dashboard

eaace0ea · Ulises Morales Ramírez · 6527aabd · eaace0ea
Commit eaace0ea authored Mar 05, 2019 by Ulises Morales Ramírez
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 9 deletions

views.py administration/views.py +16 -9

No files found.
--- a/administration/views.py
+++ b/administration/views.py
@@ -2,15 +2,13 @@ import calendar

 import os

-import datetime
+
 from django.contrib import messages
 from django.contrib.auth.models import User
 from django.db.models import Count
 from django.shortcuts import render, redirect
 import json
 from django.http import HttpResponse, HttpResponseRedirect, HttpRequest, Http404
-from PIL import Image
-from django.db.models import Q

 # Create your views here.
 from django.views.decorators.csrf import csrf_exempt
@@ -22,8 +20,12 @@ USERS_PATH = config['PATHS']['PATH_NAS']
 PATH_USERS = config['PATHS']['PATH_USERS']
 size_sentinel =0
 size_repsat=0
+
+
 #------------------------------------------------------------
 def Dashboard(request):
+    if not request.user.is_superuser or not request.user.is_staff:
+        return redirect('../')

    # Total de compras #
    total = Purchase.objects.filter(purchased=True).count()
@@ -97,9 +99,10 @@ def Dashboard(request):
                   "Descargando": in_process, "dates": month_lst, "search": Searches, "size_repsat": size_repsat,
                   "size_sentinel": size_sentinel})

-
 # ----------------------------------------------------------
 def Request_users(request):
+    if not request.user.is_superuser or not request.user.is_staff:
+        return redirect('../')
    if request.user.is_superuser or request.user.is_staff:
        user_list = []
        for user in User.objects.filter(is_active=False):
@@ -118,9 +121,10 @@ def Request_users(request):
    else:
        return redirect('../')

-
 # ------------------------------------------------------------------------
 def update_user(request):
+    if not request.user.is_superuser or not request.user.is_staff:
+        return redirect('../')
    is_active = False
    is_staff = False
    is_superuser = False
@@ -142,7 +146,7 @@ def update_user(request):

    return redirect(request.POST.get('request_path'))

-
+#------------------------------------------------------------------------
 def active_users(request):
    if request.user.is_superuser or request.user.is_staff:
        user_list = []
@@ -159,7 +163,8 @@ def active_users(request):
            })
        # messages.success(request, 'your registration is being processed')
        return render(request, 'users_table.html', {'users': user_list, "Viewname": "Request"})
-
+    else:
+        return redirect('../')

 # ----------------------------------------------------------------------
 @csrf_exempt
@@ -170,6 +175,7 @@ def wsPurchasesPM(request):
        data = Purchase.objects.values('user__username','aggreg_date__month','user_id','user__email').filter(purchased=True,
            aggreg_date__month=to_if(request.POST.get('title'))).annotate(dcount=Count('user__username')).order_by('-dcount')

+
        for user in data:
            bytes_size = 0
            for path, directories, files in os.walk(PATH_USERS+user['user__email']):
@@ -195,9 +201,7 @@ def wsPurchasesPM(request):
    else:
        raise Http404

-
 # ----------------------------------------------------------------------
-
 def to_if(name):
    if name == "January":
        return 1
@@ -225,6 +229,7 @@ def to_if(name):
        return 12
    else:
        raise ValueError
+
 #-----------------------------------------------
 def best_unit_size(bytes_size):
    """
@@ -244,3 +249,5 @@ def best_unit_size(bytes_size):
                    60:"EB", 70:"ZB", 80:"YB"}[exp]
            break
    return str(round(bu_size,2))+" "+unit
+
+#------------------------------------------------