from django.shortcuts import render, redirect from django.views import generic from django.urls import reverse_lazy from django.contrib.auth.mixins import LoginRequiredMixin from django.core.exceptions import PermissionDenied from django.contrib import messages from django.contrib.auth import authenticate, login, logout from .models import User from .forms import LoginForm, UserForm, PartnerUserForm from events.models import Event from master_data.models import EventType from eventify_logger.services import log def dashboard(request): total_events = Event.objects.count() total_categories = EventType.objects.count() total_users = User.objects.count() return render(request, 'dashboard.html', { 'total_events': total_events, 'total_categories': total_categories, 'total_users': total_users, }) class UserListView(LoginRequiredMixin, generic.ListView): model = User template_name = 'accounts/user_list.html' context_object_name = 'users' paginate_by = 20 class UserCreateView(LoginRequiredMixin, generic.CreateView): model = User form_class = UserForm template_name = 'accounts/user_form.html' success_url = reverse_lazy('accounts:user_list') class UserUpdateView(LoginRequiredMixin, generic.UpdateView): model = User form_class = UserForm template_name = 'accounts/user_form.html' success_url = reverse_lazy('accounts:user_list') class UserDeleteView(LoginRequiredMixin, generic.DeleteView): model = User template_name = 'accounts/user_confirm_delete.html' success_url = reverse_lazy('accounts:user_list') def login_view(request): if request.user.is_authenticated: return redirect("accounts:dashboard") # Redirect authenticated user form = LoginForm(request, data=request.POST or None) if request.method == "POST": if form.is_valid(): user = form.get_user() login(request, user) if user.role == 'admin' or user.role == 'manager' or user.role == 'staff': log("info", "Admin/Manager/Staff login", request=request, user=user) return redirect("accounts:dashboard") else: log("warning", "Login attempt - user not authorized", request=request, user=user) messages.error(request, "You are not authorized to access this page.") else: log("warning", "Invalid login attempt", request=request) messages.error(request, "Invalid username or password") return render(request, "accounts/login.html", {"form": form}) def logout_view(request): if request.user.is_authenticated: log("info", "User logout", request=request, user=request.user) logout(request) messages.success(request, "You have been logged out successfully.") return redirect("accounts:login") # Partner Views Mixin class PartnerRequiredMixin(LoginRequiredMixin): """Mixin to ensure user has partner role (partner, partner_manager, partner_staff)""" def dispatch(self, request, *args, **kwargs): if not request.user.is_authenticated: return self.handle_no_permission() partner_roles = ['partner', 'partner_manager', 'partner_staff'] if request.user.role not in partner_roles: raise PermissionDenied("You are not authorized to access this page.") return super().dispatch(request, *args, **kwargs) # Partner Login/Logout/Dashboard def partner_login_view(request): if request.user.is_authenticated: partner_roles = ['partner', 'partner_manager', 'partner_staff'] if request.user.role in partner_roles: return redirect("accounts:partner_dashboard") else: messages.error(request, "You are not authorized to access partner portal.") return redirect("accounts:login") form = LoginForm(request, data=request.POST or None) if request.method == "POST": if form.is_valid(): user = form.get_user() partner_roles = ['partner', 'partner_manager', 'partner_staff'] if user.role in partner_roles: log("info", "Partner portal login", request=request, user=user) login(request, user) return redirect("accounts:partner_dashboard") else: log("warning", "Partner login - user not authorized", request=request, user=user) messages.error(request, "You are not authorized to access partner portal.") else: log("warning", "Partner portal - invalid login attempt", request=request) messages.error(request, "Invalid username or password") return render(request, "partner/login.html", {"form": form}) def partner_logout_view(request): if request.user.is_authenticated: log("info", "Partner portal logout", request=request, user=request.user) logout(request) messages.success(request, "You have been logged out successfully.") return redirect("accounts:partner_login") def partner_dashboard(request): """Partner dashboard view""" partner_roles = ['partner', 'partner_manager', 'partner_staff'] if not request.user.is_authenticated or request.user.role not in partner_roles: messages.error(request, "You are not authorized to access this page.") return redirect("accounts:partner_login") # Get statistics for partner users (including partner_customer) all_partner_roles = ['partner', 'partner_manager', 'partner_staff', 'partner_customer'] partner_users = User.objects.filter(role__in=all_partner_roles) total_partner_users = partner_users.count() # You can add more partner-specific statistics here # For example, events created by partner, bookings, etc. return render(request, 'partner/dashboard.html', { 'total_partner_users': total_partner_users, }) # Partner User Management Views class PartnerUserListView(PartnerRequiredMixin, generic.ListView): model = User template_name = 'partner/user_list.html' context_object_name = 'users' paginate_by = 20 def get_queryset(self): """Filter users to show only partner-related roles""" partner_roles = ['partner', 'partner_manager', 'partner_staff', 'partner_customer'] return User.objects.filter(role__in=partner_roles).order_by('-id') class PartnerUserCreateView(PartnerRequiredMixin, generic.CreateView): model = User form_class = PartnerUserForm template_name = 'partner/user_form.html' success_url = reverse_lazy('accounts:partner_user_list') def form_valid(self, form): messages.success(self.request, "Partner user created successfully.") return super().form_valid(form) class PartnerUserUpdateView(PartnerRequiredMixin, generic.UpdateView): model = User form_class = PartnerUserForm template_name = 'partner/user_form.html' success_url = reverse_lazy('accounts:partner_user_list') def get_queryset(self): """Only allow editing users with partner-related roles""" partner_roles = ['partner', 'partner_manager', 'partner_staff', 'partner_customer'] return User.objects.filter(role__in=partner_roles) def form_valid(self, form): messages.success(self.request, "Partner user updated successfully.") return super().form_valid(form) class PartnerUserDeleteView(PartnerRequiredMixin, generic.DeleteView): model = User template_name = 'partner/user_confirm_delete.html' success_url = reverse_lazy('accounts:partner_user_list') def get_queryset(self): """Only allow deleting users with partner-related roles""" partner_roles = ['partner', 'partner_manager', 'partner_staff', 'partner_customer'] return User.objects.filter(role__in=partner_roles) def delete(self, request, *args, **kwargs): # Prevent users from deleting themselves if self.get_object().id == request.user.id: messages.error(request, "You cannot delete your own account.") return redirect(self.success_url) messages.success(request, "Partner user deleted successfully.") return super().delete(request, *args, **kwargs)