diff --git a/accounts/forms.py b/accounts/forms.py index 76beb31..7654a13 100644 --- a/accounts/forms.py +++ b/accounts/forms.py @@ -90,19 +90,6 @@ class CustomerForm(forms.ModelForm): return national_code def save(self, commit=True): - def _compute_completed(cleaned): - try: - first_ok = bool((cleaned.get('first_name') or '').strip()) - last_ok = bool((cleaned.get('last_name') or '').strip()) - nc_ok = bool((cleaned.get('national_code') or '').strip()) - phone_ok = bool((cleaned.get('phone_number_1') or '').strip() or (cleaned.get('phone_number_2') or '').strip()) - addr_ok = bool((cleaned.get('address') or '').strip()) - bank_ok = bool(cleaned.get('bank_name')) - card_ok = bool((cleaned.get('card_number') or '').strip()) - acc_ok = bool((cleaned.get('account_number') or '').strip()) - return all([first_ok, last_ok, nc_ok, phone_ok, addr_ok, bank_ok, card_ok, acc_ok]) - except Exception: - return False # Check if this is an update (instance exists) if self.instance and self.instance.pk: # Update existing profile @@ -121,18 +108,6 @@ class CustomerForm(forms.ModelForm): profile.affairs = current_user_profile.affairs profile.county = current_user_profile.county profile.broker = current_user_profile.broker - # Set completion flag based on provided form data - profile.is_completed = _compute_completed({ - 'first_name': user.first_name, - 'last_name': user.last_name, - 'national_code': self.cleaned_data.get('national_code'), - 'phone_number_1': self.cleaned_data.get('phone_number_1'), - 'phone_number_2': self.cleaned_data.get('phone_number_2'), - 'address': self.cleaned_data.get('address'), - 'bank_name': self.cleaned_data.get('bank_name'), - 'card_number': self.cleaned_data.get('card_number'), - 'account_number': self.cleaned_data.get('account_number'), - }) if commit: profile.save() @@ -167,18 +142,6 @@ class CustomerForm(forms.ModelForm): profile.affairs = current_user_profile.affairs profile.county = current_user_profile.county profile.broker = current_user_profile.broker - # Set completion flag based on provided form data - profile.is_completed = _compute_completed({ - 'first_name': user.first_name, - 'last_name': user.last_name, - 'national_code': self.cleaned_data.get('national_code'), - 'phone_number_1': self.cleaned_data.get('phone_number_1'), - 'phone_number_2': self.cleaned_data.get('phone_number_2'), - 'address': self.cleaned_data.get('address'), - 'bank_name': self.cleaned_data.get('bank_name'), - 'card_number': self.cleaned_data.get('card_number'), - 'account_number': self.cleaned_data.get('account_number'), - }) if commit: profile.save() diff --git a/accounts/templates/accounts/customer_list.html b/accounts/templates/accounts/customer_list.html index 1b7e103..2d00356 100644 --- a/accounts/templates/accounts/customer_list.html +++ b/accounts/templates/accounts/customer_list.html @@ -172,19 +172,12 @@ {% empty %} - +
هیچ کاربری یافت نشد
- - - - - - - {% endfor %} diff --git a/accounts/templates/accounts/login.html b/accounts/templates/accounts/login.html index e43800d..e5791f3 100644 --- a/accounts/templates/accounts/login.html +++ b/accounts/templates/accounts/login.html @@ -16,9 +16,6 @@ layout-wide customizer-hide {% endblock style %} {% block content %} - -{% include '_toasts.html' %} -
@@ -72,7 +69,7 @@ layout-wide customizer-hide {% csrf_token %}
- +
diff --git a/accounts/urls.py b/accounts/urls.py index 7c79207..ac5119d 100644 --- a/accounts/urls.py +++ b/accounts/urls.py @@ -4,7 +4,7 @@ from accounts.views import login_view, dashboard, customer_list, add_customer_aj app_name = "accounts" urlpatterns = [ - path('', login_view, name='login'), + path('login/', login_view, name='login'), path('logout/', logout_view, name='logout'), path('dashboard/', dashboard, name='dashboard'), path('customers/', customer_list, name='customer_list'), diff --git a/accounts/views.py b/accounts/views.py index c5bec75..6a4f23c 100644 --- a/accounts/views.py +++ b/accounts/views.py @@ -8,9 +8,7 @@ from django import forms from django.contrib.auth.decorators import login_required from accounts.models import Profile from accounts.forms import CustomerForm -from processes.utils import scope_customers_queryset from common.consts import UserRoles -from common.decorators import allowed_roles # Create your views here. @@ -19,9 +17,6 @@ def login_view(request): renders login page and authenticating user POST requests to log user in """ - # If already authenticated, go straight to request list - if request.user.is_authenticated: - return redirect("processes:request_list") if request.method == "POST": username = request.POST.get("username") password = request.POST.get("password") @@ -40,11 +35,9 @@ def dashboard(request): @login_required -@allowed_roles([UserRoles.ADMIN, UserRoles.BROKER, UserRoles.MANAGER, UserRoles.ACCOUNTANT]) def customer_list(request): # Get all profiles that have customer role - base = Profile.objects.filter(roles__slug=UserRoles.CUSTOMER.value, is_deleted=False).select_related('user') - customers = scope_customers_queryset(request.user, base) + customers = Profile.objects.filter(roles__slug=UserRoles.CUSTOMER.value, is_deleted=False).select_related('user') form = CustomerForm() return render(request, "accounts/customer_list.html", { @@ -54,8 +47,6 @@ def customer_list(request): @require_POST -@login_required -@allowed_roles([UserRoles.ADMIN, UserRoles.BROKER, UserRoles.MANAGER, UserRoles.ACCOUNTANT]) def add_customer_ajax(request): """AJAX endpoint for adding customers""" form = CustomerForm(request.POST, request.FILES) @@ -94,8 +85,6 @@ def add_customer_ajax(request): @require_POST -@login_required -@allowed_roles([UserRoles.ADMIN, UserRoles.BROKER, UserRoles.MANAGER, UserRoles.ACCOUNTANT]) def edit_customer_ajax(request, customer_id): customer = get_object_or_404(Profile, id=customer_id) form = CustomerForm(request.POST, request.FILES, instance=customer) @@ -133,7 +122,6 @@ def edit_customer_ajax(request, customer_id): }) @require_GET -@login_required def get_customer_data(request, customer_id): customer = get_object_or_404(Profile, id=customer_id) @@ -174,7 +162,6 @@ def get_customer_data(request, customer_id): }) -@login_required def logout_view(request): """Log out current user and redirect to login page.""" logout(request) diff --git a/certificates/models.py b/certificates/models.py index 1b3dcaf..64d53f9 100644 --- a/certificates/models.py +++ b/certificates/models.py @@ -1,7 +1,6 @@ from django.db import models from django.contrib.auth import get_user_model from common.models import BaseModel -from _helpers.utils import jalali_converter2 User = get_user_model() @@ -36,7 +35,4 @@ class CertificateInstance(BaseModel): def __str__(self): return f"گواهی {self.process_instance.code}" - def jissued_at(self): - return jalali_converter2(self.issued_at) - diff --git a/certificates/templates/certificates/print.html b/certificates/templates/certificates/print.html index d5ef11f..5bd26c2 100644 --- a/certificates/templates/certificates/print.html +++ b/certificates/templates/certificates/print.html @@ -1,71 +1,28 @@ - - - - - - تاییدیه - {{ instance.code }} - {% load static %} +{% extends '_base.html' %} - - - - - - - - - - - - - - -
- -
-
-
شماره درخواست: {{ instance.code }}
-
تاریخ: {{ cert.jissued_at }}
-
-
- - -
- {% if template.company and template.company.logo %} - logo +{% block content %} +
+
+ {% if template.company and template.company.logo %} + logo + {% endif %} +

{{ cert.rendered_title }}

+ {% if template.company %}
{{ template.company.name }}
{% endif %} +
+
+ {{ cert.rendered_body|safe }} +
+
+
تاریخ: {{ cert.issued_at }}
+
+ {% if template.company and template.company.signature %} + seal {% endif %} -

{{ cert.rendered_title }}

- {% if template.company %} -
{{ template.company.name }}
- {% endif %} -
- - -
- {{ cert.rendered_body|safe }} -
- - -
-
-
مهر و امضای تایید کننده
-
{{ template.company.name }}
- {% if template.company and template.company.signature %} - seal - {% endif %} -
+
مهر و امضای شرکت
+
+ +{% endblock %} + - - - diff --git a/certificates/templates/certificates/step.html b/certificates/templates/certificates/step.html index 0027d18..b8923c2 100644 --- a/certificates/templates/certificates/step.html +++ b/certificates/templates/certificates/step.html @@ -18,49 +18,40 @@ + {% endblock %} {% block content %} {% include '_toasts.html' %} - - - {% instance_info_modal instance %} - {% csrf_token %}
-
+

