def post(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: enroll_ref = Enroll.objects.get(user_ref=isAuthorizedUSER[1], subject_ref=request.data["subject_ref"]) except Enroll.DoesNotExist: enroll_de_serialized = Enroll_Serializer(data=request.data) enroll_de_serialized.initial_data["user_ref"] = int(isAuthorizedUSER[1]) if enroll_de_serialized.is_valid(): enroll_de_serialized.save() data["success"] = True data["data"] = enroll_de_serialized.data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data["message"] = f"SERIALIZING_ERROR : {enroll_de_serialized.errors}" return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: data["success"] = True data["message"] = f"USER_ALREADY_ENROLLED" data["data"] = Enroll_Serializer(enroll_ref, many=False).data return Response(data=data, status=status.HTTP_202_ACCEPTED)
def post(self, request, pk=None, pkk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: submission_de_serialized = Submission_Serializer(data=request.data) submission_de_serialized.initial_data["user_ref"] = int( isAuthorizedUSER[1]) if submission_de_serialized.is_valid(): submission_de_serialized.save() Set_Permalink(submission_de_serialized.data["id"]).start() data["success"] = True data["data"] = submission_de_serialized.data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data[ "message"] = f"SERIALIZING_ERROR : {submission_de_serialized.errors}" return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None): # TODO : See all access granted to no one--# FIX : See if changes needed data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: lecture_ref = Lecture.objects.get(pk=int(pk)) except Lecture.DoesNotExist: data["success"] = False data["message"] = "INVALID_FORUM_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: data["success"] = True data["data"] = Lecture_Serializer(lecture_ref, many=False).data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/content/lecture/<id>"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, dd=None, mm=None, yyyy=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if dd not in (None, "") and mm not in (None, "") and yyyy not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if not isAuthorizedUSER[0]: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: data["success"] = True date = f"{dd}-{mm}-{yyyy}" data["data"] = Log_Serializer( Log.objects.filter(made_date__contains=date, api_token_ref=isAuthorizedAPI[1]).order_by("-pk"), many=True, ).data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/analytics/log/dd/mm/yyyy"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: enroll_ref = Enroll.objects.get(user_ref=isAuthorizedUSER[1], subject_ref=pk) except Enroll.DoesNotExist: data["success"] = False data["message"] = "INVALID_ENROLLMENT_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: enroll_ref.delete() data["success"] = True data["message"] = "ENROLLMENT_DELETED" return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = {"METHOD": "DELETE", "URL_FORMAT": "/api/personal/enroll/<id>"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None): # TODO : Only Coordinator can create lecture data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: coordinator_ref = Coordinator.objects.get(user_ref=isAuthorizedUSER[1]) except Coordinator.DoesNotExist: data["success"] = False data["message"] = "USER_NOT_COORDINATOR" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: lecture_de_serialized = Lecture_Serializer(data=request.data) if lecture_de_serialized.is_valid(): lecture_de_serialized.save() Set_Permalink(lecture_de_serialized.data["id"]).start() data["success"] = True data["data"] = lecture_de_serialized.data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data["message"] = lecture_de_serialized.errors return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if not isAuthorizedUSER[0]: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: if int(pk) == 87795962440396049328460600526719: # TODO : Coordinator Looking for their enrollments try: coordinator_ref = Coordinator.objects.get(user_ref=isAuthorizedUSER[1]) except Coordinator.DoesNotExist: data["success"] = False data["message"] = "USER_NOT_COORDINATOR" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: subjects = [ one["subject_ref"] for one in Subject_Coordinator.objects.filter(coordinator_ref=coordinator_ref).values( "subject_ref" ) ] data["data"] = list() for one in subjects: data["data"].append( { "subject": one, "user": [ enroll["user_ref"] for enroll in Enroll.objects.filter(subject_ref=one).values("user_ref") ], } ) data["success"] = True return Response(data=data, status=status.HTTP_202_ACCEPTED) elif int(pk) == 0: # TODO : User looking for