marwan/HH
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
HH/apps/standards/views.py
ismail 01fa26c59a updates
2026-03-09 16:10:24 +03:00

700 lines
22 KiB
Python
Raw Blame History

from rest_framework import viewsets, status
from rest_framework.decorators import action
from rest_framework.response import Response
from django.shortcuts import render, get_object_or_404, redirect
from django.contrib.auth.decorators import login_required
from django.views.decorators.csrf import ensure_csrf_cookie, csrf_exempt
from django.http import JsonResponse
from django.db.models import Count, Q
from django.utils import timezone
from datetime import datetime
import json
from apps.standards.models import StandardSource, StandardCategory, Standard, StandardCompliance, StandardAttachment
from apps.organizations.models import Department
from apps.standards.forms import (
StandardSourceForm,
StandardCategoryForm,
StandardForm,
StandardComplianceForm,
StandardAttachmentForm,
)
# ==================== API ViewSets ====================
class StandardSourceViewSet(viewsets.ModelViewSet):
queryset = StandardSource.objects.all()
filterset_fields = ["is_active"]
search_fields = ["name", "name_ar", "code"]
ordering = ["name"]
def get_serializer_class(self):
from apps.standards.serializers import StandardSourceSerializer
return StandardSourceSerializer
class StandardCategoryViewSet(viewsets.ModelViewSet):
queryset = StandardCategory.objects.all()
filterset_fields = ["is_active"]
search_fields = ["name", "name_ar"]
ordering = ["order", "name"]
def get_serializer_class(self):
from apps.standards.serializers import StandardCategorySerializer
return StandardCategorySerializer
class StandardViewSet(viewsets.ModelViewSet):
queryset = Standard.objects.all()
filterset_fields = ["source", "category", "department", "is_active"]
search_fields = ["code", "title", "title_ar", "description"]
ordering = ["source", "category", "code"]
def get_serializer_class(self):
from apps.standards.serializers import StandardSerializer
return StandardSerializer
class StandardComplianceViewSet(viewsets.ModelViewSet):
queryset = StandardCompliance.objects.all()
filterset_fields = ["department", "standard", "status"]
search_fields = ["department__name", "standard__code", "notes"]
ordering = ["-created_at"]
def get_serializer_class(self):
from apps.standards.serializers import StandardComplianceSerializer
return StandardComplianceSerializer
class StandardAttachmentViewSet(viewsets.ModelViewSet):
queryset = StandardAttachment.objects.all()
filterset_fields = ["compliance"]
search_fields = ["filename", "description"]
ordering = ["-uploaded_at"]
def get_serializer_class(self):
from apps.standards.serializers import StandardAttachmentSerializer
return StandardAttachmentSerializer
# ==================== UI Views ====================
@login_required
def standards_dashboard(request):
"""Standards dashboard with statistics"""
# Get current hospital from tenant_hospital (set by middleware)
hospital = getattr(request, "tenant_hospital", None)
if not hospital:
return render(request, "core/no_hospital_assigned.html")
departments = hospital.departments.filter(status="active")
# Get compliance statistics
compliance_records = StandardCompliance.objects.filter(department__hospital=hospital)
stats = {
"total_standards": Standard.objects.filter(is_active=True).count(),
"total_departments": departments.count(),
"met": compliance_records.filter(status="met").count(),
"partially_met": compliance_records.filter(status="partially_met").count(),
"not_met": compliance_records.filter(status="not_met").count(),
"not_assessed": compliance_records.filter(status="not_assessed").count(),
}
# Recent compliance updates
recent_updates = compliance_records.order_by("-updated_at")[:10]
# Check if user is PX admin or Hospital Admin
is_px_admin = request.user.is_px_admin() or request.user.is_hospital_admin()
context = {
"hospital": hospital,
"departments": departments,
"stats": stats,
"recent_updates": recent_updates,
"is_px_admin": is_px_admin,
}
return render(request, "standards/dashboard.html", context)
@ensure_csrf_cookie
@login_required
def department_standards_view(request, pk):
"""View all standards for a department"""
department = get_object_or_404(Department, pk=pk)
# Check if user is PX admin
hospital = getattr(request, "tenant_hospital", None)
is_px_admin = (request.user.is_px_admin() or request.user.is_hospital_admin()) if hospital else False
# Get all active standards (both department-specific and general)
department_standards = (
Standard.objects.filter(is_active=True)
.filter(Q(department=department) | Q(department__isnull=True))
.order_by("source", "category", "code")
)
# Get compliance status for each standard
standards_data = []
for standard in department_standards:
compliance = StandardCompliance.objects.filter(department=department, standard=standard).first()
standards_data.append(
{
"standard": standard,
"compliance": compliance,
"attachment_count": compliance.attachments.count() if compliance else 0,
}
)
context = {
"department": department,
"standards_data": standards_data,
"is_px_admin": is_px_admin,
}
return render(request, "standards/department_standards.html", context)
@login_required
def standard_detail(request, pk):
"""View standard details and compliance history"""
standard = get_object_or_404(Standard, pk=pk)
# Get compliance records for all departments
compliance_records = (
StandardCompliance.objects.filter(standard=standard)
.select_related("department", "assessor")
.order_by("-created_at")
)
# Check if user is PX admin
hospital = getattr(request, "tenant_hospital", None)
is_px_admin = False
if hospital:
is_px_admin = request.user.is_px_admin() or request.user.is_hospital_admin()
context = {
"standard": standard,
"compliance_records": compliance_records,
"is_px_admin": is_px_admin,
}
return render(request, "standards/standard_detail.html", context)
@login_required
def standard_compliance_update(request, compliance_id):
"""Update compliance status"""
compliance = get_object_or_404(StandardCompliance, pk=compliance_id)
if request.method == "POST":
form = StandardComplianceForm(request.POST, instance=compliance)
if form.is_valid():
form.save()
return redirect("standards:department_standards", pk=compliance.department.pk)
else:
form = StandardComplianceForm(instance=compliance)
context = {
"compliance": compliance,
"form": form,
}
return render(request, "standards/compliance_form.html", context)
@login_required
def standard_attachment_upload(request, compliance_id):
"""Upload attachment for compliance"""
compliance = get_object_or_404(StandardCompliance, pk=compliance_id)
if request.method == "POST":
form = StandardAttachmentForm(request.POST, request.FILES)
if form.is_valid():
attachment = form.save(commit=False)
attachment.compliance = compliance
attachment.uploaded_by = request.user
attachment.filename = request.FILES["file"].name
attachment.save()
return redirect("standards:standard_compliance_update", compliance_id=compliance.pk)
else:
form = StandardAttachmentForm()
context = {
"compliance": compliance,
"form": form,
}
return render(request, "standards/attachment_upload.html", context)
@login_required
def standard_attachment_delete(request, pk):
"""Delete an attachment"""
attachment = get_object_or_404(StandardAttachment, pk=pk)
compliance_id = attachment.compliance.id
if request.method == "POST":
attachment.delete()
from django.contrib import messages
messages.success(request, "Attachment deleted successfully.")
return redirect("standards:standard_compliance_update", compliance_id=compliance_id)
context = {"attachment": attachment}
return render(request, "standards/attachment_confirm_delete.html", context)
@login_required
def standards_search(request):
"""Search standards"""
query = request.GET.get("q", "")
source_filter = request.GET.get("source", "")
category_filter = request.GET.get("category", "")
status_filter = request.GET.get("status", "")
# Get current hospital from tenant_hospital (set by middleware)
hospital = getattr(request, "tenant_hospital", None)
if not hospital:
return render(request, "core/no_hospital_assigned.html")
# Build queryset
standards = Standard.objects.filter(is_active=True)
if query:
standards = standards.filter(
Q(code__icontains=query)
| Q(title__icontains=query)
| Q(title_ar__icontains=query)
| Q(description__icontains=query)
)
if source_filter:
standards = standards.filter(source_id=source_filter)
if category_filter:
standards = standards.filter(category_id=category_filter)
standards = standards.select_related("source", "category").order_by("source", "category", "code")
# Get filters
sources = StandardSource.objects.filter(is_active=True)
categories = StandardCategory.objects.filter(is_active=True)
# Check if user is PX admin or Hospital Admin
is_px_admin = request.user.is_px_admin() or request.user.is_hospital_admin()
context = {
"hospital": hospital,
"standards": standards,
"query": query,
"source_filter": source_filter,
"category_filter": category_filter,
"sources": sources,
"categories": categories,
"is_px_admin": is_px_admin,
}
return render(request, "standards/search.html", context)
@login_required
def standard_create(request, department_id=None):
"""Create a new standard (PX Admin only)"""
# Check if user is PX admin
hospital = getattr(request, "tenant_hospital", None)
if not hospital:
return render(request, "core/no_hospital_assigned.html")
is_px_admin = request.user.is_px_admin() or request.user.is_hospital_admin()
if not is_px_admin:
from django.contrib import messages
messages.error(request, "You do not have permission to create standards.")