{{ step.name }}: {{ instance.process.name }}

- {% instance_info instance %} + اشتراک آب: {{ instance.well.water_subscription_number|default:"-" }} + | نماینده: {{ instance.representative.profile.national_code|default:"-" }}
- - پرینت - + پرینت - - - بازگشت - + بازگشت
-
+
{% stepper_header instance step %}
-
-
-
شماره درخواست: {{ instance.code }}
-
تاریخ: {{ cert.jissued_at }}
-
-
{% if template.company and template.company.logo %} logo @@ -71,22 +62,21 @@
{{ cert.rendered_body|safe }}
-
+
+
+
تاریخ صدور: {{ cert.issued_at }}
+
-
مهر و امضای تایید کننده
-
{{ template.company.name }}
{% if template.company and template.company.signature %} - seal + seal {% endif %} +
مهر و امضای شرکت
{% if previous_step %} - - - قبلی - + قبلی {% else %}{% endif %}
{% csrf_token %} diff --git a/certificates/views.py b/certificates/views.py index ce6748e..761ee83 100644 --- a/certificates/views.py +++ b/certificates/views.py @@ -12,7 +12,6 @@ from .models import CertificateTemplate, CertificateInstance from common.consts import UserRoles from _helpers.jalali import Gregorian -from processes.utils import get_scoped_instance_or_404 def _to_jalali(date_obj): @@ -34,25 +33,23 @@ def _render_template(template: CertificateTemplate, instance: ProcessInstance): 'company_name': (template.company.name if template.company else '') or '', 'customer_full_name': rep.get_full_name() if rep else '', 'water_subscription_number': getattr(well, 'water_subscription_number', '') or '', - 'address': getattr(well, 'county', '') or '', + 'address': getattr(well, 'address', '') or '', 'visit_date_jalali': _to_jalali(getattr(latest_report, 'visited_date', None)) if latest_report else '', } title = (template.title or '').format(**ctx) body = (template.body or '') - # Render body placeholders with bold values for k, v in ctx.items(): - body = body.replace(f"{{{{ {k} }}}}", f"{str(v)}") + body = body.replace(f"{{{{ {k} }}}}", str(v)) return title, body @login_required def certificate_step(request, instance_id, step_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) # Ensure all previous steps are completed and invoice settled prior_steps = instance.process.steps.filter(order__lt=instance.current_step.order if instance.current_step else 9999) incomplete = StepInstance.objects.filter(process_instance=instance, step__in=prior_steps).exclude(status='completed').exists() - if incomplete: messages.error(request, 'ابتدا همه مراحل قبلی را تکمیل کنید') return redirect('processes:request_list') @@ -90,17 +87,6 @@ def certificate_step(request, instance_id, step_id): except Exception: messages.error(request, 'شما مجوز تایید این مرحله را ندارید') return redirect('processes:step_detail', instance_id=instance.id, step_id=step.id) - # Safety check: ensure ALL previous steps are completed before approval - try: - prev_steps_qs = instance.process.steps.filter(order__lt=step.order) - has_incomplete = StepInstance.objects.filter(process_instance=instance, step__in=prev_steps_qs).exclude(status='completed').exists() - if has_incomplete: - messages.error(request, 'ابتدا همه مراحل قبلی را تکمیل کنید') - return redirect('processes:step_detail', instance_id=instance.id, step_id=step.id) - except Exception: - messages.error(request, 'خطا در بررسی مراحل قبلی') - return redirect('processes:step_detail', instance_id=instance.id, step_id=step.id) - cert.approved = True cert.approved_at = timezone.now() cert.save() @@ -129,7 +115,7 @@ def certificate_step(request, instance_id, step_id): @login_required def certificate_print(request, instance_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) cert = CertificateInstance.objects.filter(process_instance=instance).order_by('-created').first() template = cert.template if cert else None return render(request, 'certificates/print.html', { diff --git a/common/decorators.py b/common/decorators.py index 7493abe..7ac7259 100644 --- a/common/decorators.py +++ b/common/decorators.py @@ -3,7 +3,7 @@ from functools import wraps from django.http import JsonResponse, HttpResponse from django.shortcuts import redirect -from common.consts import UserRoles +from extensions.consts import UserRoles def require_ajax(view_func): diff --git a/contracts/views.py b/contracts/views.py index 87c8ff2..7a1788b 100644 --- a/contracts/views.py +++ b/contracts/views.py @@ -11,7 +11,6 @@ from .models import ContractTemplate, ContractInstance from invoices.models import Invoice, Quote from _helpers.utils import jalali_converter2 from django.http import JsonResponse -from processes.utils import get_scoped_instance_or_404 def build_contract_context(instance: ProcessInstance) -> dict: @@ -53,7 +52,7 @@ def build_contract_context(instance: ProcessInstance) -> dict: @login_required def contract_step(request, instance_id, step_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) # Resolve step navigation step = get_object_or_404(instance.process.steps, id=step_id) previous_step = instance.process.steps.filter(order__lt=step.order).last() @@ -118,7 +117,7 @@ def contract_step(request, instance_id, step_id): @login_required def contract_print(request, instance_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) contract = get_object_or_404(ContractInstance, process_instance=instance) return render(request, 'contracts/contract_print.html', { 'instance': instance, diff --git a/db.sqlite3 b/db.sqlite3 index b3c2c85..a04ea6c 100644 Binary files a/db.sqlite3 and b/db.sqlite3 differ diff --git a/installations/models.py b/installations/models.py index 98fc452..62f7ecc 100644 --- a/installations/models.py +++ b/installations/models.py @@ -42,8 +42,8 @@ class InstallationReport(BaseModel): new_water_meter_serial = models.CharField(max_length=50, null=True, blank=True, verbose_name='سریال کنتور جدید') seal_number = models.CharField(max_length=50, null=True, blank=True, verbose_name='شماره پلمپ') is_meter_suspicious = models.BooleanField(default=False, verbose_name='کنتور مشکوک است؟') - utm_x = models.DecimalField(max_digits=10, decimal_places=0, null=True, blank=True, verbose_name='UTM X') - utm_y = models.DecimalField(max_digits=10, decimal_places=0, null=True, blank=True, verbose_name='UTM Y') + utm_x = models.DecimalField(max_digits=10, decimal_places=6, null=True, blank=True, verbose_name='UTM X') + utm_y = models.DecimalField(max_digits=10, decimal_places=6, null=True, blank=True, verbose_name='UTM Y') description = models.TextField(blank=True, verbose_name='توضیحات') created_by = models.ForeignKey(User, on_delete=models.SET_NULL, null=True, blank=True, verbose_name='ایجادکننده') approved = models.BooleanField(default=False, verbose_name='تایید شده') diff --git a/installations/templates/installations/installation_assign_step.html b/installations/templates/installations/installation_assign_step.html index f78b3d8..2bdbe4d 100644 --- a/installations/templates/installations/installation_assign_step.html +++ b/installations/templates/installations/installation_assign_step.html @@ -22,12 +22,7 @@ {% endblock %} {% block content %} - {% include '_toasts.html' %} - - -{% instance_info_modal instance %} -
@@ -35,13 +30,11 @@

{{ step.name }}: {{ instance.process.name }}

- {% instance_info instance %} + اشتراک آب: {{ instance.well.water_subscription_number|default:"-" }} + | نماینده: {{ instance.representative.profile.national_code|default:"-" }}
- - - بازگشت - + بازگشت
@@ -71,17 +64,17 @@
{% if assignment.assigned_by or assignment.installer %} -
+
{% if assignment.assigned_by %}
-
تعیین‌کننده نصاب
+
تعیین‌کننده نصاب
{{ assignment.assigned_by.get_full_name|default:assignment.assigned_by.username }} ({{ assignment.assigned_by.username }})
{% endif %} {% if assignment.updated %}
-
تاریخ ثبت/ویرایش
+
تاریخ ثبت/ویرایش
{{ assignment.updated|to_jalali }}
{% endif %} @@ -90,22 +83,14 @@ {% endif %}
{% if previous_step %} - - - قبلی - + قبلی {% else %} {% endif %} {% if is_manager %} - + {% else %} - - بعدی - - + بعدی {% endif %}
diff --git a/installations/templates/installations/installation_report_step.html b/installations/templates/installations/installation_report_step.html index 946c7b4..6044f53 100644 --- a/installations/templates/installations/installation_report_step.html +++ b/installations/templates/installations/installation_report_step.html @@ -35,12 +35,7 @@ {% endblock %} {% block content %} - {% include '_toasts.html' %} - - -{% instance_info_modal instance %} -
@@ -48,13 +43,11 @@