their enrollment data["success"] = True data["data"] = { "subject": [ one["subject_ref"] for one in Enroll.objects.filter(user_ref=isAuthorizedUSER[1]).values("subject_ref") ] } return Response(data=data, status=status.HTTP_202_ACCEPTED) except Exception as ex: print("ENROLL_GET EX : ", ex) return Response(status=status.HTTP_400_BAD_REQUEST) else: data["success"] = False data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/personal/enroll/<id>"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(self, request, pk=None, pkk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: submission_ref = SubmissionMCQ.objects.get(user_ref=isAuthorizedUSER[1], pk=pk) except SubmissionMCQ.DoesNotExist: data["success"] = False data["message"] = "INVALID_SUBMISSION_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: submission_ref.delete() data["success"] = True data["message"] = "SUBMISSION_DELETED" return Response(data=data) else: data["success"] = False data["message"] = {"METHOD": "DELETE", "URL_FORMAT": "/api/personal/submission/<id>/"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None): # TODO : Users can add replies data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: reply_de_serialized = ReplyToReply_Serializer(data=request.data) reply_de_serialized.initial_data["user_ref"] = isAuthorizedUSER[1] if reply_de_serialized.is_valid(): reply_de_serialized.save() data["success"] = True data["data"] = reply_de_serialized.data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data["message"] = reply_de_serialized.errors return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if not isAuthorizedUSER[0]: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: if int(pk) == 0: # TODO : Show all of user diaries diary_ref = Diary.objects.filter(user_ref=isAuthorizedUSER[1]) diary_serialized = Diary_Serializer(diary_ref, many=True).data else: # TODO : Show specific of user diary diary_ref = Diary.objects.get(user_ref=isAuthorizedUSER[1], pk=pk) diary_serialized = Diary_Serializer(diary_ref, many=False).data except Diary.DoesNotExist: data["success"] = False data["message"] = "INVALID_DIARY_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: data["success"] = True data["data"] = diary_serialized return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/personal/diary/<id>"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: isAuthorizedADMIN = am_I_Authorized(request, "ADMIN") if isAuthorizedADMIN < 3: # TODO : Only Prime Admin can give admin access to others data["success"] = False data["message"] = "ADMIN_NOT_ADMIN_PRIME" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: data = dict() id = request.data["user_id"] try: user_ref = User.objects.get(pk=int(id)) except User.DoesNotExist: data["success"] = False data["message"] = "ADMIN : USER_ID_INVALID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: try: admin_ref = Admin.objects.get(pk=int(id)) except Admin.DoesNotExist: data["success"] = True admin_ref_new = Admin(user_ref=user_ref) admin_ref_new.save() data["data"] = { "admin": Admin_Serializer(admin_ref_new, many=False).data, "privilege": list() } return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = True data["message"] = f"ADMIN : USER_ALREADY_ADMIN" privileges = Admin_Privilege.objects.filter( admin_ref=admin_ref).values("privilege_ref") data["data"] = { "admin": Admin_Serializer(admin_ref, many=False).data, "privilege": [one["privilege_ref"] for one in privileges], } return Response(data=data, status=status.HTTP_409_CONFLICT)
def get(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data) else: isAuthorizedADMIN = am_I_Authorized(request, "ADMIN") if isAuthorizedADMIN < 1: # TODO : Any Admin can see privileges data["success"] = False data["message"] = "USER_NOT_ADMIN" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: if int(pk) == 0: # TODO : Show all privileges data["success"] = True data["data"] = Privilege_Serializer( Privilege.objects.all(), many=True).data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: # TODO : Show specific privileges try: privilege_ref = Privilege.objects.get( pk=int(pk)) except Privilege.DoesNotExist: data["success"] = False data["message"] = "PRIVILEG_ID_INVALID" return Response( data=data, status=status.HTTP_404_NOT_FOUND) else: data["success"] = True data["data"] = Privilege_Serializer( privilege_ref, many=False).data return Response( data=data, status=status.HTTP_202_ACCEPTED) except Exception as ex: print("ADMIN_PRIV_GET EX : ", ex) return Response(status=status.HTTP_400_BAD_REQUEST) else: data["success"] = False data["message"] = { "METHOD": "GET", "URL_FORMAT": "/api/admin/priv/<id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: post_de_serialized = Post_Serializer(data=request.data) Subject_Coordinator.objects.get( coordinator_ref=Coordinator.objects.get(user_ref=isAuthorizedUSER[1]), subject_ref=post_de_serialized.initial_data["subject_ref"], ) except Coordinator.DoesNotExist: data["success"] = False data["message"] = "USER_NOT_COORDINATOR" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) except Subject_Coordinator.DoesNotExist: # TODO : Only accessed subject post can be edited by coordinators data["success"] = False data["message"] = "COORDINATOR_NOT_ACCESSED_TO_SUBJECT" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) except KeyError: data["success"] = False data["message"] = "CHECK_SUBJECT_ID_KEY" return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: try: post_ref = Post.objects.get(pk=int(pk), user_ref=isAuthorizedUSER[1]) except Post.DoesNotExist: data["success"] = False data["message"] = "POST_DOES_NOT_BELONG_TO_USER" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: post_de_serialized = Post_Serializer(post_ref, data=request.data) if post_de_serialized.is_valid(): post_de_serialized.save() data["success"] = True data["data"] = post_de_serialized.data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data["message"] = post_de_serialized.errors return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: data["success"] = False data["message"] = {"METHOD": "PUT", "URL_FORMAT": "/api/content/post/<id>"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: user_ref = User.objects.get(pk=isAuthorizedUSER[1]) if user_ref.profile_ref in (None, ""): profile_de_serialized = Profile_Serializer(data=request.data) if profile_de_serialized.initial_data[ "prime"] == True and profile_de_serialized.initial_data[ "roll_number"] in ( None, "", ): data["success"] = False data["message"] = "STUDENT_REQUIRES_12_DIGIT_ROLL" return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: if profile_de_serialized.is_valid(): profile_de_serialized.save() profile_ref = Profile.objects.get( pk=profile_de_serialized.data["id"]) user_ref.profile_ref = profile_ref user_ref.save() Set_Permalink(profile_de_serialized.data["id"]).start() data["success"] = True data["data"] = profile_de_serialized.data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data[ "message"] = f"SERIALIZING_ERROR : {profile_de_serialized.errors}" return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: data["success"] = True data["message"] = "PROFILE_ALREADY_EXISTS" data["data"] = Profile_Serializer(user_ref.profile_ref, many=False).data return Response(data=data, status=status.HTTP_409_CONFLICT)
def put(self, request, pk=None, pkk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if not isAuthorizedUSER[0]: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: submission_ref = Submission.objects.get( user_ref=isAuthorizedUSER[1], pk=pk) except Submission.DoesNotExist: data["success"] = False data["message"] = "INVALID_SUBMISSION_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: submission_serialized = Submission_Serializer( submission_ref, data=request.data) submission_serialized.initial_data[ "user_ref"] = isAuthorizedUSER[1] if submission_serialized.is_valid(): submission_serialized.save() Clear_Permalink( submission_serialized.data["id"]).start() Set_Permalink(submission_serialized.data["id"]).start() data["success"] = True data["data"] = submission_serialized.data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data[ "message"] = f"SERIALIZING_ERROR : {submission_serialized.errors}" return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: data["success"] = False data["message"] = { "METHOD": "PUT", "URL_FORMAT": "/api/personal/submission/<id>/" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(self, request, pk=None): # TODO : Only Admins can delete Tickets data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: isAuthorizedADMIN = am_I_Authorized(request, "ADMIN") if isAuthorizedADMIN > 0: pk = int(pk) if pk == 87795962440396049328460600526719: Ticket.objects.all().delete() data["success"] = True data["message"] = "ALL_TICKETS_DELETED" return Response(data=data, status=status.HTTP_202_ACCEPTED) else: try: ticket_ref = Ticket.objects.get(pk=pk) except Ticket.DoesNotExist: data["success"] = False data["message"] = "TICKET_ID_INVALID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: ticket_ref.delete() data["success"] = True data["data"] = "TICKET_DELETED" return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = "USER_NOT_ADMIN" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: data["success"] = False data["message"] = { "METHOD": "DELETE", "URL_FORMAT": "/api/analytics/ticket/<id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data[ "message"] = f"error:USER_NOT_AUTHORIZED, message:{isAuthorizedUSER[1]}" return Response(data=data) else: isAuthorizedADMIN = am_I_Authorized(request, "ADMIN") if isAuthorizedADMIN != 69: # TODO : Only Admin Prime can delete admin privilege data["success"] = False data["message"] = "ADMIN_NOT_ADMIN_PRIME" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: if int( pk ) == 87795962440396049328460600526719: # TODO : Delete all privileges Privilege.objects.all().delete() data["success"] = True data["message"] = "ALL_ADMIN_PRIVILEGES_DELETED" return Response(data=data, status=status.HTTP_202_ACCEPTED) else: # TODO : Delete selective privilges try: privilege_ref = Privilege.objects.get(pk=pk) except Privilege.DoesNotExist: data["success"] = False data["message"] = "PRIVILEGE_ID_INVALID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: privilege_ref.delete() data["success"] = True data["message"] = "PRIVILEGE_DELETED" return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = { "METHOD": "DELETE", "URL_FORMAT": "/api/admin/priv/<id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, pk=None): # TODO : Only Admins can change Ticket status data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: isAuthorizedADMIN = am_I_Authorized(request, "ADMIN") if isAuthorizedADMIN < 1: data["success"] = False data["message"] = f"USER_NOT_ADMIN" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: ticket_ref = Ticket.objects.get(pk=int(pk)) except Ticket.DoesNotExist: data["success"] = False data["message"] = "TICKET_ID_INVALID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: try: ticket_ref.prime = request.data["solved"] ticket_ref.save() except Exception as ex: data["success"] = False data["message"] = "INVALID_JSON_DATA[true/false]" return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: data["success"] = True data["data"] = Ticket_Serializer(ticket_ref, many=False).data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data["message"] = { "METHOD": "PUT", "URL_FORMAT": "/api/analytics/ticket/<id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data) else: isAuthorizedADMIN = am_I_Authorized(request, "ADMIN") if isAuthorizedADMIN != 69: # TODO : Only Admin Prime has access to change privileges data["success"] = False data["message"] = "ADMIN_NOT_ADMIN_PRIME" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: privilege_ref = Privilege.objects.get(pk=pk) except Privilege.DoesNotExist: data["success"] = False data["message"] = "PRIVILEG_ID_INVALID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: privilege_de_serialized = Privilege_Serializer( privilege_ref, data=request.data) if privilege_de_serialized.is_valid(): privilege_de_serialized.save() data["success"] = True data["data"] = privilege_de_serialized.data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = privilege_de_serialized.errors return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: data["success"] = False data["message"] = { "METHOD": "PUT", "URL_FORMAT": "/api/admin/priv/<id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if not isAuthorizedUSER[0]: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: if int( pk ) == 0: # TODO : User needs all notifications that have not been sent to TG notifications = [ one.notification_ref for one in User_Notification.objects.filter( pk=isAuthorizedUSER[1], prime_1=False).order_by( "-notification_ref") ] data["success"] = True data["data"] = Notification_Serializer(notifications, many=True).data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: # TODO : User needs specific notification try: notification_ref = Notification.objects.get(pk=int(pk)) except Notification.DoesNotExist: data["success"] = False data["message"] = "INVALID_NOTIFICATION_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: data["success"] = True data["data"] = Notification_Serializer( notification_ref, many=False).data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = { "METHOD": "GET", "URL_FORMAT": "/api/personal/notification/<id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, pk=None): # TODO : Only Coordinator can edit assignment data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: coordinator_ref = Coordinator.objects.get(user_ref=isAuthorizedUSER[1]) except Coordinator.DoesNotExist: data["success"] = False data["message"] = "USER_NOT_COORDINATOR" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: assignment_ref = Assignment.objects.get(pk=int(pk)) except Assignment.DoesNotExist: data["success"] = False data["message"] = "INVALID_ASSIGNMENT_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: assignment_de_serialized = Assignment_Serializer(assignment_ref, data=request.data) if assignment_de_serialized.is_valid(): assignment_de_serialized.save() Clear_Permalink(assignment_de_serialized.data["id"]).start() Set_Permalink(assignment_de_serialized.data["id"]).start() UnCheck_Submission(assignment_de_serialized.data["id"]).start() data["success"] = True data["data"] = assignment_de_serialized.data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data["message"] = assignment_de_serialized.errors return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: data["success"] = False data["message"] = {"METHOD": "PUT", "URL_FORMAT": "/api/content/assignment/<id>"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: post_de_serialized = Post_Serializer(data=request.data) Subject_Coordinator.objects.get( coordinator_ref=Coordinator.objects.get(user_ref=isAuthorizedUSER[1]), subject_ref=post_de_serialized.initial_data["subject_ref"], ) except Coordinator.DoesNotExist: data["success"] = False data["message"] = "USER_NOT_COORDINATOR" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) except Subject_Coordinator.DoesNotExist: # TODO : Only accessed subject post can be created by coordinators data["success"] = False data["message"] = "COORDINATOR_NOT_ACCESSED_TO_SUBJECT" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) except KeyError or ValueError: data["success"] = False data["message"] = "CHECK_SUBJECT_ID_KEY" return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: post_de_serialized.initial_data["user_ref"] = isAuthorizedUSER[1] if post_de_serialized.is_valid(): post_de_serialized.save() # TODO : create notification for concerned part(y/ies) notification_thread = Post_Notification_Gen(post_de_serialized.data) notification_thread.start() # TODO : ================================================================= data["success"] = True data["data"] = post_de_serialized.data return Response(data=data, status=status.HTTP_201_CREATED) else: data["success"] = False data["message"] = post_de_serialized.errors return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete( self, request, pk=None ): # TODO : Only Coordinators can delete--# FIX : All delete given to no one data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: coordinator_ref = Coordinator.objects.get( user_ref=isAuthorizedUSER[1]) except Coordinator.DoesNotExist: data["success"] = False data["message"] = "USER_NOT_COORDINATOR" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: forum_ref = Forum.objects.get(pk=int(pk)) except Forum.DoesNotExist: data["success"] = False data["message"] = "INVALID_FORUM_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: forum_ref.delete() data["success"] = True data["message"] = "FORUM_DELETED" return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = { "METHOD": "DELETE", "URL_FORMAT": "/api/content/forum/<id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk_a=None, pk_s=None): # TODO : Anyone can fetch marks data data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk_a not in (None, "") and pk_s not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: try: submission_ref = SubmissionMCQ.objects.get( assignment_ref=pk_a, pk=pk_s) except SubmissionMCQ.DoesNotExist: data["success"] = False data["message"] = "INVALID_ASSIGNMENT_SUBMISSION_PAIR" return Response(data=data, status=status.HTTP_404_NOT_FOUND) except ValueError or TypeError: data["success"] = False data["message"] = { "URL_FORMAT": "/api/content/multi_mark/<assignent_id>/<submission_id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST) else: data["success"] = True data["data"] = SubmissionMCQ_Serializer(submission_ref, many=False).data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = { "METHOD": "GET", "URL_FORMAT": "/api/content/multi_mark/<assignent_id>/<submission_id>" } return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def options(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "error:ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) temp = dict() data["Allow"] = "POST GET PUT DELETE OPTIONS".split() temp["Content-Type"] = "application/json" temp["Authorization"] = "Token JWT" temp["uauth"] = "Token JWT" data["HEADERS"] = temp.copy() temp.clear() data["name"] = "Coordinator" temp["POST"] = {"user_id": "Number [FK]"} temp["GET"] = None temp["PUT"] = {"subject_id": "Number [FK]"} temp["DELETE"] = None data["method"] = temp.copy() temp.clear() return Response(data=data, status=status.HTTP_200_OK)
