def delete(self, request, pk, format=None): if not is_admin_user(request): message = "You don't have specific permsission to access this request." return JsonResponse({"message": message}, status=status.HTTP_400_BAD_REQUEST) book = self.get_object(pk) book.delete() return Response(status=status.HTTP_204_NO_CONTENT)
def put(self, request, pk, format=None): if not is_admin_user(request): message = "You don't have specific permsission to access this request." return JsonResponse({"message": message}, status=status.HTTP_400_BAD_REQUEST) book = self.get_object(pk) serializer = BookSerializer(book, data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, format=None): if not is_admin_user(request): message = "You don't have specific permsission to access this request." return JsonResponse({"message": message}, status=status.HTTP_400_BAD_REQUEST) serializer = LibrarianSerializer(data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data, status=status.HTTP_201_CREATED) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)