class TransactionResource(ModelResource): from_user = fields.ToOneField(UserResource, 'from_user', full=True) to_user = fields.ToOneField(UserResource, 'to_user', full=True, null=True) class Meta: queryset = Transaction.objects.all().order_by('-timestamp') resource_name = 'transaction' allowed_methods = ['get']
class WalletResource(ModelResource): user = fields.ToOneField(UserResource, 'user', full=True) class Meta: queryset = WalletTransaction.objects.all().order_by('-timestamp') resource_name = 'wallettransaction' allowed_methods = ['get']
class MovieResource(ModelResource): genre = fields.ToOneField(GenreResource, 'genre', full=True) class Meta: queryset = Movie.objects.all() resource_name = "movies" ordering = ['title', 'release_year', 'price'] filtering = {'release_year': ALL, 'price': ALL, 'title': ALL} allowed_methods = ['get', 'post', 'patch', 'put', 'delete', 'options'] authorization = Authorization()
class MovieResource(ModelResource): genre = fields.ToOneField(GenreResource, 'genre', full=True) class Meta: queryset = Movie.objects.all() resource_name = "movies" # for API this will be the url api/movies filtering = {'price': ALL, 'title': ALL, 'release_year': ALL} ordering: ['release_year', 'price', 'title', 'director'] allowed_methods = ['get', 'post', 'put', 'patch', 'delete'] authorization = Authorization()
class CommentResource(ModelResource): thread = fields.ToOneField(ThreadResource, 'game_thread', full=True) class Meta: queryset = Comment.objects.all() resource_name = 'comment' ordering = ['date'] allowed_methods = ['get', 'post', 'patch', 'put', 'delete', 'options'] #allows api to create to post authorization = Authorization( ) # authorize all requests to have write db permissions
class MovieResource(ModelResource): genre = fields.ToOneField(GenreResource, 'genre', full=True) class Meta: queryset = Movie.objects.all() resource_name = "movies" filtering = {'price': ALL, 'title': ALL, 'release_year': ALL} # check why order_by is not working ordering: ['release_year', 'price', 'title', 'director'] allowd_methods = ['get', 'post', 'put', 'patch', 'delete'] authorization = Authorization()
class MovieResource(ModelResource): genre = fields.ToOneField(GenreResource, 'genre', full=True) # made the full = uppercase [T]rue class Meta: queryset = Movie.objects.all() resource_name = 'movies' ordering = ['title', 'id', 'price', 'release_year'] filtering = {'title': ALL, 'price': ALL, 'release_year': ALL} allowed_methods = ['get', 'post', 'patch', 'put', 'delete', 'options'] authorization = Authorization( ) # authorize all request to have write db permissions
class HousingGroupResource(ModelResource): """HousingGroup Resource""" # exhibit = fields.ToOneField('paws.api.resources.ExhibitResource', 'exhibit') staff = fields.ToManyField('paws.api.resources.StaffResource', 'staff', blank=True) animals = fields.ToManyField('paws.api.resources.AnimalResource', 'animal_set', full=True, blank=True) exhibit = fields.ToOneField('paws.api.resources.ExhibitResource', 'exhibit') class Meta: authentication = CustomAuthentication() authorization = DjangoAuthorization() queryset = models.HousingGroup.objects.all() resource_name = 'housingGroup' always_return_data = True list_allowed_methods = ['get', 'post', 'put', 'patch', 'delete'] # Redefine get_object_list to filter for exhibit_id and staff_id. def get_object_list(self, request): staff_id = request.GET.get('staff_id', None) exhibit_id = request.GET.get('exhibit_id', None) animal_id = request.GET.get('animal_id', None) q_set = super(HousingGroupResource, self).get_object_list(request) # Try filtering by staff_id if it exists. try: staff = models.Staff.objects.get(id=staff_id) q_set = q_set.filter(staff=staff) except ObjectDoesNotExist: pass # Try filtering by exhibit if it exists. try: exhibit = models.Exhibit.objects.get(id=exhibit_id) q_set = q_set.filter(exhibit=exhibit) except ObjectDoesNotExist: pass # Try filtering by animal if it exists try: animal = models.Animal.objects.get(id=animal_id) print animal.housing_group q_set = q_set.filter(id=animal.housing_group.id) except ObjectDoesNotExist: pass return q_set
class MovieResource(ModelResource): genre = fields.ToOneField(GenreResource, 'genre', full=True) class Meta: queryset = Movie.objects.all() resource_name = 'movies' ordering = ["release_year", "title", "price"] filtering = { "release_year": ALL, "price": ALL, "title": ALL, "in_stock": ALL, "duration_min": ALL }
