def user_list(request, format=None): if User.userAuth(request, tokkening=True) == False: print u"Access denied" return render_to_response('denied.html', context_instance=RequestContext(request)) if request.method == 'GET': users = User.objects.all() serializer = UserSerializer(users, many=True) return Response(serializer.data) elif request.method == 'POST': serializer = UserSerializer(data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data, status=status.HTTP_201_CREATED) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def user_detail(request, pk, format=None): if User.userAuth(request, tokkening=True) == False: print u"Access denied" return Response(status=status.HTTP_403_FORBIDDEN) try: user = User.objects.get(id=pk) except User.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) if request.method == 'GET': serializer = UserSerializer(user) return Response(serializer.data) elif request.method == 'PUT': serializer = UserSerializer(user, data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) elif request.method == 'DELETE': user.delete() return Response(status=status.HTTP_204_NO_CONTENT)