nestict/ihrm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[FIX] PROJECT: Fixed missing login_required and errors while passing get request with with invalid ids

Browse Source
This commit is contained in:
Horilla
2025-12-05 19:24:27 +05:30
parent 6058d25cd6
commit e18cb640cf
7 changed files with 249 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
project/cbv/dashboard.py
View File

@@ -79,11 +79,11 @@ class ProjectDetailView(HorillaDetailedView):
"description": 12,
}
def __init__(self, **kwargs: Any) -> None:
super().__init__(**kwargs)
instnce_id = resolve(self.request.path_info).kwargs.get("pk")
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
instance_id = resolve(self.request.path_info).kwargs.get("pk")
employee = self.request.user.employee_get
project = Project.objects.get(id=instnce_id)
project = Project.objects.get(id=instance_id)
if (
employee in project.managers.all()
or employee in project.members.all()
@@ -99,6 +99,8 @@ class ProjectDetailView(HorillaDetailedView):
""",
}
]
context["actions"] = self.actions
return context
def get_queryset(self) -> QuerySet[Any]:
queryset = super().get_queryset()

7
project/cbv/projects.py
View File

@@ -346,9 +346,12 @@ class ProjectCardView(HorillaCardView):
queryset = task_filter | project_filter
return queryset.distinct()
def __init__(self, **kwargs: Any) -> None:
def __init__(self, **kwargs):
super().__init__(**kwargs)
self.search_url = reverse("project-card-view")
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
if (
self.request.user.has_perm("project.change_project")
or self.request.user.has_perm("project.delete_project")
@@ -388,6 +391,8 @@ class ProjectCardView(HorillaCardView):
""",
},
]
context["actions"] = self.actions
return context
details = {
"image_src": "get_avatar",

33
project/cbv/tasks.py
View File

@@ -186,21 +186,7 @@ class TasksNavBar(HorillaNavView):
def __init__(self, **kwargs: Any) -> None:
super().__init__(**kwargs)
employee = self.request.user.employee_get
projects = Project.objects.all()
managers = [
manager for project in projects for manager in project.managers.all()
]
self.search_url = reverse("tasks-list-view")
if employee in managers or self.request.user.has_perm("project.add_task"):
self.create_attrs = f"""
onclick = "event.stopPropagation();"
data-toggle="oh-modal-toggle"
data-target="#genericModal"
hx-target="#genericModalBody"
hx-get="{reverse('create-task-all')}"
"""
self.view_types = [
{
"type": "list",
@@ -220,6 +206,22 @@ class TasksNavBar(HorillaNavView):
},
]
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
employee = self.request.user.employee_get
projects = Project.objects.all()
managers = [
manager for project in projects for manager in project.managers.all()
]
if employee in managers or self.request.user.has_perm("project.add_task"):
self.create_attrs = f"""
onclick = "event.stopPropagation();"
data-toggle="oh-modal-toggle"
data-target="#genericModal"
hx-target="#genericModalBody"
hx-get="{reverse('create-task-all')}"
"""
if self.request.user.has_perm("project.view_task"):
self.actions = [
{
@@ -246,6 +248,9 @@ class TasksNavBar(HorillaNavView):
""",
},
]
context["actions"] = self.actions
context["create_attrs"] = self.create_attrs
return context
@method_decorator(login_required, name="dispatch")

25
project/cbv/timesheet.py
View File

@@ -73,7 +73,6 @@ class TimeSheetNavView(HorillaNavView):
def __init__(self, **kwargs: Any) -> None:
super().__init__(**kwargs)
self.search_url = reverse("time-sheet-list")
url = f"{reverse('personal-time-sheet-view',kwargs={'emp_id': self.request.user.employee_get.id})}"
self.actions = [
{
"action": _("Delete"),
@@ -85,6 +84,17 @@ class TimeSheetNavView(HorillaNavView):
""",
},
]
self.create_attrs = f"""
onclick = "event.stopPropagation();"
data-toggle="oh-modal-toggle"
data-target="#genericModal"
hx-target="#genericModalBody"
hx-get="{reverse('create-time-sheet')}"
"""
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
url = f"{reverse('personal-time-sheet-view',kwargs={'emp_id': self.request.user.employee_get.id})}"
self.view_types = [
{
"type": "list",
@@ -105,21 +115,14 @@ class TimeSheetNavView(HorillaNavView):
{
"type": "graph",
"icon": "bar-chart",
"url": url,
"attrs": f"""
onclick="event.stopPropagation();
window.location.href='{url}'"
title ='Graph'
""",
},
]
self.create_attrs = f"""
onclick = "event.stopPropagation();"
data-toggle="oh-modal-toggle"
data-target="#genericModal"
hx-target="#genericModalBody"
hx-get="{reverse('create-time-sheet')}"
"""
context["view_types"] = self.view_types
return context
@method_decorator(login_required, name="dispatch")