class StarredResource(ModelResource): cover = fields.ToOneField(ImageResource, lambda bundle: Image.objects.filter( post=bundle.obj, is_cover=True).first(), use_in='list', full=True) class Meta: queryset = Post.objects.filter(starred=True, published=True).order_by('order')[:6] resource_name = 'starred' ordering = [ 'order', ]
class AchievementResource(ModelResource): achievement_type = fields.ToOneField(AchievementTypeResource, 'achievement_type') subuser = fields.ToOneField(SubUserResource, 'subuser') class Meta: queryset = Achievement.objects.all() resource_name = 'achievements' list_allowed_methods = ['get','post'] detail_allowed_methods = ['get','put','post','delete'] authentication = ApiKeyTokenAuthentication() authorization = Authorization() serializer = CustomJSONSerializer(formats=['json']) def apply_authorization_limits(self, request, object_list): ''' Only permit access to the current user's settings. ''' return object_list.filter(subuser__user=request.user) def obj_create(self, bundle, request=None, **kwargs): return super(AchievementResource, self).obj_create(bundle, request) def get_object_list(self, request): return super(AchievementResource, self).get_object_list(request)
class PostResource(ModelResource): category = fields.ForeignKey(SubCategoryResource, 'category', full=True, null=True, blank=True) credits = fields.ToManyField( CreditResource, lambda bundle: bundle.obj.credits.order_by('id'), full=True, use_in='detail', null=True, blank=True) tags = fields.ToManyField(TagResource, lambda bundle: bundle.obj.tags.all(), use_in='detail', full=True, null=True, blank=True) images = fields.ToManyField( ImageResource, lambda bundle: bundle.obj.images.order_by('-is_cover', 'id'), full=True, use_in='detail', null=True, blank=True) cover = fields.ToOneField(ImageResource, lambda bundle: Image.objects.filter( post=bundle.obj, is_cover=True).first(), use_in='list', full=True, null=True) class Meta: queryset = Post.objects.order_by('-id') resource_name = 'posts' list_allowed_methods = [ 'get', ] detailed_allowed_methods = [ 'get', ] filtering = { 'category': ALL_WITH_RELATIONS, 'published': ['exact'], 'starred': ['exact'] }
class AlbumResource(ModelResource): photos = fields.ToManyField(PhotoResource, 'photos', full=True, use_in='detail', null=True) cover = fields.ToOneField( PhotoResource, lambda bundle: Photo.objects.filter(album=bundle.obj).first(), use_in='list', full=True, null=True) class Meta: queryset = Album.objects.order_by('-created_at') resource_name = 'albums' list_allowed_methods = [ 'get', ] detailed_allowed_methods = [ 'get', ] filtering = {'published': ['exact']}
class EventResource(ModelResource): activity = fields.ToOneField(ActivityResource, 'activity') task_id = fields.CharField(attribute='task_id') class Meta: queryset = Event.objects.all() resource_name = 'events' list_allowed_methods = ['get','post'] detail_allowed_methods = ['get','put','post','delete'] authentication = ApiKeyTokenAuthentication() authorization = Authorization() serializer = CustomJSONSerializer(formats=['json']) def apply_authorization_limits(self, request, object_list): ''' Only permit access to the current user's subusers. ''' return object_list.filter(activity__subuser__user=request.user) def obj_create(self, bundle, request=None, **kwargs): return super(EventResource, self).obj_create(bundle, request) def get_object_list(self, request): return super(EventResource, self).get_object_list(request)
class UserResource(ModelResource): """User Resource.""" staff = fields.ToOneField('paws.api.resources.StaffResource', 'staff', null=True) class Meta: authentication = CustomAuthentication() authorization = DjangoAuthorization() queryset = User.objects.all() resource_name = 'user' excludes = ['email', 'password'] list_allowed_methods = ['get', 'post', 'put', 'delete'] def override_urls(self): return [ url(r"^(?P<resource_name>%s)/bulk%s$" % (self._meta.resource_name, trailing_slash()), self.wrap_view('bulk_add'), name="api_bulk_add"), url(r"^(?P<resource_name>%s)/add_user%s$" % (self._meta.resource_name, trailing_slash()), self.wrap_view('add_user'), name="api_add_user"), ] # Adding new user into the database def obj_create(self, bundle, request=None, **kwargs): try: bundle = super(UserResource, self).obj_create(bundle, request, **kwargs) bundle.obj.set_password(bundle.data.get('password')) bundle.obj.save() except