from django.core.management.base import BaseCommand from django.contrib.auth import get_user_model from role.models import Role, RoleAssignment, Permission from django.utils import timezone User = get_user_model() class Command(BaseCommand): help = 'Create admin role with permissions and example users' def add_arguments(self, parser): parser.add_argument( '--create-examples', action='store_true', help='Create example admin users', ) def handle(self, *args, **options): self.stdout.write('Creating admin role and permissions...') # Create admin role admin_role, created = Role.objects.get_or_create( name='Super Admin', defaults={ 'role_type': 'admin', 'description': 'Super Administrator dengan akses penuh ke semua fitur sistem', 'permissions': [ 'anggota.view_user', 'anggota.add_user', 'anggota.change_user', 'anggota.delete_user', 'anggota.approve_user', 'anggota.reject_user', 'anggota.export_user', 'anggota.view_absensi', 'anggota.add_absensi', 'anggota.change_absensi', 'anggota.delete_absensi', 'anggota.export_absensi', 'anggota.view_iuran', 'anggota.add_iuran', 'anggota.change_iuran', 'anggota.delete_iuran', 'anggota.export_iuran', 'core.view_kegiatan', 'core.add_kegiatan', 'core.change_kegiatan', 'core.delete_kegiatan', 'core.view_notification', 'core.add_notification', 'core.change_notification', 'core.delete_notification', 'core.view_website_settings', 'core.change_website_settings', 'event.view_event', 'event.add_event', 'event.change_event', 'event.delete_event', 'event.approve_event', 'event.export_event', 'blog.view_post', 'blog.add_post', 'blog.change_post', 'blog.delete_post', 'blog.approve_post', 'blog.export_post', 'keuangan.view_transaksi', 'keuangan.add_transaksi', 'keuangan.change_transaksi', 'keuangan.delete_transaksi', 'keuangan.export_transaksi', 'keuangan.view_laporan', 'keuangan.export_laporan', 'role.view_role', 'role.add_role', 'role.change_role', 'role.delete_role', 'role.view_roleassignment', 'role.add_roleassignment', 'role.change_roleassignment', 'role.delete_roleassignment', 'role.view_permission', 'role.add_permission', 'role.change_permission', 'role.delete_permission', ], 'is_active': True } ) if created: self.stdout.write( self.style.SUCCESS(f'Successfully created admin role: {admin_role.name}') ) else: self.stdout.write( self.style.WARNING(f'Admin role already exists: {admin_role.name}') ) # Create permissions permissions_data = [ # Anggota permissions ('View User', 'anggota.view_user', 'view', 'anggota', 'Melihat data anggota'), ('Add User', 'anggota.add_user', 'add', 'anggota', 'Menambah anggota baru'), ('Change User', 'anggota.change_user', 'change', 'anggota', 'Mengubah data anggota'), ('Delete User', 'anggota.delete_user', 'delete', 'anggota', 'Menghapus anggota'), ('Approve User', 'anggota.approve_user', 'approve', 'anggota', 'Menyetujui pendaftaran anggota'), ('Reject User', 'anggota.reject_user', 'reject', 'anggota', 'Menolak pendaftaran anggota'), ('Export User', 'anggota.export_user', 'export', 'anggota', 'Export data anggota'), ('View Absensi', 'anggota.view_absensi', 'view', 'anggota', 'Melihat data absensi'), ('Add Absensi', 'anggota.add_absensi', 'add', 'anggota', 'Menambah data absensi'), ('Change Absensi', 'anggota.change_absensi', 'change', 'anggota', 'Mengubah data absensi'), ('Delete Absensi', 'anggota.delete_absensi', 'delete', 'anggota', 'Menghapus data absensi'), ('Export Absensi', 'anggota.export_absensi', 'export', 'anggota', 'Export data absensi'), ('View Iuran', 'anggota.view_iuran', 'view', 'anggota', 'Melihat data iuran'), ('Add Iuran', 'anggota.add_iuran', 'add', 'anggota', 'Menambah data iuran'), ('Change Iuran', 'anggota.change_iuran', 'change', 'anggota', 'Mengubah data iuran'), ('Delete Iuran', 'anggota.delete_iuran', 'delete', 'anggota', 'Menghapus data iuran'), ('Export Iuran', 'anggota.export_iuran', 'export', 'anggota', 'Export data iuran'), # Core permissions ('View Kegiatan', 'core.view_kegiatan', 'view', 'core', 'Melihat data kegiatan'), ('Add Kegiatan', 'core.add_kegiatan', 'add', 'core', 'Menambah kegiatan'), ('Change Kegiatan', 'core.change_kegiatan', 'change', 'core', 'Mengubah kegiatan'), ('Delete Kegiatan', 'core.delete_kegiatan', 'delete', 'core', 'Menghapus kegiatan'), ('View Notification', 'core.view_notification', 'view', 'core', 'Melihat notifikasi'), ('Add Notification', 'core.add_notification', 'add', 'core', 'Menambah notifikasi'), ('Change Notification', 'core.change_notification', 'change', 'core', 'Mengubah notifikasi'), ('Delete Notification', 'core.delete_notification', 'delete', 'core', 'Menghapus notifikasi'), ('View Website Settings', 'core.view_website_settings', 'view', 'core', 'Melihat pengaturan website'), ('Change Website Settings', 'core.change_website_settings', 'change', 'core', 'Mengubah pengaturan website'), # Event permissions ('View Event', 'event.view_event', 'view', 'event', 'Melihat data event'), ('Add Event', 'event.add_event', 'add', 'event', 'Menambah event'), ('Change Event', 'event.change_event', 'change', 'event', 'Mengubah event'), ('Delete Event', 'event.delete_event', 'delete', 