from django.shortcuts import render, get_object_or_404, redirect from django.contrib.auth.decorators import login_required, user_passes_test from django.contrib import messages from django.contrib.auth import get_user_model from django.views.generic import ListView, DetailView, UpdateView from django.utils.decorators import method_decorator from django.urls import reverse_lazy from .forms import ProfileEditForm, CustomUserCreationForm, CustomUserForm, UserGroupForm from .models import UserGroup User = get_user_model() def is_admin_or_user_manager(user): """Check if user is admin or has user management permission""" return user.is_superuser or user.has_user_management_permission def is_administrator(user): """Check if user is superuser or has administrator group""" if user.is_superuser: return True if user.group and user.group.name == 'Administrators': return True return False @login_required def profile(request): """User profile view""" return render(request, 'users/profile.html') @login_required def profile_edit(request): """Edit user profile""" if request.method == 'POST': form = ProfileEditForm(request.POST, request.FILES, instance=request.user) if form.is_valid(): form.save() messages.success(request, 'Profile updated successfully!') return redirect('users:profile') else: form = ProfileEditForm(instance=request.user) return render(request, 'users/profile_edit.html', {'form': form}) @method_decorator(login_required, name='dispatch') @method_decorator(user_passes_test(is_admin_or_user_manager), name='dispatch') class UserListView(ListView): """List all users (admin and user managers only)""" model = User template_name = 'users/user_list.html' context_object_name = 'users' paginate_by = 20 def get_queryset(self): return User.objects.all().order_by('username') @method_decorator(login_required, name='dispatch') @method_decorator(user_passes_test(is_admin_or_user_manager), name='dispatch') class UserDetailView(DetailView): """User detail view (admin and user managers only)""" model = User template_name = 'users/user_detail.html' context_object_name = 'user_obj' @login_required @user_passes_test(is_admin_or_user_manager) def user_create(request): """Create a new user""" if request.method == 'POST': form = CustomUserCreationForm(request.POST) if form.is_valid(): user = form.save() messages.success(request, f'User "{user.username}" created successfully!') return redirect('users:user_list') else: form = CustomUserCreationForm() return render(request, 'users/user_form.html', {'form': form, 'title': 'Create User'}) @login_required @user_passes_test(is_admin_or_user_manager) def group_list(request): """List all user groups""" groups = UserGroup.objects.all().order_by('name') return render(request, 'users/group_list.html', {'groups': groups}) @login_required @user_passes_test(is_admin_or_user_manager) def group_create(request): """Create a new user group""" if request.method == 'POST': form = UserGroupForm(request.POST) if form.is_valid(): group = form.save() messages.success(request, f'Group "{group.name}" created successfully!') return redirect('users:group_list') else: form = UserGroupForm() return render(request, 'users/group_form.html', {'form': form, 'title': 'Create Group'}) @login_required @user_passes_test(is_admin_or_user_manager) def user_edit(request, pk): """Edit an existing user""" user_obj = get_object_or_404(User, pk=pk) if request.method == 'POST': form = CustomUserForm(request.POST, instance=user_obj) if form.is_valid(): user = form.save() messages.success(request, f'User "{user_obj.username}" updated successfully!') return redirect('users:user_list') else: form = CustomUserForm(instance=user_obj) return render(request, 'users/user_edit_form.html', {'form': form, 'title': f'Edit User: {user_obj.username}'}) @login_required @user_passes_test(is_administrator) def user_delete(request, pk): """Delete a user""" user_obj = get_object_or_404(User, pk=pk) # Prevent deletion of superuser by non-superusers if user_obj.is_superuser and not request.user.is_superuser: messages.error(request, 'Only superusers can delete other superusers.') return redirect('users:user_list') # Prevent self-deletion if user_obj.pk == request.user.pk: messages.error(request, 'You cannot delete your own account.') return redirect('users:user_list') if request.method == 'POST': username = user_obj.username user_obj.delete() messages.success(request, f'User "{username}" deleted successfully!') return redirect('users:user_list') return render(request, 'users/user_confirm_delete.html', {'user_obj': user_obj}) @login_required @user_passes_test(is_admin_or_user_manager) def group_edit(request, pk): """Edit an existing user group""" group = get_object_or_404(UserGroup, pk=pk) if request.method == 'POST': form = UserGroupForm(request.POST, instance=group) if form.is_valid(): form.save() messages.success(request, f'Group "{group.name}" updated successfully!') return redirect('users:group_list') else: form = UserGroupForm(instance=group) return render(request, 'users/group_form.html', {'form': form, 'title': f'Edit Group: {group.name}', 'group': group}) @login_required @user_passes_test(is_admin_or_user_manager) def group_delete(request, pk): """Delete a user group""" group = get_object_or_404(UserGroup, pk=pk) # Check if group has users assigned to it if group.users.exists(): messages.error(request, f'Cannot delete group "{group.name}" because it still has users assigned to it.') return redirect('users:group_list') if request.method == 'POST': group_name = group.name group.delete() messages.success(request, f'Group "{group_name}" deleted successfully!') return redirect('users:group_list') return render(request, 'users/group_confirm_delete.html', {'group': group}) def has_manufacturing_access(user): """Check if user has manufacturing access (either admin or manufacturing permission)""" if user.is_superuser: return True if user.group and user.group.name == 'Administrators': return True if hasattr(user, 'has_manufacturing_permission') and user.has_manufacturing_permission(): return True return False