{{ step.name }}: {{ instance.process.name }}

- {% instance_info instance %} + اشتراک آب: {{ instance.well.water_subscription_number|default:"-" }} + | نماینده: {{ instance.representative.profile.national_code|default:"-" }}
- - - بازگشت - + بازگشت
@@ -62,15 +55,18 @@
{% if report and not edit_mode %} -
- {% if user_is_installer %} - - - ویرایش گزارش نصب - - {% endif %} -
- {% if step_instance and step_instance.status == 'rejected' and step_instance.get_latest_rejection %} +
+
+
+ {% if request.user|is_installer %} + ویرایش گزارش نصب + {% else %} + + {% endif %} +
+
+
+ {% if step_instance and step_instance.status == 'rejected' and step_instance.get_latest_rejection %} {% endif %} -
-

تاریخ مراجعه: {{ report.visited_date|to_jalali|default:'-' }}

@@ -157,7 +151,7 @@
وضعیت تاییدها
{% if user_can_approve %}
- +
{% endif %} @@ -190,28 +184,18 @@
{% if previous_step %} - - - قبلی - + قبلی {% else %} {% endif %} {% if next_step %} - - بعدی - - + بعدی {% endif %}
{% else %} - - {% if not user_is_installer %} -
شما مجوز ثبت/ویرایش گزارش نصب را ندارید.
+ {% if not request.user|is_installer %} +
شما مجوز ثبت/ویرایش گزارش نصب را ندارید. اطلاعات به صورت فقط خواندنی نمایش داده می‌شود.
{% endif %} - - {% if user_is_installer %} -
{% csrf_token %}
@@ -219,40 +203,40 @@
- +
- +
- +
- +
- +
- +
- +
- {% if user_is_installer %} + {% if request.user|is_installer %} {% endif %}
@@ -262,7 +246,7 @@
photo - {% if user_is_installer %} + {% if request.user|is_installer %} {% endif %} @@ -363,28 +347,24 @@
- +
- {% endif %} +
{% if previous_step %} - - - قبلی - + قبلی {% else %} {% endif %}
- {% if user_is_installer %} - + {% if request.user|is_installer %} + + {% else %} + {% endif %} {% if next_step %} - - بعدی - - + بعدی {% endif %}
@@ -519,6 +499,7 @@ try { if (sessionStorage.getItem('install_report_saved') === '1') { sessionStorage.removeItem('install_report_saved'); + showToast('گزارش نصب با موفقیت ثبت شد', 'success'); } } catch(_) {} })(); diff --git a/installations/views.py b/installations/views.py index 008135b..8c3dc7e 100644 --- a/installations/views.py +++ b/installations/views.py @@ -10,17 +10,16 @@ from accounts.models import Role from invoices.models import Item, Quote, QuoteItem from .models import InstallationAssignment, InstallationReport, InstallationPhoto, InstallationItemChange from decimal import Decimal, InvalidOperation -from processes.utils import get_scoped_instance_or_404 @login_required def installation_assign_step(request, instance_id, step_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) previous_step = instance.process.steps.filter(order__lt=step.order).last() next_step = instance.process.steps.filter(order__gt=step.order).first() # Installers list (profiles that have installer role) - installers = Profile.objects.filter(roles__slug=UserRoles.INSTALLER.value, county=instance.well.county).select_related('user').all() + installers = Profile.objects.filter(roles__slug=UserRoles.INSTALLER.value).select_related('user').all() assignment, _ = InstallationAssignment.objects.get_or_create(process_instance=instance) # Role flags @@ -73,56 +72,17 @@ def installation_assign_step(request, instance_id, step_id): }) -def create_item_changes_for_report(report, remove_map, add_map, quote_price_map): - """Helper function to create item changes for a report""" - # Create remove changes - for item_id, qty in remove_map.items(): - up = quote_price_map.get(item_id) - total = (up * qty) if up is not None else None - InstallationItemChange.objects.create( - report=report, - item_id=item_id, - change_type='remove', - quantity=qty, - unit_price=up, - total_price=total, - ) - - # Create add changes - for item_id, data in add_map.items(): - unit_price = data.get('price') - qty = data.get('qty') or 1 - total = (unit_price * qty) if (unit_price is not None) else None - InstallationItemChange.objects.create( - report=report, - item_id=item_id, - change_type='add', - quantity=qty, - unit_price=unit_price, - total_price=total, - ) - - @login_required def installation_report_step(request, instance_id, step_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) - previous_step = instance.process.steps.filter(order__lt=step.order).last() next_step = instance.process.steps.filter(order__gt=step.order).first() - assignment = InstallationAssignment.objects.filter(process_instance=instance).first() existing_report = InstallationReport.objects.filter(assignment=assignment).order_by('-created').first() - - # Only the assigned installer can create/edit the report - try: - has_installer_role = bool(getattr(request.user, 'profile', None) and request.user.profile.has_role(UserRoles.INSTALLER)) - except Exception: - has_installer_role = False - is_assigned_installer = bool(assignment and assignment.installer_id == request.user.id) - user_is_installer = bool(has_installer_role and is_assigned_installer) + # Only installers can enter edit mode + user_is_installer = hasattr(request.user, 'profile') and request.user.profile.has_role(UserRoles.INSTALLER) edit_mode = True if (request.GET.get('edit') == '1' and user_is_installer) else False - # current quote items baseline quote = Quote.objects.filter(process_instance=instance).first() quote_items = list(quote.items.select_related('item').all()) if quote else [] @@ -140,14 +100,7 @@ def installation_report_step(request, instance_id, step_id): reqs = list(step.approver_requirements.select_related('role').all()) user_roles_qs = getattr(getattr(request.user, 'profile', None), 'roles', None) user_roles = list(user_roles_qs.all()) if user_roles_qs is not None else [] - # Align permission check with invoices flow (role id intersection) - try: - req_role_ids = {r.role_id for r in reqs} - user_role_ids = {ur.id for ur in user_roles} - can_approve_reject = len(req_role_ids.intersection(user_role_ids)) > 0 - except Exception: - can_approve_reject = False - user_can_approve = can_approve_reject + user_can_approve = any(r.role in user_roles for r in reqs) approvals_list = list(step_instance.approvals.select_related('role').all()) approvals_by_role = {a.role_id: a for a in approvals_list} approver_statuses = [ @@ -207,13 +160,6 @@ def installation_report_step(request, instance_id, step_id): StepRejection.objects.create(step_instance=step_instance, rejected_by=request.user, reason=reason) existing_report.approved = False existing_report.save() - # If current step moved ahead of this step, reset it back for correction (align with invoices) - try: - if instance.current_step and instance.current_step.order > step.order: - instance.current_step = step - instance.save(update_fields=['current_step']) - except Exception: - pass messages.success(request, 'گزارش رد شد و برای اصلاح به نصاب بازگشت.') return redirect('processes:step_detail', instance_id=instance.id, step_id=step.id) @@ -231,21 +177,6 @@ def installation_report_step(request, instance_id, step_id): is_suspicious = True if request.POST.get('is_meter_suspicious') == 'on' else False utm_x = request.POST.get('utm_x') or None utm_y = request.POST.get('utm_y') or None - # Normalize UTM to integer meters - if utm_x is not None and utm_x != '': - try: - utm_x = int(Decimal(str(utm_x))) - except InvalidOperation: - utm_x = None - else: - utm_x = None - if utm_y is not None and utm_y != '': - try: - utm_y = int(Decimal(str(utm_y))) - except InvalidOperation: - utm_y = None - else: - utm_y = None # Build maps from form fields: remove and add remove_map = {} @@ -290,6 +221,8 @@ def installation_report_step(request, instance_id, step_id): unit_price = item_obj.unit_price if item_obj else None add_map[item_id] = {'qty': qty, 'price': unit_price} + # اجازهٔ ثبت همزمان حذف و افزودن برای یک قلم (بدون محدودیت و ادغام) + if existing_report and edit_mode: report = existing_report report.description = description @@ -314,7 +247,29 @@ def installation_report_step(request, instance_id, step_id): InstallationPhoto.objects.create(report=report, image=f) # replace item changes with new submission report.item_changes.all().delete() - create_item_changes_for_report(report, remove_map, add_map, quote_price_map) + for item_id, qty in remove_map.items(): + up = quote_price_map.get(item_id) + total = (up * qty) if up is not None else None + InstallationItemChange.objects.create( + report=report, + item_id=item_id, + change_type='remove', + quantity=qty, + unit_price=up, + total_price=total, + ) + for item_id, data in add_map.items(): + unit_price = data.get('price') + qty = data.get('qty') or 1 + total = (unit_price * qty) if (unit_price is not None) else None + InstallationItemChange.objects.create( + report=report, + item_id=item_id, + change_type='add', + quantity=qty, + unit_price=unit_price, + total_price=total, + ) else: report = InstallationReport.objects.create( assignment=assignment, @@ -331,7 +286,29 @@ def installation_report_step(request, instance_id, step_id): for f in request.FILES.getlist('photos'): InstallationPhoto.objects.create(report=report, image=f) # item changes - create_item_changes_for_report(report, remove_map, add_map, quote_price_map) + for item_id, qty in remove_map.items(): + up = quote_price_map.get(item_id) + total = (up * qty) if up is not None else None + InstallationItemChange.objects.create( + report=report, + item_id=item_id, + change_type='remove', + quantity=qty, + unit_price=up, + total_price=total, + ) + for item_id, data in add_map.items(): + unit_price = data.get('price') + qty = data.get('qty') or 1 + total = (unit_price * qty) if (unit_price is not None) else None + InstallationItemChange.objects.create( + report=report, + item_id=item_id, + change_type='add', + quantity=qty, + unit_price=unit_price, + total_price=total, + ) # After installer submits/edits, set step back to in_progress and clear approvals step_instance.status = 'in_progress' @@ -342,33 +319,6 @@ def installation_report_step(request, instance_id, step_id): except Exception: pass - # If the report was edited, ensure downstream steps reopen like invoices flow - try: - subsequent_steps = instance.process.steps.filter(order__gt=step.order) - for subsequent_step in subsequent_steps: - subsequent_step_instance = instance.step_instances.filter(step=subsequent_step).first() - if subsequent_step_instance and subsequent_step_instance.status == 'completed': - # Reopen the step - instance.step_instances.filter(step=subsequent_step).update( - status='in_progress', - completed_at=None - ) - # Clear previous approvals if any - try: - subsequent_step_instance.approvals.all().delete() - except Exception: - pass - except Exception: - pass - - # If current step is ahead of this step, reset it back to this step - try: - if instance.current_step and instance.current_step.order > step.order: - instance.current_step = step - instance.save(update_fields=['current_step']) - except Exception: - pass - messages.success(request, 'گزارش ثبت شد و در انتظار تایید است.') return redirect('processes:step_detail', instance_id=instance.id, step_id=step.id) @@ -390,7 +340,6 @@ def installation_report_step(request, instance_id, step_id): 'assignment': assignment, 'report': existing_report, 'edit_mode': edit_mode, - 'user_is_installer': user_is_installer, 'quote': quote, 'quote_items': quote_items, 'all_items': items, @@ -402,7 +351,6 @@ def installation_report_step(request, instance_id, step_id): 'step_instance': step_instance, 'approver_statuses': approver_statuses, 'user_can_approve': user_can_approve, - 'can_approve_reject': can_approve_reject, }) diff --git a/invoices/templates/invoices/final_invoice_print.html b/invoices/templates/invoices/final_invoice_print.html index 6e37a0d..cfa58eb 100644 --- a/invoices/templates/invoices/final_invoice_print.html +++ b/invoices/templates/invoices/final_invoice_print.html @@ -1,206 +1,55 @@ - - - - - - فاکتور نهایی {{ invoice.name }} - {{ instance.code }} - - {% load static %} - {% load humanize %} +{% extends '_base.html' %} +{% load humanize %} - - - - - - - - - - - - - - - - - - - -
- -
-
-
-
- {% if instance.broker.company and instance.broker.company.logo %} - لوگو - {% else %} - - {% endif %} -
-
- {% if instance.broker.company %} - {{ instance.broker.company.name }} - {% endif %} - {% if instance.broker.company %} -
- {% if instance.broker.company.address %} -
{{ instance.broker.company.address }}
- {% endif %} - {% if instance.broker.affairs.county.city.name %} -
{{ instance.broker.affairs.county.city.name }}، ایران
- {% endif %} - {% if instance.broker.company.phone %} -
تلفن: {{ instance.broker.company.phone }}
- {% endif %} -
- {% endif %} -
-
-
-
-
#فاکتور نهایی {{ instance.code }}
-
تاریخ صدور: {{ invoice.jcreated_date }}
-
-
-
+{% block content %} +
+
+
+

