# coding=utf-8 from rest_framework.views import APIView from django.db import transaction from utils import response_ok, response_error from utils.custom_modelviewset import CustomModelViewSet from utils.permission import IsTenantUser, permission_required from apps.tenant.employee.models import Employee from apps.tenant import tenant_log from apps.log.models import BizLog from apps.tenant.employee.filters import EmployeeFilter from .serializers import EmployeeSerializer from apps.tenant.option.serializers import OptionSerializer,Option from apps.tenant.area.models import Area,Department from apps.tenant.area.serializers import AreaSerializer,AreaDepartmentSerializer from rest_framework.decorators import action from utils.exceptions import CustomError class DictView(APIView): permission_classes = [IsTenantUser, ] def get(self, request): tenant = request.user.employee.tenant ret = { 'status': Employee.STATUS_CHOICES, # 职工状态 'position': OptionSerializer(Option.objects.filter(delete=False,type=Option.JOB_TYPE, enable=True, tenant=tenant), many=True).data, 'area': AreaSerializer(Area.objects.filter(delete=False, enable=True, tenant=tenant), many=True).data, 'department': AreaDepartmentSerializer(Department.objects.filter(delete=False, enable=True, area__tenant=tenant), many=True).data, } return response_ok(ret) class VisitorView(CustomModelViewSet): permission_classes = [IsTenantUser] queryset = Employee.objects.filter() serializer_class = EmployeeSerializer @permission_required('employee.browse_employee') def filter_queryset(self, queryset): queryset = queryset.filter(tenant=self.request.user.employee.tenant) f = EmployeeFilter(self.request.GET, queryset=queryset) return f.qs @action(methods=['post'], detail=True) def forbid_baoxiu(self, request, pk): forbid_baoxiu = request.POST.get('forbid_baoxiu') instance = Employee.objects.filter(id=pk).first() if instance: instance.forbid_baoxiu = forbid_baoxiu and True or False instance.save() else: return response_error(u'游客信息有误,请刷新重试。') return response_ok() class EmployeeViewSet(CustomModelViewSet): permission_classes = [IsTenantUser] queryset = Employee.objects.filter() serializer_class = EmployeeSerializer @permission_required('employee.browse_employee') def filter_queryset(self, queryset): queryset = queryset.filter(tenant=self.request.user.employee.tenant) f = EmployeeFilter(self.request.GET, queryset=queryset) return f.qs @permission_required('employee.add_employee') def perform_create(self, serializer): super(EmployeeViewSet, self).perform_create(serializer) instance = serializer.instance validated_data = serializer.validated_data tenant_log(self.request.user.employee, BizLog.INSERT, u'添加人员[%s],id=%d' % (instance.name, instance.id), validated_data) @permission_required('employee.add_employee') def perform_update(self, serializer): super(EmployeeViewSet, self).perform_update(serializer) instance = serializer.instance validated_data = serializer.validated_data tenant_log(self.request.user.employee, BizLog.UPDATE, u'修改人员[%s],id=%d' % (instance.name, instance.id), validated_data) @permission_required('employee.delete_employee') def destroy(self, request, *args, **kwargs): with transaction.atomic(): instance = self.get_object() if instance.tenant != request.user.employee.tenant: raise CustomError(u'禁止跨租户操作!') super(EmployeeViewSet, self).destroy(self, request, *args, **kwargs) tenant_log(self.request.user.employee, BizLog.DELETE, u'删除人员[%s],id=%d' % (instance.name, instance.id)) return response_ok()