def put(self, request, pk, access_level, format=None):
"""
This method allows individual notes to be updated.
interact via: http PUT <host>/gsndb/<accessLevel>/note/<note_id> {"text": "My note text here."}
Note: the CamelCaseJSONParser that our backend defaults to automatically
turns camelCase requests generated on the front end into snake_case in
the back end.
"""
user = FilterSecurity(request)
current_note = Note.objects.get(pk=pk)
accessible_notes = Note.objects.filter(user_id=user.get_user().id)
if current_note not in accessible_notes:
return Response(
{"Sorry": "this user does not have access to do that."})
else:
note_text = request.data["text"]
note_data = {
"user": user.get_user().id,
"created": timezone.now(),
"text": note_text,
"content_type": ContentType.objects.get(model="note").id,
"object_id": pk
}
serializer = NoteSerializer(current_note, data=note_data)
if serializer.is_valid():
serializer.save()
return HttpResponseRedirect(
f"/gsndb/{access_level}/note/{pk}/")
#return HttpResponseRedirect(redirect_to = f"/{accessLevel}/gsndb/district/{pk}")
else:
return Response({
"Sorry": "data parsed isn't valid for serializer",
"serializer errors": serializer.errors
})
def post_note(request, Model, pk, access_level):
"""
This method allows notes to be posted to any object referenced in this
function's dictionary: access_dict. It should only be called in the POST
methods of views displaying these models.
The body of the post request this method handles should be in JSON format:
{"text": "note text here"}
"""
user = FilterSecurity(request)
access_dict = {
"Program":
user.get_accessible_programs(),
"District":
user.get_accessible_districts(),
"School":
user.get_accessible_schools(),
"Course":
user.get_accessible_courses(),
"Student":
user.get_accessible_students(),
"Referral":
Referral.objects.filter(user_id=user.get_user()),
"Calendar":
Calendar.objects.filter(
Q(pk__in=Grade.objects.filter(
student_id__in=user.get_accessible_students().values(
"id")).values("calendar"))
| Q(pk__in=Attendance.objects.filter(
student_id__in=user.get_accessible_students().values(
"id")).values("calendar"))
| Q(pk__in=Behavior.objects.filter(
student_id__in=user.get_accessible_students().values(
"id")).values("calendar"))),
"Behavior":
Behavior.objects.filter(
student_id__in=user.get_accessible_students().values("id")),
"Grade":
Grade.objects.filter(
student_id__in=user.get_accessible_students().values("id")),
"Attendance":
Attendance.objects.filter(
student_id__in=user.get_accessible_students().values("id")),
"Bookmark":
Bookmark.objects.filter(user_id=user.get_user()),
}
ModelInstance = Model.objects.get(pk=pk)
model_name = ModelInstance.__class__.__name__
accessible_instances = access_dict[model_name]
if ModelInstance not in accessible_instances:
return Response(
{"Sorry": "this user does not have access to do that."})
else:
note_text = request.data["text"]
note_data = {
"user": user.get_user().id,
"created": timezone.now(),
"text": note_text,
"content_type":
ContentType.objects.get(model=model_name.lower()).id,
"object_id": pk
}
serializer = NoteSerializer(data=note_data)
if serializer.is_valid():
serializer.save()
if Model in [Program, District, School, Course, Student]:
return HttpResponseRedirect(
f"/gsndb/{access_level}/{model_name.lower()}/{pk}/")
else:
return HttpResponseRedirect(
f"/gsndb/{access_level}/note/{model_name.lower()}/{pk}/")
else:
return Response({
"Sorry":
"The serializer denied saving this note.",
"The serializer raised the following errors":
serializer.errors
})