Updated Views of Documents

courses/migrations/0022_auto_20220309_2201.py

@@ -0,0 +1,23 @@
+# Generated by Django 3.2.5 on 2022-03-09 16:31
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('courses', '0021_auto_20220224_2105'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='article',
+            name='home_page_display',
+            field=models.CharField(blank=True, choices=[('Featured', 'Featured'), ('Exclusive', 'Exclusive')], max_length=20, null=True),
+        ),
+        migrations.AlterField(
+            model_name='article',
+            name='status',
+            field=models.CharField(choices=[('Rejected', 'Rejected'), ('Created', 'Created'), ('Published', 'Published'), ('Draft', 'Draft')], default='Draft', max_length=20),
+        ),
+    ]

courses/serializers.py

@@ -92,7 +92,8 @@ class Meta:
 class DomainSerializer(serializers.ModelSerializer):
 
     class Meta:
-        exclude=('projects','events','track')
+        # exclude=('projects','events','track')
+        fields = '__all__'
         model = core_models.Domain
 
 

events/migrations/0004_auto_20220309_2201.py

@@ -0,0 +1,23 @@
+# Generated by Django 3.2.5 on 2022-03-09 16:31
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('events', '0003_auto_20220224_2057'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='eventregistration',
+            name='email',
+            field=models.CharField(max_length=100),
+        ),
+        migrations.AlterField(
+            model_name='eventregistration',
+            name='whatsapp_no',
+            field=models.CharField(max_length=15),
+        ),
+    ]

events/models.py

@@ -48,11 +48,11 @@ class EventRegistration(models.Model):
     event = models.ForeignKey(Event, on_delete=models.CASCADE, null=True, blank=True)
     firstname = models.CharField(max_length=100)
     lastname = models.CharField(max_length=100)
-    email = models.CharField(max_length=100,unique = True)
+    email = models.CharField(max_length=100)
     year = models.CharField(max_length=15)
     branch = models.CharField(max_length=100)
     gender = models.CharField(choices=GENDER_CHOICES, max_length=8)
-    whatsapp_no = models.CharField(max_length=15,unique = True)
+    whatsapp_no = models.CharField(max_length=15)
     expectations = models.TextField(null=True, blank=True)
     timestamp = models.DateTimeField(auto_now_add=True)
     reg_number = models.CharField(max_length=15, null=True)

events/views.py

@@ -3,7 +3,7 @@
 from . import models as event_models
 from . import serializers as event_serializers
 from django.shortcuts import render
-from rest_framework import generics, serializers
+from rest_framework import generics, serializers,permissions
 
 from rest_framework.generics import GenericAPIView
 from rest_framework.mixins import UpdateModelMixin
@@ -23,9 +23,15 @@
 import string
 from django.utils import timezone
 
+#coustom permission_classes FOR READONLY permission for GET request
+class ReadOnly(BasePermission):
+    def has_permission(self, request, view):
+        return request.method in SAFE_METHODS
+
 class EventList(generics.ListCreateAPIView):
     queryset = event_models.Event.objects.all().order_by('-start_date')
     serializer_class = event_serializers.EventSerializer
+    permission_classes = [IsAdminUser | ReadOnly] 
 
     def get_queryset(self):
         type = self.request.query_params.get('type')
@@ -40,11 +46,34 @@ def get_queryset(self):
             queryset = event_models.Event.objects.all().order_by('-start_date')
         return queryset
 
-class EventDetail(generics.RetrieveDestroyAPIView):
+class EventDetail(generics.RetrieveUpdateDestroyAPIView):
     queryset = event_models.Event.objects.all()
     serializer_class = event_serializers.EventSerializer
     lookup_field = 'slug'
 
+    def put(self, request, *args, **kwargs):
+        user=request.user
+        if user.is_superuser==True:
+            return self.partial_update(request, *args, **kwargs)
+        else:
+            context={}
+            context["error"] = "You are not authorized to update."
+            return Response(context,status=HTTP_400_BAD_REQUEST)
+    def delete(self,request,*args, **kwargs):
+        user=request.user
+        slug=kwargs['slug']
+        if user.is_superuser==True or user.is_staff==True:
+            curr_domain = event_models.Event.objects.get(slug = slug)
+            context={}
+            context["message"]="Record deleted Successfully"
+            curr_domain.delete()
+            return Response(context,status=HTTP_200_OK)
+
+        else:
+            context={}
+            context["error"] = "You are not authorized to delete."
+            return Response(context,status=HTTP_400_BAD_REQUEST)
+
 class RegisterForEventView(generics.ListCreateAPIView):
     queryset = event_models.EventRegistration.objects.all()
     serializer_class = event_serializers.EventRegistrationSerializer

