class ListViewSet(viewsets.ModelViewSet):
queryset = List.objects.all()
serializer_class = ListSerializer
permission_classes = (APIPermissionClassFactory(
name='ListPermission',
permission_configuration={
'base': {
'create': lambda user, req: user.is_authenticated,
'list': False,
},
'instance': {
'retrieve': 'lists.view_list',
'destroy': 'lists.delete_list',
'update': 'lists.change_list',
}
}), )
#Cunando se crea la lista asignar permiso de eliminar, ver y editar
def perform_create(self, serializer):
selfList = serializer.save()
user = self.request.user
assign_perm('lists.view_list', user, selfList)
assign_perm('lists.delete_list', user, selfList)
assign_perm('lists.change_list', user, selfList)
return Response(serializer.data)
class EventAssignViewSet(viewsets.ModelViewSet):
queryset = EventAssign.objects.all()
serializer_class = EventAssignSerializer
permission_classes = (APIPermissionClassFactory(
name='EventAssignPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': True,
'destroy': 'event_assigns.delete_event_assign',
'update': 'event_assigns.change_event_assign',
'partial_update': 'event_assigns.change_event_assign',
'eventUsers': True
}
}), )
@action(detail=False, url_path='eventusers', methods=['post'])
def eventUsers(self, request):
try:
response = []
eventData = request.data['event']
eventAssigns = EventAssign.objects.filter(event=eventData)
print("Este es el event Data : " + eventData)
for user in eventAssigns:
response.append(UserSerializer(event.user).data)
return Response(response)
except:
return Response({'detail': 'id is not valid'})
class AnnouncementViewSet(viewsets.ModelViewSet):
queryset = Announcement.objects.all()
serializer_class = AnnouncementSerializer
permission_classes = (
APIPermissionClassFactory(
name='AnnouncementPermission',
permission_configuration={
'base': {
'create':
False, # Can only create announcements through courses.
# 'list': True,
},
'instance': {
'retrieve': 'announcements.view_announcement',
'destroy': 'announcements.delete_announcement',
'update': 'announcements.change_announcement',
'partial_update': 'announcements.change_announcement',
}
}), )
def perform_create(self, serializer):
announcement = serializer.save()
user = self.request.user
return Response(serializer.data)
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
permission_classes = (APIPermissionClassFactory(name='ReaderPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': False,
'destroy': False,
'update': False,
'get_info': True,
}
}), )
def perform_create(self, serializer):
user = self.request.user
user = serializer.save()
return Response(serializer.data)
@action(detail=True, methods=['POST'], url_path='info')
def get_info(self, request, pk=None):
user = self.get_object()
info = get_object_or_404(User, email=user)
serialized = UserSerializer(info).data
return Response(serialized)
class EventViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventsSerializer
permission_classes = (
APIPermissionClassFactory(
name='EventPermission',
permission_configuration={
'base': {
'create': check_parent_baby,
'list': False,
},
'instance': {
'retrieve': 'events.view_event',
'destroy': 'events.delete_event',
'update': 'events.change_event',
'partial_update': 'events.change_event',
}
}
),
)
#Dar permisos al usuario al crear sobre sus eventos
def perform_create(self, serializer):
event = serializer.save()
user = self.request.user
assign_perm('events.view_event', user, event)
assign_perm('events.change_event', user, event)
assign_perm('events.delete_event', user, event)
return Response(serializer.data)
class EventViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventSerializer
permission_classes = (APIPermissionClassFactory(
name='EventPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': 'events.view_event',
'destroy': True,
'update': True,
'partial_update': True,
}
}), )
def perform_create(self, serializer):
parent = name = serializer.validated_data['baby'].parent.username
user = self.request.user
print(str(user))
print(str(parent))
if (str(user) != str(parent)):
print("No está autorizado")
return Response("No esta autorizado")
elif (str(user) == str(parent)):
event = serializer.save()
print("Se creó correctamente")
assign_perm('events.view_event', user, event)
return Response(serializer.data)
class EventViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventSerializer
# permisos
permission_classes = (APIPermissionClassFactory(
name='EventPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': 'events.view_event',
'destroy': evaluate,
'update': evaluate,
'partial_update': 'events.change_event',
}
}), )
def perform_create(self, serializer):
parent_baby = serializer.validated_data["baby"]
user = self.request.user
actual_user = str(user.username)
parent = str(parent_baby)
if (actual_user != parent):
print("No tiene autorización")
elif (actual_user == parent):
event = serializer.save()
assign_perm('events.change_event', user, event)
assign_perm('events.view_event', user, event)
print("Evento registrado con exito!")
