""" Management command to reset all users except Peter and create fresh ones """ from django.core.management.base import BaseCommand from django.contrib.auth import get_user_model from django.db import transaction, connection import uuid from apps.authentication.models import UserProfile from apps.business.models import Business, Location User = get_user_model() class Command(BaseCommand): help = 'Reset all users except Peter and create fresh ones' def add_arguments(self, parser): parser.add_argument( '--business-id', type=str, default='3c9a90cf8f6d490583fceae44d4e9e5c', help='Business ID to assign users to', ) parser.add_argument( '--location-id', type=str, default='d99e4958de2e4d4ea88730e51eb242ed', help='Location ID for user access', ) parser.add_argument( '--default-password', type=str, default='OneTech2025!', help='Default password for all users', ) parser.add_argument( '--confirm', action='store_true', help='Confirm deletion of users', ) def handle(self, *args, **options): business_id = options['business_id'] location_id = options['location_id'] default_password = options['default_password'] confirm = options['confirm'] if not confirm: self.stdout.write(self.style.ERROR('\n⚠️ WARNING: This will DELETE all users except Peter!')) self.stdout.write(self.style.ERROR('Run with --confirm flag to proceed\n')) return # User data - excluding Peter users_data = [ {'email': 'chelsea@onetech.com', 'username': 'chelsea', 'first_name': 'Chelsea', 'last_name': 'OneTech'}, {'email': 'paul@dtd.com', 'username': 'paul', 'first_name': 'Paul', 'last_name': 'User'}, {'email': 'admin@yellowapple.com', 'username': 'admin_yellow', 'first_name': 'Admin', 'last_name': 'Yellow'}, {'email': 'stella@onetech.com', 'username': 'stella', 'first_name': 'Stella', 'last_name': 'OneTech'}, {'email': 'ruth@onetech.com', 'username': 'ruth', 'first_name': 'Ruth', 'last_name': 'OneTech'}, {'email': 'vinnie@onetech.co.ke', 'username': 'vinnie', 'first_name': 'Vinnie', 'last_name': 'OneTech'}, {'email': 'pkaruma@onetech.co.ke', 'username': 'karuma', 'first_name': 'Karuma', 'last_name': 'OneTech'}, {'email': 'sales@onetechcomputers.co.ke', 'username': 'sales', 'first_name': 'Sales', 'last_name': 'Team'}, {'email': 'maureen@onetech.com', 'username': 'maureen', 'first_name': 'Maureen', 'last_name': 'OneTech'}, {'email': 'maggy@onetech.co.ke', 'username': 'maggy', 'first_name': 'Maggy', 'last_name': 'OneTech'}, {'email': 'esther@onetech.co.ke', 'username': 'esther', 'first_name': 'Esther', 'last_name': 'OneTech'}, {'email': 'shiko@onetech.com', 'username': 'shiko', 'first_name': 'Shiko', 'last_name': 'OneTech'}, {'email': 'admin@onetech.com', 'username': 'admin_onetech', 'first_name': 'Admin', 'last_name': 'OneTech'}, {'email': 'samuel@onetech.co.ke', 'username': 'samuel', 'first_name': 'Samuel', 'last_name': 'OneTech'}, {'email': 'wairimu@onetech.com', 'username': 'wairimu', 'first_name': 'Wairimu', 'last_name': 'OneTech'}, {'email': 'jack@onetech.co.ke', 'username': 'jack', 'first_name': 'Jack', 'last_name': 'OneTech'}, {'email': 'njuguna@onetech.co.ke', 'username': 'njuguna', 'first_name': 'Njuguna', 'last_name': 'OneTech'}, {'email': 'admin@binbyte.com', 'username': 'admin_binbyte', 'first_name': 'Admin', 'last_name': 'BinByte'}, {'email': 'ephantus@onetech.co.ke', 'username': 'ephantus', 'first_name': 'Ephantus', 'last_name': 'OneTech'}, {'email': 'grace@onetech.co.ke', 'username': 'grace', 'first_name': 'Grace', 'last_name': 'OneTech'}, ] self.stdout.write('\n' + '='*60) self.stdout.write('USER RESET AND RECREATION') self.stdout.write('='*60) # Verify business and location exist try: business = Business.objects.get(id=business_id) self.stdout.write(self.style.SUCCESS(f'✓ Found business: {business.name}')) except Business.DoesNotExist: self.stdout.write(self.style.ERROR(f'✗ Business {business_id} not found')) return try: location = Location.objects.get(id=location_id) self.stdout.write(self.style.SUCCESS(f'✓ Found location: {location.name}')) except Location.DoesNotExist: self.stdout.write(self.style.ERROR(f'✗ Location {location_id} not found')) return # Get or create roles using raw SQL self.stdout.write('\nSetting up roles...') with connection.cursor() as cursor: cursor.execute(''' SELECT id FROM roles WHERE name = 'SALES_AGENT' AND business_id = %s LIMIT 1 ''', [business_id]) sales_role_row = cursor.fetchone() if not sales_role_row: sales_role_id = uuid.uuid4().hex cursor.execute(''' INSERT INTO roles (id, name, display_name, description, business_id, is_system_role, created_at) VALUES (%s, %s, %s, %s, %s, %s, NOW()) ''', [sales_role_id, 'SALES_AGENT', 'Sales Agent', 'Can manage sales and inventory', business_id, 0]) self.stdout.write(self.style.SUCCESS(' ✓ Created SALES_AGENT role')) else: sales_role_id = sales_role_row[0] self.stdout.write(f' → SALES_AGENT role exists') cursor.execute(''' SELECT id FROM roles WHERE name = 'ADMIN' AND business_id = %s LIMIT 1 ''', [business_id]) admin_role_row = cursor.fetchone() if not admin_role_row: admin_role_id = uuid.uuid4().hex cursor.execute(''' INSERT INTO roles (id, name, display_name, description, business_id, is_system_role, created_at) VALUES (%s, %s, %s, %s, %s, %s, NOW()) ''', [admin_role_id, 'ADMIN', 'Administrator', 'Full administrative access', business_id, 0]) self.stdout.write(self.style.SUCCESS(' ✓ Created ADMIN role')) else: admin_role_id = admin_role_row[0] self.stdout.write(f' → ADMIN role exists') # Step 1: Delete all users except Peter using raw SQL self.stdout.write('\n' + '-'*60) self.stdout.write('Step 1: Deleting existing users (except Peter)...') self.stdout.write('-'*60) with connection.cursor() as cursor: # Get Peter's user ID and all superusers cursor.execute(""" SELECT id FROM auth_user WHERE email = 'sadamin@gmail.com' OR is_superuser = 1 """) protected_users = [row[0] for row in cursor.fetchall()] if not protected_users: self.stdout.write(self.style.ERROR('No protected users found!')) return # Format for SQL IN clause - remove hyphens for UUID comparison protected_ids_str = "', '".join([uid.replace('-', '') for uid in protected_users]) self.stdout.write(f'Protected users: {len(protected_users)} (Peter and superusers)') # Delete related data first (foreign key constraints) # 1. Delete business memberships cursor.execute(f""" DELETE FROM business_businessmembership WHERE user_id NOT IN ('{protected_ids_str}') """) self.stdout.write(f' ✓ Deleted memberships: {cursor.rowcount}') # 2. Delete user profiles cursor.execute(f""" DELETE FROM user_profiles WHERE user_id NOT IN ('{protected_ids_str}') """) self.stdout.write(f' ✓ Deleted profiles: {cursor.rowcount}') # 3. Delete invitation tokens (both invited_by and user references) cursor.execute(f""" DELETE FROM invitation_tokens WHERE invited_by_id NOT IN ('{protected_ids_str}') OR invited_by_id IS NULL """) self.stdout.write(f' ✓ Deleted invitation tokens: {cursor.rowcount}') # 4. Delete audit logs cursor.execute(f""" DELETE FROM audit_logs WHERE user_id NOT IN ('{protected_ids_str}') OR user_id IS NULL """) self.stdout.write(f' ✓ Deleted audit logs: {cursor.rowcount}') # 5. Finally delete users cursor.execute(f""" DELETE FROM auth_user WHERE id NOT IN ('{protected_ids_str}') """) deleted_users = cursor.rowcount self.stdout.write(self.style.SUCCESS(f' ✓ Deleted users: {deleted_users}')) # Step 2: Create fresh users self.stdout.write('\n' + '-'*60) self.stdout.write('Step 2: Creating fresh