2024-12-29 03:44:52 +01:00
|
|
|
import logging
|
2025-02-19 19:34:45 +01:00
|
|
|
import yaml
|
2025-06-20 14:56:28 +02:00
|
|
|
import os
|
|
|
|
|
import json
|
|
|
|
|
import time
|
2024-12-29 03:44:52 +01:00
|
|
|
|
2025-02-12 13:46:19 +01:00
|
|
|
from django.shortcuts import render, redirect , get_object_or_404
|
2024-12-29 03:44:52 +01:00
|
|
|
from .forms import OrganizationForm
|
2025-07-14 11:29:11 +02:00
|
|
|
from .models import Organization,Document, DocumentTemplate, DemoCode
|
2025-02-21 14:58:02 +01:00
|
|
|
from backend.accounts.utils import send_confirmation_email, send_document_email
|
2025-02-13 17:55:46 +01:00
|
|
|
from django.contrib.admin.views.decorators import staff_member_required
|
2025-06-13 17:45:22 +02:00
|
|
|
from .utils import generate_pdf, generate_risk_graph, generate_residual_risk_graph
|
|
|
|
|
from .tables import risk_matrix_table ,get_risk_table, get_safeguard_summary_table
|
2025-03-19 13:48:52 +01:00
|
|
|
from django.conf import settings
|
2025-04-18 16:29:07 +02:00
|
|
|
from .processors import render_template
|
2025-06-20 00:56:57 +02:00
|
|
|
from django.http import JsonResponse, FileResponse, Http404, HttpResponse
|
2025-05-06 18:59:29 +02:00
|
|
|
from django.core.exceptions import ValidationError
|
|
|
|
|
from django.core.validators import validate_email
|
2025-06-20 00:56:57 +02:00
|
|
|
from django.utils import timezone
|
|
|
|
|
from weasyprint import HTML
|
|
|
|
|
from django.template.loader import render_to_string
|
2025-06-20 14:56:28 +02:00
|
|
|
from django.views.decorators.csrf import csrf_exempt
|
2025-02-13 16:38:29 +01:00
|
|
|
|
2025-02-21 14:58:02 +01:00
|
|
|
|
2024-12-29 03:44:52 +01:00
|
|
|
# @login_required
|
|
|
|
|
# def index(request):
|
|
|
|
|
# return HttpResponse('<h1>Django</h1><p>Página simples.</p>')
|
|
|
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
2025-06-20 14:56:28 +02:00
|
|
|
site_domain = settings.SITE_DOMAIN
|
2024-12-29 03:44:52 +01:00
|
|
|
|
|
|
|
|
# @login_required
|
|
|
|
|
def index(request):
|
|
|
|
|
template_name = 'index.html'
|
|
|
|
|
return render(request, template_name)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def signup(request):
|
|
|
|
|
if request.method == 'POST':
|
|
|
|
|
form = OrganizationForm(request.POST)
|
|
|
|
|
if form.is_valid():
|
2025-02-14 17:52:51 +01:00
|
|
|
form.save()
|
2025-02-13 16:38:29 +01:00
|
|
|
send_confirmation_email(form.data['email'])
|
|
|
|
|
|
2025-02-10 13:49:15 +01:00
|
|
|
return render(request, 'thankyou.html', {
|
|
|
|
|
'email': form.data['email'],
|
|
|
|
|
})
|
2024-12-29 03:44:52 +01:00
|
|
|
else:
|
|
|
|
|
logging.error(form.errors)
|
|
|
|
|
return render(request, 'signup.html', {'form': form})
|
|
|
|
|
else:
|
|
|
|
|
form = OrganizationForm()
|
|
|
|
|
|
|
|
|
|
return render(request, 'signup.html', {'form': form})
|
|
|
|
|
|
|
|
|
|
|
2025-05-06 18:59:29 +02:00
|
|
|
def validate_form_fields(request):
|
|
|
|
|
name = request.GET.get('name', '').strip()
|
|
|
|
|
email = request.GET.get('email', '').strip()
|
|
|
|
|
errors = {}
|
|
|
|
|
|
|
|
|
|
if name and Organization.objects.filter(name__iexact=name).exists():
|
|
|
|
|
errors['name'] = 'Organization with this name already exists.'