def options(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "error:ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) temp = dict() data["Allow"] = "POST GET PUT DELETE OPTIONS".split() temp["Content-Type"] = "application/json" temp["Authorization"] = "Token JWT" temp["uauth"] = "Token JWT" data["HEADERS"] = temp.copy() temp.clear() data["name"] = "Lecture" temp["POST"] = {"body": "String", "external_url_1": "String : 255 / null", "external_url_2": "String : 255 / null"} temp["GET"] = None temp["PUT"] = {"body": "String", "external_url_1": "String : 255 / null", "external_url_2": "String : 255 / null"} temp["DELETE"] = None data["method"] = temp.copy() temp.clear() return Response(data=data, status=status.HTTP_200_OK)
def options(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "error:ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) temp = dict() data["Allow"] = "POST GET PUT DELETE OPTIONS".split() temp["Content-Type"] = "multipart/form-data" temp["Authorization"] = "Token JWT" temp["uauth"] = "Token JWT" data["HEADERS"] = temp.copy() temp.clear() data["name"] = "User_Profile_Image" temp["POST"] = {"image": "FILE"} temp["GET"] = None temp["PUT"] = {"image": "FILE"} temp["DELETE"] = None data["method"] = temp.copy() temp.clear() return Response(data=data, status=status.HTTP_200_OK)
def options(self, request, dd=None, mm=None, yyyy=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "error:ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) temp = dict() data["Allow"] = "GET DELETE OPTIONS".split() temp["Content-Type"] = "application/json" temp["Authorization"] = "Token JWT" temp["uauth"] = "Token JWT" data["HEADERS"] = temp.copy() temp.clear() data["name"] = "Log" temp["GET"] = None temp["DELETE"] = None data["method"] = temp.copy() temp.clear() return Response(data=data, status=status.HTTP_200_OK)
def delete(self, request, pk=None): # TODO : Only Admins with SAGP Privilege can delete subjects data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: if am_I_Authorized(request, "ADMIN") < 1: data["success"] = False data["message"] = f"USER_NOT_ADMIN" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: if not do_I_Have_Privilege(request, "SAGP"): data["success"] = False data["message"] = f"ADMIN_DOES_NOT_HAVE_CAGP_PRIVILEGE" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: if int(pk) == 0: # TODO : Delete all subjects Subject.objects.all().delete() data["success"] = True data["message"] = "ALL_SUBJECTS_DELETED" return Response(data=data, status=status.HTTP_202_ACCEPTED) else: # TODO : Delete selected subjects try: subject_ref = Subject.objects.get(pk=int(pk)) except Subject.DoesNotExist: data["success"] = False data["message"] = "INVALID_SUBJECT_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: subject_ref.delete() data["success"] = True data["message"] = "SUBJECT_DELETED" return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = {"METHOD": "DELETE", "URL_FORMAT": "/api/content/subject/<id>"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None): data = dict() isAuthorizedAPI = am_I_Authorized(request, "API") if not isAuthorizedAPI[0]: data["success"] = False data["message"] = "ENDPOINT_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) if pk not in (None, ""): isAuthorizedUSER = am_I_Authorized(request, "USER") if isAuthorizedUSER[0] == False: data["success"] = False data["message"] = f"USER_NOT_AUTHORIZED" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: if int(pk) == 0: # TODO: Universal asking for all subjects data["data"] = Subject_Serializer(Subject.objects.all(), many=True).data data["success"] = True return Response(data=data, status=status.HTTP_202_ACCEPTED) elif int(pk) == 87795962440396049328460600526719: # TODO: Coordinator asking for subjects to form post try: coordinator_ref = Coordinator.objects.get(user_ref=isAuthorizedUSER[1]) except Coordinator.DoesNotExist: data["success"] = True data["message"] = "USER_NOT_COORINATOR" return Response(data=data, status=status.HTTP_401_UNAUTHORIZED) else: subject_coordinator_ref = Subject_Coordinator.objects.filter(coordinator_ref=coordinator_ref) data["success"] = True data["data"] = [Subject_Serializer(one.subject_ref, many=False).data for one in subject_coordinator_ref] return Response(data=data, status=status.HTTP_202_ACCEPTED) else: # TODO : User asking for specific subjects try: subject_ref = Subject.objects.get(pk=int(pk)) except Subject.DoesNotExist: data["success"] = False data["message"] = "INVALID_SUBJECT_ID" return Response(data=data, status=status.HTTP_404_NOT_FOUND) else: data["success"] = True data["data"] = Subject_Serializer(subject_ref, many=False).data return Response(data=data, status=status.HTTP_202_ACCEPTED) else: data["success"] = False data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/content/subject/<id>"} return Response(data=data, status=status.HTTP_400_BAD_REQUEST)