'event', 'Menghapus event'), ('Approve Event', 'event.approve_event', 'approve', 'event', 'Menyetujui event'), ('Export Event', 'event.export_event', 'export', 'event', 'Export data event'), # Blog permissions ('View Post', 'blog.view_post', 'view', 'blog', 'Melihat artikel blog'), ('Add Post', 'blog.add_post', 'add', 'blog', 'Menambah artikel blog'), ('Change Post', 'blog.change_post', 'change', 'blog', 'Mengubah artikel blog'), ('Delete Post', 'blog.delete_post', 'delete', 'blog', 'Menghapus artikel blog'), ('Approve Post', 'blog.approve_post', 'approve', 'blog', 'Menyetujui artikel blog'), ('Export Post', 'blog.export_post', 'export', 'blog', 'Export artikel blog'), # Keuangan permissions ('View Transaksi', 'keuangan.view_transaksi', 'view', 'keuangan', 'Melihat data transaksi'), ('Add Transaksi', 'keuangan.add_transaksi', 'add', 'keuangan', 'Menambah transaksi'), ('Change Transaksi', 'keuangan.change_transaksi', 'change', 'keuangan', 'Mengubah transaksi'), ('Delete Transaksi', 'keuangan.delete_transaksi', 'delete', 'keuangan', 'Menghapus transaksi'), ('Export Transaksi', 'keuangan.export_transaksi', 'export', 'keuangan', 'Export data transaksi'), ('View Laporan', 'keuangan.view_laporan', 'view', 'keuangan', 'Melihat laporan keuangan'), ('Export Laporan', 'keuangan.export_laporan', 'export', 'keuangan', 'Export laporan keuangan'), # Role permissions ('View Role', 'role.view_role', 'view', 'role', 'Melihat data role'), ('Add Role', 'role.add_role', 'add', 'role', 'Menambah role'), ('Change Role', 'role.change_role', 'change', 'role', 'Mengubah role'), ('Delete Role', 'role.delete_role', 'delete', 'role', 'Menghapus role'), ('View Role Assignment', 'role.view_roleassignment', 'view', 'role', 'Melihat assignment role'), ('Add Role Assignment', 'role.add_roleassignment', 'add', 'role', 'Menambah assignment role'), ('Change Role Assignment', 'role.change_roleassignment', 'change', 'role', 'Mengubah assignment role'), ('Delete Role Assignment', 'role.delete_roleassignment', 'delete', 'role', 'Menghapus assignment role'), ('View Permission', 'role.view_permission', 'view', 'role', 'Melihat permission'), ('Add Permission', 'role.add_permission', 'add', 'role', 'Menambah permission'), ('Change Permission', 'role.change_permission', 'change', 'role', 'Mengubah permission'), ('Delete Permission', 'role.delete_permission', 'delete', 'role', 'Menghapus permission'), ] created_permissions = 0 for name, codename, permission_type, module, description in permissions_data: permission, created = Permission.objects.get_or_create( codename=codename, defaults={ 'name': name, 'permission_type': permission_type, 'description': description, 'module': module, 'is_active': True } ) if created: created_permissions += 1 self.stdout.write( self.style.SUCCESS(f'Created {created_permissions} new permissions') ) # Create example admin users if requested if options['create_examples']: self.create_example_admin_users(admin_role) self.stdout.write( self.style.SUCCESS('Admin role setup completed successfully!') ) def create_example_admin_users(self, admin_role): """Create example admin users""" self.stdout.write('Creating example admin users...') # Example admin users data admin_users_data = [ { 'username': 'superadmin', 'email': 'superadmin@hmi.com', 'nama_lengkap': 'Super Administrator', 'nim': 'ADMIN001', 'password': 'admin123', 'is_staff': True, 'is_superuser': True, 'is_approved': True, 'status': 'aktif' }, { 'username': 'admin_ketua', 'email': 'ketua@hmi.com', 'nama_lengkap': 'Ketua Umum HMI', 'nim': 'ADMIN002', 'password': 'ketua123', 'is_staff': True, 'is_superuser': False, 'is_approved': True, 'status': 'aktif' }, { 'username': 'admin_sekretaris', 'email': 'sekretaris@hmi.com', 'nama_lengkap': 'Sekretaris Umum HMI', 'nim': 'ADMIN003', 'password': 'sekretaris123', 'is_staff': True, 'is_superuser': False, 'is_approved': True, 'status': 'aktif' }, { 'username': 'admin_bendahara', 'email': 'bendahara@hmi.com', 'nama_lengkap': 'Bendahara Umum HMI', 'nim': 'ADMIN004', 'password': 'bendahara123', 'is_staff': True, 'is_superuser': False, 'is_approved': True, 'status': 'aktif' }, { 'username': 'admin_web', 'email': 'webadmin@hmi.com', 'nama_lengkap': 'Web Administrator', 'nim': 'ADMIN005', 'password': 'webadmin123', 'is_staff': True, 'is_superuser': False, 'is_approved': True, 'status': 'aktif' } ] created_users = 0 for user_data in admin_users_data: password = user_data.pop('password') user, created = User.objects.get_or_create( username=user_data['username'], defaults=user_data ) if created: user.set_password(password) user.save() created_users += 1 # Assign admin role RoleAssignment.objects.get_or_create( user=user, role=admin_role, defaults={ 'is_active': True, 'notes': f'Default admin role assignment for {user.nama_lengkap}' } ) self.stdout.write( self.style.SUCCESS(f'Created admin user: {user.nama_lengkap} ({user.username})') ) else: self.stdout.write( self.style.WARNING(f'User already exists: {user.nama_lengkap} ({user.username})') ) self.stdout.write( self.style.SUCCESS(f'Created {created_users} new admin users') )