Initial commit – AufmaßCreater v2.35

_aufmass_web/app/models/user.py

@@ -0,0 +1,80 @@
+from app.extensions import db, login_manager
+from flask_login import UserMixin
+from werkzeug.security import generate_password_hash, check_password_hash
+from datetime import datetime
+
+class User(UserMixin, db.Model):
+    __tablename__ = 'users'
+
+    id = db.Column(db.Integer, primary_key=True)
+    company_id = db.Column(db.Integer, db.ForeignKey('companies.id'), nullable=True)
+    email = db.Column(db.String(200), unique=True, nullable=False)
+    password_hash = db.Column(db.String(300), nullable=False)
+    vorname = db.Column(db.String(100))
+    nachname = db.Column(db.String(100))
+    rolle = db.Column(db.String(20), default='mitarbeiter')
+    aktiv = db.Column(db.Boolean, default=True)
+    font_size = db.Column(db.String(10), default='1')
+    profile_image = db.Column(db.String(255), nullable=True)
+    letzter_login = db.Column(db.DateTime)
+    erstellt_am = db.Column(db.DateTime, default=datetime.utcnow)
+
+    darf_projekte_anlegen = db.Column(db.Boolean, default=False)
+    darf_lv_verwalten = db.Column(db.Boolean, default=False)
+    darf_preise_sehen = db.Column(db.Boolean, default=False)
+    darf_aufmass_verwalten = db.Column(db.Boolean, default=False)
+    darf_evergabe_nutzen = db.Column(db.Boolean, default=False)
+    darf_kopfdaten_holen = db.Column(db.Boolean, default=False)
+    darf_aufmass_uebertragen = db.Column(db.Boolean, default=False)
+    hidden_modules = db.Column(db.Text, default='[]')
+
+    def get_hidden_modules(self):
+        import json
+        try:
+            return json.loads(self.hidden_modules or '[]')
+        except (json.JSONDecodeError, TypeError):
+            return []
+
+    def set_hidden_modules(self, val):
+        import json
+        self.hidden_modules = json.dumps(val, ensure_ascii=False)
+
+    @property
+    def full_name(self):
+        return f"{self.vorname or ''} {self.nachname or ''}".strip() or self.email
+
+    def set_password(self, password):
+        self.password_hash = generate_password_hash(password)
+
+    def check_password(self, password):
+        return check_password_hash(self.password_hash, password)
+
+    def is_superadmin(self):
+        return self.rolle == 'superadmin'
+
+    def is_firmadmin(self):
+        return self.rolle == 'firmadmin'
+
+    def is_admin(self):
+        return self.rolle in ('firmadmin', 'superadmin')
+
+    def hat_zugriff(self, project, required='lesen'):
+        if self.is_superadmin():
+            return True
+        if self.is_firmadmin():
+            from app.models.project import Project
+            return Project.query.get(project.id).company_id == self.company_id
+        from app.models.project_access import ProjectAccess
+        access = ProjectAccess.query.filter_by(
+            user_id=self.id, project_id=project.id
+        ).first()
+        if not access:
+            return False
+        if required == 'lesen':
+            return True
+        if required == 'schreiben':
+            return access.zugriff in ('lesen', 'schreiben')
+        return False
+
+    def __repr__(self):
+        return f'<User {self.email} ({self.rolle})>'