details = self.get_queryset(request) - page = paginator.paginate_queryset(employee_bank_details, request) - serializer = EmployeeBankDetailsSerializer(page, many=True) - return paginator.get_paginated_response(serializer.data) + + return Response({"message": "No permission"}, status=400) @manager_or_owner_permission_required( EmployeeBankDetails, "employee.add_employeebankdetails" @@ -296,8 +293,13 @@ class EmployeeWorkInformationAPIView(APIView): def get(self, request, pk): work_info = EmployeeWorkInformation.objects.get(pk=pk) - serializer = EmployeeWorkInformationSerializer(work_info) - return Response(serializer.data) + if ( + request.user.employee_get == work_info.reporting_manager_id + or request.user.has_perm("employee.view_employeeworkinformation") + ): + serializer = EmployeeWorkInformationSerializer(work_info) + return Response(serializer.data, status=200) + return Response({"message": "No permission"}, status=400) @manager_permission_required("employee.add_employeeworkinformation") def post(self, request): @@ -309,17 +311,19 @@ class EmployeeWorkInformationAPIView(APIView): @manager_permission_required("employee.change_employeeworkinformation") def put(self, request, pk): - try: - work_info = EmployeeWorkInformation.objects.get(pk=pk) - except EmployeeWorkInformation.DoesNotExist: - raise Http404 - serializer = EmployeeWorkInformationSerializer( - work_info, data=request.data, partial=True - ) - if serializer.is_valid(): - serializer.save() - return Response(serializer.data) - return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) + work_info = EmployeeWorkInformation.objects.get(pk=pk) + if ( + request.user.employee_get == work_info.reporting_manager_id + or request.user.has_perm("employee.change_employeeworkinformation") + ): + serializer = EmployeeWorkInformationSerializer( + work_info, data=request.data, partial=True + ) + if serializer.is_valid(): + serializer.save() + return Response(serializer.data) + return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) + return Response({"message": "No permission"}, status=400) @method_decorator( permission_required("employee.delete_employeeworkinformation"), name="dispatch"