users...') self.stdout.write('-'*60 + '\n') users_created = 0 profiles_created = 0 memberships_created = 0 errors = 0 for user_data in users_data: email = user_data['email'] try: with transaction.atomic(): # Create user user = User.objects.create_user( username=user_data['username'], email=email.lower(), first_name=user_data['first_name'], last_name=user_data['last_name'], password=default_password, is_active=True, is_email_verified=True, onboarding_completed=True, profile_completed=True, business_setup_completed=True, onboarding_step=5 ) users_created += 1 self.stdout.write( self.style.SUCCESS(f'{email:35} → ✓ User created') ) # Create profile profile = UserProfile.objects.create( user=user, bio=f'{user_data["first_name"]} - OneTech team member', preferred_language='en', theme_preference='light' ) profiles_created += 1 self.stdout.write(f'{" "*35} ✓ Profile created') # Determine role if 'admin' in email.lower(): role_id = admin_role_id role_name = 'ADMIN' else: role_id = sales_role_id role_name = 'SALES_AGENT' # Create membership using raw SQL with connection.cursor() as cursor: # Check if id is auto-increment or UUID permissions_json = self._get_permissions_json(role_name) user_id_no_hyphens = str(user.id).replace('-', '') # Use NULL for id to let MySQL auto-increment handle it cursor.execute(''' INSERT INTO business_businessmembership (user_id, business_id, role_id, status, is_active, invitation_accepted, all_locations_access, can_access_all_locations, permissions, is_primary, status_reason, joined_at, updated_at) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, NOW(), NOW()) ''', [ user_id_no_hyphens, business_id, role_id, 'ACTIVE', 1, 1, 1, 1, permissions_json, 0, '' ]) memberships_created += 1 self.stdout.write( self.style.SUCCESS( f'{" "*35} ✓ Membership created ({role_name})' ) ) except Exception as e: errors += 1 self.stdout.write( self.style.ERROR(f'{email:35} → ✗ Error: {str(e)}') ) continue # Summary self.stdout.write('\n' + '='*60) self.stdout.write('RESET COMPLETE') self.stdout.write('='*60) self.stdout.write(f'Users created: {users_created}') self.stdout.write(f'Profiles created: {profiles_created}') self.stdout.write(f'Memberships created: {memberships_created}') if errors > 0: self.stdout.write(self.style.ERROR(f'Errors: {errors}')) self.stdout.write('\n' + '-'*60) self.stdout.write('DEFAULT LOGIN CREDENTIALS:') self.stdout.write('-'*60) self.stdout.write(f'Email: any of the created emails') self.stdout.write(f'Password: {default_password}') self.stdout.write('\nAll users are:') self.stdout.write(' ✓ Fully verified') self.stdout.write(' ✓ Onboarding completed') self.stdout.write(' ✓ Have profiles') self.stdout.write(' ✓ Have business memberships') self.stdout.write('='*60 + '\n') def _get_permissions_json(self, role_name): """Get permissions as JSON string""" import json if role_name == 'ADMIN': permissions = { 'inventory': ['create', 'read', 'update', 'delete'], 'sales': ['create', 'read', 'update', 'delete'], 'customers': ['create', 'read', 'update', 'delete'], 'transfers': ['create', 'read', 'update', 'delete', 'approve'], 'warranty': ['create', 'read', 'update', 'delete'], 'reports': ['read', 'export'], 'accounting': ['create', 'read', 'update', 'delete'], 'users': ['create', 'read', 'update', 'delete'], 'settings': ['read', 'update'], 'invoicing': ['create', 'read', 'update', 'delete', 'record_payment'], } else: # SALES_AGENT permissions = { 'inventory': ['read', 'update'], 'sales': ['create', 'read', 'update'], 'customers': ['create', 'read', 'update'], 'transfers': ['create', 'read'], 'warranty': ['create', 'read'], 'reports': ['read'], 'invoicing': ['create', 'read', 'record_payment'], } return json.dumps(permissions)