si:dZddlZddlmZddlmZddlmZddlm Z ddl m Z ddl m Z dd lmZdd lmZdd lmZdd lmZdd lmZedefdZeedededefdZdZGdde j@Z!GddZ"ejFe!dy)aU models.py ========= This module defines the abstract base model `HorillaModel` for the WorksolMS project. The `HorillaModel` provides common fields and functionalities for other models within the application, such as tracking creation and modification timestamps and user information, audit logging, and active/inactive status management. N)uuid4)AuditlogHistoryField)auditlog)User)ValidationError)models) FieldFile)reverse)slugify)gettext)_thread_localsselfc |j|jj |j S#t$r}tdcYd}~Sd}~wwxYw)z' Custom url attribute/property 404N) _require_file Exceptionr storageurlname)res 2/var/www/python-projects/worksol/horilla/models.pyrrsJ   <<  DII && u~s7 A A AArvaluereturnct|tsygd}tjdj |tj tj z}t|j|S)zNDetect common XSS attempts (scripts, event handlers, js URLs, active content).F)z#<\s*script.*?>.*?<\s*/\s*script\s*>zjavascript\s*:z on\w+\s*=z0<\s*(embed|object|iframe|svg|math|link|meta).*?>zcon\w+\s*=\s*['\"]?\s*(eval|setTimeout|setInterval|new\s+Function|XMLHttpRequest|fetch|\$\s*\()[^>]*|) isinstancestrrecompilejoin IGNORECASEDOTALLboolsearch)r xss_patternscombineds rhas_xssr'*sR eS !Lzz#((<0"--"))2KLH & ''cjdd}djjdddxsd}t|dtjddd|}t fd|j jDd}|jj}|jj}|r |d|d|d|S|d|d|S) z Generates a unique file path for uploads in the format: app_label/model_name/field_name/originalfilename-uuid.ext .Nfile-c3^K|]$\}}t|dr|jk(r|&yw)rN)hasattrr).0kvfilenames r zupload_path..Fs2 1q&!aff&8  s*-/) splitr r rhexnext__dict__items_meta app_label model_name)instancer4ext base_name unique_name field_namer=r>s ` r upload_pathrD;s .. b !C,Sb12|i|y)z Override the save method to automatically set the created_by and modified_by fields based on the current request user. requestN created_by related_model)getattrr userr0r< get_fieldr[rpkis_authenticatedrZ is_anonymous modified_bysuperrFsave)rargskwargsrYr] __class__s rrdzHorillaModel.saves.)T: <PJJ((6DDL477,,*.w||88#'  lD&77r(ci}t|xsgjt|dg}|jj D]z}t |t jt jfs.|j|vs=t||jd}|sWt|sctd||j<||r t|y)Nxss_exempt_fieldszPotential XSS content detected.) setunionr\r< get_fieldsrr CharField TextFieldrr'r)rexcludeerrors total_excludefieldrs r clean_fieldszHorillaModel.clean_fieldssGMr*00?RTV1WX ZZ**, E56#3#3V5E5E"FGJJm3ejj$7WU^)89*F5::&  !&) ) r(c.|jjSN)r<rJrs rget_verbose_namezHorillaModel.get_verbose_nameszz&&&r(c.|jjSru)r<verbose_name_pluralrvs rget_verbose_name_pluralz$HorillaModel.get_verbose_name_pluralszz---r(c |jj|j}|S#t$r }Yd}~yd}~wwxYw)z9 Find an object of this class by its ID. )idN)objectsfilterfirstr)cls object_idobjrs rfindzHorillaModel.finds?  ++$$ $288:CJ  s+. AAcp|j|}|r#|j |_|jyy)zI Toggle the is_active status of an object of this class. N)r is_activerd)rrrs ractivate_deactivatez HorillaModel.activate_deactivates1 hhy!  # -CM HHJ r(c|jd}|}|ddD]3}|jj|}|jj}5|jj|d}|j S)z Traverse related fields to get verbose_name using Django's _meta API. Example: "employee_id__employee_work_info__reporting_manager_id" __Nr+)r7r<r^ remote_fieldmodelrJ)r field_pathpartsinstance_modelpartrr final_fields rget_verbose_name_related_fieldz+HorillaModel.get_verbose_name_related_fields   &#2J 6D"((2248E"//55N 6%&,,66uRyA '''r(ru)rQrRrSrTr DateTimeField_ created_at ForeignKeyrSET_NULLrZrbrhorilla_historyManagerr} BooleanFieldrrWrdrsrwrz classmethodrrr __classcell__)rgs@rrFrFVs &%% |_ J #"" // |_ J$&## // }%,K+,OfnnG###Dq~NI84*('.   ( (r(rFceZdZdZy)NoPermissionModelTN)rQrRrS_no_permission_modelrVr(rrrsr(rT)serialize_data)$rTruuidrauditlog.modelsrauditlog.registryrdjango.contrib.auth.modelsrdjango.core.exceptionsr django.dbrdjango.db.models.fields.filesr django.urlsr django.utils.textr django.utils.translationr rhorilla.horilla_middlewaresr propertyrsetattrrr#r'rDModelrFrregisterrVr(rrs 0&+23%16 'i' ' 5#(3(4("56A(6<<A(H  ,t4r(