""" QI Projects Console UI views Provides full CRUD functionality for Quality Improvement projects, task management, and template handling. """ from django.contrib import messages from django.contrib.auth.decorators import login_required from django.core.paginator import Paginator from django.db.models import Q from django.shortcuts import get_object_or_404, redirect, render from django.utils.translation import gettext_lazy as _ from apps.core.decorators import block_source_user from apps.core.models import StatusChoices from apps.organizations.models import Hospital from apps.px_action_center.models import PXAction from .forms import ConvertToProjectForm, QIProjectForm, QIProjectTaskForm, QIProjectTemplateForm, TaskTemplateFormSet from .models import QIProject, QIProjectTask, PDCAPhase, PDCAPhaseChoices @block_source_user @login_required def project_list(request): """QI Projects list view with filtering and pagination""" # Exclude templates from the list queryset = ( QIProject.objects.filter(is_template=False) .select_related("hospital", "department", "project_lead") .prefetch_related("team_members", "related_actions") ) # Apply RBAC filters user = request.user # Get selected hospital for PX Admins (from middleware) selected_hospital = getattr(request, "tenant_hospital", None) if user.is_px_admin(): # PX Admins see all, but filter by selected hospital if set if selected_hospital: queryset = queryset.filter(hospital=selected_hospital) elif user.hospital: queryset = queryset.filter(hospital=user.hospital) # Apply filters status_filter = request.GET.get("status") if status_filter: queryset = queryset.filter(status=status_filter) hospital_filter = request.GET.get("hospital") if hospital_filter: queryset = queryset.filter(hospital_id=hospital_filter) # Search search_query = request.GET.get("search") if search_query: queryset = queryset.filter( Q(name__icontains=search_query) | Q(description__icontains=search_query) | Q(name_ar__icontains=search_query) ) # Ordering queryset = queryset.order_by("-created_at") # Pagination page_size = int(request.GET.get("page_size", 25)) paginator = Paginator(queryset, page_size) page_number = request.GET.get("page", 1) page_obj = paginator.get_page(page_number) # Get hospitals for filter hospitals = Hospital.objects.filter(status="active") if not user.is_px_admin() and user.hospital: hospitals = hospitals.filter(id=user.hospital.id) # Statistics stats = { "total": queryset.count(), "active": queryset.filter(status="active").count(), "completed": queryset.filter(status="completed").count(), "pending": queryset.filter(status="pending").count(), } context = { "page_obj": page_obj, "projects": page_obj.object_list, "stats": stats, "filters": request.GET, } return render(request, "projects/project_list.html", context) @block_source_user @login_required def project_detail(request, pk): """QI Project detail view with task management""" project = get_object_or_404( QIProject.objects.filter(is_template=False) .select_related("hospital", "department", "project_lead") .prefetch_related("team_members", "related_actions", "tasks", "pdca_phases"), pk=pk, ) # Check permission user = request.user if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission to view this project.")) return redirect("projects:project_list") # Get related actions related_actions = project.related_actions.all() # Get PDCA phases pdca_phases = {phase.phase: phase for phase in project.pdca_phases.all()} context = { "project": project, "related_actions": related_actions, "pdca_phases": pdca_phases, "pdca_phase_choices": PDCAPhaseChoices.choices, "can_edit": user.is_px_admin() or user.is_hospital_admin or user.is_department_manager, } return render(request, "projects/project_detail.html", context) @block_source_user @login_required def project_create(request, template_pk=None): """Create a new QI Project""" user = request.user # Check permission (PX Admin, Hospital Admin, or Department Manager) if not (user.is_px_admin() or user.is_hospital_admin or user.is_department_manager): messages.error(request, _("You don't have permission to create projects.")) return redirect("projects:project_list") # Check for template parameter (from URL or GET) template_id = template_pk or request.GET.get("template") initial_data = {} template = None if template_id: try: template = QIProject.objects.get(pk=template_id, is_template=True) initial_data = { "name": template.name, "name_ar": template.name_ar, "description": template.description, "department": template.department, "target_completion_date": template.target_completion_date, } if not user.is_px_admin() and user.hospital: initial_data["hospital"] = user.hospital except QIProject.DoesNotExist: pass # Check for PX Action parameter (convert action to project) action_id = request.GET.get("action") if action_id: try: action = PXAction.objects.get(pk=action_id) initial_data["name"] = f"QI Project: {action.title}" initial_data["description"] = action.description if not user.is_px_admin() and user.hospital: initial_data["hospital"] = user.hospital else: initial_data["hospital"] = action.hospital except PXAction.DoesNotExist: pass if request.method == "POST": form = QIProjectForm(request.POST, request=request) # Check for template in POST data (hidden field) template_id_post = request.POST.get("template_id") if template_id_post: try: template = QIProject.objects.get(pk=template_id_post, is_template=True) except QIProject.DoesNotExist: template = None if form.is_valid(): project = form.save(commit=False) project.created_by = user project.save() form.save_m2m() # Save many-to-many relationships # If created from template, copy tasks task_count = 0 if template: for template_task in template.tasks.all(): QIProjectTask.objects.create( project=project, title=template_task.title, description=template_task.description, order=template_task.order, status="pending", ) task_count += 1 # If created from action, link it if action_id: try: action = PXAction.objects.get(pk=action_id) project.related_actions.add(action) except PXAction.DoesNotExist: pass if template and task_count > 0: messages.success( request, _("QI Project created successfully with %(count)d task(s) from template.") % {"count": task_count}, ) else: messages.success(request, _("QI Project created successfully.")) return redirect("projects:project_detail", pk=project.pk) else: form = QIProjectForm(request=request, initial=initial_data) context = { "form": form, "is_create": True, "template": template, } return render(request, "projects/project_form.html", context) @block_source_user @login_required def project_edit(request, pk): """Edit an existing QI Project""" user = request.user project = get_object_or_404(QIProject, pk=pk, is_template=False) # Check permission if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission to edit this project.")) return redirect("projects:project_list") # Check edit permission (PX Admin, Hospital Admin, or Department Manager) if not (user.is_px_admin() or user.is_hospital_admin or user.is_department_manager): messages.error(request, _("You don't have permission to edit projects.")) return redirect("projects:project_detail", pk=project.pk) if request.method == "POST": form = QIProjectForm(request.POST, instance=project, request=request) if form.is_valid(): form.save() messages.success(request, _("QI Project updated successfully.")) return redirect("projects:project_detail", pk=project.pk) else: form = QIProjectForm(instance=project, request=request) context = { "form": form, "project": project, "is_create": False, } return render(request, "projects/project_form.html", context) @block_source_user @login_required def project_delete(request, pk): """Delete a QI Project""" user = request.user project = get_object_or_404(QIProject, pk=pk, is_template=False) # Check permission (only PX Admin or Hospital Admin can delete) if not (user.is_px_admin() or user.is_hospital_admin): messages.error(request, _("You don't have permission to delete projects.")) return redirect("projects:project_detail", pk=project.pk) if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission to delete this project.")) return redirect("projects:project_list") if request.method == "POST": project_name = project.name project.delete() messages.success(request, _('Project "%(name)s" deleted successfully.') % {"name": project_name}) return redirect("projects:project_list") context = { "project": project, } return render(request, "projects/project_delete_confirm.html", context) @block_source_user @login_required def project_save_as_template(request, pk): """Save an existing project and its tasks as a template""" user = request.user project = get_object_or_404(QIProject, pk=pk, is_template=False) # Check permission (only PX Admin or Hospital Admin can create templates) if not (user.is_px_admin() or user.is_hospital_admin): messages.error(request, _("You don't have permission to create templates.")) return redirect("projects:project_detail", pk=project.pk) # Check hospital access if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission to create templates from this project.")) return redirect("projects:project_list") if request.method == "POST": template_name = request.POST.get("template_name", "").strip() template_description = request.POST.get("template_description", "").strip() make_global = request.POST.get("make_global") == "on" if not template_name: messages.error(request, _("Please provide a template name.")) return redirect("projects:project_save_as_template", pk=project.pk) # Create template from project template = QIProject.objects.create( name=template_name, name_ar=template_name, # Can be edited later description=template_description or project.description, is_template=True, # If global, hospital is None; otherwise use project's hospital hospital=None if make_global else project.hospital, department=project.department, status="pending", # Default status for templates created_by=user, ) # Copy tasks from project to template for task in project.tasks.all(): QIProjectTask.objects.create( project=template, title=task.title, description=task.description, order=task.order, status="pending", # Reset status for template ) messages.success( request, _('Template "%(name)s" created successfully with %(count)d task(s).') % {"name": template_name, "count": project.tasks.count()}, ) return redirect("projects:template_list") context = { "project": project, "suggested_name": f"Template: {project.name}", } return render(request, "projects/project_save_as_template.html", context) # ============================================================================= # Task Management Views # ============================================================================= def _task_redirect(project, task): """Helper