def post(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
enroll_ref = Enroll.objects.get(user_ref=isAuthorizedUSER[1], subject_ref=request.data["subject_ref"])
except Enroll.DoesNotExist:
enroll_de_serialized = Enroll_Serializer(data=request.data)
enroll_de_serialized.initial_data["user_ref"] = int(isAuthorizedUSER[1])
if enroll_de_serialized.is_valid():
enroll_de_serialized.save()
data["success"] = True
data["data"] = enroll_de_serialized.data
return Response(data=data, status=status.HTTP_201_CREATED)
else:
data["success"] = False
data["message"] = f"SERIALIZING_ERROR : {enroll_de_serialized.errors}"
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = True
data["message"] = f"USER_ALREADY_ENROLLED"
data["data"] = Enroll_Serializer(enroll_ref, many=False).data
return Response(data=data, status=status.HTTP_202_ACCEPTED)
def post(self, request, pk=None, pkk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
submission_de_serialized = Submission_Serializer(data=request.data)
submission_de_serialized.initial_data["user_ref"] = int(
isAuthorizedUSER[1])
if submission_de_serialized.is_valid():
submission_de_serialized.save()
Set_Permalink(submission_de_serialized.data["id"]).start()
data["success"] = True
data["data"] = submission_de_serialized.data
return Response(data=data, status=status.HTTP_201_CREATED)
else:
data["success"] = False
data[
"message"] = f"SERIALIZING_ERROR : {submission_de_serialized.errors}"
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None): # TODO : See all access granted to no one--# FIX : See if changes needed
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
lecture_ref = Lecture.objects.get(pk=int(pk))
except Lecture.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_FORUM_ID"
return Response(data=data, status=status.HTTP_404_NOT_FOUND)
else:
data["success"] = True
data["data"] = Lecture_Serializer(lecture_ref, many=False).data
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/content/lecture/<id>"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, dd=None, mm=None, yyyy=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if dd not in (None, "") and mm not in (None, "") and yyyy not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if not isAuthorizedUSER[0]:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
data["success"] = True
date = f"{dd}-{mm}-{yyyy}"
data["data"] = Log_Serializer(
Log.objects.filter(made_date__contains=date, api_token_ref=isAuthorizedAPI[1]).order_by("-pk"),
many=True,
).data
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/analytics/log/dd/mm/yyyy"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
enroll_ref = Enroll.objects.get(user_ref=isAuthorizedUSER[1], subject_ref=pk)
except Enroll.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_ENROLLMENT_ID"
return Response(data=data, status=status.HTTP_404_NOT_FOUND)
else:
enroll_ref.delete()
data["success"] = True
data["message"] = "ENROLLMENT_DELETED"
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {"METHOD": "DELETE", "URL_FORMAT": "/api/personal/enroll/<id>"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None): # TODO : Only Coordinator can create lecture
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
coordinator_ref = Coordinator.objects.get(user_ref=isAuthorizedUSER[1])
except Coordinator.DoesNotExist:
data["success"] = False
data["message"] = "USER_NOT_COORDINATOR"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
lecture_de_serialized = Lecture_Serializer(data=request.data)
if lecture_de_serialized.is_valid():
lecture_de_serialized.save()
Set_Permalink(lecture_de_serialized.data["id"]).start()
data["success"] = True
data["data"] = lecture_de_serialized.data
return Response(data=data, status=status.HTTP_201_CREATED)
else:
data["success"] = False
data["message"] = lecture_de_serialized.errors
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if not isAuthorizedUSER[0]:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
if int(pk) == 87795962440396049328460600526719: # TODO : Coordinator Looking for their enrollments
try:
coordinator_ref = Coordinator.objects.get(user_ref=isAuthorizedUSER[1])
except Coordinator.DoesNotExist:
data["success"] = False
data["message"] = "USER_NOT_COORDINATOR"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
subjects = [
one["subject_ref"]
for one in Subject_Coordinator.objects.filter(coordinator_ref=coordinator_ref).values(
"subject_ref"
)
]
data["data"] = list()
for one in subjects:
data["data"].append(
{
"subject": one,
"user": [
enroll["user_ref"]
for enroll in Enroll.objects.filter(subject_ref=one).values("user_ref")
],
}
)
data["success"] = True
return Response(data=data, status=status.HTTP_202_ACCEPTED)
elif int(pk) == 0: # TODO : User looking for their enrollment
data["success"] = True
data["data"] = {
"subject": [
one["subject_ref"]
for one in Enroll.objects.filter(user_ref=isAuthorizedUSER[1]).values("subject_ref")
]
}
return Response(data=data, status=status.HTTP_202_ACCEPTED)
except Exception as ex:
print("ENROLL_GET EX : ", ex)
return Response(status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = False