|
|
|
|
|
if email:
|
|
|
|
|
try:
|
|
|
|
|
validate_email(email)
|
|
|
|
|
except ValidationError:
|
|
|
|
|
errors['email'] = 'Please enter a valid email address.'
|
|
|
|
|
else:
|
|
|
|
|
if Organization.objects.filter(email__iexact=email).exists():
|
|
|
|
|
errors['email'] = 'This email is already registered.'
|
|
|
|
|
|
|
|
|
|
return JsonResponse({'errors': errors})
|
|
|
|
|
|
|
|
|
|
|
2024-12-29 03:44:52 +01:00
|
|
|
def thankyou(request):
|
2025-02-07 13:21:29 +01:00
|
|
|
return render(request, 'thankyou.html')
|
|
|
|
|
|
2025-02-19 16:09:42 +01:00
|
|
|
def document(request, document_id):
|
|
|
|
|
document = get_object_or_404(Document, id=document_id)
|
2025-04-18 16:29:07 +02:00
|
|
|
risks_with_controls = get_risk_table(document)
|
|
|
|
|
table_risk_matrix = risk_matrix_table()
|
2025-06-13 17:45:22 +02:00
|
|
|
safeguard_summary_table = get_safeguard_summary_table(risks_with_controls)
|
2025-03-27 23:57:31 +01:00
|
|
|
graph_base64 = generate_risk_graph(risks_with_controls)
|
2025-06-13 17:45:22 +02:00
|
|
|
residual_graph_base64 = generate_residual_risk_graph(risks_with_controls)
|
2025-02-19 16:09:42 +01:00
|
|
|
template_obj = get_object_or_404(DocumentTemplate, name="Default Template")
|
|
|
|
|
template_content = template_obj.content
|
|
|
|
|
|
2025-02-19 19:34:45 +01:00
|
|
|
try:
|
|
|
|
|
template_segments = yaml.safe_load(template_content)
|
|
|
|
|
except yaml.YAMLError as e:
|
|
|
|
|
return render(request, 'error.html', {'error_message': 'Error parsing template.'})
|
|
|
|
|
context = {
|
2025-02-19 16:09:42 +01:00
|
|
|
'document': document,
|
2025-03-27 23:57:31 +01:00
|
|
|
'risks_with_controls': risks_with_controls,
|
2025-04-18 16:29:07 +02:00
|
|
|
'graph': graph_base64,
|
|
|
|
|
'table_risk_matrix': table_risk_matrix,
|
2025-06-13 17:45:22 +02:00
|
|
|
'residual_graph': residual_graph_base64,
|
|
|
|
|
'safeguard_summary_table': safeguard_summary_table,
|
|
|
|
|
'table_risk_matrix_header' : table_risk_matrix[0],
|
|
|
|
|
'table_risk_matrix_rows': table_risk_matrix[1:],
|
2025-02-19 19:34:45 +01:00
|
|
|
}
|
2025-04-18 16:29:07 +02:00
|
|
|
rendered_content = render_template(template_segments, context)
|
2025-06-13 17:45:22 +02:00
|
|
|
return render(request, 'document.html',
|
|
|
|
|
{'rendered_html': rendered_content,
|
|
|
|
|
'document': document,})
|
2025-02-21 14:58:02 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@staff_member_required
|
|
|
|
|
def template_preview(request, name):
|
|
|
|
|
template = get_object_or_404(DocumentTemplate, name=name)
|
|
|
|
|
parsed_template = template.to_dict()
|
|
|
|
|
return render(request, 'template_preview.html', {'template': parsed_template})
|
|
|
|
|
|
2025-02-24 10:19:27 +01:00
|
|
|
def pdf_view(request, document_id):
|
|
|
|
|
document = get_object_or_404(Document, id=document_id)
|
|
|
|
|
return generate_pdf(document)
|
|
|
|
|
|
2025-02-21 14:58:02 +01:00
|
|
|
