from appservices.common.util import * staff_members = Blueprint("staff_members",__name__) # Add staff member @staff_members.route("/add_staff_member",methods=["POST","GET"]) def add_staff_member(): try: if not session.get("adminId"): return redirect("admin_login") adminId = session.get("adminId") loginBrowser = request.headers.get("Sec-Ch-Ua") if loginBrowser: loginBrowseData = loginBrowser.split(";") browser = loginBrowseData[0] else: loginBrowseData = request.headers.get('User-Agent').split(";") browser = loginBrowseData[0] client_ip=0 # Extracting client IP address if request.headers.getlist("X-Forwarded-For"): client_ip = request.headers.getlist("X-Forwarded-For")[0] else: client_ip = request.remote_addr actionDate=datetime.datetime.now() role_permissions = fetch_staff_permissions(session.get("adminId")) rolesList = [] # if request.method == "GET": # roles_queryset = Roles.objects(status__in=[1]).order_by("-id").all() # for each_role in roles_queryset: # roleDict = fetching_role_details(each_role) # rolesList.append(roleDict) # return render_template("super_admin_templates/add_staff_member.html",rolesList=rolesList,role_permissions=role_permissions) permissionsList = check_permissions(adminId,"staffPermissions") if "add" in permissionsList: if request.method == "POST": userName = request.form.get("userName","") email = request.form.get("email","") password = request.form.get("password","") phoneNumber = request.form.get("phoneNumber","") roleId = request.form.get("roleId","") authenticationEnabled = request.form.get("authenticationEnabled",False) jsonData = request.form.to_dict(flat=True) requestData = [jsonData] updatedrequestData = [jsonData] if userName and email and password and phoneNumber and roleId: check_unique = SuperAdmin.objects(userName__iexact=userName,status__in=[0,1]).first() if check_unique: flash("Staff member userName already in use!") return redirect("view_all_staff_members") check_unique_email = SuperAdmin.objects(email__iexact=email,status__in=[0,1]).first() if check_unique_email: flash("Staff member email already in use!") return redirect("view_all_staff_members") admin_queryset = SuperAdmin.objects(id=adminId,status=1).first() if admin_queryset: message=admin_queryset.userName+" "+userName+" Staff member created successfully!" save_admin_log_table = save_admin_logs_data(adminId,None,None,"add_staff_member","create",actionDate,client_ip,browser,message,requestData,updatedrequestData) if authenticationEnabled == "True": authenticationEnabled=True else: authenticationEnabled=False staff_member_table = SuperAdmin( userName=userName, roleId=roleId, email=email, phoneNumber=phoneNumber, adminType="staff", authenticationEnabled=authenticationEnabled, password= generate_password_hash(password), createdOn=datetime.datetime.now(), status=1 ) save_staff_member_table = staff_member_table.save() flash("Staff member added successfully!") return redirect("view_all_staff_members") else: flash("Required fields are missing!!") return redirect("view_all_staff_members") else: flash("Staff member does not have given create permissions!!") return redirect("view_all_staff_members") except Exception as e: app.logger.error(traceback.format_exc()) error = "Unable to add staff member!!" return render_template("super_admin_templates/add_staff_member.html",error=error) def fetching_staff_member_details(staff_member_queryset): staff_member_dict = {} try: staff_member_dict = { "id":str(staff_member_queryset.id), "userName":staff_member_queryset.userName, "email":staff_member_queryset.email, "phoneNumber":staff_member_queryset.phoneNumber, # "authenticationEnabled":staff_member_queryset.authenticationEnabled, } try: if staff_member_queryset.authenticationEnabled: staff_member_dict['authenticationEnabled']=staff_member_queryset.authenticationEnabled else: staff_member_dict['authenticationEnabled']=False except Exception as e: staff_member_dict['authenticationEnabled']=False try: if staff_member_queryset.roleId: