def to_representation(self, student_obj):
user = FilterSecurity(self.context.get('request'))
current_user = user.get_user()
representation = super().to_representation(student_obj)
representation["studentId"] = representation.pop("id")
representation[
"studentName"] = student_obj.first_name + " " + student_obj.middle_name + " " + student_obj.last_name
representation["gender"] = student_obj.gender
representation["schoolId"] = student_obj.current_school.id
program = Program.objects.get(student=representation["studentId"]).id
representation["programId"] = program
representation["schoolName"] = student_obj.current_school.name
representation["birthdate"] = student_obj.birth_date
representation["stateId"] = student_obj.state_id
representation["studentYear"] = student_obj.grade_year
representation["reasonInProgram"] = student_obj.reason_in_program
representation["noteSet"] = NoteSerializer(
student_obj.notes.filter(user=current_user), many=True).data
representation["gradeSet"] = GradeSerializer(student_obj.grade_set,
many=True,
read_only=True).data
representation["attendanceSet"] = AttendanceSerializer(
student_obj.attendance_set, many=True, read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
student_obj.behavior_set, many=True, read_only=True).data
representation["referralSet"] = ReferralDetailSerializer(
student_obj.referral_set, many=True, read_only=True).data
return representation
def get(self, request, access_level, format=None):
user = FilterSecurity(request)
if access_level == user.get_my_access():
my_queryset = user.get_my_students()
notmy_queryset = user.get_not_my_students()
my_serializer = StudentSerializer(my_queryset, many=True)
notmy_serializer = StudentSerializer(notmy_queryset, many=True)
return Response({
"my_students": my_serializer.data,
"notmy_students": notmy_serializer.data
})
def post(self, request, access_level, format=None):
"""
This method allows a user to select what students they want to be counted in the "my student"
list. This post allows users to both add a student to the list and remove a student to the list
depending on the value of remove. If remove is true then it will remove student from my student.
If remove is false it will add the student to my student. This will take in more than one student
at a time.
The body of the post request this method handles should be in JSON format:
[
{"student_id": "student id",
"remove": true/false
},
{"student_id": "student id",
"remove": true/false
},
...,
{"student_id": "student id",
"remove": true/false
}
]
"""
user = FilterSecurity(request)
current_user = user.get_user().id
user_instance = User.objects.get(pk=current_user)
json = request.data
try:
for json_slice in range(0, len(json)):
student_data = {
"student_id": json[json_slice]["student_id"],
"remove": json[json_slice]["remove"]
}
student_instance = Student.objects.get(
pk=student_data["student_id"])
accessible_student_instance = StudentUserHasAccess.objects.get(
user=user_instance, student=student_instance)
if (student_data["remove"]):
MyStudents.objects.get(
student_user_has_access=accessible_student_instance
).delete()
else:
MyStudents.objects.create(
student_user_has_access=accessible_student_instance)
return HttpResponseRedirect(
f"/gsndb/{access_level}/modify-my-students/")
except Exception as e:
return Response({
"Sorry": "The model denied modifying these students.",
"The model raised the following errors": str(e),
})
def post(self, request, access_level, format=None):
"""
This method allows new referrals to be posted to the database. It
redirects to the selfsame ReferralList view, allowing the user to
see the new referral they created among their list of referrals.
The body of the post request this method handles should be in JSON format:
{"student": "student id here",
"program": "program pk",
"type": "list of types that can be found in referral model",
"date_given": "YYYY-MM-DD",
"reference_name": "the name of the person who referred whatever",
"reference_phone": integer goes here,
"reference_address": "an address goes here",
"reason": "reason..."
}
"""
user = FilterSecurity(request)
json = request.data
student = Student.objects.get(pk=json["student"])
if student not in user.get_accessible_students():
return Response({
"Sorry":
"this user does not have access to add a referral for this student."
