diff --git a/courses/migrations/0022_auto_20220309_2201.py b/courses/migrations/0022_auto_20220309_2201.py new file mode 100644 index 0000000..3f9649e --- /dev/null +++ b/courses/migrations/0022_auto_20220309_2201.py @@ -0,0 +1,23 @@ +# Generated by Django 3.2.5 on 2022-03-09 16:31 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('courses', '0021_auto_20220224_2105'), + ] + + operations = [ + migrations.AlterField( + model_name='article', + name='home_page_display', + field=models.CharField(blank=True, choices=[('Featured', 'Featured'), ('Exclusive', 'Exclusive')], max_length=20, null=True), + ), + migrations.AlterField( + model_name='article', + name='status', + field=models.CharField(choices=[('Rejected', 'Rejected'), ('Created', 'Created'), ('Published', 'Published'), ('Draft', 'Draft')], default='Draft', max_length=20), + ), + ] diff --git a/courses/serializers.py b/courses/serializers.py index a235568..e2d9cb9 100644 --- a/courses/serializers.py +++ b/courses/serializers.py @@ -92,7 +92,8 @@ class Meta: class DomainSerializer(serializers.ModelSerializer): class Meta: - exclude=('projects','events','track') + # exclude=('projects','events','track') + fields = '__all__' model = core_models.Domain diff --git a/events/migrations/0004_auto_20220309_2201.py b/events/migrations/0004_auto_20220309_2201.py new file mode 100644 index 0000000..cd7fe94 --- /dev/null +++ b/events/migrations/0004_auto_20220309_2201.py @@ -0,0 +1,23 @@ +# Generated by Django 3.2.5 on 2022-03-09 16:31 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('events', '0003_auto_20220224_2057'), + ] + + operations = [ + migrations.AlterField( + model_name='eventregistration', + name='email', + field=models.CharField(max_length=100), + ), + migrations.AlterField( + model_name='eventregistration', + name='whatsapp_no', + field=models.CharField(max_length=15), + ), + ] diff --git a/events/models.py b/events/models.py index f8b3036..8c20a59 100644 --- a/events/models.py +++ b/events/models.py @@ -48,11 +48,11 @@ class EventRegistration(models.Model): event = models.ForeignKey(Event, on_delete=models.CASCADE, null=True, blank=True) firstname = models.CharField(max_length=100) lastname = models.CharField(max_length=100) - email = models.CharField(max_length=100,unique = True) + email = models.CharField(max_length=100) year = models.CharField(max_length=15) branch = models.CharField(max_length=100) gender = models.CharField(choices=GENDER_CHOICES, max_length=8) - whatsapp_no = models.CharField(max_length=15,unique = True) + whatsapp_no = models.CharField(max_length=15) expectations = models.TextField(null=True, blank=True) timestamp = models.DateTimeField(auto_now_add=True) reg_number = models.CharField(max_length=15, null=True) diff --git a/events/views.py b/events/views.py index ecb56ad..b14438a 100644 --- a/events/views.py +++ b/events/views.py @@ -3,7 +3,7 @@ from . import models as event_models from . import serializers as event_serializers from django.shortcuts import render -from rest_framework import generics, serializers +from rest_framework import generics, serializers,permissions from rest_framework.generics import GenericAPIView from rest_framework.mixins import UpdateModelMixin @@ -23,9 +23,15 @@ import string from django.utils import timezone +#coustom permission_classes FOR READONLY permission for GET request +class ReadOnly(BasePermission): + def has_permission(self, request, view): + return request.method in SAFE_METHODS + class EventList(generics.ListCreateAPIView): queryset = event_models.Event.objects.all().order_by('-start_date') serializer_class = event_serializers.EventSerializer + permission_classes = [IsAdminUser | ReadOnly] def get_queryset(self): type = self.request.query_params.get('type') @@ -40,11 +46,34 @@ def get_queryset(self): queryset = event_models.Event.objects.all().order_by('-start_date') return queryset -class EventDetail(generics.RetrieveDestroyAPIView): +class EventDetail(generics.RetrieveUpdateDestroyAPIView): queryset = event_models.Event.objects.all() serializer_class = event_serializers.EventSerializer lookup_field = 'slug' + def put(self, request, *args, **kwargs): + user=request.user + if user.is_superuser==True: + return self.partial_update(request, *args, **kwargs) + else: + context={} + context["error"] = "You are not authorized to update." + return Response(context,status=HTTP_400_BAD_REQUEST) + def delete(self,request,*args, **kwargs): + user=request.user + slug=kwargs['slug'] + if user.is_superuser==True or user.is_staff==True: + curr_domain = event_models.Event.objects.get(slug = slug) + context={} + context["message"]="Record deleted Successfully" + curr_domain.delete() + return Response(context,status=HTTP_200_OK) + + else: + context={} + context["error"] = "You are not authorized to delete." + return