staff_member_dict["roleId"]=str(staff_member_queryset.roleId.id) staff_member_dict["roleName"]=staff_member_queryset.roleId.roleName else: staff_member_dict["roleId"]="" staff_member_dict["roleName"]="" except Exception as e: staff_member_dict["roleId"]="" staff_member_dict["roleName"]="" if staff_member_queryset.status == 1: staff_member_dict["actionText"] = "Active" else: staff_member_dict["actionText"] = "Deactive" except Exception as e: app.logger.error(traceback.format_exc()) return staff_member_dict # View all staff_members @staff_members.route("/view_all_staff_members",methods=["POST","GET"]) def view_all_staff_members(): if not session.get("adminId"): return redirect("admin_login") staff_membersList=[] rolesList=[] adminId = session.get("adminId") permissionsList = check_permissions(session.get("adminId"),"staffPermissions") print(permissionsList,"((((((((permissionsList))))))))") if "view" in permissionsList: try: search_element = request.args.get('search_element','') adminId = session.get("adminId") # role_permissions = fetch_staff_permissions(session.get("adminId")) staff_members_queryset=SuperAdmin.objects(adminType="staff",status__in=[0,1]).order_by("-id") if staff_members_queryset: print("(((((((((IF)))))))))") for each_staff_member in staff_members_queryset: staff_member_dict = fetching_staff_member_details(each_staff_member) staff_membersList.append(staff_member_dict) else: print("HIIII") staff_members_queryset=SuperAdmin.objects(id=adminId,status__in=[0,1]).order_by("-id") print(staff_members_queryset.count(),"@@@@@@@@@@@@@@") for each_staff_member in staff_members_queryset: staff_member_dict = fetching_staff_member_details(each_staff_member) staff_membersList.append(staff_member_dict) if search_element: staff_members_queryset = staff_members_queryset.filter(userName__icontains=search_element) roles_queryset = Roles.objects(status__in=[0,1]).order_by("-id").all() for each_role in roles_queryset: roleDict = fetching_role_details(each_role) rolesList.append(roleDict) return render_template("super_admin_templates/staff_members_list.html", rolesList=rolesList, staff_membersList=staff_membersList, # role_permissions=role_permissions, search_element =search_element ) except Exception as e: app.logger.error(traceback.format_exc()) error="Unable to fetch staff members list!" return render_template("super_admin_templates/staff_members_list.html",error=error) else: flash("Staff member does not have given view permissions!!") return redirect(url_for("admin.dashboard")) # Single view staff member @staff_members.route("/single_view_staff_member",methods=["POST","GET"]) def single_view_staff_member(): if not session.get("adminId"): return redirect("admin_login") try: role_permissions = fetch_staff_permissions(session.get("adminId")) staffMemberId = request.args.get("staffMemberId","") staff_member_queryset = SuperAdmin.objects(id=staffMemberId,status__in=[1,0]).first() staff_member_dict = fetching_staff_member_details(staff_member_queryset) return render_template("super_admin_templates/single_view_staff_member.html", staff_member_dict=staff_member_dict, role_permissions=role_permissions ) except Exception as e: app.logger.error(traceback.format_exc()) error = "Unable to fetch staff member details!!" return render_template("super_admin_templates/single_view_staff_member.html",error=error) # Staff member status update @staff_members.route("/staff_member_update_status",methods=["GET"]) def staff_member_update_status(): if not session.get("adminId"): return redirect("admin_login") adminId=session.get("adminId") loginBrowser = request.headers.get("Sec-Ch-Ua") if loginBrowser: loginBrowseData = loginBrowser.split(";") browser = loginBrowseData[0] else: loginBrowseData = request.headers.get('User-Agent').split(";") browser = loginBrowseData[0] client_ip=0 # Extracting client IP address if request.headers.getlist("X-Forwarded-For"): client_ip = request.headers.getlist("X-Forwarded-For")[0] else: client_ip = request.remote_addr