})
else:
referral_data = {
"user": user.get_user().id,
"student": json["student"],
"program": json["program"],
"type": json["type"],
"date_given": json["date_given"],
"reference_name": json["reference_name"],
"reference_phone": json["reference_phone"],
"reference_address": json["reference_address"],
"reason": json["reason"],
}
serializer = ReferralSerializer(data=referral_data)
if serializer.is_valid():
serializer.save()
return HttpResponseRedirect(
f"/gsndb/{access_level}/student/{serializer.data['student']}/"
)
else:
return Response({
"Sorry":
"The serializer denied saving this referral.",
"The serializer raised the following errors":
serializer.errors
})
def delete(self, request, pk, access_level, format=None):
"""
This method allows individual notes to be deleted.
interact via: DELETE <host>/gsndb/<accessLevel>/note/<note_id>
"""
user = FilterSecurity(request)
current_note = Note.objects.get(pk=pk)
accessible_notes = Note.objects.filter(user_id=user.get_user().id)
if current_note not in accessible_notes:
return Response(
{"Sorry": "this user does not have access to do that."})
else:
current_note.delete()
return HttpResponseRedirect(f"/gsndb/{access_level}/note/")
def post(self, request, pk, access_level, format=None):
"""
Interact via: POST <host>/gsndb/<access_level>/course/<pk> body = {"text": "My note text"}
"""
user = FilterSecurity(request)
response = post_note(request, Course, pk, access_level)
return response
def get(self, request, access_level, format=None):
user = FilterSecurity(request)
if access_level == user.get_my_access():
queryset = user.get_my_students()
elif access_level == user.get_not_my_access():
queryset = user.get_not_my_students()
elif access_level == user.get_all_access():
queryset = user.get_accessible_students()
serializer = StudentSerializer(queryset, many=True)
return Response(serializer.data)
def to_representation(self, referral_obj):
representation = super().to_representation(referral_obj)
user = FilterSecurity(self.context.get('request'))
representation["referralId"] = representation.pop("id")
representation["user"] = referral_obj.user.id
representation["student"] = referral_obj.student.id
representation["program"] = referral_obj.program.id
representation["type"] = referral_obj.type
representation["dateGiven"] = referral_obj.date_given
return representation
def put(self, request, pk, access_level, format=None):
user = FilterSecurity(request)
"""
This method allows a user to update an existing referral via a PUT request.
"""
referral_obj = Referral.objects.get(pk=pk)
json = request.data
student = Student.objects.get(pk=json["student"])
if student not in user.get_accessible_students():
return Response({
"Sorry":
"this user does not have access to edit this referral for this student."
})
else:
referral_data = {
"user": user.get_user().id,
"student": json["student"],
"program": json["program"],
"type": json["type"],
"date_given": json["date_given"],
"reference_name": json["reference_name"],
"reference_phone": json["reference_phone"],
"reference_address": json["reference_address"],
"reason": json["reason"],
}
serializer = ReferralSerializer(referral_obj, data=referral_data)
if serializer.is_valid():
serializer.save()
return HttpResponseRedirect(
f"/gsndb/{access_level}/referral/{serializer.data['referralId']}/"
)
else:
return Response({
"Sorry":
"The serializer denied saving this note.",
"The serializer raised the following errors":
serializer.errors
})
def to_representation(self, course_obj):
user = FilterSecurity(self.context.get('request'))
current_user = user.get_user()
accessible_students = user.get_accessible_students()
my_students = user.get_my_students()
access_level = self.context.get("access", False)
representation = super().to_representation(course_obj)
representation["courseId"] = representation.pop("id")
representation["courseName"] = course_obj.name
representation["schoolId"] = course_obj.school.id
representation["schoolName"] = course_obj.school.name
representation["courseSubject"] = course_obj.subject
representation["courseCode"] = course_obj.code
representation["noteSet"] = NoteSerializer(
course_obj.notes.filter(user=current_user), many=True).data
if access_level == user.get_all_access():
representation["gradeSet"] = GradeSerializer(Grade.objects.filter(
student_id__in=accessible_students.values("id"),
course_id=course_obj.id),
many=True,
read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
Behavior.objects.filter(
student_id__in=accessible_students.values("id"),
course_id=course_obj.id),
many=True,
read_only=True).data
representation["studentSet"] = StudentSerializer(
accessible_students.filter(pk__in=Grade.objects.filter(
course_id=course_obj.id).values("student")),
many=True,
read_only=True).data
elif access_level == user.get_my_access():
representation["gradeSet"] = GradeSerializer(Grade.objects.filter(
student_id__in=my_students.values("id"),
course_id=course_obj.id),
many=True,
read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
