def api_create_users_view(request): user = User() if request.method == "POST": serializer = UserSerializer(data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data, status=status.HTTP_201_CREATED) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def ta_list(request, **kwargs): try: course = Course.objects.get(pk=kwargs.get('course_id')) except Course.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) user = request.user if request.method == 'GET': # Determine if request was made by a student or an instructor student = Student.objects.filter(user=user).first() instructor = Instructor.objects.filter(user=user).first() # Request by student # Student can't access TA list if student: return Response( {'message': "Error: you do not have access to this resource"}, status=status.HTTP_403_FORBIDDEN) # Course Instructors and superusers can access TA of a course elif instructor: if instructor != course.instructor: return Response( { 'message': "Error: you do not have access to this resource" }, status=status.HTTP_403_FORBIDDEN) else: if not user.is_superuser: return Response( { 'message': "Error: you do not have access to this resource" }, status=status.HTTP_403_FORBIDDEN) ta = AssistsIn.objects.filter(course=course).values('student') users = User.objects.filter(id__in=ta) serializer = UserSerializer(users, many=True) return Response(serializer.data) if request.method == 'POST': if not user.is_superuser: return Response( {'message': "Error: you do not have access to this resource"}, status=status.HTTP_403_FORBIDDEN) request.data['course'] = kwargs.get('course_id') serializer = AssistsInSerializer(data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data, status=status.HTTP_201_CREATED) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def update(self, request, pk): self.check_permissions(request) user = get_object_or_404(User, pk=pk) self.check_object_permissions(request, user) serializer = UserSerializer(instance=user, data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data, status=status.HTTP_200_OK) else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def api_update_users_view(request, id): try: user = User.objects.get(pk=id) except User.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) if request.method == "PUT": serializer = UserSerializer(user, data=request.data) data = {} if serializer.is_valid(): serializer.save() data = serializer.data data["message"] = "User updated successfully." return Response(data=data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def create(self, request): serializer = UserSerializer(data=request.data) if serializer.is_valid(): user = serializer.save() login(request, user) return Response(serializer.data, status=status.HTTP_201_CREATED) else: return Response(serializer.data, status=status.HTTP_400_BAD_REQUEST)
def create(self, request): self.check_permissions(request) serializer = UserSerializer(data=request.data) if serializer.is_valid(): new_user = serializer.save() return Response(serializer.data, status=status.HTTP_201_CREATED) else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def partial_update(self, request, *args, **kwargs): queryset = PasswordReset.objects.all() email_object = get_object_or_404(queryset, token=request.data['token']) if datetime.now().date() - email_object.created_at.date() < timedelta(hours=2): email_object = PasswordResetSerializer(email_object) user = User.objects.get(email=email_object.data['email']) new_data = { "password": request.data['password'] } user = UserSerializer(user, data=new_data, partial=True) if user.is_valid(): user.save() PasswordReset.objects.filter(token=request.data['token']).delete() return Response(user.data, status=201) else: return Response(user.errors, status=403) return Response(status=200) else: return Response(status=403)
def registration_view(request): serializer = UserSerializer(data=request.data) response = {} if serializer.is_valid(): account = serializer.save() # token = Token.objects.create(user=account) response['status'] = 'success' response['message'] = 'account registered successfully' # response['token'] = token.key else: data = serializer.errors return Response(response)
def post(self, request): data = request.data user_serializer = UserSerializer(data=request.data, context={'request': request}) if user_serializer.is_valid(raise_exception=True): user = user_serializer.save() return Response(data, status=status.HTTP_200_OK) else: return Response( { 'status': False, 'message': msgs.INVALID_EMAIL_OR_PASSWORD }, status=status.HTTP_400_BAD_REQUEST)