projects/serializers.py

@@ -9,9 +9,9 @@ class Meta:
         model = project_models.Project
 
 
-class CreateDocumentSerializer(serializers.ModelSerializer):
+class UpdateDocumentSerializer(serializers.ModelSerializer):
     class Meta:
-        exclude = ('time_stamp','visible_to',)
+        exclude = ('time_stamp',)
         model=project_models.Document
 
 class ListDocumentSerializer(serializers.ModelSerializer):

projects/views.py

@@ -1,3 +1,4 @@
+from cgitb import lookup
 from django.shortcuts import render
 from . import models as project_models
 from . import serializers as project_serializers
@@ -21,33 +22,35 @@
 import random
 import string
 from members import models as member_models
-
+from django.contrib.auth.models import AnonymousUser
 class ProjectLlist(generics.ListCreateAPIView):
-    # authentication_classes = [IsAuthenticated]
     queryset = project_models.Project.objects.all()
     serializer_class = project_serializers.ProjectSerializer
-
+    permissin_class=[IsAuthenticatedOrReadOnly]
 
 class ProjectDetail(generics.RetrieveUpdateDestroyAPIView):
     queryset = project_models.Project.objects.all()
     serializer_class = project_serializers.ProjectSerializer
+    permissin_class=[IsAuthenticatedOrReadOnly]
     lookup_field = 'slug'
 
 
-class Document_list(APIView):
+class Document_list(generics.ListCreateAPIView):
     def get(self,request):
         context={}
-        queryset=project_models.Document.objects.filter(visibility='PUBLIC')
+        public_documents=project_models.Document.objects.filter(visibility='PUBLIC')
         serializer=project_serializers.ListDocumentSerializer
-        user=request.user
-        context['Visible to Public']=serializer(queryset).data        
-        # if user:
-        #     curr_member = member_models.Member.objects.get(user= user)
-        #     if curr_member:
-        #         member_document = project_models.Document.objects.filter(visibility= 'ONLY-MEMBERS')
-        #         context['Visible to member'] = serializer(member_document).data
-        #         return Response(context,status=HTTP_200_OK)
+        context['Visible to Public']=serializer(public_documents,many=True).data         
+        if request.user.id!=None:
+            curr_member = member_models.Member.objects.get(user= request.user)
+            if curr_member:
+                member_documents = project_models.Document.objects.filter(visibility= 'ONLY-MEMBERS')
+                context["Visible to Members"]=serializer(member_documents,many=True).data
+                private_documents=project_models.Document.objects.filter(visibility='PRIVATE', visible_to= request.user.id)
+                if private_documents!=None:
+                    context["Private"]=serializer(private_documents,many=True).data
         return Response(context,status=HTTP_200_OK)
+
     def post(self,request,*args,**kwargs):
         member=member_models.Member.objects.filter(user=request.user).first()
         context={}
@@ -58,18 +61,38 @@ def post(self,request,*args,**kwargs):
             new_doc.title=data["title"]
             new_doc.created_by.add(member_models.Member.objects.get(user=request.user))
             new_doc.visibility=data["visibility"]
-            #new_doc.visible_to.add(data["visible_to"])
+            if new_doc.visibility=="PRIVATE":
+                if 'visible_to' in data:
+                    visible_to = data['visible_to']
+                    visible_to = [int(i) for i in visible_to.split(',')]
+                for i in visible_to :
+                    new_visible_to = User.objects.get(id=i)
+                    new_doc.visible_to.add(new_visible_to)
+            else:
+                data.pop('visible_to')
             new_doc.project=project_models.Project.objects.get(id=data["project"])
             context['message']='New Document Created'
             new_doc.save()
-            serializer=project_serializers.ListDocumentSerializer(new_doc)
+            serializer=project_serializers.ListDocumentSerializer(new_doc) 
             context["New Document"]=serializer.data
             return Response(context,HTTP_200_OK)
         else:
             context['message']="You are not Authorized"
             return Response(context,HTTP_400_BAD_REQUEST)
 
 class DocumentDetail(generics.RetrieveUpdateDestroyAPIView):
+    permissin_class=[IsAuthenticatedOrReadOnly]
     queryset = project_models.Document.objects.all()
-    serializer_class = project_serializers.ListDocumentSerializer
+    serializer_class = project_serializers.UpdateDocumentSerializer
     lookup_field = 'id'
+    def put(self, request, *args, **kwargs):
+        user=request.user
+        id=self.kwargs['id']
+        if user.id!=None:
+            curr_doc=project_models.Document.objects.get(id=id)
+            curr_doc.created_by.add(member_models.Member.objects.get(user=user))
+            return self.partial_update(request, *args, **kwargs)
+        else:
+            context={}
+            context["error"] = "You are not authorized to update."
+            return Response(context,status=HTTP_400_BAD_REQUEST)