387
project/templates/time_sheet/chart.html
View File

@@ -1,4 +1,4 @@
{% extends 'index.html' %}{% block content %}{% load static %} {% load i18n %}
{% load static %} {% load i18n %}
{% load basefilters %} {% if request.user.employee_get.id == emp_id or perms.project.view_timesheet or request.user|is_reportingmanager %}
<div
class="oh-card-dashboard oh-card-dashboard--no-scale oh-card-dashboard--transparent"
@@ -15,7 +15,9 @@
<span class="oh-card-dashboard__title me-5"
><a id="previous">Previous</a></span
>
<span class="oh-card-dashboard__title me-5"><a id="next">Next</a></span>
<span class="oh-card-dashboard__title me-5"
><a id="next">Next</a></span
>
<select
class="oh-select oh-select--sm me-5"
name=""
@@ -35,218 +37,201 @@
<script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
<script>
$(document).ready(function () {
Date.prototype.getWeek = function () {
return $.datepicker.iso8601Week(this);
};
Date.prototype.getWeek = function () { return $.datepicker.iso8601Week(this); }
var myDate = new Date();
var myWeek = myDate.getWeek();
var year = myDate.getFullYear();
var month = myDate.getMonth();
var myDate = new Date();
var myWeek=myDate.getWeek();
var year = myDate. getFullYear()
var month = myDate.getMonth()
function personalChart(dataSet, labels) {
const data = {
labels: labels,
datasets: dataSet,
};
// Create chart using the Chart.js library
window["personalChart"] = {};
const ctx = document
.getElementById("personalChart")
.getContext("2d");
personalChart = new Chart(ctx, {
type: "bar",
data: data,
options: {
animation: {
duration: 1000, // Duration of the animation in milliseconds
easing: "easeInOutQuart", // Easing function for the animation
},
scales: {
x: {
stacked: true,
},
y: {
stacked: true,
},
},
},
});
}
function personalChart_one(dataSet, labels) {
personalChart.destroy();
const data = {
labels: labels,
datasets: dataSet,
};
// Create chart using the Chart.js library
window["personalChart"] = {};
const ctx = document
.getElementById("personalChart")
.getContext("2d");
personalChart = new Chart(ctx, {
type: "bar",
data: data,
options: {
animation: {
duration: 1000, // Duration of the animation in milliseconds
easing: "easeInOutQuart", // Easing function for the animation
},
scales: {
x: {
stacked: true,
},
y: {
stacked: true,
},
},
},
});
}
$.ajax({
type: "GET",
url: "/project/personal-time-sheet/",
data: {
emp_id: {{emp_id}},
year: year,
week: myWeek,
month: month,
selected: $("#personalTimesheetSelect").val(),
},
success: function (response) {
// Code to handle the response
dataSet = response.dataSet;
labels = response.labels;
function personalChart(dataSet, labels) {
const data = {
labels: labels,
datasets: dataSet,
personalChart(dataSet, labels);
},
error: function (response) {
console.log("error");
},
});
};
// Create chart using the Chart.js library
window["personalChart"] = {};
const ctx = document.getElementById("personalChart").getContext("2d");
personalChart = new Chart(ctx, {
type: "bar",
data: data,
options: {
animation: {
duration: 1000, // Duration of the animation in milliseconds
easing: 'easeInOutQuart', // Easing function for the animation
},
scales: {
x: {
stacked: true,
},
y: {
stacked: true,
}
}
},
});
}
$("#previous").click(function () {
if ($("#personalTimesheetSelect").val() == "week") {
myWeek -= 1;
if (myWeek < 1) {
year = year - 1;
myWeek = 52 + myWeek;
}
} else if ($("#personalTimesheetSelect").val() == "month") {
month -= 1;
if (month < 0) {
year = year - 1;
month = 12 + month;
}
}
$.ajax({
type: "GET",
url: "/project/personal-time-sheet/",
data: {
emp_id: {{emp_id}},
year: year,
week: myWeek,
month: month,
selected: $("#personalTimesheetSelect").val(),
},
success: function (response) {
// Code to handle the response
dataSet = response.dataSet;
labels = response.labels;
function personalChart_one(dataSet, labels) {
personalChart.destroy()
const data = {
labels: labels,
datasets: dataSet,
personalChart_one(dataSet, labels);
},
error: function (response) {