return Response(serializer.data)
class MessageViewSet(viewsets.ModelViewSet):
queryset = Message.objects.all()
serializer_class = MessageSerializer
permission_classes = (
APIPermissionClassFactory(
name='MessagePermission',
permission_configuration={
'base': {
'create': check_chatUser,
'list': False,
},
'instance': {
'retrieve': False,
'destroy': 'messages.delete_message',
'update': False,
}
}
),
)
#Cunando se crea el mensaje asignar permiso de eliminar
def perform_create(self, serializer):
message = serializer.save()
user = self.request.user
assign_perm('messages.delete_message', user, message)
return Response(serializer.data)
class ChatUserViewSet(viewsets.ModelViewSet):
queryset = ChatUser.objects.all()
serializer_class = ChatUserSerializer
permission_classes = (
APIPermissionClassFactory(
name='ChatUserPermission',
permission_configuration={
'base': {
'create': lambda user, req: user.is_authenticated,
'list': False,
},
'instance': {
'retrieve': False,
'destroy': 'ChatUsers.delete_chatuser',
'update': False,
}
}
),
)
#Cuando se crea la relacion del chat con el usuario asignar permiso de eliminar esa relacion
def perform_create(self, serializer):
chatUser = serializer.save()
user = self.request.user
assign_perm('ChatUsers.delete_chatuser', user, chatUser)
return Response(serializer.data)
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
permission_classes = (APIPermissionClassFactory(
name='UserPermission',
permission_configuration={
'base': {
'create': 'users.add_user',
'list': True,
},
'instance': {
'retrieve': True,
'destroy': 'users.delete_user',
'update': 'users.change_user',
'partial_update': 'users.change_user',
'isStudent': True,
}
}), )
@action(detail=True, url_path='isstudent', methods=['get'])
def isStudent(self, request, pk=None):
response = []
user = self.get_object()
userGroups = user.groups.all()
print(userGroups)
group = Group.objects.get(name='student')
bool = group in userGroups
response.append(bool)
return Response(response)
class EventViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventSerializer
permission_classes = (APIPermissionClassFactory(
name='EventPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': evaluate_permission,
'destroy': evaluate_permission,
'update': evaluate_permission,
'partial_update': evaluate_permission,
'perform_create': evaluate_permission,
}
}), )
def perform_create(self, serializer):
user = self.request.user
baby = Baby.objects.get(pk=self.request.data['baby'])
print(baby.parent.username)
print(user.username)
if (baby.parent.username == user.username):
event = serializer.save()
assign_perm('events.view_event', user, event)
assign_perm('events.change_event', user, event)
return Response(serializer.data)
else:
raise PermissionDenied()
class EstablishmentViewSet(viewsets.ModelViewSet):
queryset = Establishment.objects.all()
serializer_class = EstablishmentSerializer
permission_classes = (
APIPermissionClassFactory(
name='EstablishmentPermission',
permission_configuration={
'base': {
'create': True, # TODO: Debería ser solo superuser.
'list': True,
},
'instance': {
'retrieve': True, # TODO: Solo si está relacionado.