فاکتور نهایی

+ کد درخواست: {{ instance.code }}
- - -
-
-
اطلاعات مشترک
-
نام: {{ invoice.customer.get_full_name|default:instance.representative.get_full_name }}
- {% if instance.representative.profile and instance.representative.profile.national_code %} -
کد ملی: {{ instance.representative.profile.national_code }}
- {% endif %} - {% if instance.representative.profile and instance.representative.profile.phone_number_1 %} -
تلفن: {{ instance.representative.profile.phone_number_1 }}
- {% endif %} - {% if instance.representative.profile and instance.representative.profile.address %} -
آدرس: {{ instance.representative.profile.address }}
- {% endif %} -
-
-
اطلاعات چاه
-
شماره اشتراک آب: {{ instance.well.water_subscription_number }}
-
شماره اشتراک برق: {{ instance.well.electricity_subscription_number|default:"-" }}
-
سریال کنتور: {{ instance.well.water_meter_serial_number|default:"-" }}
-
قدرت چاه: {{ instance.well.well_power|default:"-" }}
-
+
+ +
لوگو
- - -
- - - - - - - - - - - - - {% for it in items %} - - - - - - - - - {% empty %} - - {% endfor %} - - - - - - - {% if invoice.discount_amount > 0 %} - - - - - {% endif %} - - - - - - - - - - - - - -
ردیفشرح کالا/خدماتتوضیحاتتعدادقیمت واحد(تومان)قیمت کل(تومان)
{{ forloop.counter }}{{ it.item.name }}{{ it.item.description|default:"-" }}{{ it.quantity }}{{ it.unit_price|floatformat:0|intcomma:False }}{{ it.total_price|floatformat:0|intcomma:False }}
آیتمی ندارد
جمع کل(تومان):{{ invoice.total_amount|floatformat:0|intcomma:False }}
تخفیف(تومان):{{ invoice.discount_amount|floatformat:0|intcomma:False }}
مبلغ نهایی(تومان):{{ invoice.final_amount|floatformat:0|intcomma:False }}
پرداختی‌ها(تومان):{{ invoice.paid_amount|floatformat:0|intcomma:False }}
مانده(تومان):{{ invoice.remaining_amount|floatformat:0|intcomma:False }}
-
- - -
-
-
مهر و امضا:
-
    - {% if instance.broker.company and instance.broker.company.signature %} -
  • امضا
    • - {% endif %} -
-
- {% if instance.broker.company %} -
-
اطلاعات پرداخت
- {% if instance.broker.company.card_number %} -
شماره کارت: {{ instance.broker.company.card_number }}
- {% endif %} - {% if instance.broker.company.account_number %} -
شماره حساب: {{ instance.broker.company.account_number }}
- {% endif %} - {% if instance.broker.company.sheba_number %} -
شماره شبا: {{ instance.broker.company.sheba_number }}
- {% endif %} - {% if instance.broker.company.bank_name %} -
بانک: {{ instance.broker.company.get_bank_name_display }}
- {% endif %} -
- {% endif %} -
-
+
+ + + + + + + + + + + {% for it in items %} + + + + + + + {% empty %} + + {% endfor %} + + + + + + + + +
آیتمتعدادقیمت واحدقیمت کل
{{ it.item.name }}{{ it.quantity }}{{ it.unit_price|floatformat:0|intcomma:False }}{{ it.total_price|floatformat:0|intcomma:False }}
آیتمی ندارد
مبلغ کل{{ invoice.total_amount|floatformat:0|intcomma:False }}
تخفیف{{ invoice.discount_amount|floatformat:0|intcomma:False }}
مبلغ نهایی{{ invoice.final_amount|floatformat:0|intcomma:False }}
پرداختی‌ها{{ invoice.paid_amount|floatformat:0|intcomma:False }}
مانده{{ invoice.remaining_amount|floatformat:0|intcomma:False }}
+
+
+
امضا مشتری
+
امضا شرکت
+
+
+ +{% endblock %} + - - - diff --git a/invoices/templates/invoices/final_invoice_step.html b/invoices/templates/invoices/final_invoice_step.html index 5fe05e4..dfee339 100644 --- a/invoices/templates/invoices/final_invoice_step.html +++ b/invoices/templates/invoices/final_invoice_step.html @@ -24,10 +24,6 @@ {% block content %} {% include '_toasts.html' %} - - -{% instance_info_modal instance %} - {% csrf_token %}
@@ -36,18 +32,14 @@

{{ step.name }}: {{ instance.process.name }}

- {% instance_info instance %} + اشتراک آب: {{ instance.well.water_subscription_number|default:"-" }} + | نماینده: {{ instance.representative.profile.national_code|default:"-" }}
- - پرینت - + پرینت - - - بازگشت - + بازگشت
@@ -171,24 +163,15 @@
{% if previous_step %} - - - قبلی - + قبلی {% else %} {% endif %} {% if next_step %} {% if is_manager %} - + {% else %} - - بعدی - - + بعدی {% endif %} {% endif %}
diff --git a/invoices/templates/invoices/final_settlement_step.html b/invoices/templates/invoices/final_settlement_step.html index 08a5793..2335298 100644 --- a/invoices/templates/invoices/final_settlement_step.html +++ b/invoices/templates/invoices/final_settlement_step.html @@ -23,10 +23,6 @@ {% block content %} {% include '_toasts.html' %} - - -{% instance_info_modal instance %} - {% csrf_token %}
@@ -35,18 +31,14 @@

