def Tasks(self, request, pk=None): try: # this line checks to see if the project is owned by the user if Project.objects.get(pk = pk) in Project.objects.filter(Creator=request.user.id): data = Task.objects.filter(Project=pk) serializer = TaskSerializers(data, many=True) return Response(serializer.data) else: # this returns an error if the user does nto own the project return bad_request('Users not authenticated for this request', 400) except: # this returns a 400 error if there is something wrong with the request return bad_request('Error bad request',400)
def Children(self, request, pk=None): try: data = Task.objects.filter(Parent=pk) serializer = TaskSerializers(data, many=True) return Response(serializer.data) except: return bad_request('Error bad request',400)
def post(self, request, slug): # Only available to staff/admin if not (request.user.is_staff or request.user.is_superuser): return bad_request(request, exception="Forbidden") schedule_id = QueryDict(request.body).get('schedule_id') # This is because testing comes in from a different way, django doesn't support ajax that well if schedule_id == None: schedule_id = request.POST.get('schedule_id') attendance_payload = QueryDict(request.body).get('students') # This is because testing comes in from a different way, django doesn't support ajax that well if attendance_payload == None: attendance_payload = request.POST.get('students') attendance_json = json.loads(attendance_payload) # Update the status for student in attendance_json: Attendance.objects.filter(schedule_id=schedule_id, student_id=student['id']).update(status=student['status']) # Send back the json serialized data of all students, now that the update has gone through response = redirect('update_attendance', slug=slug) response['Location'] += '?schedule_id=' + schedule_id return response
def create(self, validated_data): if not hasattr(Role, validated_data['role']): raise bad_request(request, Exception, 'Invalid Role', code=400) user = super(UserSerializer, self).create(validated_data) user.set_password(validated_data['password']) user.save() return user
def update(self, request, *args, **kwargs): if request.user.id is None: raise PermissionDenied( {"message": "Can only update class symbol when logged in"}) partial = kwargs.pop('partial', False) instance = self.get_object() if 'image' in request.data: err_msg = 'Image should not be contained in update request' return bad_request(request, Exception(err_msg)) img = MathSymbol.objects.get(pk=instance.id).image instance.image = img serializer = self.get_serializer(instance, data=request.data, partial=partial) serializer.is_valid(raise_exception=True) self.perform_update(serializer) if instance.image is None or len(instance.image) == 0: instance.image = self.get_latex_svg(instance.latex) instance.save() if getattr(instance, '_prefetched_objects_cache', None): # If 'prefetch_related' has been applied to a queryset, we need to # forcibly invalidate the prefetch cache on the instance. instance._prefetched_objects_cache = {} return Response('Ok')
def Filtered_Tasks(self, request, pk=None): Local_Filter = Filter.objects.get(pk = pk) Command = Local_Filter.Filter() Command = eval(Command) serializer = TaskSerializers(Command, many=True) print(serializer.data) try: return Response(serializer.data) except: return bad_request('Error bad request', 400)
def create(self, request): fields = {} try: for field in self.mapped_object_class.required_fields: fields[field] = request.POST[field] new_ann_type = self.mapped_object_class.insert(**fields) except KeyError: return bad_request(request, None) except RuntimeError: return already_exists() serializer = self.serializer_class(instance=new_ann_type) return Response(serializer.data)
def image(self, request, pk=None): if pk is None: return bad_request(request, Exception('Primary key can not be null')) if 'image' not in request.data: err_msg = 'Image needs to be sent with this request' return bad_request(request, Exception(err_msg)) if request.user.id is None: raise PermissionDenied( {"message": "Can only update class image when logged in"}) try: symbol = MathSymbol.objects.get(pk=pk) symbol.image = base64.b64decode(request.data['image']) symbol.save() return Response('Ok') except MathSymbol.DoesNotExist as e: return bad_request(request, e)
def update(self, request, pk=None): try: ann = self.mapped_object_class.get(id=pk)[0] except IndexError: return does_not_exists() try: for field in self.mapped_object_class.required_fields: setattr(ann, field, request.POST.get(field, getattr(ann, field))) ann.update() except KeyError: return bad_request(request, None) except RuntimeError: return server_error(request, None) serializer = self.serializer_class(instance=ann) return Response(serializer.data)
