def get(self, req):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User NOT logged in!'
}),
content_type="application/json",
))
token = req.headers['authorization']
lst_token = token.split(';;')
tokens = UserLogged.objects.filter(token=lst_token[0])
for tkn in tokens:
if tkn:
tkn.delete()
return add_access_headers(
HttpResponse(
json.dumps({'status': 'ok'}),
content_type="application/json",
))
def post(self, req, id):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User NOT logged in!'
}),
content_type="application/json",
))
resp = {'status': 'err'}
data = req.data.copy()
data['img_url'] = data['imgUrl']
item = Item.objects.get(pk=id)
serializer = ItemSerializer(item, data=data)
if serializer.is_valid():
serializer.save()
resp['status'] = 'ok'
resp['id'] = serializer.data['id']
return add_access_headers(
HttpResponse(
json.dumps(resp),
content_type="application/json",
))
def get(self, req):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User NOT logged in!'
}),
content_type="application/json",
))
users = User.objects.all()
resp = {'status': 'ok', 'users': []}
for usr in users:
resp['users'].append({
'id': usr.id,
'name': usr.name,
'email': usr.email,
'password': usr.password,
'role': usr.role,
'token': usr.token,
})
return add_access_headers(
HttpResponse(
json.dumps(resp),
content_type="application/json",
))
def get(self, req, id):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'User NOT logged in!'}),
content_type="application/json",
))
container = None
try:
container = Container.objects.get(pk=id)
if container.creator.id != owner_id:
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'Container... CANNOT be deleted!'}),
content_type="application/json",
))
container.delete()
except:
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'Not sufficient rights for this operation!'}),
content_type="application/json",
))
return add_access_headers(HttpResponse(
json.dumps({'status': 'ok', 'id': id}),
content_type="application/json",
))
def get(self, req):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User NOT logged in!'
}),
content_type="application/json",
))
data = req.data.copy()
paste_items = data['itemIds']
for itemId in paste_items:
item = Item.objects.get(pk=itemId)
item_data = {
'description': item.description,
'img_url': item.img_url,
'container_id': itemId
}
serializer = ItemSerializer(item, data=item_data)
if serializer.is_valid():
serializer.save()
return add_access_headers(
HttpResponse(
json.dumps({'status': 'ok'}),
content_type="application/json",
))
def post(self, req):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'User NOT logged in!'}),
content_type="application/json",
))
resp = {'status': 'err'}
data = req.data.copy()
data['img_link'] = data['imgLink']
serializer = ContainerSerializer(data=data)
if serializer.is_valid():
serializer.save()
resp['status'] = 'ok'
resp['contId'] = serializer.data['id']
resp['coords'] = data['coords']
item = ItemSerializer(data={
'container': serializer.data['id'],
'description': serializer.data['description'],
'img_url': serializer.data['url']
})
if item.is_valid():
item.save()
return add_access_headers(HttpResponse(
json.dumps(resp),
content_type="application/json",
))
def get(self, req, id):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User NOT logged in!'
}),
content_type="application/json",
))
if owner_id != id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User CANNOT be deleted!'
}),
content_type="application/json",
))
user = None
try:
user = User.objects.get(pk=id)
except:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User... CANNOT be deleted!'
}),
content_type="application/json",
))
if user.role != 'admin':
return add_access_headers(
HttpResponse(
json.dumps({
'status':
'err',
'msg':
'Not sufficient rights for this operation!'
}),
content_type="application/json",
))
user.delete()
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'ok',
'userId': id
}),
content_type="application/json",
))
def post(self, req, id):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User NOT logged in!'
}),
content_type="application/json",
))
user = None
try:
user = User.objects.get(pk=id)
except:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User CANNOT be updated!'
}),
content_type="application/json",
))
if user.role != 'admin':
return add_access_headers(
HttpResponse(
json.dumps({
'status':
'err',
'msg':
'Not sufficient rights for this operation!'
}),
content_type="application/json",
))
data = req.data.copy()
data['password'] = user.password
serializer = UserSerializer(user, data=data)
if not serializer.is_valid():
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User CANNOT be updated!'
