U
    }‹ƒh</  ã                   @   s.  d Z ddlmZ ddlmZ ddlmZ ddlmZm	Z	m
Z
 ddlmZmZmZ ddlmZmZmZmZ ddlmZ eeed	d
d„ ƒZeeed	dd„ ƒZee	ed	dd„ ƒZeeƒdd„ ƒZeeƒdd„ ƒZeeƒdd„ ƒZeeed	dd„ ƒZee
ed	dd„ ƒZdd„ Zd$dd„Zdd „ Z d!d"„ Z!d#S )%au  
Adtlas Accounts Signals

This module contains Django signals for the accounts app to handle
automatic actions when user-related events occur.

Features:
    - Auto-create user profiles
    - Log user activities
    - Manage user sessions
    - Handle role assignments
    - Password change tracking

Author: Adtlas Development Team
Version: 2.0.0
Last Updated: 2025-07-08
é    )Útimezone)Úreceiver)ÚSession)Ú	post_saveÚpre_saveÚpost_delete)Úuser_logged_inÚuser_logged_outÚuser_login_failed)ÚUserÚProfileÚUserRoleÚUserSession)ÚActivity)Úsenderc                 K   s   |rt jj|d dS )z6
    Create a Profile when a new user is created.
    )ÚuserN)r   ÚobjectsÚget_or_create©r   ÚinstanceÚcreatedÚkwargs© r   ú0/var/www/html/Focus/src/apps/accounts/signals.pyÚcreate_user_profile!   s    r   c                 K   s   t |dƒr|j ¡  dS )z2
    Save the Profile when the user is saved.
    ÚprofileN)Úhasattrr   Úsave©r   r   r   r   r   r   Úsave_user_profile*   s    
r   c                 K   sX   |j rTz6tjj|j d}|j|jkr:t ¡ |_d|_d|_	W n tj
k
rR   Y nX dS )z2
    Track when a user's password is changed.
    )Úpkr   N)r    r   r   ÚgetÚpasswordr   ÚnowÚpassword_changed_atÚfailed_login_attemptsÚaccount_locked_untilÚDoesNotExist)r   r   r   Úold_instancer   r   r   Útrack_password_change3   s    

r)   c           
   	   K   sð   |j  d¡}|r | d¡d }n|j  d¡}|j  dd¡}t ¡ |_d|_|jddgd	 tj	|d
d|rn|j
nd› d||dœd t|dƒrì|jj}|rìtjj|d ¡ }|r¶|jnt ¡ tjdd }	tjj||||dt ¡ |	dœd dS )zE
    Log user login activity and create/update session tracking.
    ÚHTTP_X_FORWARDED_FORú,r   ÚREMOTE_ADDRÚHTTP_USER_AGENTÚ Úlast_activityr%   ©Úupdate_fieldsÚloginúUser ÚSystemz
 logged in©Ú
ip_addressÚ
user_agent©r   ÚactionÚdescriptionÚmetadataÚsession©Úsession_keyé   ©ÚdaysT)r   r6   r7   Ú	is_activer/   Ú
expires_at)r>   ÚdefaultsN)ÚMETAr!   Úsplitr   r#   r/   r%   r   r   Úlog_activityÚemailr   r<   r>   r   r   ÚfilterÚfirstÚexpire_dateÚ	timedeltar   Úupdate_or_create)
r   Úrequestr   r   Úx_forwarded_forr6   r7   r>   r<   rC   r   r   r   Úlog_user_loginD   s>    
þü
úþrP   c                 K   s˜   |r”|j  d¡}|r$| d¡d }n|j  d¡}|j  dd¡}tj|dd|rR|jnd	› d
||dœd t|dƒr”|jjr”t	j
j|jjdjdd dS )z?
    Log user logout activity and update session tracking.
    r*   r+   r   r,   r-   r.   Úlogoutr3   r4   z logged outr5   r8   r<   r=   F©rB   N)rE   r!   rF   r   rG   rH   r   r<   r>   r   r   rI   Úupdate)r   rN   r   r   rO   r6   r7   r   r   r   Úlog_user_logoutw   s(    þüÿþrT   c           	      K   sâ   |j  d¡}|r | d¡d }n|j  d¡}|j  dd¡}| d¡pL| d¡}|rÞzttjj|d	}| jd
7  _|jdkrt ¡ tjdd |_	|j
ddgd tj|dd|j› |||jdœd W n tjk
rÜ   Y nX dS )zB
    Log failed login attempts and implement account lockout.
    r*   r+   r   r,   r-   r.   rH   Úusername©rH   r?   é   é   )Úminutesr%   r&   r0   Zlogin_failedzFailed login attempt for user )r6   r7   Zattempt_countr8   N)rE   r!   rF   r   r   r%   r   r#   rL   r&   r   r   rG   rH   r'   )	r   ÚcredentialsrN   r   rO   r6   r7   rH   r   r   r   r   Úlog_failed_login™   s0    