def post(self, request, slug): # Only professors and admin can change this if not (request.user.is_staff or request.user.is_superuser): logger.warning("Attempting to unlock a schedule as a student (user_id={})".format(request.user.id)) return bad_request(request, exception="Forbidden") # Grab POST data schedule_id = QueryDict(request.body).get('schedule_id') lock_status_payload = QueryDict(request.body).get('lock_status') lock_status_json = json.loads(lock_status_payload) # Find particular schedule schedule = Schedule.objects.filter(id=schedule_id) # Update lock status if schedule.count() > 0: schedule.update(attendance_closed=lock_status_json) return HttpResponse(200)
def list(self, request, *args, **kwargs): logger.error( f"GET on /task/{kwargs.get('task_id')}/reward. {request.user}") return exceptions.bad_request(request, exception=None)
def test_bad_request(): request = RequestFactory().get('/') exception = Exception('Something went wrong — Not used') response = bad_request(request, exception) assert response.status_code == 400 assert response["content-type"] == 'application/json'
def get(self, request, *args, **kwargs): return bad_request(request, exception="Forbidden")
def post(self, request, *args, **kwargs): all_users = [] try: csv_file = request.FILES["file"] if not csv_file.name.endswith('.csv'): logger.error(request, 'File is not CSV type') return HttpResponseRedirect('manageusers') except Exception as e: logger.error("Unable to process file. " + repr(e)) return HttpResponseRedirect('manageusers') file_data = csv_file.read().decode("utf-8") lines = file_data.split("\n") fields = lines[0].split(",") # Determine the field order for the CSV for i,field in enumerate(fields): if field.lower() in self.first_name_opts: self.csv_positions['first_name'] = i elif field.lower() in self.last_name_opts: self.csv_positions['last_name'] = i elif field.lower() in self.email_opts: self.csv_positions['email'] = i elif field.lower() in self.program_opts: self.csv_positions['program'] = i elif field.lower() in self.country_opts: self.csv_positions['country'] = i elif field.lower() in self.specialization_opts: self.csv_positions['specialization'] = i elif field.lower() in self.semester_opts: self.csv_positions['intake_semester'] = i # Validate CSV headers if self.csv_positions['email'] < 0: return bad_request("Cannot find email in CSV", exception="BadCSV") elif self.csv_positions['first_name'] < 0: return bad_request("Cannot find first name in CSV", exception="BadCSV") elif self.csv_positions['last_name'] < 0: return bad_request("Cannot find last name in CSV", exception="BadCSV") elif self.csv_positions['program'] < 0: return bad_request("Cannot find program in CSV", exception="BadCSV") # Get override data (if any) override_specialization = request.POST.get('overrideSpecialization') override_semester_season = request.POST.get('overrideSemesterSeason') override_semester_year = request.POST.get('overrideSemesterYear') override_country = request.POST.get('overrideCountry') for line in lines[1:]: user = { 'first_name': "", 'last_name': "", 'program': "", 'specialization': "", 'semester_season': "", 'semester_year': "", 'email': "", 'type': "Student", 'country': "" } if line == "": continue fields = line.split(',') user['first_name'] = fields[self.csv_positions['first_name']] user['last_name'] = fields[self.csv_positions['last_name']] user['program'] = fields[self.csv_positions['program']] user['email'] = fields[self.csv_positions['email']] # Country if self.csv_positions['country'] >= 0: user['country'] = fields[self.csv_positions['country']] if user['country'] == "" and override_country != None: user['country'] = override_country # Specialization if self.csv_positions['specialization'] >= 0: user['specialization'] = fields[self.csv_positions['specialization']] if user['specialization'] == "" and override_specialization != None: user['specialization'] = override_specialization # Intake Semester if self.csv_positions['intake_semester'] >= 0: parts = fields[self.csv_positions['intake_semester']].split(' ') year_match = re.match("\d{4}", parts[0], re.M|re.I) if (year_match): user['semester_year'] = parts[0] user['semester_season'] = parts[1] else: user['semester_year'] = parts[1] user['semester_season'] = parts[1] if user['semester_season'] == "" and override_semester_season != None: user['semester_season'] = override_semester_season if user['semester_year'] == "" and override_semester_year != None: user['semester_year'] = override_semester_year all_users.append(user) logger.info("Processing CSV user file with {} potential users".format(len(all_users))) return JsonResponse(all_users, safe=False)
def get(self, request): logger.error("Attempting get request for toggle attendance lock") return bad_request(request, exception="Forbidden")