'destroy': False,
'update': 'establishments.change_establishment',
'partial_update': 'establishments.change_establishment',
}
}
),
)
def perform_create(self, serializer):
establishment = serializer.save()
user = self.request.user
assign_perm('establishments.change_establishment', user, establishment)
return Response(serializer.data)
class EventViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventSerializer
permission_classes = (APIPermissionClassFactory(
name='EventPermission',
permission_configuration={
'base': {
'create': evaluateParent,
'list': False,
},
'instance': {
'retrieve': 'events.view_event',
'destroy': 'events.delete_event',
'update': 'events.change_event',
'partial_update': 'event.change_event',
}
}), )
def perform_create(self, serializer):
event = serializer.save()
parent.self.request.parent
assign_perm('events.view_event', parent, event)
assign_perm('events.delete_event', parent, event)
assign_perm('events.change_event', parent, event)
return Response(serializer.data)
class BabyViewSet(viewsets.ModelViewSet):
queryset = Baby.objects.all()
serializer_class = BabySerializer
permission_classes = (
APIPermissionClassFactory(
name='BabyPermission',
permission_configuration={
'base': {
'create': True,
'list': False,
},
'instance': {
'retrieve': is_parent,
'destroy': is_parent,
'update': is_parent,
'partial_update': is_parent,
'events': is_parent,
# 'update_permissions': 'users.add_permissions'
# 'archive_all_students': phase_user_belongs_to_school,
# 'add_clients': True,
}
}), )
def perform_create(self, serializer):
baby = serializer.save()
user = self.request.user
assign_perm('babies.change_baby', user, baby)
assign_perm('babies.view_baby', user, baby)
return Response(serializer.data)
@action(detail=True, url_path='events', methods=['get'])
def events(self, request, pk=None):
allEvents = Event.objects.all().filter(baby=pk)
serialized = EventSerializer(allEvents, many=True)
return Response(serialized.data)
class EventViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventSerializer
permission_classes = (APIPermissionClassFactory(name='EventPermission',
permission_configuration={
'base': {
'create': True,
'list': False,
},
'instance': {
'retrieve':
check_baby_parent,
'update':
False,
'partial_update':
False,
'destroy':
check_baby_parent,
}
}), )
def perform_create(self, serializer):
parent = self.request.user
baby = serializer.validated_data['baby']
if baby.parent.id == parent.id:
event = serializer.save()
return Response(serializer.data)
# Retornar error
return Response(serializer.data)
class ActorViewSet(viewsets.ModelViewSet):
queryset = Actor.objects.all()
serializer_class = ActorSerializer
permission_classes = (
APIPermissionClassFactory(
name='ActorPermission',
permission_configuration={
'base': {
'create': lambda user, requ : user.is_staff,
'list': lambda user, req: user.is_authenticated,
},
'instance': {
'retrieve': True,
'update': lambda user, req, third: user.is_authenticated,
'partial_update': True,
'destroy': lambda user, req, third: user.is_authenticated,
'actorAwards': lambda user, req, third: user.is_authenticated,
}
}
),
)
@action(detail = True, url_path = 'awards',methods = ['get'])
def actorAwards(self, request, pk = None):
awards = self.get_object().awards.all()
return Response(
AwardSerializer(award).data for award in awards
)
class PostViewSet(viewsets.ModelViewSet):
queryset = Post.objects.all()
serializer_class = PostSerializer
permission_classes = (APIPermissionClassFactory(name='EventPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve':
True,
'destroy':
evaluate,
'update':
evaluate,
'partial_update':
evaluate,
}
}), )
def perform_create(self, serializer):
post = serializer.save()
post.order = len(Post.objects.filter(topic=post.topic))
post.save()
return Response(serializer.data)
class ParentViewSet(viewsets.ModelViewSet):
queryset = Parent.objects.all()
serializer_class = ParentSerializer
permission_classes = (APIPermissionClassFactory(name='BabyPermission',
permission_configuration={
