def create(self, validated_data):
if validated_data.get('gallery'):
gallery = validated_data.pop('gallery')
else:
gallery = []
if len(Company.objects.filter(name=validated_data['name'])) > 0:
raise CustomException(
detail=ugettext('Company with this name exists.'))
try:
validated_data['city'] = City.objects.get(
city_slug=validated_data['city']['city_slug'])
except City.DoesNotExist as e:
raise CustomException(
detail=ugettext('City with this name does not exist.'))
try:
validated_data['industry'] = Industry.objects.get(
industry_slug=validated_data['industry']['industry_slug'])
except Industry.DoesNotExist as e:
raise CustomException(
detail=ugettext('Industry with this slug does not exist.'))
validated_data['user'] = self.context['request'].user
if validated_data.get('site'):
validated_data['site'] = self.validate_site(validated_data['site'])
validated_data['logo'] = self.validate_logo(validated_data['logo'])
validated_data['approved'] = False
validated_data['user_generated'] = True
company = Company(**validated_data)
company.save()
for item in gallery:
item['company'] = company
gallery_item = Gallery(**item)
gallery_item.save()
cache.delete(settings.COMPANY_NAME_LIST)
return company
def post(self, request):
try:
serialize_data = self.get_serializer(data=request.data)
if serialize_data.is_valid(raise_exception=True):
if serialize_data.data['key'] == settings.BOT_APPROVE_KEY:
if serialize_data.data['type'] == 'review':
review = CompanyReview.objects.get(
id=serialize_data.data['id'])
elif serialize_data.data['type'] == 'interview':
review = Interview.objects.get(
id=serialize_data.data['id'])
else:
raise CustomException(
detail='Instance does not Found.', code=404)
review.approved = True
review.save()
cache.delete(settings.LAST_REVIEWS)
cache.delete(settings.LAST_INTERVIEWS)
if serialize_data.data['type'] == 'review':
review_link = '{}/review/{}'.format(
settings.WEB_BASE_PATH, review.id)
utilities.telegram_notify_channel(
'تجربه کاری {} در {}, را در جابگای بخوانید. \n {} \n {} \n {}'
.format(review.title, review.company.name,
review_link,
'#' + review.company.city.city_slug,
'#review'))
review.company.handle_company_review_statics()
elif serialize_data.data['type'] == 'interview':
review_link = '{}/interview/{}'.format(
settings.WEB_BASE_PATH, review.id)
utilities.telegram_notify_channel(
'تجربه مصاحبه {} در {}, را در جابگای بخوانید. \n {} \n {} \n {}'
.format(review.title, review.company.name,
review_link,
'#' + review.company.city.city_slug,
'#interview'))
review.company.handle_company_interview_statics()
return responses.SuccessResponse().send()
else:
raise CustomException(detail='Instance does not Found.',
code=404)
except CustomException as e:
return responses.ErrorResponse(message=e.detail,
status=e.status_code).send()
except self.model.DoesNotExist as e:
return responses.ErrorResponse(message='Instance does not Found.',
status=404).send()
def check_delete_permission(request, instance):
if request.user.is_superuser:
return True
if isinstance(instance, Geo) and instance.user == request.user:
return True
else:
raise CustomException(detail=_('No Permission to delete'), code=403)
def check_has_time_update_permission(instance):
if instance.created + timedelta(
seconds=settings.UPDATE_PERMISSION_DELTA) > datetime.now():
return True
else:
raise CustomException(
detail=_('No Permission to update, time expired'), code=403)
def check_perm_owner_update(request, instance):
if request.user.is_superuser:
return True
if isinstance(instance, Company) and instance.user == request.user:
return True
elif isinstance(instance, Question) and instance.creator == request.user:
return True
elif isinstance(instance, Answer) and instance.creator == request.user:
return True
elif isinstance(instance,
CompanyReview) and instance.creator == request.user:
check_has_time_update_permission(instance)
return True
elif isinstance(instance, Interview) and instance.creator == request.user:
check_has_time_update_permission(instance)
return True
elif isinstance(instance,
ReviewComment) and instance.creator == request.user:
check_has_time_update_permission(instance)
return True
elif isinstance(instance,
InterviewComment) and instance.creator == request.user:
check_has_time_update_permission(instance)
return True
else:
raise CustomException(detail=_('No Permission to update, not yours'),
code=403)
def check_send_email_permission(email):
email_count = cache.get('{}{}'.format(settings.EMAIL_SEND_COUNT, email), 0)
if email_count >= settings.MAX_EMAIL_SEND_COUNT:
raise CustomException(detail=_('Max email send reached'), code=403)
else:
cache.set('{}{}'.format(settings.EMAIL_SEND_COUNT, email),
email_count + 1,
timeout=settings.MAX_EMAIL_SEND_TIMEOUT)
def check_create_interview_comment_permission(user, interview):
if user.is_superuser:
return
comment_count = InterviewComment.objects.filter(
creator=user, interview=interview).count()
if comment_count >= 10:
raise CustomException(detail='More than 10 comment not allowed.',
code=403)
return
def check_create_question_permission(user, company):
last_question = Question.objects.filter(company=company,
creator=user).last()
if not last_question:
return
elif last_question.created + timedelta(days=5) < datetime.now():
return
else:
raise CustomException(detail='You question before', code=403)
