def delete(self, request, pk, format=None):
if not is_admin_user(request):
message = "You don't have specific permsission to access this request."
return JsonResponse({"message": message},
status=status.HTTP_400_BAD_REQUEST)
book = self.get_object(pk)
book.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
def put(self, request, pk, format=None):
if not is_admin_user(request):
message = "You don't have specific permsission to access this request."
return JsonResponse({"message": message},
status=status.HTTP_400_BAD_REQUEST)
book = self.get_object(pk)
serializer = BookSerializer(book, data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, format=None):
if not is_admin_user(request):
message = "You don't have specific permsission to access this request."
return JsonResponse({"message": message},
status=status.HTTP_400_BAD_REQUEST)
serializer = LibrarianSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)