def get(self, request):
asker = UserProfile.get(request)
start, end = request.GET.get('start'), request.GET.get('end')
if start:
start = datetime.strptime(start, date_format).date()
if end:
end = datetime.strptime(end, date_format).date()
result = {}
if asker and request.GET.get('offers'):
result[asker.username] = asker.get_calendar(start=start,
end=end,
offers=True)
return Response(result)
project_id = int(request.GET.get('project_id', 0))
users = request.GET.getlist('users')
if not users:
users = request.GET.getlist('user')
for user in users:
user_profile = UserProfile.get(user)
if user_profile:
result[user] = user_profile.get_calendar(
asker, start, end, project_id)
return Response(result)
def search(self, request, data):
user = UserProfile.get(data.get('user'))
asker = UserProfile.get(request)
if not user:
user = asker
projects = user.projects(asker)
return Response(self.get_paginator(projects, data, asker=asker))
def get(self, request, username=None):
profile = UserProfile.get(username)
asker = UserProfile.get(request)
if profile:
if request.query_params.get('profile') is not None:
return Response(ProfileSerializer(profile).data)
return Response(
profile.page(asker,
start=request.GET.get('start'),
end=request.GET.get('end')))
return Response({'error': f'Пользователь {username} не найден'})
def put(self, request):
profile = UserProfile.get(request)
tag, created = Tag.objects.get_or_create(**request.data)
count = profile.tags.count()
profile.tags.add(ProfileTag.objects.create(tag=tag, rank=count))
serializer = TagSerializer(profile.tags.list(), many=True)
return Response(serializer.data)
def test_get(self):
user = User.objects.create_user(username="******",
email="*****@*****.**",
password="******")
user.save()
profile = UserProfile.get(user)
self.assertEqual('test1', profile.username)
def search(self, request, data):
asker = UserProfile.get(request.user)
if asker:
data = dict(data)
data['asker'] = asker
profiles = UserProfile.objects.all()
return Response(self.get_paginator(profiles, data))
def post(self, request, pk=None):
asker = UserProfile.get(request)
if not pk:
project = asker.create_project(request.data)
else:
project = asker.update_project(pk, request.data)
if isinstance(project, Project):
return Response(ProjectListItemSerializer(project).data)
return Response(project)
def post(self, request, pk):
profile = UserProfile.get(request)
response, created = ProjectShowing.objects.get_or_create(
project_id=pk, user=profile, **request.data)
from django.utils import timezone
response.time = timezone.now()
response.response = True
response.save()
return Response({})
def post(self, request, pk=None):
profile = UserProfile.get(request)
client = None
if pk is not None:
client = Client.objects.filter(pk=pk).first()
serializer = ClientSerializer(client, data=request.data)
if serializer.is_valid():
serializer.save(user=profile)
return Response(serializer.data)
print(serializer.errors)
return Response(status=500)
def post(self, request):
profile = UserProfile.get(request)
dop = profile.days_off_project
pick = request.data.get('pick')
days = request.data.get('days', [])
dates = [datetime.strptime(day, date_format).date() for day in days]
if pick:
existing = [
day.date
for day in Day.objects.filter(project=dop, date__in=dates)
]
dates = list(set(dates) - set(existing))
objects = [Day(project=dop, date=date) for date in dates]
Day.objects.bulk_create(objects)
else:
Day.objects.filter(project=dop, date__in=dates).delete()
return Response({})
def handle(self, *args, **options):
from api.models import UserProfile
profile = UserProfile.get(options.get('user'))
if not profile:
from api.models import Account
try:
n = int(options.get('number'))
except:
n = 1
for i in range(n):
account = Account.create(password='******')
account.update(email_confirm=f'{account.username}@dayspick.ru')
account.user.is_staff = True
account.user.save()
profile = account.profile
random_name(profile)
random_tags(profile)
print(f'\nСоздан пользователь {profile.full_name}')
create_random_projects(profile)
else:
create_random_projects(profile)
def test_get(self):
user = User.objects.create_user(username="******",
email="*****@*****.**", password="******")
user.save()
profile = UserProfile.get(user)
self.assertEqual('test1', profile.username)
def post(self, request, projects=None):
profile = UserProfile.get(request)
projects = profile.projects()
return super().post(request, projects)
def test_resource(self):
client = self.client
#test POST
post_response = client.post(self.users_list_url, self.user_post_data)
self.assertEqual(post_response.status_code, 201, post_response.content)
#test matching GET
get_response = client.get(self.users_list_url, parse='json')
self.assertEqual(get_response.status_code, 200, get_response.content)
userprofile_dict = get_response.data['objects'][0]
userprofile_keys = userprofile_dict.keys()
self.assertTrue('email' in userprofile_keys)
self.assertTrue('facebook_id' in userprofile_keys)
#test attempt unauthorized put
put_data = dict(self.user_post_data)
put_data['first_name'] = "darth"
put_response = client.put(userprofile_dict['resource_uri'], put_data)
self.assertEqual(put_response.status_code, 401,
put_response.content) #UNAUTHORIZED
#test authenticate
rpc_response = client.rpc('authenticate',
email=self.user_post_data['email'],
password=self.user_post_data['password'])
self.assertEqual(200, rpc_response.status_code, rpc_response.content)
#test PUT
put_data = self.user_post_data
put_data['first_name'] = "darth"
put_response = client.put(userprofile_dict['resource_uri'], put_data)
self.assertEqual(put_response.status_code, 204, put_response.content)
#test PATCH
patch_data = dict(put_data)
patch_response = client.patch(userprofile_dict['resource_uri'],
{'last_name': 'vader'})
self.assertEqual(patch_response.status_code, 202,
patch_response.content)
#test PATCH to superuser (not allowed)
patch_data = {'is_superuser': True, 'is_staff': True}
patch_response = client.patch(userprofile_dict['resource_uri'],
patch_data)
user_id = int(userprofile_dict['resource_uri'].split('/')[-2])
user = User.objects.get(id=user_id)
self.assertFalse(user.is_superuser,
"Allowed user to made himself superuser!")
self.assertFalse(user.is_staff, "Allowed user to made himself staff!")
#test PATCH to facebook_id (not allowed)
patch_data = {'facebook_id': 12345678}
patch_response = client.patch(userprofile_dict['resource_uri'],
patch_data)
user_id = int(userprofile_dict['resource_uri'].split('/')[-2])
user = User.objects.get(id=user_id)
profile = UserProfile.get(user)
self.assertNotEqual(
12345678, profile.facebook_id,
"Allowed user to change his own facebook_id by POST/PUT!")
#test matching GET
get_response = client.get(userprofile_dict['resource_uri'],
parse='json')
userprofile_dict = get_response.data
expected_data = dict(put_data)
del expected_data['password']
expected_data['last_name'] = 'vader'
self.assertEqual(get_response.status_code, 200, get_response.content)
self.assertDictContainsSubset(expected_data, userprofile_dict)
def post(self, request):
profile = UserProfile.get(request)
tags = profile.tags.update(request.data)
serializer = TagSerializer(tags, many=True)
return Response(serializer.data)
def get(self, request):
profile = UserProfile.get(request)
tags = Tag.search(profile=profile, **request.GET)
serializer = TagSerializer(tags, many=True)
return Response(serializer.data)
def post(self, request):
profile = UserProfile.get(request)
if profile:
profile = profile.update(**request.FILES)
return Response(ProfileSerializer(profile).data)
return Response({'error': 'Профиль не найден'})
def search(self, request, data):
user = UserProfile.get(request)
projects = user.offers()
return Response(self.get_paginator(projects, data, asker=user))
def get(self, request, pk=None):
asker = UserProfile.get(request)
if pk:
project = Project.objects.filter(pk=pk).first()
if project:
if not project.user and project.creator != asker and not project.is_series:
ProjectShowing.objects.get_or_create(project_id=pk,
user=asker,
**request.data)
page = project.page(asker)
if page:
return Response(page)
result = {
'project': {
