FInal bank, stripe and paypal sandbox completed

2026-01-08 00:12:41 +00:00
parent ad75fa031e
commit 7ad1f6bdff
19 changed files with 2622 additions and 375 deletions
--- a/backend/igny8_core/auth/admin.py
+++ b/backend/igny8_core/auth/admin.py
@@ -466,15 +466,22 @@ class AccountAdmin(ExportMixin, AccountAdminMixin, SimpleHistoryAdmin, Igny8Mode
    
    def bulk_hard_delete(self, request, queryset):
        """PERMANENTLY delete selected accounts and ALL related data - cannot be undone!"""
+        import traceback
        count = 0
        errors = []
        for account in queryset:
-            if account.slug != 'aws-admin':  # Protect admin account
-                try:
-                    account.hard_delete_with_cascade()  # Permanently delete everything
-                    count += 1
-                except Exception as e:
-                    errors.append(f'{account.name}: {str(e)}')
+            if account.slug == 'aws-admin':  # Protect admin account
+                errors.append(f'{account.name}: Protected system account')
+                continue
+            try:
+                account.hard_delete_with_cascade()  # Permanently delete everything
+                count += 1
+            except Exception as e:
+                # Log full traceback for debugging
+                import logging
+                logger = logging.getLogger(__name__)
+                logger.error(f'Hard delete failed for account {account.pk} ({account.name}): {traceback.format_exc()}')
+                errors.append(f'{account.name}: {str(e)}')
        
        if count > 0:
            self.message_user(request, f'{count} account(s) and ALL related data permanently deleted.', messages.SUCCESS)
@@ -1000,7 +1007,7 @@ class UserAdmin(ExportMixin, BaseUserAdmin, Igny8ModelAdmin):
    list_display = ['email', 'username', 'account', 'role', 'is_active', 'is_staff', 'created_at']
    list_filter = ['role', 'account', 'is_active', 'is_staff']
    search_fields = ['email', 'username']
-    readonly_fields = ['created_at', 'updated_at']
+    readonly_fields = ['created_at', 'updated_at', 'password_display']
    
    fieldsets = BaseUserAdmin.fieldsets + (
        ('IGNY8 Info', {'fields': ('account', 'role')}),
@@ -1018,8 +1025,45 @@ class UserAdmin(ExportMixin, BaseUserAdmin, Igny8ModelAdmin):
        'bulk_activate',
        'bulk_deactivate',
        'bulk_send_password_reset',
+        'bulk_set_temporary_password',
    ]
    
+    def password_display(self, obj):
+        """Show password hash with copy button (for debugging only)"""
+        if obj.password:
+            return f'Hash: {obj.password[:50]}...'
+        return 'No password set'
+    password_display.short_description = 'Password Hash'
+    
+    def bulk_set_temporary_password(self, request, queryset):
+        """Set a temporary password for selected users and display it"""
+        import secrets
+        import string
+        
+        # Generate a secure random password
+        alphabet = string.ascii_letters + string.digits
+        temp_password = ''.join(secrets.choice(alphabet) for _ in range(12))
+        
+        users_updated = []
+        for user in queryset:
+            user.set_password(temp_password)
+            user.save(update_fields=['password'])
+            users_updated.append(user.email)
+        
+        if users_updated:
+            # Display the password in the message (only visible to admin)
+            self.message_user(
+                request,
+                f'Temporary password set for {len(users_updated)} user(s): "{temp_password}" (same password for all selected users)',
+                messages.SUCCESS
+            )
+            self.message_user(
+                request,
+                f'Users updated: {", ".join(users_updated)}',
+                messages.INFO
+            )
+    bulk_set_temporary_password.short_description = '🔑 Set temporary password (will display)'
+    
    def get_queryset(self, request):
        """Filter users by account for non-superusers"""
        qs = super().get_queryset(request)
--- a/backend/igny8_core/auth/models.py
+++ b/backend/igny8_core/auth/models.py
@@ -227,6 +227,8 @@ class Account(SoftDeletableModel):
            # Core (last due to dependencies)
            'sector_set',
            'site_set',
+            # Users (delete after sites to avoid FK issues, owner is SET_NULL)
+            'users',
            # Subscription (OneToOne)
            'subscription',
        ]
@@ -285,6 +287,12 @@ class Account(SoftDeletableModel):
            from django.core.exceptions import PermissionDenied
            raise PermissionDenied("System account cannot be deleted.")
        
+        # Clear owner reference first to avoid FK constraint issues
+        # (owner is SET_NULL but we're deleting the user who is the owner)
+        if self.owner:
+            self.owner = None
+            self.save(update_fields=['owner'])
+        
        # Cascade hard-delete all related objects first
        self._cascade_delete_related(hard_delete=True)
        
--- a/backend/igny8_core/auth/serializers.py
+++ b/backend/igny8_core/auth/serializers.py
@@ -53,7 +53,7 @@ class AccountSerializer(serializers.ModelSerializer):
        fields = [
            'id', 'name', 'slug', 'owner', 'plan', 'plan_id',
            'credits', 'status', 'payment_method',
-            'subscription', 'created_at'
+            'subscription', 'billing_country', 'created_at'
        ]
        read_only_fields = ['owner', 'created_at']