def process_request(request, card_uuid, user_id, file_name): if request.method != 'GET': return HttpResponseNotAllowed(['GET']) if not request.user.is_authenticated: return HttpResponse('Unauthorized', status=401) if int(user_id) != request.user.pk: return HttpResponse('Unauthorized', status=401) card = Card.from_uuid(card_uuid, request.user) if not card: return HttpResponseNotFound() file_path = get_file_path(card, file_name) if settings.DEBUG: return static.serve(request, file_path, settings.MEDIA_ROOT) else: response = HttpResponse() # Content-type will be detected by nginx del response['Content-Type'] protected_path = '/protected/media/' + file_path response['X-Accel-Redirect'] = protected_path return response
def process_request(request, card_uuid): if not request.user.is_authenticated: return utils.create_401_json_response() card = Card.from_uuid(card_uuid, request.user) if not card: return utils.create_404_json_response("Card") if request.method == 'GET': return get_card_retrieval_attempts(request, card) elif request.method == 'POST': return new_card_retrieval_attempt(request, card) else: return utils.create_405_json_response(allow="GET, POST")
def process_request(request, card_uuid): if not request.user.is_authenticated: return utils.create_401_json_response() card = Card.from_uuid(card_uuid, request.user) if not card: return utils.create_404_json_response("Card") if request.method == 'GET': return get_card(request, card) elif request.method == 'PATCH': return update_card(request, card) elif request.method == 'DELETE': return delete_card(request, card) else: return utils.create_405_json_response(allow="GET, PATCH, DELETE")
def edit_card(request, card_uuid): if request.method != 'GET': return HttpResponseNotAllowed(['GET']) if not request.user.is_authenticated: return HttpResponse('Unauthorized', status=401) card = Card.from_uuid(card_uuid, request.user) if not card: return HttpResponseNotFound() context = {'card': card } retrieval_attempts = RetrievalAttempt.objects.filter(card=card).order_by('-retrieval_date') if len(retrieval_attempts) > 0: context['retrieval_attempts'] = retrieval_attempts return render(request, 'notecards/edit_card.html', context)
def process_request(request, card_uuid, retrieval_attempt_id): if not request.user.is_authenticated: return utils.create_401_json_response() card = Card.from_uuid(card_uuid, request.user) if not card: return utils.create_404_json_response("Card") retrieval_attempt = RetrievalAttempt.from_id(retrieval_attempt_id) if not retrieval_attempt: return utils.create_404_json_response("RetrievalAttempt") if retrieval_attempt.card != card: message = "RetrievalAttempt exists but does not belong to specified card" return utils.create_400_json_response(message) if request.method == 'GET': return get_card_retrieval_attempt(request, retrieval_attempt) else: return utils.create_405_json_response(allow="GET")
def review_card(request, card_uuid): if request.method != 'GET': return HttpResponseNotAllowed(['GET']) if not request.user.is_authenticated: return HttpResponse('Unauthorized', status=401) card = Card.from_uuid(card_uuid, request.user) if card: card_obj = utils.create_card_object(card) url_map = { f['name']: f['url'] for f in card_obj['files'] } context = { 'card': card_obj, 'url_map_json': json.dumps(url_map, cls=DjangoJSONEncoder) } return render(request, 'notecards/review_card.html', context) else: return HttpResponseNotFound()
def process_request(request, card_uuid, file_id): if not request.user.is_authenticated: return utils.create_401_json_response() card = Card.from_uuid(card_uuid, request.user) if not card: return utils.create_404_json_response("Card") file_attachment = FileAttachment.from_id(file_id) if not file_attachment: return utils.create_404_json_response("File") if file_attachment.card != card: message = "File exists but does not belong to the specified card" return JsonResponse({'message': message}, status=400) if request.method == 'GET': return get_card_file_attachment(request, file_attachment) elif request.method == 'DELETE': return delete_card_file_attachment(request, file_attachment) else: return utils.create_405_json_response(allow="GET, DELETE")
def process_request(request, card_uuid, tag_id): if not request.user.is_authenticated: return utils.create_401_json_response() card = Card.from_uuid(card_uuid, request.user) if not card: return utils.create_404_json_response("Card") tag = None tag_id = int(tag_id) for card_tag in card.tags.all(): if card_tag.id == tag_id: tag = card_tag break if not tag: return utils.create_404_json_response("Tag") if request.method == 'DELETE': return delete_card_tag(request, card, tag) else: return utils.create_405_json_response(allow="DELETE")