'base': {
'create': False,
'list': False,
},
'instance': {
'retrieve': False,
'destroy': False,
'update': False,
'partial_update':
False,
'babies': True
}
}), )
@action(detail=True, methods=['get'])
def babies(self, request, pk=None):
parent = self.get_object().user
parentBabies = []
for baby in Baby.objects.filter(parent=parent):
parentBabies.append(BabySerializer(baby).data)
return Response(parentBabies)
class ParentViewSet(viewsets.ModelViewSet):
queryset = Parent.objects.all()
serializer_class = ParentSerializer
permission_classes = (
APIPermissionClassFactory(
name='ParentPermission',
permission_configuration={
'base': {
#'create': True,
#'list': False,
},
'instance': {
'retrieve': evaluar,
#'destroy': False,
#'update': True,
#'partial_update': 'babies.change_baby',
'babies': evaluar,
# 'update_permissions': 'users.add_permissions'
# 'archive_all_students': phase_user_belongs_to_school,
# 'add_clients': True,
}
}), )
@action(detail=True, methods=['get'])
def babies(self, request, pk=None):
parent = self.get_object()
return Response([
BabySerializer(baby).data
for baby in Baby.objects.filter(parent=parent)
])
class BabyViewSet(viewsets.ModelViewSet):
queryset = Baby.objects.all()
serializer_class = BabySerializer
permission_classes = (APIPermissionClassFactory(
name='BabyPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': evaluate_user_permission,
'destroy': evaluate_user_permission,
'update': evaluate_user_permission,
'partial_update': evaluate_user_permission,
'events': evaluate_user_permission
}
}), )
# create a baby and give the user in the request permission to change and view the
# created baby, via assign_perm
def perform_create(self, serializer):
baby = serializer.save()
user = self.request.user
assign_perm('baby.change_baby', user, baby)
assign_perm('baby.view_baby', user, baby)
return Response(serializer.data)
@action(detail=True, url_path='events', methods=['get'])
def events(self, request, pk=None):
baby = self.get_object()
events = Event.objects.filter(baby=baby)
data = EventSerializer(events, many=True).data
return Response(data)
class EventViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventSerializer
permission_classes = (
APIPermissionClassFactory(
name='EventPermission',
permission_configuration={
'base': {
'create': True,
'list': False,
},
'instance': {
'retrieve': 'events.view_event',
'destroy': False,
'update': False,
'partial_update': 'events.change_event',
#'notify': evaluar_notify,
# 'update_permissions': 'users.add_permissions'
# 'archive_all_students': phase_user_belongs_to_school,
# 'add_clients': True,
}
}), )
def perform_create(self, serializer):
babyId = serializer.validated_data["babyId"]
user = self.request.user
userId = str(user.id)
babyId = str(babyId)
if babyId == userId:
event = serializer.save()
assign_perm('events.change_event', user, event)
assign_perm('events.view_event', user, event)
return Response(serializer.data)
else:
return Response({'ERROR': 'Usted no es el padre de ese bebe'})
class EventViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventSerializer
permission_classes = (
APIPermissionClassFactory(
name='EventPermissions',
permission_configuration={
'base': {
'create': True,
'list': False,
},
'instance': {
'retrieve': 'event.view_event',
'destroy': 'event.delete_event',
'update': True,
'partial_update': False,
# 'update_permissions': 'users.add_permissions'
# 'archive_all_students': phase_user_belongs_to_school,
# 'add_clients': True,
}
}), )
def perform_create(self, serializer):
event = serializer.save()
user = self.request.user
assign_perm('event.view_event', user, event)
assign_perm('event.delete_event', user, event)
return Response(serializer.data)
class TutorViewSet(viewsets.ModelViewSet):
queryset = Tutor.objects.all()
serializer_class = TutorSerializer
permission_classes = (APIPermissionClassFactory(
name='TutorPermission',
permission_configuration={
'base': {
'create': 'tutors.add_tutor',
'list': True,
},
'instance': {
'retrieve': True,