actionDate=datetime.datetime.now() jsonData = request.form.to_dict(flat=True) existing_record = "" updatedrequestData = [jsonData] permissionsList = check_permissions(session.get("adminId"),"staffPermissions") if "edit" in permissionsList: staffMemberId=request.args.get("staffMemberId","") if staffMemberId: try: staff_member_queryset = SuperAdmin.objects(id__iexact=staffMemberId,status__nin=[2]).first() existing_record = staff_member_queryset.to_json() requestData = [existing_record] if staff_member_queryset: admin_queryset = SuperAdmin.objects(id=adminId,status=1).first() if staff_member_queryset.status == 0: staff_member_queryset.update(status=1) flash('Staff member activated successfully!') message=admin_queryset.userName+" "+staff_member_queryset.userName+" Staff member activated successfully!" else: staff_member_queryset.update(status=0) flash('Staff member deactivated successfully!') message=admin_queryset.userName+" "+staff_member_queryset.userName+" Staff member deactivated successfully!" save_admin_log_table = save_admin_logs_data(adminId,None,None,"staff_member_update_status","updatestatus",actionDate,client_ip,browser,message,requestData,updatedrequestData) return redirect("view_all_staff_members") else: return redirect("view_all_staff_members") except Exception as e: app.logger.error(traceback.format_exc()) return redirect("view_all_staff_members") else: return redirect("view_all_staff_members") else: flash("Staff member does not have given status update permissions!!") return redirect("view_all_staff_members") # Update staff member @staff_members.route("/update_staff_member",methods=["POST","GET"]) def update_staff_member(): try: if not session.get("adminId"): return redirect("admin_login") adminId=session.get("adminId") loginBrowser = request.headers.get("Sec-Ch-Ua") if loginBrowser: loginBrowseData = loginBrowser.split(";") browser = loginBrowseData[0] else: loginBrowseData = request.headers.get('User-Agent').split(";") browser = loginBrowseData[0] existing_record = "" client_ip=0 # Extracting client IP address if request.headers.getlist("X-Forwarded-For"): client_ip = request.headers.getlist("X-Forwarded-For")[0] else: client_ip = request.remote_addr actionDate=datetime.datetime.now() role_permissions = fetch_staff_permissions(session.get("adminId")) permissionsList = check_permissions(session.get("adminId"),"staffPermissions") if "edit" in permissionsList: if request.method == "GET": staff_membersList =[] staffMemberId = request.args.get("staffMemberId") staff_member_queryset = SuperAdmin.objects(id=staffMemberId).first() rolesList = [] roles_queryset = Roles.objects(status__in=[1]).order_by("-id").all() for each_role in roles_queryset: roleDict = fetching_role_details(each_role) rolesList.append(roleDict) staff_member_dict = fetching_staff_member_details(staff_member_queryset) return render_template("super_admin_templates/update_staff_member.html", staff_member_dict = staff_member_dict,rolesList=rolesList,role_permissions=role_permissions ) elif request.method == "POST": staffMemberId = request.form.get("staffMemberId","") userName = request.form.get("userName","") email = request.form.get("email") phoneNumber = request.form.get("phoneNumber") roleId = request.form.get("roleId","") authenticationEnabled = request.form.get("authenticationEnabled") jsonData = request.form.to_dict(flat=True) check_unique = SuperAdmin.objects(id__ne=staffMemberId,userName__iexact=userName,status__in=[0,1]).first() if check_unique: flash("Staff member userName already in use!") return redirect("view_all_staff_members") check_unique_email = SuperAdmin.objects(id__ne=staffMemberId,email__iexact=email,status__in=[0,1]).first() if check_unique_email: flash("Staff member email already in use!") return redirect("view_all_staff_members") staff_member_queryset = SuperAdmin.objects(id=staffMemberId,status__in=[0,1]).first() existing_record = staff_member_queryset.to_json() admin_queryset = SuperAdmin.objects(id=adminId,status=1).first() message=admin_queryset.userName+" "+userName+" Staff