{{ step.name }}: {{ instance.process.name }}

- {% instance_info instance %} + اشتراک آب: {{ instance.well.water_subscription_number|default:"-" }} + | نماینده: {{ instance.representative.profile.national_code|default:"-" }}
- - پرینت - + پرینت - - - بازگشت - + بازگشت
@@ -96,7 +88,7 @@
- +
@@ -190,7 +182,7 @@
وضعیت تاییدها
{% if can_approve_reject %}
- +
{% endif %} @@ -222,19 +214,13 @@ {% endif %}
{% if previous_step %} - - - قبلی - + قبلی {% else %} {% endif %} {% if step_instance.status == 'completed' %} {% if next_step %} - - بعدی - - + بعدی {% else %} اتمام {% endif %} @@ -278,8 +264,8 @@
{% if invoice.remaining_amount != 0 %} {% else %} آیا از تایید این مرحله اطمینان دارید؟ diff --git a/invoices/urls.py b/invoices/urls.py index f40df30..f959799 100644 --- a/invoices/urls.py +++ b/invoices/urls.py @@ -31,4 +31,5 @@ urlpatterns = [ path('instance//step//final-settlement/', views.final_settlement_step, name='final_settlement_step'), path('instance//step//final-settlement/add/', views.add_final_payment, name='add_final_payment'), path('instance//step//final-settlement//delete/', views.delete_final_payment, name='delete_final_payment'), + path('instance//step//final-settlement/approve/', views.approve_final_settlement, name='approve_final_settlement'), ] diff --git a/invoices/views.py b/invoices/views.py index 7e01a51..b271a29 100644 --- a/invoices/views.py +++ b/invoices/views.py @@ -12,17 +12,13 @@ import json from processes.models import ProcessInstance, ProcessStep, StepInstance, StepRejection, StepApproval from accounts.models import Role from common.consts import UserRoles -from .models import Item, Quote, QuoteItem, Payment, Invoice, InvoiceItem +from .models import Item, Quote, QuoteItem, Payment, Invoice from installations.models import InstallationReport, InstallationItemChange -from processes.utils import get_scoped_instance_or_404 + @login_required def quote_step(request, instance_id, step_id): """مرحله انتخاب اقلام و ساخت پیش‌فاکتور""" - # Enforce scoped access to prevent URL tampering - instance = get_scoped_instance_or_404(request, instance_id) - - # Enforce scoped access to prevent URL tampering instance = get_object_or_404( ProcessInstance.objects.select_related('process', 'well', 'requester', 'representative', 'representative__profile'), id=instance_id @@ -72,7 +68,7 @@ def quote_step(request, instance_id, step_id): @login_required def create_quote(request, instance_id, step_id): """ساخت/بروزرسانی پیش‌فاکتور از اقلام انتخابی""" - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) # enforce permission: only BROKER can create/update quote profile = getattr(request.user, 'profile', None) @@ -223,9 +219,6 @@ def create_quote(request, instance_id, step_id): @login_required def quote_preview_step(request, instance_id, step_id): """مرحله صدور پیش‌فاکتور - نمایش و تایید فاکتور""" - # Enforce scoped access to prevent URL tampering - instance = get_scoped_instance_or_404(request, instance_id) - instance = get_object_or_404( ProcessInstance.objects.select_related('process', 'well', 'requester', 'representative', 'representative__profile', 'broker', 'broker__company', 'broker__affairs', 'broker__affairs__county', 'broker__affairs__county__city'), id=instance_id @@ -268,7 +261,7 @@ def quote_preview_step(request, instance_id, step_id): @login_required def quote_print(request, instance_id): """صفحه پرینت پیش‌فاکتور""" - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) quote = get_object_or_404(Quote, process_instance=instance) return render(request, 'invoices/quote_print.html', { @@ -281,7 +274,7 @@ def quote_print(request, instance_id): @login_required def approve_quote(request, instance_id, step_id): """تایید پیش‌فاکتور و انتقال به مرحله بعدی""" - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) quote = get_object_or_404(Quote, process_instance=instance) # enforce permission: only BROKER can approve @@ -323,9 +316,6 @@ def approve_quote(request, instance_id, step_id): @login_required def quote_payment_step(request, instance_id, step_id): """مرحله سوم: ثبت فیش‌های واریزی پیش‌فاکتور""" - # Enforce scoped access to prevent URL tampering - instance = get_scoped_instance_or_404(request, instance_id) - instance = get_object_or_404( ProcessInstance.objects.select_related('process', 'well', 'requester', 'representative', 'representative__profile'), id=instance_id @@ -418,7 +408,7 @@ def quote_payment_step(request, instance_id, step_id): defaults={'approved_by': request.user, 'decision': 'rejected', 'reason': reason} ) StepRejection.objects.create(step_instance=step_instance, rejected_by=request.user, reason=reason) - # If current step is ahead of this step, reset it back to this step + # If current step is ahead of this step, reset it back to this step try: if instance.current_step and instance.current_step.order > step.order: instance.current_step = step @@ -459,7 +449,7 @@ def quote_payment_step(request, instance_id, step_id): @login_required def add_quote_payment(request, instance_id, step_id): """افزودن فیش واریزی جدید برای پیش‌فاکتور""" - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) quote = get_object_or_404(Quote, process_instance=instance) invoice, _ = Invoice.objects.get_or_create( @@ -574,7 +564,7 @@ def add_quote_payment(request, instance_id, step_id): @require_POST @login_required def delete_quote_payment(request, instance_id, step_id, payment_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) quote = get_object_or_404(Quote, process_instance=instance) invoice = Invoice.objects.filter(quote=quote).first() @@ -642,9 +632,6 @@ def delete_quote_payment(request, instance_id, step_id, payment_id): @login_required def final_invoice_step(request, instance_id, step_id): """تجمیع اقلام پیش‌فاکتور با تغییرات نصب و صدور فاکتور نهایی""" - # Enforce scoped access to prevent URL tampering - instance = get_scoped_instance_or_404(request, instance_id) - instance = get_object_or_404( ProcessInstance.objects.select_related('process', 'well', 'requester', 'representative', 'representative__profile'), id=instance_id @@ -783,7 +770,7 @@ def final_invoice_step(request, instance_id, step_id): @login_required def final_invoice_print(request, instance_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) invoice = get_object_or_404(Invoice, process_instance=instance) items = invoice.items.select_related('item').filter(is_deleted=False).all() return render(request, 'invoices/final_invoice_print.html', { @@ -796,7 +783,7 @@ def final_invoice_print(request, instance_id): @require_POST @login_required def approve_final_invoice(request, instance_id, step_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) invoice = get_object_or_404(Invoice, process_instance=instance) # only MANAGER can approve @@ -805,7 +792,14 @@ def approve_final_invoice(request, instance_id, step_id): return JsonResponse({'success': False, 'message': 'شما مجوز تایید این مرحله را ندارید'}, status=403) except Exception: return JsonResponse({'success': False, 'message': 'شما مجوز تایید این مرحله را ندارید'}, status=403) - + # Block approval when there is any remaining (positive or negative) + invoice.calculate_totals() + # if invoice.remaining_amount != 0: + # return JsonResponse({ + # 'success': False, + # 'message': f"تا زمانی که مانده فاکتور صفر نشده امکان تایید نیست (مانده فعلی: {invoice.remaining_amount})" + # }) + # mark step completed step_instance, _ = StepInstance.objects.get_or_create(process_instance=instance, step=step) step_instance.status = 'completed' step_instance.completed_at = timezone.now() @@ -824,7 +818,7 @@ def approve_final_invoice(request, instance_id, step_id): @login_required def add_special_charge(request, instance_id, step_id): """افزودن هزینه ویژه تعمیر/تعویض به فاکتور نهایی به‌صورت آیتم جداگانه""" - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) invoice = get_object_or_404(Invoice, process_instance=instance) # only MANAGER can add special charges try: @@ -832,7 +826,7 @@ def add_special_charge(request, instance_id, step_id): return JsonResponse({'success': False, 'message': 'شما مجوز افزودن هزینه ویژه را ندارید'}, status=403) except Exception: return JsonResponse({'success': False, 'message': 'شما مجوز افزودن هزینه ویژه را ندارید'}, status=403) - + # charge_type was removed from UI; we no longer require it item_id = request.POST.get('item_id') amount = (request.POST.get('amount') or '').strip() if not item_id: @@ -847,7 +841,7 @@ def add_special_charge(request, instance_id, step_id): # Fetch existing special item from DB special_item = get_object_or_404(Item, id=item_id, is_special=True) - + from .models import InvoiceItem InvoiceItem.objects.create( invoice=invoice, item=special_item, @@ -861,7 +855,7 @@ def add_special_charge(request, instance_id, step_id): @require_POST @login_required def delete_special_charge(request, instance_id, step_id, item_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) invoice = get_object_or_404(Invoice, process_instance=instance) # only MANAGER can delete special charges try: @@ -869,6 +863,7 @@ def delete_special_charge(request, instance_id, step_id, item_id): return