console.log("error");
},
});
});
};
// Create chart using the Chart.js library
window["personalChart"] = {};
const ctx = document.getElementById("personalChart").getContext("2d");
personalChart = new Chart(ctx, {
type: "bar",
data: data,
options: {
animation: {
duration: 1000, // Duration of the animation in milliseconds
easing: 'easeInOutQuart', // Easing function for the animation
},
scales: {
x: {
stacked: true,
},
y: {
stacked: true
}
}
},
});
}
$("#next").click(function () {
this_week = myDate.getWeek();
this_month = myDate.getMonth();
if ($("#personalTimesheetSelect").val() == "week") {
if (myWeek < this_week) {
myWeek += 1;
} else {
myWeek = this_week;
}
} else if ($("#personalTimesheetSelect").val() == "month") {
if (month < this_month) {
month += 1;
} else {
month = this_month;
}
}
$.ajax({
type: "GET",
url: "/project/personal-time-sheet/" ,
data :{
emp_id : {{emp_id}},
year : year,
week:myWeek,
month:month,
selected : $("#personalTimesheetSelect").val(),
},
success: function (response) {
// Code to handle the response
dataSet = response.dataSet;
labels = response.labels;
year = myDate.getFullYear();
$.ajax({
type: "GET",
url: "/project/personal-time-sheet/",
data: {
emp_id: {{emp_id}},
year: year,
week: myWeek,
month: month,
selected: $("#personalTimesheetSelect").val(),
},
success: function (response) {
// Code to handle the response
dataSet = response.dataSet;
labels = response.labels;
personalChart(dataSet, labels);
},
error: function(response){
console.log("error")
},
});
personalChart_one(dataSet, labels);
},
error: function (response) {
console.log("error");
},
});
});
$("#previous").click(function(){
if ($("#personalTimesheetSelect").val() == "week"){
myWeek-=1
if (myWeek<1){
year = year - 1;
myWeek = 52+myWeek;
}
}
else if ($("#personalTimesheetSelect").val() == "month"){
month-=1
if (month<0){
year=year-1;
month = 12+month
}
}
$.ajax({
type: "GET",
url: "/project/personal-time-sheet/",
data :{
emp_id : {{emp_id}},
year : year,
week:myWeek,
month:month,
selected : $("#personalTimesheetSelect").val()
},
success: function (response) {
// Code to handle the response
dataSet = response.dataSet;
labels = response.labels;
personalChart_one(dataSet, labels);
},
error: function(response){
console.log("error")
},
});
})
$("#next").click(function(){
this_week = myDate.getWeek()
this_month = myDate.getMonth()
if ($("#personalTimesheetSelect").val() == "week"){
if (myWeek < this_week){
myWeek+=1
} else {
myWeek = this_week
}
}
else if ($("#personalTimesheetSelect").val() == "month"){
if (month < this_month){
month+=1
} else {
month = this_month
}
}
year = myDate. getFullYear()
$.ajax({
type: "GET",
url: "/project/personal-time-sheet/",
data :{
emp_id : {{emp_id}},
year:year,
week:myWeek,
month:month,
selected : $("#personalTimesheetSelect").val()
},
success: function (response) {
// Code to handle the response
dataSet = response.dataSet;
labels = response.labels;
personalChart_one(dataSet, labels);
},
error: function(response){
console.log("error")
},
});
})
$("#personalTimesheetSelect").change(function(){
$.ajax({
type: "GET",
url: "/project/personal-time-sheet/",
data :{
emp_id : {{emp_id}},
year:year,
week:myWeek,
week:myWeek,
month:month,
selected:$("#personalTimesheetSelect").val(),
},
success: function (response) {
// Code to handle the response.labels
dataSet = response.dataSet;
labels = response.labels;
personalChart_one(dataSet, labels);
},
error: function(response){
console.log("error")
},
});
})
$("#personalTimesheetSelect").change(function () {
$.ajax({
type: "GET",
url: "/project/personal-time-sheet/",
data: {
emp_id: {{emp_id}},
year: year,
week: myWeek,
week: myWeek,
month: month,
selected: $("#personalTimesheetSelect").val(),
},
success: function (response) {
// Code to handle the response.labels
dataSet = response.dataSet;
labels = response.labels;
personalChart_one(dataSet, labels);
},
error: function (response) {
console.log("error");
},
});
});
});
</script>
{% endblock %}