member updated successfully!" requestData=[existing_record] updatedrequestData=[jsonData] save_admin_log_table = save_admin_logs_data(adminId,None,None,"update_staff_member","update",actionDate,client_ip,browser,message,requestData,updatedrequestData) if authenticationEnabled == "True": authenticationEnabled=True else: authenticationEnabled=False staff_member_queryset.update( userName = userName, email = email, phoneNumber = phoneNumber, authenticationEnabled = authenticationEnabled, roleId = ObjectId(roleId), ) flash('Staff member updated successfully!') return redirect("view_all_staff_members") else: flash("Staff member does not have given update permissions!!") return redirect("view_all_staff_members") except Exception as e: app.logger.error(traceback.format_exc()) error = "Unable to update staff member!!" return redirect("view_all_staff_members") # # Delete staff member # @staff_members.route("/delete_staff_member",methods=["GET"]) # def delete_staff_member(): # try: # if not session.get("adminId"): # return redirect("admin_login") # if request.method == "GET": # staffMemberId = request.args.get("staffMemberId") # staff_member_queryset = SuperAdmin.objects(id=staffMemberId,status__in=[0,1]).first() # if not staff_member_queryset: # return # staff_member_queryset.update(status=2) # flash('Staff member deleted successfully!') # return redirect("view_all_staff_members") # except Exception as e: # app.logger.error(traceback.format_exc()) # flash("Unable to delete Staff member!!") # return redirect("view_all_staff_members") @staff_members.route("/delete_staff_member",methods=["POST","GET"]) def delete_staff_member(): if not session.get("adminId"): return redirect("admin_login") adminId=session.get("adminId") loginBrowser = request.headers.get("Sec-Ch-Ua") if loginBrowser: loginBrowseData = loginBrowser.split(";") browser = loginBrowseData[0] else: loginBrowseData = request.headers.get('User-Agent').split(";") browser = loginBrowseData[0] client_ip=0 # Extracting client IP address if request.headers.getlist("X-Forwarded-For"): client_ip = request.headers.getlist("X-Forwarded-For")[0] else: client_ip = request.remote_addr actionDate=datetime.datetime.now() jsonData = request.form.to_dict(flat=True) existing_record = "" updatedrequestData = [jsonData] permissionsList = check_permissions(session.get("adminId"),"staffPermissions") if "delete" in permissionsList: staffMemberId = request.args.get("staffMemberId","") if staffMemberId: try: staff_member_queryset = SuperAdmin.objects(id=staffMemberId,status__in=[0,1]).first() existing_record = staff_member_queryset.to_json() requestData = [existing_record] admin_queryset = SuperAdmin.objects(id=adminId,status=1).first() if staff_member_queryset: staff_member_queryset.update(status=2) flash("Staff member deleted successfully!") message=admin_queryset.userName+" "+staff_member_queryset.userName+" Staff member deleted successfully!" save_admin_log_table = save_admin_logs_data(adminId,None,None,"delete_staff_member","delete",actionDate,client_ip,browser,message,requestData,updatedrequestData) return redirect(url_for("staff_members.view_all_staff_members")) else: flash("Invaild id!!") return redirect(url_for("staff_members.view_all_staff_members")) except Exception as e: app.logger.error(traceback.format_exc()) return redirect(url_for("staff_members.view_all_staff_members")) else: flash("Required field is missing!!") return redirect(url_for("staff_members.view_all_staff_members")) else: flash("Staff member does not have given delete permissions!!") return redirect("view_all_staff_members") # @staff_members.route("/generate_password",methods=["GET"]) # def generate_password(): # return_array={'reuslt':'fail'} # try: # if request.method == "GET": # password = request.args.get("password") # hash_password=generate_password_hash(password) # return_array['result']=hash_password # return return_array # except Exception as e: # return return_array