Exemple #1
0
def api_create_users_view(request):

    user = User()

    if request.method == "POST":
        serializer = UserSerializer(data=request.data)
        if serializer.is_valid():
            serializer.save()
            return Response(serializer.data, status=status.HTTP_201_CREATED)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
Exemple #2
0
def ta_list(request, **kwargs):
    try:
        course = Course.objects.get(pk=kwargs.get('course_id'))
    except Course.DoesNotExist:
        return Response(status=status.HTTP_404_NOT_FOUND)

    user = request.user

    if request.method == 'GET':
        # Determine if request was made by a student or an instructor
        student = Student.objects.filter(user=user).first()
        instructor = Instructor.objects.filter(user=user).first()

        # Request by student
        # Student can't access TA list
        if student:
            return Response(
                {'message': "Error: you do not have access to this resource"},
                status=status.HTTP_403_FORBIDDEN)

        # Course Instructors and superusers can access TA of a course
        elif instructor:
            if instructor != course.instructor:
                return Response(
                    {
                        'message':
                        "Error: you do not have access to this resource"
                    },
                    status=status.HTTP_403_FORBIDDEN)
        else:
            if not user.is_superuser:
                return Response(
                    {
                        'message':
                        "Error: you do not have access to this resource"
                    },
                    status=status.HTTP_403_FORBIDDEN)

        ta = AssistsIn.objects.filter(course=course).values('student')
        users = User.objects.filter(id__in=ta)
        serializer = UserSerializer(users, many=True)
        return Response(serializer.data)

    if request.method == 'POST':
        if not user.is_superuser:
            return Response(
                {'message': "Error: you do not have access to this resource"},
                status=status.HTTP_403_FORBIDDEN)

        request.data['course'] = kwargs.get('course_id')
        serializer = AssistsInSerializer(data=request.data)
        if serializer.is_valid():
            serializer.save()
            return Response(serializer.data, status=status.HTTP_201_CREATED)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
Exemple #3
0
 def update(self, request, pk):
     self.check_permissions(request)
     user = get_object_or_404(User, pk=pk)
     self.check_object_permissions(request, user)
     serializer = UserSerializer(instance=user, data=request.data)
     if serializer.is_valid():
         serializer.save()
         return Response(serializer.data, status=status.HTTP_200_OK)
     else:
         return Response(serializer.errors,
                         status=status.HTTP_400_BAD_REQUEST)
Exemple #4
0
def api_update_users_view(request, id):
    try:
        user = User.objects.get(pk=id)
    except User.DoesNotExist:
        return Response(status=status.HTTP_404_NOT_FOUND)

    if request.method == "PUT":
        serializer = UserSerializer(user, data=request.data)
        data = {}
        if serializer.is_valid():
            serializer.save()
            data = serializer.data
            data["message"] = "User updated successfully."
            return Response(data=data)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
Exemple #5
0
 def create(self, request):
     serializer = UserSerializer(data=request.data)
     if serializer.is_valid():
         user = serializer.save()
         login(request, user)
         return Response(serializer.data, status=status.HTTP_201_CREATED)
     else:
         return Response(serializer.data, status=status.HTTP_400_BAD_REQUEST)
Exemple #6
0
 def create(self, request):
     self.check_permissions(request)
     serializer = UserSerializer(data=request.data)
     if serializer.is_valid():
         new_user = serializer.save()
         return Response(serializer.data, status=status.HTTP_201_CREATED)
     else:
         return Response(serializer.errors,
                         status=status.HTTP_400_BAD_REQUEST)
Exemple #7
0
 def partial_update(self, request, *args, **kwargs):
     queryset = PasswordReset.objects.all()
     email_object = get_object_or_404(queryset, token=request.data['token'])
     if datetime.now().date() - email_object.created_at.date() < timedelta(hours=2):
         email_object = PasswordResetSerializer(email_object)
         user = User.objects.get(email=email_object.data['email'])
         new_data = {
             "password": request.data['password']
         }
         user = UserSerializer(user, data=new_data, partial=True)
         if user.is_valid():
             user.save()
             PasswordReset.objects.filter(token=request.data['token']).delete()
             return Response(user.data, status=201)
         else:
             return Response(user.errors, status=403)
         return Response(status=200)
     else:
         return Response(status=403)
Exemple #8
0
def registration_view(request):
    serializer = UserSerializer(data=request.data)
    response = {}
    if serializer.is_valid():
        account = serializer.save()
        # token = Token.objects.create(user=account)
        response['status'] = 'success'
        response['message'] = 'account registered successfully'
        # response['token'] = token.key

    else:
        data = serializer.errors
    return Response(response)
 def post(self, request):
     data = request.data
     user_serializer = UserSerializer(data=request.data,
                                      context={'request': request})
     if user_serializer.is_valid(raise_exception=True):
         user = user_serializer.save()
         return Response(data, status=status.HTTP_200_OK)
     else:
         return Response(
             {
                 'status': False,
                 'message': msgs.INVALID_EMAIL_OR_PASSWORD
             },
             status=status.HTTP_400_BAD_REQUEST)