if department_id:
return redirect("standards:department_standards", pk=department_id)
return redirect("standards:dashboard")
if request.method == "POST":
form = StandardForm(request.POST)
if form.is_valid():
standard = form.save(commit=False)
standard.save()
from django.contrib import messages
messages.success(request, "Standard created successfully.")
if department_id:
return redirect("standards:department_standards", pk=department_id)
return redirect("standards:dashboard")
else:
form = StandardForm()
# If department_id is provided, pre-select that department
if department_id:
from apps.organizations.models import Department
department = Department.objects.filter(pk=department_id).first()
if department:
form.fields["department"].initial = department
# Get all departments for the hospital
departments = hospital.departments.filter(status="active")
context = {
"form": form,
"department_id": department_id,
"departments": departments,
"hospital": hospital,
}
return render(request, "standards/standard_form.html", context)
@login_required
def standard_update(request, pk):
"""Update a standard (PX Admin only)"""
standard = get_object_or_404(Standard, pk=pk)
# Check if user is PX admin
hospital = getattr(request, "tenant_hospital", None)
if not hospital:
return render(request, "core/no_hospital_assigned.html")
is_px_admin = request.user.is_px_admin() or request.user.is_hospital_admin()
if not is_px_admin:
from django.contrib import messages
messages.error(request, "You do not have permission to update standards.")
return redirect("standards:standard_detail", pk=pk)
if request.method == "POST":
form = StandardForm(request.POST, instance=standard)
if form.is_valid():
form.save()
from django.contrib import messages
messages.success(request, "Standard updated successfully.")
return redirect("standards:standard_detail", pk=pk)
else:
form = StandardForm(instance=standard)
context = {
"form": form,
"standard": standard,
"hospital": hospital,
}
return render(request, "standards/standard_form.html", context)
@login_required
def standard_delete(request, pk):
"""Delete a standard (PX Admin only)"""
standard = get_object_or_404(Standard, pk=pk)
# Check if user is PX admin
hospital = getattr(request, "tenant_hospital", None)
if not hospital:
return render(request, "core/no_hospital_assigned.html")
is_px_admin = request.user.is_px_admin() or request.user.is_hospital_admin()
if not is_px_admin:
from django.contrib import messages
messages.error(request, "You do not have permission to delete standards.")
return redirect("standards:standard_detail", pk=pk)
if request.method == "POST":
standard.delete()
from django.contrib import messages
messages.success(request, "Standard deleted successfully.")
return redirect("standards:dashboard")
context = {"standard": standard}
return render(request, "standards/standard_confirm_delete.html", context)
@ensure_csrf_cookie
@login_required
def create_compliance_ajax(request):
"""Create compliance record via AJAX"""
if not request.user.is_authenticated:
return JsonResponse({"success": False, "error": "Authentication required"}, status=401)
if request.method != "POST":
return JsonResponse({"success": False, "error": "Invalid request method"})
# Parse JSON from request body
try:
data = json.loads(request.body)
except json.JSONDecodeError:
return JsonResponse({"success": False, "error": "Invalid JSON"})
department_id = data.get("department_id")
standard_id = data.get("standard_id")
if not department_id or not standard_id:
return JsonResponse({"success": False, "error": "Missing required fields"})
try:
department = Department.objects.get(pk=department_id)
standard = Standard.objects.get(pk=standard_id)
# Check if compliance already exists
compliance, created = StandardCompliance.objects.get_or_create(
department=department,
standard=standard,
defaults={
"assessor": request.user,
"last_assessed_date": timezone.now().date(),
},
)
return JsonResponse(
{
"success": True,
"compliance_id": compliance.id,
"status": compliance.status,
"created": created,
}
)
except Exception as e:
import traceback
traceback.print_exc()
return JsonResponse({"success": False, "error": str(e)})
@ensure_csrf_cookie
@login_required
def update_compliance_ajax(request):
"""Update compliance record via AJAX"""
if not request.user.is_authenticated:
return JsonResponse({"success": False, "error": "Authentication required"}, status=401)
if request.method != "POST":
return JsonResponse({"success": False, "error": "Invalid request method"})
# Parse JSON from request body
try:
data = json.loads(request.body)
except json.JSONDecodeError:
return JsonResponse({"success": False, "error": "Invalid JSON"})
compliance_id = data.get("compliance_id")
status = data.get("status")
notes = data.get("notes", "")
evidence_summary = data.get("evidence_summary", "")
last_assessed_date_str = data.get("last_assessed_date")
assessor_id = data.get("assessor_id")
if not compliance_id or not status:
return JsonResponse({"success": False, "error": "Missing required fields"})
try:
compliance = StandardCompliance.objects.get(pk=compliance_id)
compliance.status = status
compliance.notes = notes
compliance.evidence_summary = evidence_summary
# Set assessor - use logged-in user or provided ID
if assessor_id:
from apps.accounts.models import User
try:
assessor = User.objects.get(pk=assessor_id)
compliance.assessor = assessor
except User.DoesNotExist:
compliance.assessor = request.user
else:
compliance.assessor = request.user
# Set assessment date
if last_assessed_date_str:
compliance.last_assessed_date = datetime.strptime(last_assessed_date_str, "%Y-%m-%d").date()
else:
compliance.last_assessed_date = timezone.now().date()
compliance.save()
return JsonResponse(
{
"success": True,
"status": compliance.status,
"status_display": compliance.get_status_display(),
}
)
except Exception as e:
import traceback
traceback.print_exc()
return JsonResponse({"success": False, "error": str(e)})
@login_required
def get_compliance_status(request, department_id, standard_id):
"""API endpoint to get compliance status"""
compliance = StandardCompliance.objects.filter(department_id=department_id, standard_id=standard_id).first()
if compliance:
data = {
"status": compliance.status,
"last_assessed_date": compliance.last_assessed_date,
"assessor": compliance.assessor.get_full_name() if compliance.assessor else None,
"notes": compliance.notes,
"attachment_count": compliance.attachments.count(),
}
else:
data = {
"status": "not_assessed",
"last_assessed_date": None,
"assessor": None,
"notes": "",
"attachment_count": 0,
}
return JsonResponse(data)
# ==================== Source Management Views ====================
@login_required
def source_list(request):
"""List all standard sources"""
sources = StandardSource.objects.all().order_by("name")
context = {"sources": sources}
return render(request, "standards/source_list.html", context)
@login_required
def source_create(request):
"""Create a new standard source"""
if request.method == "POST":
form = StandardSourceForm(request.POST)
if form.is_valid():
form.save()
from django.contrib import messages
messages.success(request, "Source created successfully.")
return redirect("standards:source_list")
else:
form = StandardSourceForm()
context = {"form": form}
return render(request, "standards/source_form.html", context)
@login_required
def source_update(request, pk):
"""Update a standard source"""
source = get_object_or_404(StandardSource, pk=pk)
if request.method == "POST":
form = StandardSourceForm(request.POST, instance=source)
if form.is_valid():
form.save()
from django.contrib import messages
messages.success(request, "Source updated successfully.")
return redirect("standards:source_list")
else:
form = StandardSourceForm(instance=source)
context = {"form": form, "source": source}
return render(request, "standards/source_form.html", context)
@login_required
def source_delete(request, pk):
"""Delete a standard source"""
source = get_object_or_404(StandardSource, pk=pk)
if request.method == "POST":
source.delete()
from django.contrib import messages
messages.success(request, "Source deleted successfully.")
return redirect("standards:source_list")
context = {"source": source}
return render(request, "standards/source_confirm_delete.html", context)
# ==================== Category Management Views ====================
@login_required
def category_list(request):
"""List all standard categories"""
categories = StandardCategory.objects.all().order_by("order", "name")
context = {"categories": categories}
return render(request, "standards/category_list.html", context)
@login_required
def category_create(request):
"""Create a new standard category"""
if request.method == "POST":
form = StandardCategoryForm(request.POST)
if form.is_valid():
form.save()
from django.contrib import messages
messages.success(request, "Category created successfully.")
return redirect("standards:category_list")
else:
form = StandardCategoryForm()
context = {"form": form}
return render(request, "standards/category_form.html", context)
@login_required
def category_update(request, pk):
"""Update a standard category"""
category = get_object_or_404(StandardCategory, pk=pk)
if request.method == "POST":
form = StandardCategoryForm(request.POST, instance=category)
if form.is_valid():
form.save()
from django.contrib import messages
messages.success(request, "Category updated successfully.")
return redirect("standards:category_list")
else:
form = StandardCategoryForm(instance=category)
context = {"form": form, "category": category}
return render(request, "standards/category_form.html", context)
@login_required
def category_delete(request, pk):
"""Delete a standard category"""
category = get_object_or_404(StandardCategory, pk=pk)
if request.method == "POST":
category.delete()
from django.contrib import messages
messages.success(request, "Category deleted successfully.")
return redirect("standards:category_list")
context = {"category": category}
return render(request, "standards/category_confirm_delete.html", context)
Reference in New Issue View Git Blame Copy Permalink