IntegrityError: raise BadRequest('That username already exists') return bundle # Updating user's information def obj_update(self, bundle, request=None, **kwards): try: bundle = super(UserResource, self).obj_update(bundle, request, **kwargs) bundle.obj.set_password(bundle.data.get('password')) bundle.obj.save() except IntegrityError: raise BadRequest('That username already exists') return bundle # Deleting user from the database def obj_delete(self, request=None, **kwargs): return super(UserResource, self).obj_delete(request, **kwargs) def add_user(self, request, **kwargs): self.method_check(request, allowed=['post']) self.is_authenticated(request) self.throttle_check(request) # Make sure user is superuser. if not request.user.is_superuser: raise ImmediateHttpResponse(HttpUnauthorized("Cannot add user")) try: user = json.loads(request.raw_post_data) print user if user["first_name"] == "": return self.create_response( request, "Blank first name. Please fill in.", response_class=HttpBadRequest) if user["last_name"] == "": return self.create_response(request, "Blank last name. Please fill in.", response_class=HttpBadRequest) if user["password"] == "": return self.create_response(request, "Blank password. Please fill in.", response_class=HttpBadRequest) import_user = bulk_import.addUser( first_name=user["first_name"], last_name=user["last_name"], password=user["password"], is_superuser=user["is_superuser"]) object = self.build_bundle(obj=import_user, request=request) object = self.full_dehydrate(object) ret_user = { 'object': object, } return self.create_response(request, ret_user) except ValueError: return self.create_response(request, "Invalid JSON", response_class=HttpApplicationError) # Bulk add view. def bulk_add(self, request, **kwargs): self.method_check(request, allowed=['post']) self.is_authenticated(request) self.throttle_check(request) # Make sure user is superuser. if not request.user.is_superuser: raise ImmediateHttpResponse(HttpUnauthorized("Cannot bulk add")) # Try making a new user try: user_list = json.loads(request.raw_post_data) print user_list import_users = bulk_import.importUsers(user_list) objects = [] for result in import_users: bundle = self.build_bundle(obj=result, request=request) bundle = self.full_dehydrate(bundle) objects.append(bundle) object_list = { 'objects': objects, } return self.create_response(request, object_list) except ValueError: return self.create_response(request, "Invalid JSON", response_class=HttpApplicationError)
class StaffResource(ModelResource): """Staff Resource.""" user = fields.ToOneField('paws.api.resources.UserResource', 'user', full=True) housing_group = fields.ToManyField( 'paws.api.resources.HousingGroupResource', 'housinggroup_set') class Meta: authentication = CustomAuthentication() authorization = DjangoAuthorization() queryset = models.Staff.objects.all() resource_name = 'staff' list_allowed_methods = ['get', 'post', 'put', 'patch', 'delete'] # override the url for a specific url path of searching def override_urls(self): return [ url(r"^(?P<resource_name>%s)\.(?P<format>\w+)/search%s$" % (self._meta.resource_name, trailing_slash()), self.wrap_view('get_search'), name="api_get_search"), ] # determine the format of the returning results in json or xml def determine_format(self, request): if (hasattr(request, 'format') and request.format in self._meta.serializer.formats): return self._meta.serializer.get_mime_for_format(request.format) return super(StaffResource, self).determine_format(request) # wraps the method 'get_seach' so that it can be called in a more functional way def wrap_view(self, view): def wrapper(request, *args, **kwargs): request.format = kwargs.pop('format', None) wrapped_view = super(StaffResource, self).wrap_view(view) return wrapped_view(request, *args, **kwargs) return wrapper # main function for searching def get_search(self, request, **kwargs): # checking user inputs' method self.method_check(request, allowed=['get']) # checking if the user is authenticated self.is_authenticated(request) # checking if the user should be throttled self.throttle_check(request) # Provide the results for a search query sqs = SearchQuerySet().models(models.Staff).load_all().auto_query( request.GET.get('q', '')) paginator = Paginator(sqs, 20) try: page = paginator.page(int(request.GET.get('page', 1))) except InvalidPage: raise Http404("Sorry, no results on that page.") # Create a list of objects that contains the search results objects = [] for result in page.object_list: # create bundle that stores the result object bundle = self.build_bundle(obj=result.object, request=request) # reformating the bundle bundle = self.full_dehydrate(bundle) # adding the bundle into a list of objects objects.append(bundle) # Specifiy the format of json output object_list = { 'objects': objects, } # Handle the recording of the user's access for throttling purposes. self.log_throttled_access(request) # Return the search results in json format return self.create_response(request, object_list) # Redefine get_object_list to filter for animal_id. def get_object_list(self, request): animal_id = request.GET.get('animal_id', None) q_set = super(StaffResource, self).get_object_list(request) #Filtering by animals try: animal = models.Animal.objects.get(id=animal_id) housing_group = animal.housing_group q_set = housing_group.staff.all() except ObjectDoesNotExist: pass return q_set
class AnimalObservationResource(ModelResource): """AnimalObservation Resource.""" animal = fields.ToOneField('paws.api.resources.AnimalResource', 'animal', full=True, related_name='animal_observations') observation = fields.ToOneField('paws.api.resources.ObservationResource', 'observation', related_name='animal_observations') behavior = fields.ForeignKey('paws.api.resources.BehaviorResource', 'behavior', full=True, null=True, blank=True) class Meta: authentication = CustomAuthentication() authorization = Authorization() queryset = models.AnimalObservation.objects.all() resource_name = 'animalObservation' list_allowed_methods = ['get', 'post', 'put', 'patch', 'delete'] # A check to see if staff can modify this observation. def can_modify_observation(self, request, animalObservation_id): # Any superuser can modify an observation. if (request.user.is_superuser): return True try: observation = models.AnimalObservation.objects.get( id=animalObservation_id).observation return observation.staff.user == request.user except ObjectDoesNotExist: return True def obj_create(self, bundle, request=None, **kwargs): # Get the user of the observation by fully hydrating the bundle and then # check if the user is allowed to add to this observation. user = self.full_hydrate(bundle).obj.observation.staff.user if not request.user.is_superuser and user != request.user: raise ImmediateHttpResponse( HttpUnauthorized( "Cannot add other users' animal observations")) return super(AnimalObservationResource, self).obj_create(bundle, request, **kwargs) def obj_update(self, bundle, request=None, **kwargs): # PATCH fix bundle.data['animal'] = bundle.data['animal'].data['resource_uri'] if not isinstance(bundle.data['behavior'], basestring): bundle.data['behavior'] = bundle.data['behavior'].data[ 'resource_uri'] # Make sure that the user can modifty. ao_id = int(kwargs.pop('pk', None)) if not self.can_modify_observation(request, ao_id): raise ImmediateHttpResponse( HttpUnauthorized( "Cannot edit other users' animal observations")) return super(AnimalObservationResource, self).obj_update(bundle, request, **kwargs) def obj_delete(self, request=None, **kwargs): # Make sure that the user can modifty. observation_id = int(kwargs.pop('pk', None)) if not self.can_modify_observation(request, observation_id): raise ImmediateHttpResponse( HttpUnauthorized( "Cannot delete other users' animal observations")) return super(AnimalObservationResource, self).obj_delete(request, **kwargs) # Redefine get_object_list to filter for observation_id and animal_id. def get_object_list(self, request): animal_id = request.GET.get('animal_id', None) observation_id = request.GET.get('observation_id', None) q_set = super(AnimalObservationResource, self).get_object_list(request) # Try filtering by animal if it exists. try: animal = models.Animal.objects.get(id=animal_id) q_set = q_set.filter(animal=animal) except ObjectDoesNotExist: pass # Try filtering by observation if it exists. try: observation = models.Observation.objects.get(id=observation_id) q_set = q_set.filter(observation=observation) except ObjectDoesNotExist: pass return q_set # Add useful numerical numbers for animal observation def dehydrate(self, bundle): # If there is no observation, set the rate equals to 0 rate = 0 if bundle.obj.interaction_time is not None and bundle.obj.observation_time is not None and bundle.obj.indirect_use is False and bundle.obj.observation_time != 0: # Add the rate of the interaction vs. total observation time # The rate = interaction time is divided by the total observation time rate = bundle.obj.interaction_time / float( bundle.obj.observation_time) # Add the rate into the API results bundle.data['rate'] = rate return bundle # override the url for a specific url path of searching def override_urls(self): return [ url(r"^(?P<resource_name>%s)\.