class JoinShiftAPIView(APIView): """Join Shift API View.""" serializer_class = ShiftSerializer schema = CustomAutoSchema( response_schema={"$ref": "#/components/schemas/Shift"}) permission_required = "orders.can_manage_shift_in_venue" permission_classes = [HasPermissionOnObject] def get_permission_object(self): """Get the object to check permissions for.""" obj = self.kwargs.get("shift") return obj.venue def patch(self, request, **kwargs): """ Join Shift as baker view. Permission required: orders.can_manage_shift_in_venue This adds the requesting User to the Shift assignees. """ shift = kwargs.get("shift") try: shift.assignees.add(request.user.id) shift.save() except ValueError: return Response(status=status.HTTP_403_FORBIDDEN) return Response(status=status.HTTP_200_OK, data=self.serializer_class(shift, many=False, context={ "request": request }).data)
class ProductSearchAPIView(APIView): """Product Search API View.""" serializer_class = ProductSerializer schema = CustomAutoSchema( manual_operations=[{ "name": "query", "in": "query", "required": True, "schema": { "type": "string" } }], response_schema={ "type": "array", "items": { "$ref": "#/components/schemas/Product" } }, ) permission_required = "orders.can_manage_shift_in_venue" permission_classes = [HasPermissionOnObject, IsOnBakersList] def get_shift(self): """Get Shift.""" return self.kwargs.get("shift") def get_permission_object(self): """Get the object to check permissions for.""" obj = self.kwargs.get("shift") return obj.venue def get(self, request, **kwargs): """ Product Search API View. Permission required: orders.can_manage_shift_in_venue and user must be in shift assignees API endpoint for searching products. A "query" GET parameter should be specified indicating the product or barcode search query. """ query = request.GET.get("query") if query is not None: string_query = services.query_product_name(query) barcode_query = services.query_product_barcode(query) all_query = set(string_query) all_query.update(barcode_query) all_query = list(all_query) else: all_query = [] return Response( status=status.HTTP_200_OK, data=self.serializer_class(all_query, many=True, context={ "request": request }).data, )
class ShiftScannerAPIView(APIView): """Shift Scanner API View.""" serializer_class = OrderSerializer schema = CustomAutoSchema( request_schema={ "type": "object", "properties": { "barcode": { "type": "string", "example": "string" } } }, response_schema={"$ref": "#/components/schemas/Order"}, ) permission_required = "orders.can_manage_shift_in_venue" permission_classes = [HasPermissionOnObject, IsOnBakersList] def get_shift(self): """Get Shift.""" return self.kwargs.get("shift") def get_permission_object(self): """Get the object to check permissions for.""" obj = self.kwargs.get("shift") return obj.venue def post(self, request, **kwargs): """ Shift Scanner API View. Permission required: orders.can_manage_shift_in_venue and user must be in shift assignees API endpoint for adding a scanned order to a Shift. A "barcode" POST parameter should be specified indicating the barcode of the product to add. """ shift = kwargs.get("shift") barcode = request.data.get("barcode", None) try: product = Product.objects.get(barcode=barcode, available=True, available_at=shift.venue) except Product.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) order = Order.objects.create(shift=shift, product=product, type=Order.TYPE_SCANNED, paid=True, ready=True) return Response(status=status.HTTP_200_OK, data=self.serializer_class(order, context={ "request": request }).data)
class OrderToggleReadyAPIView(APIView): """Order Toggle Ready API View.""" serializer_class = OrderSerializer schema = CustomAutoSchema( response_schema={"$ref": "#/components/schemas/Order"}) permission_required = "orders.can_manage_shift_in_venue" permission_classes = [HasPermissionOnObject, IsOnBakersList] def get_shift(self): """Get Shift.""" return self.kwargs.get("shift") def get_permission_object(self): """Get the object to check permissions for.""" obj = self.kwargs.get("shift") return obj.venue def patch(self, request, **kwargs): """ Order Toggle Ready API view. Permission required: orders.can_manage_shift_in_venue and user must be in shift assignees This toggles the ready option on an Order. Will return the Order object afterwards. If the Order does not exist within the Shift a 404 will be returned. """ shift = kwargs.get("shift") order = kwargs.get("order") if order in Order.objects.filter(shift=shift): order.ready = not order.ready order.save() return Response( status=status.HTTP_200_OK, data=OrderSerializer(order, many=False, context={ "request": request }).data, ) else: return Response(status=status.HTTP_404_NOT_FOUND)
