def get_user(self):
cached_data = get_cached_user(self.cleaned_data.get('token'))
user = Customer.customers.get_auth_customer(
cached_data['username']) or None
if not cached_data or not user:
raise forms.ValidationError('Unauthorized User !')
return user
def update_customer_upg(self):
cached_data = get_cached_user(self.cleaned_data.get('token'))
customer = self.get_customer(cached_data)
university = get_object_or_404(
University, slug_name=self.cleaned_data.get('university_slug'))
if cached_data['university_id'] != university.pk:
raise forms.ValidationError('User has no permission !',
code=FORM_ERROR_CODE_MAP[4])
permission_group = self.cleaned_data.get('permission_group')
is_approved = self.cleaned_data.get('is_approved')
admin_comment = self.cleaned_data.get('admin_comment')
grant_level = self.cleaned_data.get('grant_level') or None
customer_in_university = CustomerUPG.customer_upg.all().filter(
customer=customer.pk, university=university) or None
if not permission_group or not is_approved or not admin_comment or not customer:
raise forms.ValidationError(
'Required Field [customer, permission_group, is_approved, admin_comment, ] !',
code=FORM_ERROR_CODE_MAP[2])
if customer_in_university is None or customer_in_university.count(
) > 1:
raise forms.ValidationError(
'Update CustomerUPG Exception: should be unique!' +
str(customer_in_university),
code=FORM_ERROR_CODE_MAP[1])
elif customer_in_university.count() == 1:
customer_upg = customer_in_university[0]
customer_upg.permission_group = permission_group
customer_upg.grant_level = grant_level or permission_group.user_level
customer_upg.is_approved = is_approved
customer_upg.admin_comment = admin_comment
customer_upg.save()
return customer_upg
def validate_permission(self):
cached_data = get_cached_user(self.cleaned_data.get('token'))
university = get_object_or_404(University,
slug_name=self.cleaned_data.get('slug'))
if check_request_user_role(cached_data, ['president', 'admin']) and cached_data['university_id'] == \
university.pk:
return True
raise forms.ValidationError('User has no permission !',
code=FORM_ERROR_CODE_MAP[4])
def set_password(self):
old_password = self.cleaned_data.get('old_password')
cached_data = get_cached_user(self.cleaned_data.get('token'))
if not cached_data:
raise forms.ValidationError(
'Unauthorized User ! User may already logout, no token found !'
)
user = UserChangePasswordForm.get_user(cached_data)
password = self.clean_password2()
if UserChangePasswordForm.authenticate(user,
old_password) and password:
user.set_password(password)
user.save()
return user
return None
def create_customer_upg(self):
cached_data = get_cached_user(self.cleaned_data.get('token'))
customer = self.get_customer(cached_data)
university = get_object_or_404(
University, slug_name=self.cleaned_data.get('university_slug'))
if self.validate_existing(customer, university):
raise forms.ValidationError('Already exist !',
code=FORM_ERROR_CODE_MAP[1])
customer_comment = self.cleaned_data.get('customer_comment')
feature = self.cleaned_data.get('apply_from_feature')
apply_level = self.cleaned_data.get('apply_level') or 0
customer_upg = CustomerUPG(customer=customer,
university=university,
customer_comment=customer_comment,
apply_from_feature=feature,
apply_level=apply_level)
customer_upg.save()
return customer_upg
def get_customer_upg_by_university(request):
if request.method == 'GET':
response_data = list()
token = request.GET['token']
university = get_object_or_404(
University, slug_name=request.GET['university_slug']) or None
cached_data = get_cached_user(token)
if not check_request_user_role(cached_data, ['admin', 'president', ]) or int(cached_data['university_id']) != \
university.pk:
return Response(data=response_message(code=401),
status=status.HTTP_401_UNAUTHORIZED)
if not university:
return Response(data=response_message(message='Invalid parameter'),
status=status.HTTP_400_BAD_REQUEST)
university_upg = CustomerUPG.customer_upg.get_org_deserved_customer_upg(
university)
for upg in university_upg:
response_data.append(model_to_dict(upg))
return Response(data={'result': response_data},
status=status.HTTP_200_OK)
return Response(data=response_message(code=405),
status=status.HTTP_405_METHOD_NOT_ALLOWED)