Sicherhaven
2c60a82704
- UserStatusView, EventModerationView, ReviewModerationView, PartnerKYCReviewView: each state change now emits _audit_log() inside the same transaction.atomic() block so the log stays consistent with DB state on partial failure - AuditLogMetricsView: GET /api/v1/rbac/audit-log/metrics/ returns total/today/week/distinct_users/by_action_group; 60 s cache with ?nocache=1 bypass - AuditLogListView: free-text search (Q over action/target/user), page_size bounded to [1, 200] - accounts.User.ALL_MODULES += 'audit-log'; StaffProfile.SCOPE_TO_MODULE['audit'] = 'audit-log' - Migration 0005: composite indexes (action,-created_at) and (target_type,target_id) on AuditLog - admin_api/tests.py: 11 tests covering list shape, search, page bounds, metrics shape+nocache, suspend/ban/reinstate audit emission Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
96 lines
3.4 KiB
Python
96 lines
3.4 KiB
Python
import secrets
|
|
|
|
from django.contrib.auth.models import AbstractUser
|
|
from django.db import models
|
|
|
|
from accounts.manager import UserManager
|
|
from partner.models import Partner
|
|
|
|
EVENTIFY_ID_CHARS = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789' # no I, O, 0, 1
|
|
|
|
|
|
def generate_eventify_id():
|
|
return 'EVT-' + ''.join(secrets.choice(EVENTIFY_ID_CHARS) for _ in range(8))
|
|
|
|
|
|
ROLE_CHOICES = (
|
|
('admin', 'Admin'),
|
|
('manager', 'Manager'),
|
|
('staff', 'Staff'),
|
|
('customer', 'Customer'),
|
|
('partner', 'Partner'),
|
|
('partner_manager', 'Partner Manager'),
|
|
('partner_staff', 'Partner Staff'),
|
|
('partner_customer', 'Partner Customer'),
|
|
)
|
|
|
|
VALID_DISTRICTS = [
|
|
"Thiruvananthapuram", "Kollam", "Pathanamthitta", "Alappuzha", "Kottayam",
|
|
"Idukki", "Ernakulam", "Thrissur", "Palakkad", "Malappuram",
|
|
"Kozhikode", "Wayanad", "Kannur", "Kasaragod",
|
|
]
|
|
|
|
class User(AbstractUser):
|
|
eventify_id = models.CharField(
|
|
max_length=12,
|
|
unique=True,
|
|
editable=False,
|
|
db_index=True,
|
|
null=True,
|
|
blank=True,
|
|
)
|
|
|
|
phone_number = models.CharField(max_length=15, blank=True, null=True)
|
|
role = models.CharField(max_length=20, choices=ROLE_CHOICES, default='Staff')
|
|
|
|
partner = models.ForeignKey(Partner, on_delete=models.CASCADE, blank=True, null=True)
|
|
|
|
is_staff = models.BooleanField(default=False)
|
|
is_customer = models.BooleanField(default=False)
|
|
is_user = models.BooleanField(default=False)
|
|
|
|
# Location fields
|
|
pincode = models.CharField(max_length=10, blank=True, null=True)
|
|
district = models.CharField(max_length=100, blank=True, null=True)
|
|
state = models.CharField(max_length=100, blank=True, null=True)
|
|
country = models.CharField(max_length=100, blank=True, null=True)
|
|
place = models.CharField(max_length=200, blank=True, null=True)
|
|
district_changed_at = models.DateTimeField(blank=True, null=True)
|
|
|
|
# Location fields
|
|
latitude = models.DecimalField(max_digits=9, decimal_places=6, blank=True, null=True)
|
|
longitude = models.DecimalField(max_digits=9, decimal_places=6, blank=True, null=True)
|
|
|
|
profile_picture = models.ImageField(upload_to='profile_pictures/', blank=True, null=True, default='default.png')
|
|
|
|
allowed_modules = models.TextField(
|
|
blank=True, null=True,
|
|
help_text='Comma-separated module slugs this user can access',
|
|
)
|
|
|
|
ALL_MODULES = ["dashboard", "partners", "events", "ad-control", "users", "reviews", "contributions", "leads", "financials", "audit-log", "settings"]
|
|
|
|
def get_allowed_modules(self):
|
|
ALL = ["dashboard", "partners", "events", "ad-control", "users", "reviews", "contributions", "leads", "financials", "audit-log", "settings"]
|
|
if self.is_superuser or self.role == "admin":
|
|
return ALL
|
|
if self.allowed_modules:
|
|
return [m.strip() for m in self.allowed_modules.split(",") if m.strip()]
|
|
if self.role == "manager":
|
|
return ALL
|
|
return []
|
|
|
|
objects = UserManager()
|
|
|
|
def save(self, *args, **kwargs):
|
|
if not self.eventify_id:
|
|
for _ in range(10):
|
|
candidate = generate_eventify_id()
|
|
if not User.objects.filter(eventify_id=candidate).exists():
|
|
self.eventify_id = candidate
|
|
break
|
|
super().save(*args, **kwargs)
|
|
|
|
def __str__(self):
|
|
return self.username
|