data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/personal/enroll/<id>"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(self, request, pk=None, pkk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
submission_ref = SubmissionMCQ.objects.get(user_ref=isAuthorizedUSER[1], pk=pk)
except SubmissionMCQ.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_SUBMISSION_ID"
return Response(data=data, status=status.HTTP_404_NOT_FOUND)
else:
submission_ref.delete()
data["success"] = True
data["message"] = "SUBMISSION_DELETED"
return Response(data=data)
else:
data["success"] = False
data["message"] = {"METHOD": "DELETE", "URL_FORMAT": "/api/personal/submission/<id>/"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None): # TODO : Users can add replies
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
reply_de_serialized = ReplyToReply_Serializer(data=request.data)
reply_de_serialized.initial_data["user_ref"] = isAuthorizedUSER[1]
if reply_de_serialized.is_valid():
reply_de_serialized.save()
data["success"] = True
data["data"] = reply_de_serialized.data
return Response(data=data, status=status.HTTP_201_CREATED)
else:
data["success"] = False
data["message"] = reply_de_serialized.errors
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if not isAuthorizedUSER[0]:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
if int(pk) == 0: # TODO : Show all of user diaries
diary_ref = Diary.objects.filter(user_ref=isAuthorizedUSER[1])
diary_serialized = Diary_Serializer(diary_ref, many=True).data
else: # TODO : Show specific of user diary
diary_ref = Diary.objects.get(user_ref=isAuthorizedUSER[1], pk=pk)
diary_serialized = Diary_Serializer(diary_ref, many=False).data
except Diary.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_DIARY_ID"
return Response(data=data, status=status.HTTP_404_NOT_FOUND)
else:
data["success"] = True
data["data"] = diary_serialized
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/personal/diary/<id>"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
isAuthorizedADMIN = am_I_Authorized(request, "ADMIN")
if isAuthorizedADMIN < 3: # TODO : Only Prime Admin can give admin access to others
data["success"] = False
data["message"] = "ADMIN_NOT_ADMIN_PRIME"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
data = dict()
id = request.data["user_id"]
try:
user_ref = User.objects.get(pk=int(id))
except User.DoesNotExist:
data["success"] = False
data["message"] = "ADMIN : USER_ID_INVALID"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
else:
try:
admin_ref = Admin.objects.get(pk=int(id))
except Admin.DoesNotExist:
data["success"] = True
admin_ref_new = Admin(user_ref=user_ref)
admin_ref_new.save()
data["data"] = {
"admin": Admin_Serializer(admin_ref_new,
many=False).data,
"privilege": list()
}
return Response(data=data,
status=status.HTTP_201_CREATED)
else:
data["success"] = True
data["message"] = f"ADMIN : USER_ALREADY_ADMIN"
privileges = Admin_Privilege.objects.filter(
admin_ref=admin_ref).values("privilege_ref")
data["data"] = {
"admin":
Admin_Serializer(admin_ref, many=False).data,
"privilege":
[one["privilege_ref"] for one in privileges],
}
return Response(data=data,
status=status.HTTP_409_CONFLICT)
def get(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data)
else:
isAuthorizedADMIN = am_I_Authorized(request, "ADMIN")
if isAuthorizedADMIN < 1: # TODO : Any Admin can see privileges
data["success"] = False
data["message"] = "USER_NOT_ADMIN"
return Response(data=data,
status=status.HTTP_401_UNAUTHORIZED)
else:
try:
if int(pk) == 0: # TODO : Show all privileges
data["success"] = True
data["data"] = Privilege_Serializer(
Privilege.objects.all(), many=True).data
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else: # TODO : Show specific privileges
try:
privilege_ref = Privilege.objects.get(
pk=int(pk))
except Privilege.DoesNotExist:
data["success"] = False
data["message"] = "PRIVILEG_ID_INVALID"
return Response(
data=data,
status=status.HTTP_404_NOT_FOUND)
else:
data["success"] = True
data["data"] = Privilege_Serializer(
privilege_ref, many=False).data
return Response(
data=data, status=status.HTTP_202_ACCEPTED)
except Exception as ex:
print("ADMIN_PRIV_GET EX : ", ex)
return Response(status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = False
data["message"] = {
"METHOD": "GET",
"URL_FORMAT": "/api/admin/priv/<id>"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
post_de_serialized = Post_Serializer(data=request.data)
Subject_Coordinator.objects.get(
coordinator_ref=Coordinator.objects.get(user_ref=isAuthorizedUSER[1]),
subject_ref=post_de_serialized.initial_data["subject_ref"],
)
except Coordinator.DoesNotExist:
data["success"] = False
data["message"] = "USER_NOT_COORDINATOR"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
except Subject_Coordinator.DoesNotExist: # TODO : Only accessed subject post can be edited by coordinators
data["success"] = False
data["message"] = "COORDINATOR_NOT_ACCESSED_TO_SUBJECT"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
except KeyError:
data["success"] = False
data["message"] = "CHECK_SUBJECT_ID_KEY"
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
else:
try:
post_ref = Post.objects.get(pk=int(pk), user_ref=isAuthorizedUSER[1])
except Post.DoesNotExist:
data["success"] = False
