import logging import time from django.http import Http404 # from django.http import Http404, HttpResponseForbidden # from django.shortcuts import redirect # from inventory import models # from django.utils import timezone from inventory.utils import get_user_type logger = logging.getLogger("user_activity") # class LogUserActivityMiddleware: # """ # Middleware for logging user activity. # This middleware logs the activity of authenticated users each time they make a # request. It creates an entry in the UserActivityLog model capturing the user's # ID, the action performed, and the timestamp. It is intended to assist in # tracking user actions across the application for analytics or auditing purposes. # :ivar get_response: The next middleware or view in the WSGI request-response # chain. # :type get_response: Callable # """ # def __init__(self, get_response): # self.get_response = get_response # def __call__(self, request): # response = self.get_response(request) # if request.user.is_authenticated: # action = f"{request.method} {request.path}" # models.UserActivityLog.objects.create( # user=request.user, action=action, timestamp=timezone.now() # ) # return response # def get_client_ip(self, request): # x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR") # if x_forwarded_for: # return x_forwarded_for.split(",")[0] # return request.META.get("REMOTE_ADDR") # class InjectParamsMiddleware: # """ # Middleware to add processed user-related parameters to the request object. # This middleware processes incoming requests to extract and enhance user # information, specifically linking user context such as `dealer` to the # request. It allows subsequent views and middlewares to access these enriched # request parameters with ease. # :ivar get_response: The callable to get the next middleware or view response. # :type get_response: Callable # """ # def __init__(self, get_response): # self.get_response = get_response # def __call__(self, request): # try: # if request.user.is_authenticated: # request.dealer = get_user_type(request) # request.entity = request.dealer.entity # else: # request.dealer = None # except Exception: # pass # response = self.get_response(request) # return response class InjectDealerMiddleware: """ Middleware to inject user role attributes into the request object. This middleware assigns boolean attributes to the request object to indicate whether the user is a dealer or a staff member. It checks for the presence of specific user attributes (`dealer` and `staffmember`) and sets corresponding flags accordingly. The middleware is designed to support role-based processing in requests. :ivar get_response: The callable provided by the Django framework to process the next middleware or the view in the request-response cycle. :type get_response: Callable """ def __init__(self, get_response): self.get_response = get_response def __call__(self, request): try: start = time.time() if request.user.is_authenticated: request.is_dealer = False request.is_staff = False request.is_manager = False request.is_accountant = False request.is_sales = False request.is_inventory = False if hasattr(request.user, "dealer"): request.is_dealer = True request.dealer = request.user.dealer elif hasattr(request.user, "staff"): request.staff = getattr(request.user, "staff") request.dealer = request.staff.dealer request.is_staff = True staff_groups = request.staff.groups.values_list("name", flat=True) if "Accountant" in staff_groups: request.is_accountant = True elif "Manager" in staff_groups: request.is_manager = True elif "Sales" in staff_groups: request.is_sales = True elif "Inventory" in staff_groups: request.is_inventory = True request.entity = request.dealer.entity request.admin = request.dealer.entity.admin print("\033[92m⏱ Middleware time:", time.time() - start, "\033[0m") except Exception: pass response = self.get_response(request) return response # class OTPVerificationMiddleware: # def __init__(self, get_response): # self.get_response = get_response # # def __call__(self, request): # if request.user.is_authenticated and not request.session.get('otp_verified', False): # return redirect(reverse('verify_otp')) # return self.get_response(request) class DealerSlugMiddleware: def __init__(self, get_response): self.get_response = get_response def __call__(self, request): response = self.get_response(request) return response def process_view(self, request, view_func, view_args, view_kwargs): paths = [ "/ar/signup/", "/en/signup/", "/ar/login/", "/en/login/", "/ar/logout/", "/en/logout/", "/en/ledger/", "/ar/ledger/", "/en/notifications/", "/ar/notifications/", "/en/appointment/", "/ar/appointment/", "/en/feature/recall/","/ar/feature/recall/", "/ar/help_center/", "/en/help_center/", ] print("------------------------------------") print(request.path in paths) if request.path in paths: return None if not request.user.is_authenticated: return None dealer_slug = view_kwargs.get("dealer_slug") if not dealer_slug: return None if not hasattr(request, "dealer") or not request.dealer: logger.warning("No dealer associated with request") return None if dealer_slug.lower() != request.dealer.slug.lower(): logger.warning( f"Dealer slug mismatch: {dealer_slug} != {request.dealer.slug}" ) raise Http404("Dealer slug mismatch") return None