Behavior.objects.filter(
student_id__in=my_students.values("id"),
course_id=course_obj.id),
many=True,
read_only=True).data
representation["studentSet"] = StudentSerializer(
my_students.filter(pk__in=Grade.objects.filter(
course_id=course_obj.id).values("student")),
many=True,
read_only=True).data
return representation
def to_representation(self, program_obj):
user = FilterSecurity(self.context.get('request'))
current_user = user.get_user()
accessible_students = user.get_accessible_students()
my_students = user.get_my_students()
access_level = self.context.get("access", False)
representation = super().to_representation(program_obj)
representation["programId"] = representation.pop("id")
representation["programName"] = program_obj.name
representation["noteSet"] = NoteSerializer(
program_obj.notes.filter(user=current_user), many=True).data
if access_level == user.get_all_access():
representation["gradeSet"] = GradeSerializer(
program_obj.grade_set.filter(student__in=accessible_students),
many=True,
read_only=True).data
representation["attendanceSet"] = AttendanceSerializer(
program_obj.attendance_set.filter(
student__in=accessible_students),
many=True,
read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
program_obj.behavior_set.filter(
student__in=accessible_students),
many=True,
read_only=True).data
representation["studentSet"] = StudentSerializer(
program_obj.student_set.filter(pk__in=accessible_students),
many=True,
read_only=True).data
if access_level == user.get_my_access():
representation["gradeSet"] = GradeSerializer(
program_obj.grade_set.filter(student__in=my_students),
many=True,
read_only=True).data
representation["attendanceSet"] = AttendanceSerializer(
program_obj.attendance_set.filter(student__in=my_students),
many=True,
read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
program_obj.behavior_set.filter(student__in=my_students),
many=True,
read_only=True).data
representation["studentSet"] = StudentSerializer(
program_obj.student_set.filter(pk__in=my_students),
many=True,
read_only=True).data
return representation
def put(self, request, pk, access_level, format=None):
"""
This method allows individual notes to be updated.
interact via: http PUT <host>/gsndb/<accessLevel>/note/<note_id> {"text": "My note text here."}
Note: the CamelCaseJSONParser that our backend defaults to automatically
turns camelCase requests generated on the front end into snake_case in
the back end.
"""
user = FilterSecurity(request)
current_note = Note.objects.get(pk=pk)
accessible_notes = Note.objects.filter(user_id=user.get_user().id)
if current_note not in accessible_notes:
return Response(
{"Sorry": "this user does not have access to do that."})
else:
note_text = request.data["text"]
note_data = {
"user": user.get_user().id,
"created": timezone.now(),
"text": note_text,
"content_type": ContentType.objects.get(model="note").id,
"object_id": pk
}
serializer = NoteSerializer(current_note, data=note_data)
if serializer.is_valid():
serializer.save()
return HttpResponseRedirect(
f"/gsndb/{access_level}/note/{pk}/")
#return HttpResponseRedirect(redirect_to = f"/{accessLevel}/gsndb/district/{pk}")
else:
return Response({
"Sorry": "data parsed isn't valid for serializer",
"serializer errors": serializer.errors
})
def get(self, request, pk, access_level, format=None):
user = FilterSecurity(request)
if access_level == user.get_my_access():
queryset = user.get_my_programs().filter(pk=pk)
elif access_level == user.get_all_access():
queryset = user.get_accessible_programs().filter(pk=pk)
serializer = ProgramDetailSerializer(queryset,
many=True,
context={"access": access_level})
return Response(serializer.data)
def to_representation(self, referral_obj):
user = FilterSecurity(self.context.get('request'))
representation = super().to_representation(referral_obj)
representation["referralId"] = representation.pop("id")
representation["user"] = referral_obj.user.id
representation["student"] = referral_obj.student.id
representation["program"] = referral_obj.program.id
representation["type"] = referral_obj.type
representation["dateGiven"] = referral_obj.date_given
representation["referenceName"] = referral_obj.reference_name
representation["referencePhone"] = referral_obj.reference_phone
representation["referenceAddress"] = referral_obj.reference_address
representation["reason"] = referral_obj.reason
# representation["notes"] = NoteSerializer(referral_obj.notes.filter(user = self.user.get_user()), many = True).data
return representation
def get(self, request, pk, access_level, format=None):
user = FilterSecurity(request)
queryset = Referral.objects.filter(pk=pk, )
serializer = ReferralDetailSerializer(queryset, many=True)
return Response(serializer.data)
def post_note(request, Model, pk, access_level):
"""
This method allows notes to be posted to any object referenced in this
function's dictionary: access_dict. It should only be called in the POST
methods of views displaying these models.
