from django.contrib.auth.decorators import login_required from django.core.paginator import Paginator from django.db.models import Q from django.shortcuts import render from .models import Department, Hospital, Organization, Patient, Staff @login_required def hospital_list(request): """Hospitals list view""" queryset = Hospital.objects.all() # Apply RBAC filters user = request.user if not user.is_px_admin() and user.hospital: queryset = queryset.filter(id=user.hospital.id) # Apply filters status_filter = request.GET.get('status') if status_filter: queryset = queryset.filter(status=status_filter) # Search search_query = request.GET.get('search') if search_query: queryset = queryset.filter( Q(name__icontains=search_query) | Q(name_ar__icontains=search_query) | Q(code__icontains=search_query) ) # Ordering queryset = queryset.order_by('name') # Pagination page_size = int(request.GET.get('page_size', 25)) paginator = Paginator(queryset, page_size) page_number = request.GET.get('page', 1) page_obj = paginator.get_page(page_number) context = { 'page_obj': page_obj, 'hospitals': page_obj.object_list, 'filters': request.GET, } return render(request, 'organizations/hospital_list.html', context) @login_required def department_list(request): """Departments list view""" queryset = Department.objects.select_related('hospital', 'manager') # Apply RBAC filters user = request.user if not user.is_px_admin() and user.hospital: queryset = queryset.filter(hospital=user.hospital) # Apply filters hospital_filter = request.GET.get('hospital') if hospital_filter: queryset = queryset.filter(hospital_id=hospital_filter) status_filter = request.GET.get('status') if status_filter: queryset = queryset.filter(status=status_filter) # Search search_query = request.GET.get('search') if search_query: queryset = queryset.filter( Q(name__icontains=search_query) | Q(name_ar__icontains=search_query) | Q(code__icontains=search_query) ) # Ordering queryset = queryset.order_by('hospital', 'name') # Pagination page_size = int(request.GET.get('page_size', 25)) paginator = Paginator(queryset, page_size) page_number = request.GET.get('page', 1) page_obj = paginator.get_page(page_number) # Get hospitals for filter hospitals = Hospital.objects.filter(status='active') if not user.is_px_admin() and user.hospital: hospitals = hospitals.filter(id=user.hospital.id) context = { 'page_obj': page_obj, 'departments': page_obj.object_list, 'hospitals': hospitals, 'filters': request.GET, } return render(request, 'organizations/department_list.html', context) @login_required def staff_list(request): """Staff list view""" queryset = Staff.objects.select_related('hospital', 'department', 'user') # Apply RBAC filters user = request.user if not user.is_px_admin() and user.hospital: queryset = queryset.filter(hospital=user.hospital) # Apply filters hospital_filter = request.GET.get('hospital') if hospital_filter: queryset = queryset.filter(hospital_id=hospital_filter) department_filter = request.GET.get('department') if department_filter: queryset = queryset.filter(department_id=department_filter) status_filter = request.GET.get('status') if status_filter: queryset = queryset.filter(status=status_filter) staff_type_filter = request.GET.get('staff_type') if staff_type_filter: queryset = queryset.filter(staff_type=staff_type_filter) # Search search_query = request.GET.get('search') if search_query: queryset = queryset.filter( Q(first_name__icontains=search_query) | Q(last_name__icontains=search_query) | Q(employee_id__icontains=search_query) | Q(license_number__icontains=search_query) | Q(specialization__icontains=search_query) | Q(job_title__icontains=search_query) ) # Ordering queryset = queryset.order_by('last_name', 'first_name') # Pagination page_size = int(request.GET.get('page_size', 25)) paginator = Paginator(queryset, page_size) page_number = request.GET.get('page', 1) page_obj = paginator.get_page(page_number) # Get hospitals for filter hospitals = Hospital.objects.filter(status='active') if not user.is_px_admin() and user.hospital: hospitals = hospitals.filter(id=user.hospital.id) context = { 'page_obj': page_obj, 'staff': page_obj.object_list, 'hospitals': hospitals, 'filters': request.GET, } return render(request, 'organizations/staff_list.html', context) @login_required def organization_list(request): """Organizations list view""" queryset = Organization.objects.all() # Apply RBAC filters user = request.user if not user.is_px_admin() and user.hospital and user.hospital.organization: queryset = queryset.filter(id=user.hospital.organization.id) # Apply filters status_filter = request.GET.get('status') if status_filter: queryset = queryset.filter(status=status_filter) city_filter = request.GET.get('city') if city_filter: queryset = queryset.filter(city__icontains=city_filter) # Search search_query = request.GET.get('search') if search_query: queryset = queryset.filter( Q(name__icontains=search_query) | Q(name_ar__icontains=search_query) | Q(code__icontains=search_query) | Q(license_number__icontains=search_query) ) # Ordering queryset = queryset.order_by('name') # Pagination page_size = int(request.GET.get('page_size', 25)) paginator = Paginator(queryset, page_size) page_number = request.GET.get('page', 1) page_obj = paginator.get_page(page_number) context = { 'page_obj': page_obj, 'organizations': page_obj.object_list, 'filters': request.GET, } return render(request, 'organizations/organization_list.html', context) @login_required def organization_detail(request, pk): """Organization detail view""" organization = Organization.objects.get(pk=pk) # Apply RBAC filters user = request.user if not user.is_px_admin(): if user.hospital and user.hospital.organization: if organization.id != user.hospital.organization.id: # User doesn't have access to this organization from django.http import HttpResponseForbidden return HttpResponseForbidden("You don't have permission to view this organization") else: from django.http import HttpResponseForbidden return HttpResponseForbidden("You don't have permission to view this organization") hospitals = organization.hospitals.all() context = { 'organization': organization, 'hospitals': hospitals, } return render(request, 'organizations/organization_detail.html', context) @login_required def organization_create(request): """Create organization view""" # Only PX Admins can create organizations user = request.user if not user.is_px_admin(): from django.http import HttpResponseForbidden return HttpResponseForbidden("Only PX Admins can create organizations") if request.method == 'POST': name = request.POST.get('name') name_ar = request.POST.get('name_ar') code = request.POST.get('code') address = request.POST.get('address', '') city = request.POST.get('city', '') phone = request.POST.get('phone', '') email = request.POST.get('email', '') website = request.POST.get('website', '') license_number = request.POST.get('license_number', '') status = request.POST.get('status', 'active') if name and code: organization = Organization.objects.create( name=name, name_ar=name_ar or name, code=code, address=address, city=city, phone=phone, email=email, website=website, license_number=license_number, status=status ) # Redirect to organization detail from django.shortcuts import redirect return redirect('organizations:organization_detail', pk=organization.id) return render(request, 'organizations/organization_form.html') @login_required def patient_list(request): """Patients list view""" queryset = Patient.objects.select_related('primary_hospital') # Apply RBAC filters user = request.user if not user.is_px_admin() and user.hospital: queryset = queryset.filter(primary_hospital=user.hospital) # Apply filters hospital_filter = request.GET.get('hospital') if hospital_filter: queryset = queryset.filter(primary_hospital_id=hospital_filter) status_filter = request.GET.get('status') if status_filter: queryset = queryset.filter(status=status_filter) # Search search_query = request.GET.get('search') if search_query: queryset = queryset.filter( Q(mrn__icontains=search_query) | Q(first_name__icontains=search_query) | Q(last_name__icontains=search_query) | Q(national_id__icontains=search_query) | Q(phone__icontains=search_query) ) # Ordering queryset = queryset.order_by('last_name', 'first_name') # Pagination page_size = int(request.GET.get('page_size', 25)) paginator = Paginator(queryset, page_size) page_number = request.GET.get('page', 1) page_obj = paginator.get_page(page_number) # Get hospitals for filter hospitals = Hospital.objects.filter(status='active') if not user.is_px_admin() and user.hospital: hospitals = hospitals.filter(id=user.hospital.id) context = { 'page_obj': page_obj, 'patients': page_obj.object_list, 'hospitals': hospitals, 'filters': request.GET, } return render(request, 'organizations/patient_list.html', context)