class ShiftAddCapacityAPIView(APIView): """Shift Add Capacity API View.""" schema = CustomAutoSchema( request_schema={ "type": "object", "properties": { "capacity": { "type": "int", "example": "5" } } }) permission_required = "orders.can_manage_shift_in_venue" permission_classes = [HasPermissionOnObject, IsOnBakersList] def get_shift(self): """Get Shift.""" return self.kwargs.get("shift") def get_permission_object(self): """Get the object to check permissions for.""" obj = self.kwargs.get("shift") return obj.venue def patch(self, request, **kwargs): """ Shift Add Capacity API View. Permission required: orders.can_manage_shift_in_venue and user must be in shift assignees API endpoint for adding capacity to a Shift. Optionally a "capacity" PATCH parameter can be set indicating how many capacity should be added. """ shift = kwargs.get("shift") time_minutes = request.data.get("capacity", 5) increase_shift_capacity(shift, time_minutes) return Response(status=status.HTTP_200_OK, data=ShiftSerializer(shift, context={ "request": request }).data)
class PlayerTrackAddAPIView(APIView): """Player Track Add API View.""" schema = CustomAutoSchema( request_schema={ "type": "object", "properties": { "id": { "type": "string", "example": "string" } } }) permission_required = "thaliedje.can_request" permission_classes = [HasPermissionOnObject] def get_permission_object(self): """Get the object to check permissions for.""" return self.kwargs.get("player") def post(self, request, **kwargs): """ Add a Spotify Track to the queue. Permission required: thaliedje.can_request Use this endpoint to add a spotify track to the queue. """ player = kwargs.get("player") track_id = request.data.get("id", None) if track_id is not None: try: services.request_song(request.user, player, track_id) except spotipy.SpotifyException: return Response(status=status.HTTP_503_SERVICE_UNAVAILABLE) return Response(status=status.HTTP_200_OK) else: raise ValidationError("A track id is required.")
class CartOrderAPIView(APIView): """ Cart Order API View. Permission required: orders.can_order_in_venue Use this API endpoint to order a list of Products in one go. The list of Products should be set as an array of Product id's in the "cart" POST parameter. """ schema = CustomAutoSchema( request_schema={ "type": "object", "properties": { "cart": { "type": "array", "example": "[1,2,3]" } } }) permission_required = "orders.can_order_in_venue" permission_classes = [HasPermissionOnObject] def get_permission_object(self): """Get the object to check permissions for.""" obj = self.kwargs.get("shift") return obj.venue def _extract_cart(self): """ Extract the cart items from the POST data. :return: a Cart object with the cart items as specified in the cart in the POST data. Raises a ValidationError when there is not cart in the POST data. Raises a ParseError when the cart can not be parsed. """ cart_as_id_list = self.request.data.get("cart", None) if cart_as_id_list is None: raise ValidationError try: return Cart.from_list(cart_as_id_list) except ValueError: raise ParseError def post(self, request, **kwargs): """ Create multiple Orders in one go. Permission required: orders.can_order_in_venue API endpoint for creating multiple orders in one go (handling of a cart). A "cart" POST parameter must be specified including the ID's of the Products the user wants to order. """ shift = self.kwargs.get("shift") try: cart = self._extract_cart() except ValueError: return Response(status=status.HTTP_400_BAD_REQUEST) try: place_orders(cart.get_item_list(), request.user, shift) except OrderException as e: raise ValidationError(e.__str__()) return Response(status=status.HTTP_200_OK)
class PlayerTrackSearchAPIView(APIView): """Player Track Search API View.""" schema = CustomAutoSchema( manual_operations=[ { "name": "query", "in": "query", "required": True, "schema": { "type": "string" } }, { "name": "id", "in": "query", "required": False, "schema": { "type": "string" } }, { "name": "maximum", "in": "query", "required": False, "schema": { "type": "int" } }, ], response_schema={ "type": "object", "properties": { "query": { "type": "string", "example": "string" }, "id": { "type": "int", "example": "123" }, "results": { "type": "array", "items": { "type": "object", "properties": { "name": { "type": "string", "example": "string" }, "artists": { "type": "array", "items": { "type": "string", "example": "string" } }, "id": { "type": "string", "example": "string" }, }, }, }, }, }, ) permission_required = "thaliedje.can_request" permission_classes = [HasPermissionOnObject] def get_permission_object(self): """Get the object to check permissions for.""" return self.kwargs.get("player") def get(self, request, **kwargs): """ Search for a Spotify track. Permission required: thaliedje.can_request Use this endpoint to search for a Spotify Track. Tracks can be searched via their Spotify id. """ player = kwargs.get("player") query = request.GET.get("query", "") request_id = request.GET.get("id", None) try: maximum = int(request.GET.get("maximum", 5)) except ValueError: maximum = 5 if query != "": results = services.search_tracks(query, player, maximum) else: results = [] return Response(status=status.HTTP_200_OK, data={ "query": query, "id": request_id, "results": results })