(?P<format>\w+)/stats%s$" % (self._meta.resource_name, trailing_slash()), self.wrap_view('get_stats'), name="api_get_stats"), ] # determine the format of the returning results in json or xml def determine_format(self, request): if (hasattr(request, 'format') and request.format in self._meta.serializer.formats): return self._meta.serializer.get_mime_for_format(request.format) return super(AnimalObservationResource, self).determine_format(request) # wraps the method 'get_seach' so that it can be called in a more functional way def wrap_view(self, view): def wrapper(request, *args, **kwargs): request.format = kwargs.pop('format', None) wrapped_view = super(AnimalObservationResource, self).wrap_view(view) return wrapped_view(request, *args, **kwargs) return wrapper # Calculate interaction rate between one given enrichment with other given enrichments def get_stats(self, request, **kwargs): # get the animal_id from url animal_id = request.GET.get('animal_id', None) animal = models.Animal.objects.get(id=animal_id) q_set = self.get_object_list(request) # filter by animal_id if exists try: q_set.filter(animal=animal) except ObjectDoesNotExist: pass # list of different enrichment given to animal with id=animal_id enrichment_list = [] total_interaction = 0.0 for result in q_set: # updating the interaction time total_interaction += result.interaction_time observation = models.Observation.objects.get( id=result.observation_id) # Make unique enrichment list if observation.enrichment in enrichment_list: pass else: enrichment_list.append(observation.enrichment) percent = [] # calculate the percentage of each enrichment's interaction time # over the total interaction time of animal with id=animal_id for e in enrichment_list: total_eachInteraction = 0.0 # behavior occurance positive = 0 NA = 0 negative = 0 avoid = 0 # total time of each occurance pos_interaction = 0.0 na_interaction = 0.0 neg_interaction = 0.0 avoid_interaction = 0.0 for result in q_set: if models.Observation.objects.get( id=result.observation_id).enrichment == e: behavior = models.Behavior.objects.get( id=result.behavior_id) total_eachInteraction += result.interaction_time if (behavior.reaction == 1): positive += 1 pos_interaction += result.interaction_time if (behavior.reaction == 0): NA += 1 na_interaction += result.interaction_time if (behavior.reaction == -1): negative += 1 neg_interaction += result.interaction_time if (behavior.reaction == -2): avoid += 1 avoid_interaction += result.interaction_time else: pass # Return 0 if the animal has never interacted with any enrichment if total_eachInteraction == 0.0: percentage = 0.0 pos_percentage = 0.0 na_percentage = 0.0 neg_percentage = 0.0 avoid_percentage = 0.0 else: percentage = total_eachInteraction / total_interaction pos_percentage = pos_interaction / total_eachInteraction na_percentage = na_interaction / total_eachInteraction neg_percentage = neg_interaction / total_eachInteraction avoid_percentage = avoid_interaction / total_eachInteraction # create bundle that stores the result object bundle = self.build_bundle(obj=e, request=request) # reformating the bundle # adding the enrichment name into the bundle bundle.data['Enrichment'] = e bundle.data['id'] = e.id # adding the percentage into the bundle bundle.data['overall_percentage'] = percentage bundle.data['positive_occurance'] = positive bundle.data['positive_percentage'] = pos_percentage bundle.data['na_occurance'] = NA bundle.data['na_percentage'] = na_percentage bundle.data['negative_interaction'] = negative bundle.data['neg_occurance'] = neg_percentage bundle.data['avoid_occuranve'] = avoid bundle.data['avoid_percentage'] = avoid_percentage # append the bundle into the list percent.append(bundle) # Specifiy the format of json output object_list = { 'objects': percent, } # Return the search results in json format return self.create_response(request, object_list)