JsonResponse({'success': False, 'message': 'شما مجوز حذف هزینه ویژه را ندارید'}, status=403) except Exception: return JsonResponse({'success': False, 'message': 'شما مجوز حذف هزینه ویژه را ندارید'}, status=403) + from .models import InvoiceItem inv_item = get_object_or_404(InvoiceItem, id=item_id, invoice=invoice) # allow deletion only for special items try: @@ -883,9 +878,8 @@ def delete_special_charge(request, instance_id, step_id, item_id): @login_required def final_settlement_step(request, instance_id, step_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) - if not instance.can_access_step(step): messages.error(request, 'شما به این مرحله دسترسی ندارید. ابتدا مراحل قبلی را تکمیل کنید.') return redirect('processes:request_list') @@ -896,7 +890,6 @@ def final_settlement_step(request, instance_id, step_id): # Ensure step instance exists step_instance, _ = StepInstance.objects.get_or_create(process_instance=instance, step=step, defaults={'status': 'in_progress'}) - # Build approver statuses for template reqs = list(step.approver_requirements.select_related('role').all()) approvals_map = {a.role_id: a.decision for a in step_instance.approvals.select_related('role').all()} @@ -954,13 +947,6 @@ def final_settlement_step(request, instance_id, step_id): defaults={'approved_by': request.user, 'decision': 'rejected', 'reason': reason} ) StepRejection.objects.create(step_instance=step_instance, rejected_by=request.user, reason=reason) - # If current step is ahead of this step, reset it back to this step (align behavior with other steps) - try: - if instance.current_step and instance.current_step.order > step.order: - instance.current_step = step - instance.save(update_fields=['current_step']) - except Exception: - pass messages.success(request, 'مرحله تسویه نهایی رد شد و برای اصلاح بازگشت.') return redirect('invoices:final_settlement_step', instance_id=instance.id, step_id=step.id) @@ -989,7 +975,7 @@ def final_settlement_step(request, instance_id, step_id): @require_POST @login_required def add_final_payment(request, instance_id, step_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) invoice = get_object_or_404(Invoice, process_instance=instance) # Only BROKER can add final settlement payments @@ -998,7 +984,6 @@ def add_final_payment(request, instance_id, step_id): return JsonResponse({'success': False, 'message': 'شما مجوز افزودن تراکنش تسویه را ندارید'}, status=403) except Exception: return JsonResponse({'success': False, 'message': 'شما مجوز افزودن تراکنش تسویه را ندارید'}, status=403) - amount = (request.POST.get('amount') or '').strip() payment_date = (request.POST.get('payment_date') or '').strip() payment_method = (request.POST.get('payment_method') or '').strip() @@ -1053,14 +1038,12 @@ def add_final_payment(request, instance_id, step_id): ) # After creation, totals auto-updated by model save. Respond with redirect and new totals for UX. invoice.refresh_from_db() - - # On delete, return to awaiting approval + # After payment change, set step back to in_progress try: si, _ = StepInstance.objects.get_or_create(process_instance=instance, step=step) si.status = 'in_progress' si.completed_at = None si.save() - si.approvals.all().delete() except Exception: pass @@ -1082,16 +1065,6 @@ def add_final_payment(request, instance_id, step_id): pass except Exception: pass - - # If current step is ahead of this step, reset it back to this step - try: - if instance.current_step and instance.current_step.order > step.order: - instance.current_step = step - instance.save(update_fields=['current_step']) - except Exception: - pass - - return JsonResponse({ 'success': True, 'redirect': reverse('invoices:final_settlement_step', args=[instance.id, step_id]), @@ -1106,7 +1079,7 @@ def add_final_payment(request, instance_id, step_id): @require_POST @login_required def delete_final_payment(request, instance_id, step_id, payment_id): - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) step = get_object_or_404(instance.process.steps, id=step_id) invoice = get_object_or_404(Invoice, process_instance=instance) payment = get_object_or_404(Payment, id=payment_id, invoice=invoice) @@ -1118,47 +1091,44 @@ def delete_final_payment(request, instance_id, step_id, payment_id): return JsonResponse({'success': False, 'message': 'شما مجوز حذف تراکنش تسویه را ندارید'}, status=403) payment.delete() invoice.refresh_from_db() - - # On delete, return to awaiting approval + # After payment change, set step back to in_progress try: si, _ = StepInstance.objects.get_or_create(process_instance=instance, step=step) si.status = 'in_progress' si.completed_at = None si.save() - si.approvals.all().delete() except Exception: pass - - # Reset ALL subsequent completed steps to in_progress - try: - subsequent_steps = instance.process.steps.filter(order__gt=step.order) - for subsequent_step in subsequent_steps: - subsequent_step_instance = instance.step_instances.filter(step=subsequent_step).first() - if subsequent_step_instance and subsequent_step_instance.status == 'completed': - # Bypass validation by using update() instead of save() - instance.step_instances.filter(step=subsequent_step).update( - status='in_progress', - completed_at=None - ) - # Clear previous approvals if the step requires re-approval - try: - subsequent_step_instance.approvals.all().delete() - except Exception: - pass - except Exception: - pass - - # If current step is ahead of this step, reset it back to this step - try: - if instance.current_step and instance.current_step.order > step.order: - instance.current_step = step - instance.save(update_fields=['current_step']) - except Exception: - pass - return JsonResponse({'success': True, 'redirect': reverse('invoices:final_settlement_step', args=[instance.id, step_id]), 'totals': { 'final_amount': str(invoice.final_amount), 'paid_amount': str(invoice.paid_amount), 'remaining_amount': str(invoice.remaining_amount), }}) + +@require_POST +@login_required +def approve_final_settlement(request, instance_id, step_id): + instance = get_object_or_404(ProcessInstance, id=instance_id) + step = get_object_or_404(instance.process.steps, id=step_id) + invoice = get_object_or_404(Invoice, process_instance=instance) + # Block approval if any remaining exists (positive or negative) + invoice.calculate_totals() + if invoice.remaining_amount != 0: + return JsonResponse({ + 'success': False, + 'message': f"تا زمانی که مانده فاکتور صفر نشده امکان تایید نیست (مانده فعلی: {invoice.remaining_amount})" + }) + # complete step + step_instance, _ = StepInstance.objects.get_or_create(process_instance=instance, step=step) + step_instance.status = 'completed' + step_instance.completed_at = timezone.now() + step_instance.save() + # move next + next_step = instance.process.steps.filter(order__gt=step.order).first() + redirect_url = reverse('processes:request_list') + if next_step: + instance.current_step = next_step + instance.save() + redirect_url = reverse('processes:step_detail', args=[instance.id, next_step.id]) + return JsonResponse({'success': True, 'message': 'تسویه حساب نهایی ثبت شد', 'redirect': redirect_url}) diff --git a/locations/models.py b/locations/models.py index bca8971..d3de371 100644 --- a/locations/models.py +++ b/locations/models.py @@ -11,7 +11,7 @@ class City(NameSlugModel): return self.name class County(NameSlugModel): - city = models.ForeignKey(City, on_delete=models.CASCADE, verbose_name="استان") + city = models.ForeignKey(City, on_delete=models.CASCADE, verbose_name="شهرستان") class Meta: verbose_name = "شهرستان" diff --git a/processes/admin.py b/processes/admin.py index 0da4cf5..a23a341 100644 --- a/processes/admin.py +++ b/processes/admin.py @@ -143,9 +143,9 @@ class ProcessInstanceAdmin(SimpleHistoryAdmin): @admin.register(StepInstance) class StepInstanceAdmin(SimpleHistoryAdmin): - list_display = ['process_instance', 'process_instance__code', 'step', 'assigned_to', 'status_display', 'rejection_count', 'edit_count', 'started_at', 'completed_at'] + list_display = ['process_instance', 'step', 'assigned_to', 'status_display', 'rejection_count', 'edit_count', 'started_at', 'completed_at'] list_filter = ['status', 'step__process', 'started_at'] - search_fields = ['process_instance__name', 'process_instance__code', 'step__name', 'assigned_to__username'] + search_fields = ['process_instance__name', 'step__name', 'assigned_to__username'] readonly_fields = ['started_at', 'completed_at'] ordering = ['process_instance', 'step__order'] diff --git a/processes/templates/processes/instance_summary.html b/processes/templates/processes/instance_summary.html index ad84b59..cb5171e 100644 --- a/processes/templates/processes/instance_summary.html +++ b/processes/templates/processes/instance_summary.html @@ -1,8 +1,7 @@ -{% extends '_base.html' %} + {% extends '_base.html' %} {% load static %} {% load humanize %} {% load common_tags %} -{% load processes_tags %} {% block sidebar %} {% include 'sidebars/admin.html' %} @@ -16,34 +15,23 @@ {% block content %} {% include '_toasts.html' %} - - -{% instance_info_modal instance %} - -