ýü

r[   c                 K   sN   |rJt j|jdd|jj› d|jj› |jj|jj|jr>|jjnddœd dS )z/
    Log when roles are assigned to users.
    Zrole_assignedúRole z assigned to user N)ÚroleÚ	role_codeÚassigned_byr8   )r   rG   r   r]   ÚnamerH   Úcoder_   r   r   r   r   Úlog_role_assignmentÊ   s    ýürb   c                 K   s:   t j|jdd|jj› d|jj› |jj|jjdœd dS )z0
    Log when roles are removed from users.
    Zrole_removedr\   z removed from user )r]   r^   r8   N)r   rG   r   r]   r`   rH   ra   r   r   r   r   Úlog_role_removalÜ   s    þürc   c                  C   s,   t jjt ¡ dd} |  ¡ }| jdd |S )zw
    Utility function to clean up expired sessions.
    This can be called by a management command or celery task.
    T)Zexpires_at__ltrB   FrR   )r   r   rI   r   r#   ÚcountrS   )Zexpired_sessionsrd   r   r   r   Úcleanup_expired_sessionsì   s    þre   éZ   c                 C   s.   t  ¡ t j| d }tjj|d ¡ \}}|S )zh
    Utility function to clean up old activity logs.
    Keep only activities from the last X days.
    r@   )Úcreated_at__lt)r   r#   rL   r   r   rI   Údelete)rA   Úcutoff_dateZdeleted_countÚ_r   r   r   Úcleanup_old_activitiesü   s
    ÿrk   c              
   K   sš   zrddl m} ddlm} |j |dd|dd@ |dd@ |dd	@ ¡ ¡ sh|jjdd
d tdƒ ntdƒ W n" t	k
r” } zW 5 d}~X Y nX dS )aQ  
    Create a default admin user if none exists.
    
    This method checks if there are any users in the database. If not,
    it creates a default admin user with the specified email and password.
    
    Note:
        - This method should be called after migrations have been applied.
        - It's a one-time setup operation.
    r   )ÚQ)r   zadmin@adtlas.tvrV   T)Úis_superuser)Úis_staffrR   Zadmin123)rH   r"   zDefault admin user created.z-Admin user already exists. Skipping creation.N)
Údjango.db.modelsrl   Úapps.accounts.modelsr   r   rI   ÚexistsÚcreate_superuserÚprintÚ	Exception)r   r   rl   r   Úer   r   r   Úcreate_default_admin
  s    &ÿþ
rv   c           
      K   sä   z¼ddl m} ddlm} ddlm} ddddd	d
ddœdddddd
ddœdddddd
ddœdddddd
ddœdddddd
d
dœg}|D ]0}|jj|d |d\}}|rˆtd|j	› ƒ qˆW n" t
k
rÞ }	 zW 5 d }	~	X Y nX d S )!z¥
    Create default system roles if they don"t exist.
    
    This method creates the basic role structure needed for
    the application to function properly.
    r   )Ú
Permission)ÚContentType)ÚRolezSuper AdministratorÚsuper_adminz'Full system access with all permissionsÚsystemr?   TF)r`   ra   r:   Ú	role_typeÚlevelrB   Ú
is_defaultZAdministratorÚadminz&Administrative access to most featuresé   ÚManagerÚmanagerz,Management access to campaigns and analyticsé   ÚOperatorÚoperatorz/Operational access to create and manage contenté   ZViewerZviewerz)Read-only access to view data and reportsrW   ra   )ra   rD   zCreated default role: N)Údjango.contrib.auth.modelsrw   Ú"django.contrib.contenttypes.modelsrx   rp   ry   r   r   rs   r`   rt   )
r   r   rw   rx   ry   Zdefault_rolesZ	role_datar]   r   ru   r   r   r   Úcreate_default_roles*  sl    ù
ù
ù
ù
ùÛ1þ
r‰   N)rf   )"Ú__doc__Údjango.utilsr   Údjango.dispatchr   Zdjango.contrib.sessions.modelsr   Zdjango.db.models.signalsr   r   r   Zdjango.contrib.auth.signalsr   r	   r
   rp   r   r   r   r   Zapps.activities.modelsr   r   r   r)   rP   rT   r[   rb   rc   re   rk   rv   r‰   r   r   r   r   Ú<module>   s6   






2
!
0