'destroy': 'tutors.delete_tutor',
'update': 'tutors.change_tutor',
'partial_update': 'tutors.change_tutor',
'courseTutors': True
}
}), )
@action(detail=False, url_path='coursetutors', methods=['post'])
def courseTutors(self, request):
try:
response = []
print(request)
courseData = request.data['course_id']
print('course Data antes de tutors' + courseData)
tutors = Tutor.objects.filter(course=courseData)
print("Este es el course Data : " + courseData)
for tutor in tutors:
response.append(UserSerializer(tutor.user_id).data)
return Response(response)
except:
return Response({'detail': 'id is not valid'})
class BabyViewSet(viewsets.ModelViewSet):
queryset = Baby.objects.all()
serializer_class = BabySerializer
permission_classes = (APIPermissionClassFactory(
name='BabyPermission',
permission_configuration={
'base': {
'create': True,
},
'instance': {
'retrieve': 'babies.view_baby',
'destroy': False,
'update': 'babies.change_baby',
'partial_update': 'babies.change_baby',
'events': True
}
}), )
def perform_create(self, serializer):
baby = serializer.save()
user = self.request.user
assign_perm('babies.change_baby', user, baby)
assign_perm('babies.view_baby', user, baby)
return Response(serializer.data)
@action(detail=True, methods=['get'])
def events(self, request, pk=None):
baby = self.get_object()
queryset = baby.event_set.all()
events = EventSerializer(queryset, many=True).data
return Response(events)
class ParentViewSet(viewsets.ModelViewSet):
queryset = Parent.objects.all()
serializer_class = ParentSerializer
permission_classes = (APIPermissionClassFactory(
name='ParentPermission',
permission_configuration={
'base': {
'create': True,
'list': False,
},
'instance': {
'retrieve': 'babyevents.view_parent',
'destroy': False,
'update': True,
'partial_update': 'babyevents.change_parent',
'events': 'babyevents.view_parent',
'babies': 'babyevents.view_parent'
}
}), )
@action(detail=True, methods=['get'])
def babies(self, request, pk=None):
parent = self.get_object()
babies = Baby.objects.filter(pid=parent)
return Response({'status': 'ok', 'Babies': (x.name for x in babies)})
class EventsViewSet(viewsets.ModelViewSet):
queryset = Event.objects.all()
serializer_class = EventSerializer
permission_classes = (APIPermissionClassFactory(
name='EventPermission',
permission_configuration={
'base': {
'create': True,
'list': False,
},
'instance': {
'retrieve': 'babyevents.view_event',
'destroy': False,
'update': True,
'partial_update': 'babyevents.change_event',
'events': evaluate
}
}), )
def perform_create(self, serializer):
parent = self.request.user
baby = Baby.objects.filter(
name=serializer.validated_data['bid'])[0].pid.name
print(' \n\n\n', parent)
if (str(parent) == str(baby)):
event = serializer.save()
return Response(serializer.data)
print('\n\n\nYa salimos\n\n\n')
return Response({'status': 'Not authorized'})
class StoryViewSet(viewsets.ModelViewSet):
queryset = Story.objects.all()
serializer_class = StorySerializer
permission_classes = (APIPermissionClassFactory(name='EventPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'destroy':
evaluate,
'partial_update':
False,
'retrieve': True,
'update': False,
'views': evaluate
}
}), )
@action(detail=True, methods=['get'])
def views(self, request, pk=None):
story = self.get_object()
response = []
for view in ViewedStorySerializer.objects.filter(story=story):
response.append(ViewedStorySerializer(view).data)
return Response(response)
class SemesterViewSet(viewsets.ModelViewSet):
queryset = Semester.objects.all()
serializer_class = SemesterSerializer
permission_classes = (APIPermissionClassFactory(
name='SemesterPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': 'semester.view_semester',
'destroy': evaluate,
'update': evaluate,
'partial_update': 'semester.change_semester',
'courses': evaluate,
'update_beginning': evaluate,
'update_end': evaluate
}
}), )
def perform_create(self, serializer):
semester = serializer.save()
user = self.request.user
assign_perm('semester.view_semester', user, semester)