def payment_page(request):
|
2025-06-20 00:56:57 +02:00
|
|
|
error = None
|
|
|
|
|
email = request.GET.get('email')
|
|
|
|
|
if request.method == 'POST':
|
|
|
|
|
import re
|
|
|
|
|
code = re.sub(r'\s+', '', request.POST.get('code', '')).upper()[:10]
|
|
|
|
|
try:
|
2025-07-14 11:29:11 +02:00
|
|
|
payment_code = DemoCode.objects.get(code=code)
|
2025-06-20 00:56:57 +02:00
|
|
|
if payment_code.used:
|
|
|
|
|
error = "CODE INVALID"
|
|
|
|
|
else:
|
|
|
|
|
org = Organization.objects.filter(email__iexact=email).first()
|
|
|
|
|
payment_code.used = True
|
|
|
|
|
payment_code.used_at = timezone.now()
|
|
|
|
|
payment_code.company = org
|
|
|
|
|
payment_code.save()
|
|
|
|
|
document = Document.objects.get(organization = org)
|
|
|
|
|
url = f"{site_domain}/pdf/{document.id}/"
|
|
|
|
|
send_document_email(email, url, document)
|
|
|
|
|
return redirect(url)
|
2025-07-14 11:29:11 +02:00
|
|
|
except DemoCode.DoesNotExist:
|
2025-06-20 14:56:28 +02:00
|
|
|
error = "❌ Invalid code"
|
2025-06-20 00:56:57 +02:00
|
|
|
return render(request, 'payment.html', {'error': error})
|
2025-06-13 19:36:06 +02:00
|
|
|
|
|
|
|
|
def no_confidential_data(request):
|
|
|
|
|
return render(request, "no_confidential_data.html")
|
|
|
|
|
|
|
|
|
|
|
2025-06-20 00:56:57 +02:00
|
|
|
|
|
|
|
|
@staff_member_required
|
2025-07-14 11:29:11 +02:00
|
|
|
def demo_codes_pdf_view(request):
|
2025-06-20 00:56:57 +02:00
|
|
|
filter_by = request.GET.get('filter_by', 'all')
|
|
|
|
|
if filter_by == 'used':
|
2025-07-14 11:29:11 +02:00
|
|
|
codes = DemoCode.objects.filter(used=True)
|
2025-06-20 00:56:57 +02:00
|
|
|
elif filter_by == 'available':
|
2025-07-14 11:29:11 +02:00
|
|
|
codes = DemoCode.objects.filter(used=False)
|
2025-06-20 00:56:57 +02:00
|
|
|
else:
|
2025-07-14 11:29:11 +02:00
|
|
|
codes = DemoCode.objects.all()
|
|
|
|
|
html_string = render_to_string('demo_code_report.html', {'codes': codes})
|
2025-06-20 00:56:57 +02:00
|
|
|
pdf_content = HTML(string=html_string, base_url=request.build_absolute_uri('/')).write_pdf()
|
|
|
|
|
response = HttpResponse(pdf_content, content_type='application/pdf')
|
2025-07-14 11:29:11 +02:00
|
|
|
response['Content-Disposition'] = f'inline; filename=demo_codes_{timezone.now().strftime("%Y%m%d_%H%M%S")}.pdf'
|
2025-06-20 14:56:28 +02:00
|
|
|
return response
|
|
|
|
|
|
|
|
|
|
@csrf_exempt
|
|
|
|
|
def validate_code(request):
|
|
|
|
|
if request.method == "POST":
|
|
|
|
|
try:
|
|
|
|
|
data = json.loads(request.body)
|
|
|
|
|
code = data.get("code", "").strip().upper()
|
2025-07-14 11:29:11 +02:00
|
|
|
from .models import DemoCode
|
|
|
|
|
valid = DemoCode.objects.filter(code=code, used=False).exists()
|
2025-06-20 15:40:46 +02:00
|
|
|
time.sleep(3)
|
2025-06-20 14:56:28 +02:00
|
|
|
return JsonResponse({"valid": valid})
|
|
|
|
|
except Exception:
|
|
|
|
|
return JsonResponse({"valid": False})
|
|
|
|
|
return JsonResponse({"valid": False})
|
