Beispiel #1
0
    def put(self, request, pk, access_level, format=None):
        """
        This method allows individual notes to be updated.

        interact via: http PUT <host>/gsndb/<accessLevel>/note/<note_id> {"text": "My note text here."}

        Note: the CamelCaseJSONParser that our backend defaults to automatically
        turns camelCase requests generated on the front end into snake_case in
        the back end.
        """
        user = FilterSecurity(request)
        current_note = Note.objects.get(pk=pk)
        accessible_notes = Note.objects.filter(user_id=user.get_user().id)
        if current_note not in accessible_notes:
            return Response(
                {"Sorry": "this user does not have access to do that."})
        else:
            note_text = request.data["text"]
            note_data = {
                "user": user.get_user().id,
                "created": timezone.now(),
                "text": note_text,
                "content_type": ContentType.objects.get(model="note").id,
                "object_id": pk
            }
            serializer = NoteSerializer(current_note, data=note_data)
            if serializer.is_valid():
                serializer.save()
                return HttpResponseRedirect(
                    f"/gsndb/{access_level}/note/{pk}/")
                #return HttpResponseRedirect(redirect_to = f"/{accessLevel}/gsndb/district/{pk}")
            else:

                return Response({
                    "Sorry": "data parsed isn't valid for serializer",
                    "serializer errors": serializer.errors
                })
Beispiel #2
0
def post_note(request, Model, pk, access_level):
    """
    This method allows notes to be posted to any object referenced in this
    function's dictionary: access_dict. It should only be called in the POST
    methods of views displaying these models.

    The body of the post request this method handles should be in JSON format:

    {"text": "note text here"}
    """
    user = FilterSecurity(request)
    access_dict = {
        "Program":
        user.get_accessible_programs(),
        "District":
        user.get_accessible_districts(),
        "School":
        user.get_accessible_schools(),
        "Course":
        user.get_accessible_courses(),
        "Student":
        user.get_accessible_students(),
        "Referral":
        Referral.objects.filter(user_id=user.get_user()),
        "Calendar":
        Calendar.objects.filter(
            Q(pk__in=Grade.objects.filter(
                student_id__in=user.get_accessible_students().values(
                    "id")).values("calendar"))
            | Q(pk__in=Attendance.objects.filter(
                student_id__in=user.get_accessible_students().values(
                    "id")).values("calendar"))
            | Q(pk__in=Behavior.objects.filter(
                student_id__in=user.get_accessible_students().values(
                    "id")).values("calendar"))),
        "Behavior":
        Behavior.objects.filter(
            student_id__in=user.get_accessible_students().values("id")),
        "Grade":
        Grade.objects.filter(
            student_id__in=user.get_accessible_students().values("id")),
        "Attendance":
        Attendance.objects.filter(
            student_id__in=user.get_accessible_students().values("id")),
        "Bookmark":
        Bookmark.objects.filter(user_id=user.get_user()),
    }
    ModelInstance = Model.objects.get(pk=pk)
    model_name = ModelInstance.__class__.__name__
    accessible_instances = access_dict[model_name]
    if ModelInstance not in accessible_instances:
        return Response(
            {"Sorry": "this user does not have access to do that."})
    else:
        note_text = request.data["text"]
        note_data = {
            "user": user.get_user().id,
            "created": timezone.now(),
            "text": note_text,
            "content_type":
            ContentType.objects.get(model=model_name.lower()).id,
            "object_id": pk
        }
        serializer = NoteSerializer(data=note_data)
        if serializer.is_valid():
            serializer.save()
            if Model in [Program, District, School, Course, Student]:
                return HttpResponseRedirect(
                    f"/gsndb/{access_level}/{model_name.lower()}/{pk}/")
            else:
                return HttpResponseRedirect(
                    f"/gsndb/{access_level}/note/{model_name.lower()}/{pk}/")
        else:

            return Response({
                "Sorry":
                "The serializer denied saving this note.",
                "The serializer raised the following errors":
                serializer.errors
            })