12
project/urls.py
View File

@@ -11,7 +11,7 @@ urlpatterns = [
"project-dashboard-view/", views.dashboard_view, name="project-dashboard-view"
),
path(
"projects-due-in-this-month",
"projects-due-in-this-month/",
dashboard.ProjectsDueInMonth.as_view(),
name="projects-due-in-this-month",
),
@@ -43,7 +43,7 @@ urlpatterns = [
name="project-card-view",
),
path("project-view/", projects.ProjectsView.as_view(), name="project-view"),
# path("create-project/", views.create_project, name="create-project"),
# path("create-project", views.create_project, name="create-project"),
path("create-project/", projects.ProjectFormView.as_view(), name="create-project"),
# path(
# "update-project/<int:project_id>/",
@@ -227,7 +227,7 @@ urlpatterns = [
),
# path("create-time-sheet", views.time_sheet_creation, name="create-time-sheet"),
path(
"create-time-sheet",
"create-time-sheet/",
timesheet.TimeSheetFormView.as_view(),
name="create-time-sheet",
),
@@ -248,7 +248,7 @@ urlpatterns = [
# ),
path("filter-time-sheet/", views.time_sheet_filter, name="filter-time-sheet"),
path("time-sheet-initial/", views.time_sheet_initial, name="time-sheet-initial"),
# path("get-project/", views.get_project, name="get-project"),
# path("get-project", views.get_project, name="get-project"),
path("create-time-sheet/", views.time_sheet_creation, name="create-time-sheet"),
path(
"create-project-time-sheet/",
@@ -265,8 +265,8 @@ urlpatterns = [
views.time_sheet_delete,
name="delete-time-sheet",
),
path("filter-time-sheet", views.time_sheet_filter, name="filter-time-sheet"),
path("time-sheet-initial", views.time_sheet_initial, name="time-sheet-initial"),
path("filter-time-sheet/", views.time_sheet_filter, name="filter-time-sheet"),
path("time-sheet-initial/", views.time_sheet_initial, name="time-sheet-initial"),
path(
"personal-time-sheet-view/<int:emp_id>/",
views.personal_time_sheet_view,

29
project/views.py
View File

@@ -1487,16 +1487,6 @@ def time_sheet_view(request):
)
def time_sheet_initial(request):
"""
This is an ajax method to return json response to take only tasks related
to the project in the timesheet form fields
"""
project_id = request.GET["project_id"]
tasks = Task.objects.filter(project=project_id).values("title", "id")
return JsonResponse({"data": list(tasks)})
# def get_members(request):
# project_id = request.GET.get("project_id")
# project = Project.objects.get(id=project_id)
@@ -1511,6 +1501,7 @@ def time_sheet_initial(request):
# return JsonResponse({'data': list(members)})
@login_required
def get_members(request):
project_id = request.GET.get("project_id")
task_id = request.GET.get("task_id")
@@ -1548,6 +1539,7 @@ def get_members(request):
return HttpResponse(employee_field_html)
@login_required
def get_tasks_in_timesheet(request):
project_id = request.GET.get("project_id")
form = TimeSheetForm()
@@ -1721,7 +1713,7 @@ def time_sheet_update(request, time_sheet_id):
messages.success(request, _("Time sheet updated"))
form = TimeSheetForm()
response = render(
request, "./time_sheet/form-create.html", context={"form": form}
request, "time_sheet/form-create.html", context={"form": form}
)
return HttpResponse(
response.content.decode("utf-8")
@@ -1729,13 +1721,14 @@ def time_sheet_update(request, time_sheet_id):
)
return render(
request,
"./time_sheet/form-update.html",
"time_sheet/form-update.html",
{
"form": update_form,
},
)
else:
return render(request, "error.html")
messages.error(request, "You dont have permission.")
return HttpResponseRedirect(request.META.get("HTTP_REFERER", "/"))
@login_required
@@ -1764,6 +1757,7 @@ def time_sheet_delete(request, time_sheet_id):
return you_dont_have_permission(request)
@login_required
def time_sheet_filter(request):
"""
Filter Time sheet based on the provided query parameters.
@@ -1817,6 +1811,7 @@ def time_sheet_initial(request):
return JsonResponse({"data": list(tasks)})
@login_required
def personal_time_sheet(request):
"""
This is an ajax method to return json response for generating bar charts to employees.
@@ -1891,6 +1886,7 @@ def personal_time_sheet(request):
return JsonResponse(response)
@login_required
def personal_time_sheet_view(request, emp_id):
"""
Function for viewing the barcharts for timesheet of a specific employee.
@@ -1902,10 +1898,7 @@ def personal_time_sheet_view(request, emp_id):
Renders the chart.html template containing barchat of the specific employee.
"""
try:
Employee.objects.get(id=emp_id)
except:
return render(request, "error.html")
Employee.objects.get(id=emp_id)
emp_last_name = (
Employee.objects.get(id=emp_id).employee_last_name
if Employee.objects.get(id=emp_id).employee_last_name != None
@@ -1922,6 +1915,7 @@ def personal_time_sheet_view(request, emp_id):
return render(request, "time_sheet/chart.html", context=context)
@login_required
def time_sheet_single_view(request, time_sheet_id):
"""
Renders a single timesheet view page.
@@ -1939,6 +1933,7 @@ def time_sheet_single_view(request, time_sheet_id):
return render(request, "time_sheet/time_sheet_single_view.html", context)
@login_required
def time_sheet_bulk_delete(request):
"""
This method is used to delete set of Task instances