Response(context,status=HTTP_400_BAD_REQUEST) + class RegisterForEventView(generics.ListCreateAPIView): queryset = event_models.EventRegistration.objects.all() serializer_class = event_serializers.EventRegistrationSerializer \ No newline at end of file diff --git a/projects/serializers.py b/projects/serializers.py index d5aae92..f2dbc21 100644 --- a/projects/serializers.py +++ b/projects/serializers.py @@ -9,9 +9,9 @@ class Meta: model = project_models.Project -class CreateDocumentSerializer(serializers.ModelSerializer): +class UpdateDocumentSerializer(serializers.ModelSerializer): class Meta: - exclude = ('time_stamp','visible_to',) + exclude = ('time_stamp',) model=project_models.Document class ListDocumentSerializer(serializers.ModelSerializer): diff --git a/projects/views.py b/projects/views.py index 60aba80..37a49ca 100644 --- a/projects/views.py +++ b/projects/views.py @@ -1,3 +1,4 @@ +from cgitb import lookup from django.shortcuts import render from . import models as project_models from . import serializers as project_serializers @@ -21,33 +22,35 @@ import random import string from members import models as member_models - +from django.contrib.auth.models import AnonymousUser class ProjectLlist(generics.ListCreateAPIView): - # authentication_classes = [IsAuthenticated] queryset = project_models.Project.objects.all() serializer_class = project_serializers.ProjectSerializer - + permissin_class=[IsAuthenticatedOrReadOnly] class ProjectDetail(generics.RetrieveUpdateDestroyAPIView): queryset = project_models.Project.objects.all() serializer_class = project_serializers.ProjectSerializer + permissin_class=[IsAuthenticatedOrReadOnly] lookup_field = 'slug' -class Document_list(APIView): +class Document_list(generics.ListCreateAPIView): def get(self,request): context={} - queryset=project_models.Document.objects.filter(visibility='PUBLIC') + public_documents=project_models.Document.objects.filter(visibility='PUBLIC') serializer=project_serializers.ListDocumentSerializer - user=request.user - context['Visible to Public']=serializer(queryset).data - # if user: - # curr_member = member_models.Member.objects.get(user= user) - # if curr_member: - # member_document = project_models.Document.objects.filter(visibility= 'ONLY-MEMBERS') - # context['Visible to member'] = serializer(member_document).data - # return Response(context,status=HTTP_200_OK) + context['Visible to Public']=serializer(public_documents,many=True).data + if request.user.id!=None: + curr_member = member_models.Member.objects.get(user= request.user) + if curr_member: + member_documents = project_models.Document.objects.filter(visibility= 'ONLY-MEMBERS') + context["Visible to Members"]=serializer(member_documents,many=True).data + private_documents=project_models.Document.objects.filter(visibility='PRIVATE', visible_to= request.user.id) + if private_documents!=None: + context["Private"]=serializer(private_documents,many=True).data return Response(context,status=HTTP_200_OK) + def post(self,request,*args,**kwargs): member=member_models.Member.objects.filter(user=request.user).first() context={} @@ -58,11 +61,19 @@ def post(self,request,*args,**kwargs): new_doc.title=data["title"] new_doc.created_by.add(member_models.Member.objects.get(user=request.user)) new_doc.visibility=data["visibility"] - #new_doc.visible_to.add(data["visible_to"]) + if new_doc.visibility=="PRIVATE": + if 'visible_to' in data: + visible_to = data['visible_to'] + visible_to = [int(i) for i in visible_to.split(',')] + for i in visible_to : + new_visible_to = User.objects.get(id=i) + new_doc.visible_to.add(new_visible_to) + else: + data.pop('visible_to') new_doc.project=project_models.Project.objects.get(id=data["project"]) context['message']='New Document Created' new_doc.save() - serializer=project_serializers.ListDocumentSerializer(new_doc) + serializer=project_serializers.ListDocumentSerializer(new_doc) context["New Document"]=serializer.data return Response(context,HTTP_200_OK) else: @@ -70,6 +81,18 @@ def post(self,request,*args,**kwargs): return Response(context,HTTP_400_BAD_REQUEST) class DocumentDetail(generics.RetrieveUpdateDestroyAPIView): + permissin_class=[IsAuthenticatedOrReadOnly] queryset = project_models.Document.objects.all() - serializer_class = project_serializers.ListDocumentSerializer + serializer_class = project_serializers.UpdateDocumentSerializer lookup_field = 'id' + def put(self, request, *args, **kwargs): + user=request.user + id=self.kwargs['id'] + if user.id!=None: + curr_doc=project_models.Document.objects.get(id=id) + curr_doc.created_by.add(member_models.Member.objects.get(user=user)) + return self.partial_update(request, *args, **kwargs) + else: + context={} + context["error"] = "You are not authorized to update." + return Response(context,status=HTTP_400_BAD_REQUEST)