The body of the post request this method handles should be in JSON format:
{"text": "note text here"}
"""
user = FilterSecurity(request)
access_dict = {
"Program":
user.get_accessible_programs(),
"District":
user.get_accessible_districts(),
"School":
user.get_accessible_schools(),
"Course":
user.get_accessible_courses(),
"Student":
user.get_accessible_students(),
"Referral":
Referral.objects.filter(user_id=user.get_user()),
"Calendar":
Calendar.objects.filter(
Q(pk__in=Grade.objects.filter(
student_id__in=user.get_accessible_students().values(
"id")).values("calendar"))
| Q(pk__in=Attendance.objects.filter(
student_id__in=user.get_accessible_students().values(
"id")).values("calendar"))
| Q(pk__in=Behavior.objects.filter(
student_id__in=user.get_accessible_students().values(
"id")).values("calendar"))),
"Behavior":
Behavior.objects.filter(
student_id__in=user.get_accessible_students().values("id")),
"Grade":
Grade.objects.filter(
student_id__in=user.get_accessible_students().values("id")),
"Attendance":
Attendance.objects.filter(
student_id__in=user.get_accessible_students().values("id")),
"Bookmark":
Bookmark.objects.filter(user_id=user.get_user()),
}
ModelInstance = Model.objects.get(pk=pk)
model_name = ModelInstance.__class__.__name__
accessible_instances = access_dict[model_name]
if ModelInstance not in accessible_instances:
return Response(
{"Sorry": "this user does not have access to do that."})
else:
note_text = request.data["text"]
note_data = {
"user": user.get_user().id,
"created": timezone.now(),
"text": note_text,
"content_type":
ContentType.objects.get(model=model_name.lower()).id,
"object_id": pk
}
serializer = NoteSerializer(data=note_data)
if serializer.is_valid():
serializer.save()
if Model in [Program, District, School, Course, Student]:
return HttpResponseRedirect(
f"/gsndb/{access_level}/{model_name.lower()}/{pk}/")
else:
return HttpResponseRedirect(
f"/gsndb/{access_level}/note/{model_name.lower()}/{pk}/")
else:
return Response({
"Sorry":
"The serializer denied saving this note.",
"The serializer raised the following errors":
serializer.errors
})
def to_representation(self, school_obj):
user = FilterSecurity(self.context.get('request'))
current_user = user.get_user()
accessible_students = user.get_accessible_students()
my_students = user.get_my_students()
accessible_courses = user.get_accessible_courses()
my_courses = user.get_my_courses()
access_level = self.context.get("access", False)
representation = super().to_representation(school_obj)
representation["schoolId"] = representation.pop("id")
representation["schoolName"] = school_obj.name
representation["districtId"] = school_obj.district.id
representation["districtName"] = school_obj.district.name
representation["noteSet"] = NoteSerializer(
school_obj.notes.filter(user=current_user), many=True).data
if access_level == user.get_all_access():
representation["gradeSet"] = GradeSerializer(Grade.objects.filter(
student_id__in=accessible_students.values("id"),
course__school_id=school_obj.id),
many=True,
read_only=True).data
representation["attendanceSet"] = AttendanceSerializer(
school_obj.attendance_set.filter(
student_id__in=accessible_students.values("id")),
many=True,
read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
school_obj.behavior_set.filter(
student_id__in=accessible_students.values("id")),
many=True,
read_only=True).data
representation["studentSet"] = StudentSerializer(
accessible_students.filter(current_school_id=school_obj.id),
many=True,
read_only=True).data
representation["courseSet"] = CourseSerializer(
accessible_courses.filter(school_id=school_obj.id),
many=True,
read_only=True).data
elif access_level == user.get_my_access():
representation["gradeSet"] = GradeSerializer(Grade.objects.filter(
student_id__in=my_students.values("id"),