گزارش نهایی درخواست {{ instance.code }}

- - {% instance_info instance %} + + اشتراک آب: {{ instance.well.water_subscription_number|default:"-" }} + | نماینده: {{ instance.representative.profile.national_code|default:"-" }}
{% if invoice %} - - پرینت فاکتور - + پرینت فاکتور {% endif %} - - پرینت گواهی - - - - بازگشت - + پرینت گواهی + بازگشت
diff --git a/processes/templates/processes/request_list.html b/processes/templates/processes/request_list.html index ecd2956..dfcf4bc 100644 --- a/processes/templates/processes/request_list.html +++ b/processes/templates/processes/request_list.html @@ -1,6 +1,5 @@ {% extends '_base.html' %} {% load static %} -{% load accounts_tags %} {% block sidebar %} {% include 'sidebars/admin.html' %} @@ -44,12 +43,10 @@ - {% if request.user|is_broker %} - {% endif %}
@@ -135,69 +132,6 @@
- {% if access_denied %} - - {% endif %} - -
-
-
-
- - -
- {% if request.user|is_admin or request.user|is_manager or request.user|is_accountant %} -
- - -
- {% endif %} - {% if request.user|is_admin or request.user|is_manager or request.user|is_accountant %} -
- - -
- {% endif %} -
- - -
-
- - - - حذف فیلتر - -
-
-
-
@@ -244,7 +178,7 @@ - + {% empty %} - - - - - - - - - - - + {% endfor %} @@ -557,7 +479,7 @@ $('#requests-table').DataTable({ pageLength: 10, lengthMenu: [[10, 25, 50, -1], [10, 25, 50, "همه"]], - order: [], + order: [[0, 'desc']], responsive: true, }); let currentWellId = null; diff --git a/processes/templatetags/processes_tags.py b/processes/templatetags/processes_tags.py index 5ee7b2f..0922e3c 100644 --- a/processes/templatetags/processes_tags.py +++ b/processes/templatetags/processes_tags.py @@ -1,7 +1,6 @@ from django import template from django.utils.safestring import mark_safe from ..models import ProcessInstance, StepInstance -from ..utils import count_incomplete_instances register = template.Library() @@ -105,8 +104,3 @@ def instance_info(instance, modal_id=None): title="اطلاعات کامل چاه و نماینده"> ''' return mark_safe(html) - - -@register.simple_tag -def incomplete_requests_count(user): - return count_incomplete_instances(user) diff --git a/processes/utils.py b/processes/utils.py deleted file mode 100644 index 951398e..0000000 --- a/processes/utils.py +++ /dev/null @@ -1,118 +0,0 @@ -from django.shortcuts import get_object_or_404 -from .models import ProcessInstance -from common.consts import UserRoles - - -def scope_instances_queryset(user, queryset=None): - """Return a queryset of ProcessInstance scoped by the user's role. - - If no profile/role, returns an empty queryset. - """ - qs = queryset if queryset is not None else ProcessInstance.objects.all() - profile = getattr(user, 'profile', None) - if not profile: - return qs.none() - try: - if profile.has_role(UserRoles.INSTALLER): - # Only instances assigned to this installer - from installations.models import InstallationAssignment - assign_ids = InstallationAssignment.objects.filter(installer=user).values_list('process_instance', flat=True) - return qs.filter(id__in=assign_ids) - if profile.has_role(UserRoles.BROKER): - return qs.filter(broker=profile.broker) - if profile.has_role(UserRoles.ACCOUNTANT) or profile.has_role(UserRoles.MANAGER): - return qs.filter(broker__affairs__county=profile.county) - if profile.has_role(UserRoles.ADMIN): - return qs - # if profile.has_role(UserRoles.WATER_RESOURCE_MANAGER) or profile.has_role(UserRoles.HEADQUARTER): - # return qs.filter(well__county=profile.county) - # Fallback: no special scope - # return qs - except Exception: - return qs.none() - - -def count_incomplete_instances(user): - """Count non-completed, non-deleted requests within the user's scope.""" - base = ProcessInstance.objects.select_related('well').filter(is_deleted=False).exclude(status='completed') - return scope_instances_queryset(user, base).count() - - -def user_can_access_instance(user, instance: ProcessInstance) -> bool: - """Check if user can access a specific instance based on scoping rules.""" - try: - scoped = scope_instances_queryset(user, ProcessInstance.objects.filter(id=instance.id)) - return scoped.exists() - except Exception: - return False - - -def get_scoped_instance_or_404(request, instance_id: int) -> ProcessInstance: - """Return instance only if it's within the user's scope; otherwise 404. - - Use this in any view receiving instance_id from URL to prevent URL tampering. - """ - base = ProcessInstance.objects.filter(is_deleted=False) - qs = scope_instances_queryset(request.user, base) - return get_object_or_404(qs, id=instance_id) - - -def scope_wells_queryset(user, queryset=None): - """Return a queryset of Well scoped by the user's role (parity with instances).""" - try: - from wells.models import Well - qs = queryset if queryset is not None else Well.objects.all() - profile = getattr(user, 'profile', None) - if not profile: - return qs.none() - if profile.has_role(UserRoles.ADMIN): - return qs - if profile.has_role(UserRoles.BROKER): - return qs.filter(broker=profile.broker) - if profile.has_role(UserRoles.ACCOUNTANT) or profile.has_role(UserRoles.MANAGER): - return qs.filter(broker__affairs__county=profile.county) - if profile.has_role(UserRoles.INSTALLER): - # Wells that have instances assigned to this installer - from installations.models import InstallationAssignment - assign_ids = InstallationAssignment.objects.filter(installer=user).values_list('process_instance', flat=True) - inst_qs = ProcessInstance.objects.filter(id__in=assign_ids) - return qs.filter(process_instances__in=inst_qs).distinct() - # Fallback - return qs.none() - except Exception: - return qs.none() if 'qs' in locals() else [] - - -def scope_customers_queryset(user, queryset=None): - """Return a queryset of customer Profiles scoped by user's role. - - Assumes queryset is Profiles already filtered to customers, otherwise we filter here. - """ - try: - from accounts.models import Profile - qs = queryset if queryset is not None else Profile.objects.all() - # Ensure we're only looking at customer profiles - from common.consts import UserRoles as UR - qs = qs.filter(roles__slug=UR.CUSTOMER.value, is_deleted=False) - - profile = getattr(user, 'profile', None) - if not profile: - return qs.none() - if profile.has_role(UserRoles.ADMIN): - return qs - if profile.has_role(UserRoles.BROKER): - return qs.filter(broker=profile.broker) - if profile.has_role(UserRoles.ACCOUNTANT) or profile.has_role(UserRoles.MANAGER): - return qs.filter(county=profile.county) - if profile.has_role(UserRoles.INSTALLER): - # Customers that are representatives of instances assigned to this installer - from installations.models import InstallationAssignment - assign_ids = InstallationAssignment.objects.filter(installer=user).values_list('process_instance', flat=True) - rep_ids = ProcessInstance.objects.filter(id__in=assign_ids).values_list('representative', flat=True) - return qs.filter(user_id__in=rep_ids) - # Fallback - return qs.none() - except Exception: - return qs.none() if 'qs' in locals() else [] - - diff --git a/processes/views.py b/processes/views.py index 38ad946..f84e826 100644 --- a/processes/views.py +++ b/processes/views.py @@ -7,62 +7,19 @@ from django.http import JsonResponse from django.views.decorators.http import require_POST, require_GET from django.db import transaction from django.contrib.auth import get_user_model -from .models import Process, ProcessInstance, StepInstance, ProcessStep -from .utils import scope_instances_queryset, get_scoped_instance_or_404 -from installations.models import InstallationAssignment +from .models import Process, ProcessInstance, StepInstance from wells.models import Well -from accounts.models import Profile, Broker -from locations.models import Affairs +from accounts.models import Profile from accounts.forms import CustomerForm from wells.forms import WellForm from wells.models import WaterMeterManufacturer -from common.consts import UserRoles @login_required def request_list(request): """نمایش لیست درخواست‌ها با جدول و مدال ایجاد""" - instances = ProcessInstance.objects.select_related('well', 'representative', 'requester', 'broker', 'current_step', 'process').prefetch_related('step_instances__step').filter(is_deleted=False).order_by('-created') - access_denied = False - - # filter by roles (scoped queryset) - try: - instances = scope_instances_queryset(request.user, instances) - if not instances.exists() and not getattr(request.user, 'profile', None): - access_denied = True - instances = instances.none() - except Exception: - access_denied = True - instances = instances.none() - - # Filters - status_q = (request.GET.get('status') or '').strip() - affairs_q = (request.GET.get('affairs') or '').strip() - broker_q = (request.GET.get('broker') or '').strip() - step_q = (request.GET.get('step') or '').strip() - - if status_q: - instances = instances.filter(status=status_q) - if affairs_q: - try: - instances = instances.filter(well__affairs_id=int(affairs_q)) - except Exception: - pass - if broker_q: - try: - instances = instances.filter(broker_id=int(broker_q)) - except Exception: - pass - if step_q: - try: - instances = instances.filter(current_step_id=int(step_q)) - except Exception: - pass + instances = ProcessInstance.objects.select_related('well', 'representative', 'requester').prefetch_related('step_instances__step').filter(is_deleted=False).order_by('-created') processes = Process.objects.filter(is_active=True) - status_choices = list(ProcessInstance.STATUS_CHOICES) - affairs_list = Affairs.objects.all().order_by('name') - brokers_list = Broker.objects.all().order_by('name') - steps_list = ProcessStep.objects.select_related('process').all().order_by('process__name', 'order') manufacturers = WaterMeterManufacturer.objects.all().order_by('name') # Calculate progress for each instance @@ -95,16 +52,6 @@ def request_list(request): 'completed_count': completed_count, 'in_progress_count': in_progress_count, 'pending_count': pending_count, - # filter context - 'status_choices': status_choices, - 'affairs_list': affairs_list, - 'brokers_list': brokers_list, - 'steps_list': steps_list, - 'filter_status': status_q, - 'filter_affairs': affairs_q, - 'filter_broker': broker_q, - 'filter_step': step_q, - 'access_denied': access_denied, }) @@ -178,13 +125,6 @@ def lookup_representative_by_national_code(request): def create_request_with_entities(request): """ایجاد/به‌روزرسانی چاه و نماینده و سپس ایجاد درخواست""" User = get_user_model() - # Only BROKER can create requests - try: - if not (hasattr(request.user, 'profile') and request.user.profile.has_role(UserRoles.BROKER)): - return JsonResponse({'ok': False, 'error': 'فقط کارگزار مجاز به ایجاد درخواست است'}, status=403) - except Exception: - return JsonResponse({'ok': False, 'error': 'فقط کارگزار مجاز به ایجاد درخواست است'}, status=403) - process_id = request.POST.get('process') process = Process.objects.get(id=process_id) description = request.POST.get('description', '') @@ -290,14 +230,6 @@ def create_request_with_entities(request): well.broker = current_profile.broker well.save() - # Ensure no active (non-deleted, non-completed) request exists for this well - try: - active_exists = ProcessInstance.objects.filter(well=well, is_deleted=False).exclude(status='completed').exists() - if active_exists: - return JsonResponse({'ok': False, 'error': 'برای این چاه یک درخواست جاری وجود دارد. ابتدا آن را تکمیل یا حذف کنید.'}, status=400) - except Exception: - return JsonResponse({'ok': False, 'error': 'خطا در بررسی وضعیت درخواست‌های قبلی این چاه'}, status=400) - # Create request instance instance = ProcessInstance.objects.create( process=process, @@ -329,17 +261,7 @@ def create_request_with_entities(request): @login_required def delete_request(request, instance_id): """حذف درخواست""" - instance = get_scoped_instance_or_404(request, instance_id) - # Only BROKER can delete requests and only within their scope - try: - profile = getattr(request.user, 'profile', None) - if not (profile and profile.has_role(UserRoles.BROKER)): - return JsonResponse({'success': False, 'message': 'فقط کارگزار مجاز به حذف درخواست است'}, status=403) - # Enforce ownership by broker (prevent deleting others' requests) - if instance.broker_id and profile.broker and instance.broker_id != profile.broker.id: - return JsonResponse({'success': False, 'message': 'شما مجاز به حذف این درخواست نیستید'}, status=403) - except Exception: - return JsonResponse({'success': False, 'message': 'فقط کارگزار مجاز به حذف درخواست است'}, status=403) + instance = get_object_or_404(ProcessInstance, id=instance_id) code = instance.code if instance.status == 'completed': return JsonResponse({ @@ -356,10 +278,10 @@ def delete_request(request, instance_id): @login_required def step_detail(request, instance_id, step_id): """نمایش جزئیات مرحله خاص""" - # Enforce scoped access to prevent URL tampering - instance = get_scoped_instance_or_404(request, instance_id) - # Prefetch for performance - instance = ProcessInstance.objects.select_related('process', 'well', 'requester', 'representative', 'representative__profile').get(id=instance.id) + instance = get_object_or_404( + ProcessInstance.objects.select_related('process', 'well', 'requester', 'representative', 'representative__profile'), + id=instance_id + ) step = get_object_or_404(instance.process.steps, id=step_id) # If the request is already completed, redirect to read-only summary page if instance.status == 'completed': @@ -417,8 +339,7 @@ def step_detail(request, instance_id, step_id): @login_required def instance_steps(request, instance_id): """هدایت به مرحله فعلی instance""" - # Enforce scoped access to prevent URL tampering - instance = get_scoped_instance_or_404(request, instance_id) + instance = get_object_or_404(ProcessInstance, id=instance_id) if not instance.current_step: # اگر مرحله فعلی تعریف نشده، به اولین مرحله برو @@ -440,9 +361,6 @@ def instance_steps(request, instance_id): @login_required def instance_summary(request, instance_id): """نمای خلاصهٔ فقط‌خواندنی برای درخواست‌های تکمیل‌شده.""" - # Enforce scoped access to prevent URL tampering - instance = get_scoped_instance_or_404(request, instance_id) - instance = get_object_or_404(ProcessInstance.objects.select_related('well', 'representative'), id=instance_id) # Only show for completed requests; otherwise route to steps if instance.status != 'completed': diff --git a/templates/sidebars/admin.html b/templates/sidebars/admin.html index 066c177..aacdf24 100644 --- a/templates/sidebars/admin.html +++ b/templates/sidebars/admin.html @@ -1,5 +1,4 @@ {% load static %} -{% load accounts_tags %} - - - - - - - - {% endfor %} diff --git a/wells/views.py b/wells/views.py index 2c9d55b..cee9f28 100644 --- a/wells/views.py +++ b/wells/views.py @@ -7,23 +7,17 @@ from django.contrib import messages from django import forms from .models import Well, WaterMeterManufacturer from .forms import WellForm, WaterMeterManufacturerForm -from django.contrib.auth.decorators import login_required -from common.decorators import allowed_roles -from common.consts import UserRoles -from processes.utils import scope_wells_queryset -@login_required -@allowed_roles([UserRoles.ADMIN, UserRoles.BROKER, UserRoles.MANAGER, UserRoles.ACCOUNTANT]) + def well_list(request): """نمایش لیست چاه‌ها""" - base = Well.objects.select_related( + wells = Well.objects.select_related( 'representative', 'water_meter_manufacturer', 'affairs', 'county', 'broker' ).filter(is_deleted=False) - wells = scope_wells_queryset(request.user, base) # فرم برای افزودن چاه جدید form = WellForm() @@ -37,8 +31,6 @@ def well_list(request): @require_POST -@login_required -@allowed_roles([UserRoles.ADMIN, UserRoles.BROKER, UserRoles.MANAGER, UserRoles.ACCOUNTANT]) def add_well_ajax(request): """AJAX endpoint for adding wells""" try: @@ -95,8 +87,6 @@ def add_well_ajax(request): @require_POST -@login_required -@allowed_roles([UserRoles.ADMIN, UserRoles.BROKER, UserRoles.MANAGER, UserRoles.ACCOUNTANT]) def edit_well_ajax(request, well_id): """AJAX endpoint for editing wells""" well = get_object_or_404(Well, id=well_id) @@ -151,8 +141,6 @@ def edit_well_ajax(request, well_id): @require_POST -@login_required -@allowed_roles([UserRoles.ADMIN, UserRoles.BROKER, UserRoles.MANAGER, UserRoles.ACCOUNTANT]) def delete_well(request, well_id): """حذف چاه""" well = get_object_or_404(Well, id=well_id) @@ -166,7 +154,6 @@ def delete_well(request, well_id): @require_GET -@login_required def get_well_data(request, well_id): """دریافت اطلاعات چاه برای ویرایش""" well = get_object_or_404(Well, id=well_id) @@ -196,7 +183,6 @@ def get_well_data(request, well_id): @require_POST -@login_required def create_water_meter_manufacturer(request): """ایجاد شرکت سازنده کنتور آب جدید""" form = WaterMeterManufacturerForm(request.POST)
{{ item.instance.get_status_display_with_color|safe }}{{ item.instance.jcreated_date }}{{ item.instance.jcreated }}
@@ -262,31 +196,19 @@ {% endif %} - {% if request.user|is_broker %}
  • حذف
    • - {% endif %}
    موردی ثبت نشده استموردی ثبت نشده است
    +

    چاهی یافت نشد