}),
content_type="application/json",
))
serializer.save()
return add_access_headers(
HttpResponse(
json.dumps({'status': 'ok'}),
content_type="application/json",
))
def post(self, req):
users = User.objects.filter(email=req.data['email'])
log_user = None
for user in users:
log_user = user
break
if not log_user:
return add_access_headers(
HttpResponse(
json.dumps({'status': ''}),
content_type="application/json",
))
if log_user:
req_pwd = req.data['password']
if not (bcrypt.checkpw(req_pwd.encode(),
log_user.password.encode())):
return add_access_headers(
HttpResponse(
json.dumps({'status': ''}),
content_type="application/json",
))
sha = sha1(secrets.token_bytes(4))
serializer_logged = UserLoggedSerializer(
data={
'created_at': int(time.time()),
'owner': log_user.id,
'token': sha.hexdigest()
})
if not serializer_logged.is_valid():
return add_access_headers(
HttpResponse(
json.dumps({'status': ''}),
content_type="application/json",
))
serializer_logged.save()
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'ok',
'usrId': log_user.id,
'token': log_user.token,
'user': {
'id': log_user.id,
'name': log_user.name,
'email': log_user.email,
'role': log_user.role,
}
}),
content_type="application/json",
))
def post(self, req):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'User NOT logged in!'}),
content_type="application/json",
))
containers = Container.objects.filter(location_id=req.data['location'])
location_items = []
for cont in containers:
itms = Item.objects.filter(container_id=cont.id)
for itm in itms:
location_items.append(itm)
searchTerm = req.query_params['searchTerm']
searchTerm = searchTerm.lower()
found_containers = {}
for item in location_items:
descr = item.description
descr = descr.lower()
if descr.find(searchTerm) != -1:
container = Container.objects.get(pk=item.container.id)
found_containers[container.id] = container
resp_arr = []
for f_cont_key in found_containers:
found = found_containers[f_cont_key]
resp_arr.append({
'id': found.id,
'description': found.description,
'vertical': found.vertical,
'items': found.items,
'privacy': found.privacy,
'getImgLink': found.url,
'url': found.url,
'coords': found.coords,
'creator': found.creator.id,
'location': found.location.id,
})
resp = {'status': 'ok', 'containers': resp_arr}
return add_access_headers(HttpResponse(
json.dumps(resp),
content_type="application/json",
))
def get(self, req, contId):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User NOT logged in!'
}),
content_type="application/json",
))
matched = []
non_matched = []
items = Item.objects.filter(container_id=contId)
searchTerm = req.query_params['searchTerm']
for item in items:
descr = item.description
descr = descr.lower()
if descr.find(searchTerm) != -1:
matched.append({
'id': item.id,
'description': item.description,
'imgUrl': item.img_url,
'contId': contId,
})
else:
non_matched.append({
'id': item.id,
'description': item.description,
'imgUrl': item.img_url,
'contId': contId,
})
joined_items = matched + non_matched
resp = {'status': 'ok', 'contId': contId, 'items': joined_items}
return add_access_headers(
HttpResponse(
json.dumps(resp),
content_type="application/json",
))
def post(self, req):
data = req.data.copy()
if 'password' in data:
bytes = bcrypt.hashpw(data['password'].encode(), bcrypt.gensalt())
data['password'] = bytes.decode()
serializer = UserSerializer(data=data)
if serializer.is_valid():
serializer.save()
return add_access_headers(
HttpResponse(
json.dumps({'status': 'ok'}),
content_type="application/json",
))
else:
return add_access_headers(
HttpResponse(
json.dumps({'status': 'not_ok'}),
content_type="application/json",
))
def post(self, req, id):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(
HttpResponse(
json.dumps({
'status': 'err',
'msg': 'User NOT logged in!'
}),
content_type="application/json",
))
data = req.data.copy()
data['img_url'] = data['imgUrl']
if id and id > 0:
data['id'] = id
loc = Location.objects.get(pk=id)
serializer = LocationSerializer(loc, data=data)
else:
data['id'] = 0
serializer = LocationSerializer(data=data)
if serializer.is_valid():
serializer.save()
resp = {
'status': 'ok',
'cont': serializer.data,
'locId': serializer.data['id'],
'usrId': serializer.data['creator'],
'contCreator': serializer.data['creator'],
'creator': serializer.data['creator'],
}
return add_access_headers(
HttpResponse(
json.dumps(resp),
content_type="application/json",
))
def post(self, req, id):
owner_id = checkCredentials(req)
if not owner_id:
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'User NOT logged in!'}),
content_type="application/json",
))
container = None
try:
container = Container.objects.get(pk=id)
except:
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'Container CANNOT be updated!'}),
content_type="application/json",
))
if container.creator.id != owner_id:
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'Not sufficient rights for this operation!'}),
content_type="application/json",
))
data = req.data.copy()
data['img_link'] = data['url']
serializer = ContainerSerializer(container, data=data)
if not serializer.is_valid():
return add_access_headers(HttpResponse(
json.dumps({'status': 'err', 'msg': 'Container CANNOT be updated!'}),
content_type="application/json",
))
serializer.save()
return add_access_headers(HttpResponse(
json.dumps({'status': 'ok', 'container': id}),
content_type="application/json",
))
def get(self, req):
locations = Location.objects.all()
resp = []
for loc in locations:
resp.append({
'id': loc.id,
'creator': loc.creator.id,
'imgUrl': loc.img_url,
'location': loc.location,
'privacy': loc.privacy,
})
return add_access_headers(
HttpResponse(
json.dumps(resp),
content_type="application/json",
))
def get(self, req):
containers = Container.objects.all()
resp = {'status': 'ok', 'containers': []}
for cont in containers:
resp['containers'].append({
'id': cont.id,
'description': cont.description,
'vertical': cont.vertical,
'items': cont.items,
'privacy': cont.privacy,
'getImgLink': cont.url,
'url': cont.url,
'coords': cont.coords,
'creator': cont.creator.id,
'location': cont.location.id,
})
return add_access_headers(HttpResponse(
json.dumps(resp),
content_type="application/json",
))