def check_create_company_review_permission(user, company):
if user.is_superuser:
return
last_review = CompanyReview.objects.filter(company=company,
creator=user).last()
if not last_review:
return
elif last_review.created + timedelta(days=90) < datetime.now():
return
else:
raise CustomException(detail='You reviewed before', code=403)
def check_update_permission(instance, validated_data):
if isinstance(instance, CompanyReview):
if validated_data.get('title') and len(
instance.title
) * settings.UPDATE_LENGTH_PERCENT_PERMISSION > len(
validated_data['title']):
raise CustomException(detail='No update permission.', code=403)
if validated_data.get('description') and len(
instance.description
) * settings.UPDATE_LENGTH_PERCENT_PERMISSION > len(
validated_data['description']):
raise CustomException(detail='No update permission.', code=403)
if isinstance(instance, Interview):
if validated_data.get('title') and len(
instance.title
) * settings.UPDATE_LENGTH_PERCENT_PERMISSION > len(
validated_data['title']):
raise CustomException(detail='No update permission.', code=403)
if validated_data.get('description') and len(
instance.description
) * settings.UPDATE_LENGTH_PERCENT_PERMISSION > len(
validated_data['description']):
raise CustomException(detail='No update permission.', code=403)
if isinstance(instance, InterviewComment):
if validated_data.get('body') and len(
instance.body
) * settings.UPDATE_LENGTH_PERCENT_PERMISSION > len(
validated_data['body']):
raise CustomException(detail='No update permission.', code=403)
if isinstance(instance, ReviewComment):
if validated_data.get('body') and len(
instance.body
) * settings.UPDATE_LENGTH_PERCENT_PERMISSION > len(
validated_data['body']):
raise CustomException(detail='No update permission.', code=403)
def check_delete_permission(request, instance):
if request.user.is_superuser:
return True
elif isinstance(instance, Question) and instance.creator == request.user:
return True
elif isinstance(instance, Answer) and instance.creator == request.user:
return True
elif isinstance(instance,
CompanyReview) and instance.creator == request.user:
return True
elif isinstance(instance, Interview) and instance.creator == request.user:
return True
elif isinstance(instance,
ReviewComment) and instance.creator == request.user:
return True
elif isinstance(instance,
InterviewComment) and instance.creator == request.user:
return True
else:
raise CustomException(detail=_('No Permission to delete'), code=403)
def post(self, request):
try:
serialize_data = self.get_serializer(data=request.data)
if serialize_data.is_valid(raise_exception=True):
if serialize_data.data["key"] == settings.BOT_APPROVE_KEY:
instance_map = {
"review": CompanyReview,
"interview": Interview,
"question": Question,
"answer": Answer,
"review_comment": ReviewComment,
"interview_comment": InterviewComment,
}
if serialize_data.data["type"] in instance_map.keys():
try:
instance = instance_map[serialize_data.data["type"]].objects.get(
id=serialize_data.data["id"]
)
except (
CompanyReview.DoesNotExist, Interview.DoesNotExist,
Question.DoesNotExist, Answer.DoesNotExist,
ReviewComment.DoesNotExist, InterviewComment.DoesNotExist
) as e:
raise CustomException(detail="Instance does not Found.",
code=404)
else:
raise CustomException(detail="Instance type does not exist.")
instance.approved = serialize_data.data["approved"]
instance.save()
if serialize_data.data["type"] in ["review", "interview"]:
cache.delete(settings.LAST_REVIEWS)
cache.delete(settings.LAST_INTERVIEWS)
if check_notify_to_telegram_channel(serialize_data.data):
if serialize_data.data["type"] == "review":
review_link = "{}/review/{}".format(settings.WEB_BASE_PATH, instance.id)
utilities.telegram_notify_channel(
"تجربه کاری {} در {}, را در جابگای بخوانید. \n {} \n {} \n {}".format(
instance.title, instance.company.name, review_link,
"#" + instance.company.city.city_slug, "#review"))
instance.company.handle_company_review_statics()
elif serialize_data.data["type"] == "interview":
review_link = "{}/interview/{}".format(settings.WEB_BASE_PATH, instance.id)
utilities.telegram_notify_channel(
"تجربه مصاحبه {} در {}, را در جابگای بخوانید. \n {} \n {} \n {}".format(
instance.title, instance.company.name, review_link,
"#"+instance.company.city.city_slug, "#interview"))
instance.company.handle_company_interview_statics()
if not instance.approved:
instance_type = serialize_data.data["type"]
fa_map = {
"review": "تجربه کاری",
"interview": "تجربه مصاحبه",
"question": "سوال",
"answer": "پاسخ",
"review_comment": "نظر",
"interview_comment": "نظر",
}
company = get_compnay(instance, instance_type)
send_notice_instance_rejected(
instance.creator, fa_map[instance_type], company
)
return responses.SuccessResponse().send()
else:
raise CustomException(detail="Instance does not Found.", code=404)
except CustomException as e:
return responses.ErrorResponse(message=e.detail, status=e.status_code).send()
def check_create_answer_permission(user, question):
answered = Answer.objects.filter(creator=user, question=question).last()
if not answered:
return
else:
raise CustomException(detail='You answered before', code=403)
def check_perm_company_owner_update(request, instance):
if request.user.is_superuser:
return True
if request.user == instance.company.user:
return True
raise CustomException(detail=_('No Permission to delete'), code=403)