'id': None,
'title': None,
'days': {},
'money': None,
'money_calculating': False,
'money_per_day': None,
'client': None,
'user': None,
'creator': ProfileItemShortSerializer(asker).data,
'canceled': None,
'is_paid': False,
'is_wait': True,
'info': None,
'parent': None,
'confirmed': False,
'is_series': False
},
'calendar': {
'days': {},
'daysOff': []
}
}
user = UserProfile.get(request.GET.get('user'))
series = Project.get(request.GET.get('series'))
copy = Project.get(request.GET.get('copy'))
if series:
user = series.user
series_fields = SeriesFillingSerializer(series).data
result['project'].update(series_fields)
result['project'].update({
'is_series':
False,
'parent':
ProjectListItemSerializer(series).data
})
if user:
result['project'].update({
'user': ProfileItemShortSerializer(user).data,
'is_wait': user != asker,
'confirmed': user == asker
})
result['calendar'] = user.get_calendar(asker)
if copy:
page = copy.page(asker)
if page:
page['project']['id'] = None
return Response(page)
return Response(result)
def delete(self, request, pk):
asker = UserProfile.get(request)
result = asker.delete_project(pk)
return Response(result)
def test_resource(self):
client = self.client
#test POST
post_response = client.post(self.users_list_url, self.user_post_data)
self.assertEqual(post_response.status_code, 201, post_response.content)
#test matching GET
get_response = client.get(self.users_list_url, parse='json')
self.assertEqual(get_response.status_code, 200, get_response.content)
userprofile_dict = get_response.data['objects'][0]
userprofile_keys = userprofile_dict.keys()
self.assertTrue('email' in userprofile_keys)
self.assertTrue('facebook_id' in userprofile_keys)
#test attempt unauthorized put
put_data = dict(self.user_post_data)
put_data['first_name'] = "darth"
put_response = client.put(userprofile_dict['resource_uri'],put_data)
self.assertEqual(put_response.status_code, 401, put_response.content) #UNAUTHORIZED
#test authenticate
rpc_response = client.rpc('authenticate',
email=self.user_post_data['email'], password=self.user_post_data['password'])
self.assertEqual(200,rpc_response.status_code, rpc_response.content)
#test PUT
put_data = self.user_post_data
put_data['first_name'] = "darth"
put_response = client.put(userprofile_dict['resource_uri'], put_data)
self.assertEqual(put_response.status_code, 204, put_response.content)
#test PATCH
patch_data = dict(put_data)
patch_response = client.patch(userprofile_dict['resource_uri'], {'last_name':'vader'})
self.assertEqual(patch_response.status_code, 202, patch_response.content)
#test PATCH to superuser (not allowed)
patch_data = {'is_superuser': True, 'is_staff' : True}
patch_response = client.patch(userprofile_dict['resource_uri'], patch_data)
user_id = int(userprofile_dict['resource_uri'].split('/')[-2])
user = User.objects.get(id=user_id)
self.assertFalse(user.is_superuser,"Allowed user to made himself superuser!")
self.assertFalse(user.is_staff,"Allowed user to made himself staff!")
#test PATCH to facebook_id (not allowed)
patch_data = {'facebook_id' : 12345678}
patch_response = client.patch(userprofile_dict['resource_uri'], patch_data)
user_id = int(userprofile_dict['resource_uri'].split('/')[-2])
user = User.objects.get(id=user_id)
profile = UserProfile.get(user)
self.assertNotEqual(12345678,profile.facebook_id,"Allowed user to change his own facebook_id by POST/PUT!")
#test matching GET
get_response = client.get(userprofile_dict['resource_uri'], parse='json')
userprofile_dict = get_response.data
expected_data = dict(put_data)
del expected_data['password']
expected_data['last_name'] = 'vader'
self.assertEqual(get_response.status_code, 200, get_response.content)
self.assertDictContainsSubset(expected_data, userprofile_dict)
def get(self, request):
profile = UserProfile.get(request)
companies = profile.clients.exclude(
company='').order_by('company').values_list('company',
flat=True).distinct()
return Response(companies)
def search(self, request, data):
profile = UserProfile.get(request)
return Response(self.get_paginator(profile.clients, data))