def add_todo(request):
data = request.POST
todo = Todo()
todo.title = data.get('title', '')
todo.deadline = data.get('deadline', '')
todo.save()
return JsonResponse(todo.to_json(), status=201)
def create_update(request):
title = request.POST.get('title')
if not title:
return redirect(reverse('web:index'))
# get priority if supplied
if title.strip().endswith('!'):
priority = Todo.HIGH
title = title.strip()[:-1].strip()
else:
priority = Todo.LOW
# get date if defined
if '^' in title:
date = title.split('^')[1].split()[0]
title = title.split('^')[0].strip()
# parse date to datetime object
date = timezone.datetime.strptime(date, '%m/%d/%Y')
else:
date = None
todo_id = request.POST.get('todo_id')
if todo_id:
todo = get_object_or_404(Todo, id=todo_id)
else:
todo = Todo()
todo.owner = request.user
todo.completed = False
todo.title = title
todo.priority = priority
todo.due_date = date
todo.save()
return redirect(reverse('web:index'))
def TodoView(request, todo_id=None):
if request.method == 'GET' and request.resolver_match.url_name == 'todos':
todos = Todo.objects.filter(user=request.user).order_by('-updated_at')
todo_serializer = TodoListSerializer(todos, many=True)
return Response(todo_serializer.data, status=200)
if request.method == 'GET' and request.resolver_match.url_name == 'shared_todos':
todos = Todo.objects.filter(assigned_users=request.user)
todo_serializer = TodoListSerializer(todos, many=True)
return Response(todo_serializer.data, status=200)
if request.method == 'GET' and request.resolver_match.url_name == 'todo':
if not todo_id:
return Response({'error': 'Todo id is missing'}, status=400)
try:
todo = Todo.objects.get(id=todo_id)
except Todo.DoesNotExist:
return Response({'error': 'Not Found Todo'}, status=404)
if todo.user != request.user and not todo.assigned_users.filter(
username=request.user.username).exists():
return Response({'error': 'Permission Denied'}, status=403)
todo_serializer = TodoSerializer(todo, many=False)
return Response(todo_serializer.data, status=200)
if request.method == 'PUT' and request.resolver_match.url_name == 'todos':
_id = request.data.get('id', None)
title = request.data.get('title', None)
status = request.data.get('status', False)
content = request.data.get('content', '')
if not title:
return Response({'error': 'Title is missing'}, status=400)
if _id: # For Update
try:
todo = Todo.objects.get(id=_id)
except Todo.DoesNotExist:
return Response({'error': 'Todo not Found'}, status=404)
if todo.user != request.user and not todo.assigned_users.filter(
username=request.user.username).exists():
return Response({'error': 'Permission Denied'}, status=403)
else:
todo = Todo()
if not _id:
todo.user = request.user
todo.title = title
todo.content = content
todo.status = status
todo.updated_at = timezone.now()
if not _id:
todo.created_at = timezone.now()
todo.save()
return Response({
'success': 'todo is created',
'id': todo.id
},
status=201)
if request.method == 'POST' and request.resolver_match.url_name == 'users':
if not todo_id:
return Response({'error': 'Todo id is missing'}, status=400)
try:
todo = Todo.objects.get(id=todo_id)
except Todo.DoesNotExist:
return Response({'error': 'Not Found Todo'}, status=404)
if todo.user != request.user:
return Response({'error': 'Permission Denied'}, status=403)
usr_email = request.data.get('email', None)
if not usr_email:
return Response({'error': 'User is missing'}, status=400)
try:
user = User.objects.get(email=usr_email)
except User.DoesNotExist:
return Response({'error': 'User Not Found'}, status=404)
if not todo.assigned_users.filter(username=user.username).exists():
todo.assigned_users.add(user)
return Response({'success': 'added user'}, status=200)
if request.method == 'DELETE' and request.resolver_match.url_name == 'todo':
if not todo_id:
return Response({'error': 'Todo id is missing'}, status=400)
try:
todo = Todo.objects.get(id=todo_id)
except Todo.DoesNotExist:
return Response({'error': 'Not Found Todo'}, status=404)
if todo.user != request.user:
return Response({'error': 'Permission Denied'}, status=403)
todo.delete()
return Response({'success': 'todo is deleted'}, status=200)
if request.method == 'DELETE' and request.resolver_match.url_name == 'users':
if not todo_id:
return Response({'error': 'Todo id is missing'}, status=400)
try:
todo = Todo.objects.get(id=todo_id)
except Todo.DoesNotExist:
return Response({'error': 'Not Found Todo'}, status=404)
if todo.user != request.user:
return Response({'error': 'Permission Denied'}, status=403)
email = request.query_params.get('email', None)
if not email:
return Response({'error': 'Email is missing'}, status=400)
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
return Response({'error': 'User not Found'}, status=404)
if todo.assigned_users.filter(email=email).exists():
todo.assigned_users.remove(user)
return Response({'success': 'User removed the todo list'},
status=200)
return Response({'error': 'Bad Request'}, status=400)