assign_perm('semester.change_semester', user, semester)
return Response(serializer.data)
@action(detail=True, methods=['get'])
def courses(self, request, pk=None):
semester = self.get_object()
courses_semester = []
for course in Course.objects.filter(semester=semester):
courses_semester.append(CourseSerializer(course).data)
return Response(courses_semester)
@action(detail=True, url_path='update-beginning', methods=['patch'])
def update_beginning(self, request, pk=None):
semester = self.get_object()
new_beginning = request.data.get('new_beginning')
new_beginning = datetime.datetime.strptime(new_beginning,
'%Y-%m-%d').date()
semester.beginning = new_beginning
semester.save()
return Response(SemesterSerializer(semester).data)
@action(detail=True, url_path='update-end', methods=['patch'])
def update_end(self, request, pk=None):
semester = self.get_object()
new_end = request.data.get('new_end')
new_end = datetime.datetime.strptime(new_end, '%Y-%m-%d').date()
semester.end = new_end
semester.save()
return Response(SemesterSerializer(semester).data)
class BookViewSet(viewsets.ModelViewSet):
queryset = Book.objects.all()
serializer_class = BookSerializer
permission_classes = (APIPermissionClassFactory(
name='BookPermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': 'book.view_book',
'destroy': evaluate,
'update': evaluate,
'partial_update': 'book.change_book',
'update_title': evaluate,
'update_description': evaluate,
'update_date': evaluate,
}
}), )
def perform_create(self, serializer):
book = serializer.save()
user = self.request.user
assign_perm('book.view_book', user, book)
assign_perm('book.change_book', user, book)
return Response(serializer.data)
@action(detail=True, url_path='update-title', methods=['patch'])
def update_title(self, request, pk=None):
book = self.get_object()
new_title = request.data.get('new_title')
book.title = new_title
book.save()
return Response(BookSerializer(book).data)
@action(detail=True, url_path='update-description', methods=['patch'])
def update_description(self, request, pk=None):
book = self.get_object()
new_description = request.data.get('new_description')
book.description = new_description
book.save()
return Response(BookSerializer(book).data)
@action(detail=True, url_path='update-date', methods=['patch'])
def update_date(self, request, pk=None):
book = self.get_object()
new_date = request.data.get('new_date')
new_date = datetime.datetime.strptime(new_date, '%Y-%m-%d').date()
book.date = new_date
book.save()
return Response(BookSerializer(book).data)
class CourseViewSet(viewsets.ModelViewSet):
queryset = Course.objects.all()
serializer_class = CourseSerializer
permission_classes = (
APIPermissionClassFactory(
name='CoursePermission',
permission_configuration={
'base': {
'create': True,
'list': True,
},
'instance': {
'retrieve': 'course.view_course',
'destroy': evaluate,
'update': evaluate,
'partial_update': 'course.change_course',
'exams':evaluate,
'assignments':evaluate,
'update_name': evaluate
}
}
),
)
def perform_create(self, serializer):
course = serializer.save()
user = self.request.user
assign_perm('course.view_course', user, course)
assign_perm('course.change_course', user, course)
return Response(serializer.data)
@action(detail=True, methods=['get'])
def exams(self, request, pk=None):
course = self.get_object()
exams_course=[]
for exam in Exam.objects.filter(course=course):
exams_course.append(ExamSerializer(exam).data)
return Response(exams_course)
@action(detail=True, methods=['get'])
def assignments(self, request, pk=None):
course = self.get_object()
assignments_course=[]
for assign in Assignment.objects.filter(course=course):
assignments_course.append(AssignmentSerializer(assign).data)
return Response(assignments_course)
@action(detail=True, url_path='update-name', methods=['patch'])
def update_name(self, request, pk=None):
course = self.get_object()
new_name = request.data.get('new_name')
course.name = new_name
course.save()
return Response(CourseSerializer(course).data)