to redirect to phase detail if task belongs to a phase, else project detail.""" if task and task.pdca_phase: return redirect("projects:pdca_phase_detail", pk=project.pk, phase=task.pdca_phase.phase) return redirect("projects:project_detail", pk=project.pk) @block_source_user @login_required def task_create(request, project_pk, phase=None): """Add a new task to a project (optionally within a PDCA phase)""" user = request.user project = get_object_or_404(QIProject, pk=project_pk, is_template=False) current_phase = None if phase and phase in [c[0] for c in PDCAPhaseChoices.choices]: current_phase = get_object_or_404(PDCAPhase, phase=phase, project=project) # Check permission if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission to add tasks to this project.")) return redirect("projects:project_detail", pk=project.pk) if request.method == "POST": form = QIProjectTaskForm(request.POST, project=project, current_phase=current_phase) if form.is_valid(): task = form.save(commit=False) task.project = project task.save() messages.success(request, _("Task added successfully.")) return _task_redirect(project, task) else: form = QIProjectTaskForm(project=project, current_phase=current_phase) context = { "form": form, "project": project, "pdca_phase": current_phase, "is_create": True, } return render(request, "projects/task_form.html", context) @block_source_user @login_required def task_edit(request, project_pk, task_pk, phase=None): """Edit an existing task""" user = request.user project = get_object_or_404(QIProject, pk=project_pk, is_template=False) task = get_object_or_404(QIProjectTask, pk=task_pk, project=project) current_phase = None if phase and phase in [c[0] for c in PDCAPhaseChoices.choices]: current_phase = get_object_or_404(PDCAPhase, phase=phase, project=project) # Check permission if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission to edit tasks in this project.")) return redirect("projects:project_detail", pk=project.pk) if request.method == "POST": form = QIProjectTaskForm(request.POST, instance=task, project=project, current_phase=current_phase) if form.is_valid(): task = form.save() # If status changed to completed, set completed_date if task.status == "completed" and not task.completed_date: from django.utils import timezone task.completed_date = timezone.now().date() task.save() messages.success(request, _("Task updated successfully.")) return _task_redirect(project, task) else: form = QIProjectTaskForm(instance=task, project=project, current_phase=current_phase) context = { "form": form, "project": project, "task": task, "pdca_phase": current_phase, "is_create": False, } return render(request, "projects/task_form.html", context) @block_source_user @login_required def task_delete(request, project_pk, task_pk, phase=None): """Delete a task""" user = request.user project = get_object_or_404(QIProject, pk=project_pk, is_template=False) task = get_object_or_404(QIProjectTask, pk=task_pk, project=project) # Check permission if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission to delete tasks in this project.")) return redirect("projects:project_detail", pk=project.pk) redirect_target = _task_redirect(project, task) if request.method == "POST": task.delete() messages.success(request, _("Task deleted successfully.")) return redirect_target context = { "project": project, "task": task, "pdca_phase": task.pdca_phase, } return render(request, "projects/task_delete_confirm.html", context) @block_source_user @login_required def task_toggle_status(request, project_pk, task_pk, phase=None): """Quick toggle task status between pending and completed""" user = request.user project = get_object_or_404(QIProject, pk=project_pk, is_template=False) task = get_object_or_404(QIProjectTask, pk=task_pk, project=project) # Check permission if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission to update tasks in this project.")) return redirect("projects:project_detail", pk=project.pk) from django.utils import timezone if task.status == "completed": task.status = "pending" task.completed_date = None else: task.status = "completed" task.completed_date = timezone.now().date() task.save() messages.success(request, _("Task status updated.")) return _task_redirect(project, task) # ============================================================================= # Template Management Views # ============================================================================= @block_source_user @login_required def template_list(request): """List QI Project templates""" user = request.user # Only admins can manage templates if not (user.is_px_admin() or user.is_hospital_admin): messages.error(request, _("You don't have permission to view templates.")) return redirect("projects:project_list") queryset = QIProject.objects.filter(is_template=True).select_related("hospital", "department") # Apply RBAC filters if not user.is_px_admin(): from django.db.models import Q queryset = queryset.filter(Q(hospital=user.hospital) | Q(hospital__isnull=True)) # Search search_query = request.GET.get("search") if search_query: queryset = queryset.filter( Q(name__icontains=search_query) | Q(description__icontains=search_query) | Q(name_ar__icontains=search_query) ) queryset = queryset.order_by("name") context = { "templates": queryset, "can_create": user.is_px_admin() or