def patch(self, request, pk, format=None):
user = User.objects.get(pk=pk)
serializer = UserSerializer(user, data=request.data, partial=True)
if serializer.is_valid():
serializer.save()
return Response(serializer.data)
return Response(serializer.errors)
def create_user(request):
serialized = UserSerializer(data=request.data)
if serialized.is_valid():
serialized.save()
return Response(serialized.data, status=status.HTTP_201_CREATED)
else:
return Response(serialized._errors, status=status.HTTP_400_BAD_REQUEST)
def create(self, request, *args, **kwargs):
if 'password' not in request.data:
raise ValidationError('password required')
if 'role' not in request.data or request.data['role'] not in [ROLE_REFUGEE, ROLE_MENTOR]:
raise ValidationError('Invalid role')
s = UserSerializer(data=request.data)
s.is_valid(raise_exception=True)
instance = s.create(s.validated_data)
return Response(data=UserSerializer(instance).data, status=201)
def post(self, request, format=None):
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
try:
user = User.objects.filter(username=serializer.data['username'])
except User.DoesNotExist:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
if user[0].password == serializer.data['password']:
return Response(serializer.data, status=status.HTTP_200_OK)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def test_users_get_filter_posts_number(self):
response = self.client.get('/posts/users/?posts_number=3', follow=True)
self.assertEquals({user['username']
for user in response.json()}, {'janedoe'})
self.assertJSONEqual(response.content,
[UserSerializer(self.jane).data])
class AdminPostSerializer(HyperlinkedModelSerializer):
parent_lookup_kwargs = {
'user_pk': 'user__pk',
}
user = UserSerializer(read_only=True)
comments = PostCommentSerializer(many=True, read_only=True)
images = PostImageSerializer(many=True, read_only=True)
class Meta:
model = Post
fields = (
'url',
'id',
'user',
'title',
'description',
'short_description',
'approved',
'likes',
'dislikes',
'datetime_created',
'datetime_modified',
'comments',
'images',
)
read_only_fields = (
'likes',
'dislikes',
)
depth = 1
def get(self, request, format=None):
user = User.objects.all().order_by('id')
paginator = Paginator(user, 2)
page = request.GET.get('page')
try:
user = paginator.page(page)
except PageNotAnInteger:
user = paginator.page(1)
except EmptyPage:
user = paginator.page(paginator.num_pages)
serializer = UserSerializer(user, many=True)
return Response(serializer.data)
class PostCommentSerializer(NestedHyperlinkedModelSerializer):
parent_lookup_kwargs = {
'post_pk': 'post__pk',
}
user = UserSerializer(read_only=True)
class Meta:
model = Comment
fields = (
'url',
'id',
'post',
'user',
'comment',
'short_comment',
'datetime_created',
'datetime_modified',
)
read_only_fields = (
'post',
)
class BrewserTests(APITestCase):
digijanPicture = UserSerializer().gravatar_url(email='*****@*****.**')
anajanPicture = UserSerializer().gravatar_url(email='*****@*****.**')
def setUp(self):
Brewser.objects.create(username='******',
email='*****@*****.**',
picture=self.digijanPicture,
password='******')
# C
def test_post_brewser(self):
"""
POST to /users/ creates a new Brewser.
"""
url = '/users/'
data = {
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
response = self.client.post(url, data)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertEqual(
response.data, {
'id': 2,
'username': '******',
'picture': self.anajanPicture,
'posts': [],
'channels': []
})
# R
def test_get_brewser(self):
"""
GET to /users/:id retrieves Brewser matching :id
"""
url = '/users/1'
response = self.client.get(url)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data, {
'id': 1,
'username': '******',
'picture': self.digijanPicture,
'posts': [],
'channels': []
})
def test_get_brewsers(self):
"""
GET to /users/ retrieves all Brewsers
"""
url = '/users/'
response = self.client.get(url)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data, [{
'id': 1,
'username': '******',
'picture': self.digijanPicture,
'posts': [],
'channels': []
}])
# D
def test_delete_own_brewser(self):
"""
DELETE to /users/:id with authenticated Brewser matching :id deletes Brewser matching :id
"""
#Bypass JWT process
self.client.force_authenticate(user=Brewser.objects.get(
username='******'))
url = '/users/1'
response = self.client.delete(url)
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(response.data, None)
self.assertEqual(Brewser.objects.count(), 0)
# D
def test_delete_other_brewser(self):
"""
DELETE to /users/:id with authenticated Brewser not matching :id does not delete Brewser
"""
user = Brewser.objects.create(username='******',
email='*****@*****.**',
password='******')
#Bypass JWT process
self.client.force_authenticate(user=user)
url = '/users/1'
response = self.client.delete(url)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(Brewser.objects.count(), 2)
# U
def test_patch_own_brewser(self):
"""
PATCH to /users/:id with authenticated Brewser matching :id updates Brewser matching :id
"""
#Bypass JWT process
self.client.force_authenticate(user=Brewser.objects.get(
username='******'))
url = '/users/1'
response = self.client.patch(url, {'channels': [{'tag': 'testCase'}]})
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data, {
'id': 1,
'username': '******',
'picture': self.digijanPicture,
'posts': [],
'channels': [{
'tag': 'testcase',
'posts': []
}]
})
# U
def test_patch_other_brewser(self):
"""
PATCH to /users/:id with authenticated Brewser not matching :id does not update Brewser matching :id
"""
user = Brewser.objects.create(username='******',
email='*****@*****.**',
password='******')
#Bypass JWT process
self.client.force_authenticate(user=user)
url = '/users/1'
response = self.client.patch(url, {'email': '*****@*****.**'})
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(Brewser.objects.get(id=1).email, '*****@*****.**')
def get(self, request, pk, format=None):
user = User.objects.get(pk=pk)
serializer = UserSerializer(user)
return Response(serializer.data)
def post(self, request, format=None):
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response("Created Successfully")
return Response(serializer.errors)
def post(self, request, format=None):
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def get_current_user(request):
serializer = UserSerializer(request.user, context={'request': request})
return Response({'username': serializer.data['username']})