course__school_id=school_obj.id),
many=True,
read_only=True).data
representation["attendanceSet"] = AttendanceSerializer(
school_obj.attendance_set.filter(
student_id__in=my_students.values("id")),
many=True,
read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
school_obj.behavior_set.filter(
student_id__in=my_students.values("id")),
many=True,
read_only=True).data
representation["studentSet"] = StudentSerializer(
my_students.filter(current_school_id=school_obj.id),
many=True,
read_only=True).data
representation["courseSet"] = CourseSerializer(
my_courses.filter(school_id=school_obj.id),
many=True,
read_only=True).data
return representation
def post(self, request, pk, access_level, format=None):
user = FilterSecurity(request)
response = post_note(request, Referral, pk, access_level)
return response
def to_representation(self, district_obj):
user = FilterSecurity(self.context.get('request'))
current_user = user.get_user()
accessible_schools = user.get_accessible_schools()
my_schools = user.get_my_schools()
accessible_students = user.get_accessible_students()
my_students = user.get_my_students()
access_level = self.context.get("access", False)
representation = super().to_representation(district_obj)
representation["districtId"] = representation.pop("id")
representation["districtName"] = district_obj.name
representation["state"] = district_obj.state
representation["city"] = district_obj.city
representation["code"] = district_obj.code
representation["noteSet"] = NoteSerializer(
district_obj.notes.filter(user=current_user), many=True).data
if access_level == user.get_all_access():
representation["schoolSet"] = SchoolSerializer(
accessible_schools.filter(district=district_obj.id),
many=True,
read_only=True).data
representation["studentSet"] = StudentSerializer(
accessible_students.filter(
current_school__district_id=district_obj.id),
many=True,
read_only=True).data
representation["gradeSet"] = GradeSerializer(Grade.objects.filter(
student_id__in=accessible_students.values('id'),
course__school__district_id=district_obj.id),
many=True,
read_only=True).data
representation["attendanceSet"] = AttendanceSerializer(
Attendance.objects.filter(
student_id__in=accessible_students.values('id'),
school__district_id=district_obj.id),
many=True,
read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
Behavior.objects.filter(student_id__in=accessible_students,
school__district_id=district_obj.id),
many=True,
read_only=True).data
elif access_level == user.get_my_access():
representation["schoolSet"] = SchoolSerializer(
my_schools.filter(district=district_obj.id),
many=True,
read_only=True).data
representation["studentSet"] = StudentSerializer(
my_students.filter(
current_school__district_id=district_obj.id),
many=True,
read_only=True).data
representation["gradeSet"] = GradeSerializer(Grade.objects.filter(
student_id__in=my_students.values('id'),
course__school__district_id=district_obj.id),
many=True,
read_only=True).data
representation["attendanceSet"] = AttendanceSerializer(
Attendance.objects.filter(
student_id__in=my_students.values('id'),
school__district_id=district_obj.id),
many=True,
read_only=True).data
representation["behaviorSet"] = BehaviorSerializer(
Behavior.objects.filter(student_id__in=my_students,
school__district_id=district_obj.id),
many=True,
read_only=True).data
return representation
def get(self, request):
user = FilterSecurity(request)
queryset = Note.objects.filter(user_id=user.get_user().id)
serializer = NoteSerializer(queryset, many=True)
return Response(serializer.data)
def get(self, request, pk, access_level, format=None):
user = FilterSecurity(request)
queryset = Note.objects.filter(user_id=user.get_user().id, pk=pk)
serializer = NoteSerializer(queryset, many=True)
return Response(serializer.data)