user.is_hospital_admin, "can_edit": user.is_px_admin() or user.is_hospital_admin, } return render(request, "projects/template_list.html", context) @block_source_user @login_required def template_detail(request, pk): """View template details with tasks""" user = request.user # Only admins can view templates if not (user.is_px_admin() or user.is_hospital_admin): messages.error(request, _("You don't have permission to view templates.")) return redirect("projects:project_list") template = get_object_or_404( QIProject.objects.filter(is_template=True).select_related("hospital", "department"), pk=pk ) # Check permission for hospital-specific templates if not user.is_px_admin(): from django.db.models import Q if template.hospital and template.hospital != user.hospital: messages.error(request, _("You don't have permission to view this template.")) return redirect("projects:template_list") # Get tasks tasks = template.tasks.all().order_by("order", "created_at") context = { "template": template, "tasks": tasks, } return render(request, "projects/template_detail.html", context) @block_source_user @login_required def template_create(request): """Create a new project template""" user = request.user # Only admins can create templates if not (user.is_px_admin() or user.is_hospital_admin): messages.error(request, _("You don't have permission to create templates.")) return redirect("projects:project_list") if request.method == "POST": form = QIProjectTemplateForm(request.POST, request=request) if form.is_valid(): template = form.save(commit=False) template.is_template = True template.created_by = user template.save() # Save task templates formset formset = TaskTemplateFormSet(request.POST, instance=template, prefix="tasktemplate_set") if formset.is_valid(): formset.save() messages.success(request, _("Project template created successfully.")) return redirect("projects:template_list") else: # Form is invalid, show formset with errors formset = TaskTemplateFormSet(request.POST, prefix="tasktemplate_set") else: form = QIProjectTemplateForm(request=request) formset = TaskTemplateFormSet(prefix="tasktemplate_set") context = { "form": form, "formset": formset, "is_create": True, } return render(request, "projects/template_form.html", context) @block_source_user @login_required def template_edit(request, pk): """Edit an existing project template""" user = request.user template = get_object_or_404(QIProject, pk=pk, is_template=True) # Check permission if not user.is_px_admin(): if template.hospital and template.hospital != user.hospital: messages.error(request, _("You don't have permission to edit this template.")) return redirect("projects:template_list") if request.method == "POST": form = QIProjectTemplateForm(request.POST, instance=template, request=request) formset = TaskTemplateFormSet(request.POST, instance=template, prefix="tasktemplate_set") if form.is_valid() and formset.is_valid(): form.save() formset.save() messages.success(request, _("Project template updated successfully.")) return redirect("projects:template_list") else: form = QIProjectTemplateForm(instance=template, request=request) formset = TaskTemplateFormSet(instance=template, prefix="tasktemplate_set") context = { "form": form, "formset": formset, "template": template, "is_create": False, } return render(request, "projects/template_form.html", context) @block_source_user @login_required def template_delete(request, pk): """Delete a project template""" user = request.user template = get_object_or_404(QIProject, pk=pk, is_template=True) # Check permission if not user.is_px_admin(): if template.hospital and template.hospital != user.hospital: messages.error(request, _("You don't have permission to delete this template.")) return redirect("projects:template_list") if request.method == "POST": template_name = template.name template.delete() messages.success(request, _('Template "%(name)s" deleted successfully.') % {"name": template_name}) return redirect("projects:template_list") context = { "template": template, } return render(request, "projects/template_delete_confirm.html", context) # ============================================================================= # PX Action Conversion View # ============================================================================= @block_source_user @login_required def convert_action_to_project(request, action_pk): """Convert a PX Action to a QI Project""" user = request.user # Check permission if not (user.is_px_admin() or user.is_hospital_admin or user.is_department_manager): messages.error(request, _("You don't have permission to create projects.")) return redirect("px_action_center:action_detail", pk=action_pk) action = get_object_or_404(PXAction, pk=action_pk) # Check hospital access if not user.is_px_admin() and user.hospital and action.hospital != user.hospital: messages.error(request, _("You don't have permission to convert this action.")) return redirect("px_action_center:action_detail", pk=action_pk) if request.method == "POST": form = ConvertToProjectForm(request.POST, request=request, action=action) if form.is_valid(): # Create project from template or blank template = form.cleaned_data.get("template") if template: # Copy from template project = QIProject.objects.create( name=form.cleaned_data["project_name"], name_ar=template.name_ar, description=template.description, hospital=action.hospital, department=template.department, project_lead=form.cleaned_data["project_lead"], target_completion_date=form.cleaned_data["target_completion_date"], status="pending", created_by=user, ) # Copy tasks from template for template_task in template.tasks.all(): QIProjectTask.objects.create( project=project, title=template_task.title, description=template_task.description, order=template_task.order, status="pending", ) else: # Create blank project project = QIProject.objects.create( name=form.cleaned_data["project_name"], description=action.description, hospital=action.hospital, project_lead=form.cleaned_data["project_lead"], target_completion_date=form.cleaned_data["target_completion_date"], status="pending", created_by=user, ) # Link to the action project.related_actions.add(action) messages.success(request, _("PX Action converted to QI Project successfully.")) return redirect("projects:project_detail", pk=project.pk) else: initial_data = { "project_name": f"QI Project: {action.title}", } form = ConvertToProjectForm(request=request, action=action, initial=initial_data) context = { "form": form, "action": action, } return render(request, "projects/convert_action.html", context) @block_source_user @login_required def pdca_phase_detail(request, pk, phase): """Detail view for a PDCA phase, showing phase info and its tasks""" if phase not in [c[0] for c in PDCAPhaseChoices.choices]: messages.error(request, _("Invalid PDCA phase.")) return redirect("projects:project_detail", pk=pk) project = get_object_or_404(QIProject, pk=pk, is_template=False) user = request.user if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission.")) return redirect("projects:project_list") pdca_phase, created = PDCAPhase.objects.get_or_create( project=project, phase=phase, defaults={"title": PDCAPhaseChoices(phase).label}, ) tasks = pdca_phase.tasks.all().order_by("order", "created_at") can_edit = user.is_px_admin() or user.is_hospital_admin or user.is_department_manager from django.utils import timezone phase_task_counts = {p.phase: p.tasks.count() for p in project.pdca_phases.prefetch_related("tasks").all()} context = { "project": project, "pdca_phase": pdca_phase, "phase_key": phase, "phase_label": PDCAPhaseChoices(phase).label, "tasks": tasks, "can_edit": can_edit, "today": timezone.now().date(), "pdca_phase_choices": PDCAPhaseChoices.choices, "phase_task_counts": phase_task_counts, } return render(request, "projects/pdca_phase_detail.html", context) @block_source_user @login_required def pdca_phase_edit(request, pk, phase): """Edit a PDCA phase for a QI project""" if phase not in [c[0] for c in PDCAPhaseChoices.choices]: messages.error(request, _("Invalid PDCA phase.")) return redirect("projects:project_detail", pk=pk) project = get_object_or_404(QIProject, pk=pk, is_template=False) user = request.user if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission.")) return redirect("projects:project_list") can_edit = user.is_px_admin() or user.is_hospital_admin or user.is_department_manager if not can_edit: messages.error(request, _("You don't have permission to edit this project.")) return redirect("projects:pdca_phase_detail", pk=project.pk, phase=phase) pdca_phase, created = PDCAPhase.objects.get_or_create( project=project, phase=phase, defaults={"title": PDCAPhaseChoices(phase).label}, ) if request.method == "POST": pdca_phase.title = request.POST.get("title", pdca_phase.title) pdca_phase.description = request.POST.get("description", "") pdca_phase.findings = request.POST.get("findings", "") pdca_phase.status = request.POST.get("status", StatusChoices.PENDING) pdca_phase.start_date = request.POST.get("start_date") or None pdca_phase.due_date = request.POST.get("due_date") or None owner_id = request.POST.get("owner") if owner_id: from apps.accounts.models import User try: pdca_phase.owner = User.objects.get(pk=owner_id) except User.DoesNotExist: pass else: pdca_phase.owner = None pdca_phase.save() messages.success(request, _("%(phase)s phase updated successfully.") % {"phase": PDCAPhaseChoices(phase).label}) return redirect("projects:pdca_phase_detail", pk=project.pk, phase=phase) from apps.accounts.models import User team_members = project.team_members.all() if project.project_lead: team_members = team_members | User.objects.filter(pk=project.project_lead.pk) context = { "project": project, "pdca_phase": pdca_phase, "phase_key": phase, "phase_label": PDCAPhaseChoices(phase).label, "team_members": team_members.distinct(), "status_choices": StatusChoices.choices, } return render(request, "projects/pdca_phase_form.html", context) @block_source_user @login_required def project_export_excel(request, pk): """Export QI project with PDCA data as Excel""" from django.http import HttpResponse project = get_object_or_404(QIProject, pk=pk, is_template=False) user = request.user if not user.is_px_admin() and user.hospital and project.hospital != user.hospital: messages.error(request, _("You don't have permission.")) return redirect("projects:project_list") from .export_utils import export_project_excel workbook = export_project_excel(project) response = HttpResponse(content_type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet") filename = f"QI_Project_{project.name.replace(' ', '_')}_{project.pk}.xlsx" response["Content-Disposition"] = f'attachment; filename="{filename}"' workbook.save(response) return response