data["message"] = "POST_DOES_NOT_BELONG_TO_USER"
return Response(data=data, status=status.HTTP_404_NOT_FOUND)
else:
post_de_serialized = Post_Serializer(post_ref, data=request.data)
if post_de_serialized.is_valid():
post_de_serialized.save()
data["success"] = True
data["data"] = post_de_serialized.data
return Response(data=data, status=status.HTTP_201_CREATED)
else:
data["success"] = False
data["message"] = post_de_serialized.errors
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = False
data["message"] = {"METHOD": "PUT", "URL_FORMAT": "/api/content/post/<id>"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
user_ref = User.objects.get(pk=isAuthorizedUSER[1])
if user_ref.profile_ref in (None, ""):
profile_de_serialized = Profile_Serializer(data=request.data)
if profile_de_serialized.initial_data[
"prime"] == True and profile_de_serialized.initial_data[
"roll_number"] in (
None,
"",
):
data["success"] = False
data["message"] = "STUDENT_REQUIRES_12_DIGIT_ROLL"
return Response(data=data,
status=status.HTTP_400_BAD_REQUEST)
else:
if profile_de_serialized.is_valid():
profile_de_serialized.save()
profile_ref = Profile.objects.get(
pk=profile_de_serialized.data["id"])
user_ref.profile_ref = profile_ref
user_ref.save()
Set_Permalink(profile_de_serialized.data["id"]).start()
data["success"] = True
data["data"] = profile_de_serialized.data
return Response(data=data,
status=status.HTTP_201_CREATED)
else:
data["success"] = False
data[
"message"] = f"SERIALIZING_ERROR : {profile_de_serialized.errors}"
return Response(data=data,
status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = True
data["message"] = "PROFILE_ALREADY_EXISTS"
data["data"] = Profile_Serializer(user_ref.profile_ref,
many=False).data
return Response(data=data, status=status.HTTP_409_CONFLICT)
def put(self, request, pk=None, pkk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if not isAuthorizedUSER[0]:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
submission_ref = Submission.objects.get(
user_ref=isAuthorizedUSER[1], pk=pk)
except Submission.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_SUBMISSION_ID"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
else:
submission_serialized = Submission_Serializer(
submission_ref, data=request.data)
submission_serialized.initial_data[
"user_ref"] = isAuthorizedUSER[1]
if submission_serialized.is_valid():
submission_serialized.save()
Clear_Permalink(
submission_serialized.data["id"]).start()
Set_Permalink(submission_serialized.data["id"]).start()
data["success"] = True
data["data"] = submission_serialized.data
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data[
"message"] = f"SERIALIZING_ERROR : {submission_serialized.errors}"
return Response(data=data,
status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = False
data["message"] = {
"METHOD": "PUT",
"URL_FORMAT": "/api/personal/submission/<id>/"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(self,
request,
pk=None): # TODO : Only Admins can delete Tickets
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
isAuthorizedADMIN = am_I_Authorized(request, "ADMIN")
if isAuthorizedADMIN > 0:
pk = int(pk)
if pk == 87795962440396049328460600526719:
Ticket.objects.all().delete()
data["success"] = True
data["message"] = "ALL_TICKETS_DELETED"
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else:
try:
ticket_ref = Ticket.objects.get(pk=pk)
except Ticket.DoesNotExist:
data["success"] = False
data["message"] = "TICKET_ID_INVALID"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
else:
ticket_ref.delete()
data["success"] = True
data["data"] = "TICKET_DELETED"
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = "USER_NOT_ADMIN"
return Response(data=data,
status=status.HTTP_401_UNAUTHORIZED)
else:
data["success"] = False
data["message"] = {
"METHOD": "DELETE",
"URL_FORMAT": "/api/analytics/ticket/<id>"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data[
"message"] = f"error:USER_NOT_AUTHORIZED, message:{isAuthorizedUSER[1]}"
return Response(data=data)
else:
isAuthorizedADMIN = am_I_Authorized(request, "ADMIN")
if isAuthorizedADMIN != 69: # TODO : Only Admin Prime can delete admin privilege
data["success"] = False
data["message"] = "ADMIN_NOT_ADMIN_PRIME"
return Response(data=data,
status=status.HTTP_401_UNAUTHORIZED)
else:
if int(
pk
) == 87795962440396049328460600526719: # TODO : Delete all privileges
Privilege.objects.all().delete()
data["success"] = True
data["message"] = "ALL_ADMIN_PRIVILEGES_DELETED"
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else: # TODO : Delete selective privilges
try:
privilege_ref = Privilege.objects.get(pk=pk)
except Privilege.DoesNotExist:
data["success"] = False
data["message"] = "PRIVILEGE_ID_INVALID"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
else:
privilege_ref.delete()
data["success"] = True
data["message"] = "PRIVILEGE_DELETED"
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {
"METHOD": "DELETE",
"URL_FORMAT": "/api/admin/priv/<id>"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def put(self,
request,
pk=None): # TODO : Only Admins can change Ticket status
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
isAuthorizedADMIN = am_I_Authorized(request, "ADMIN")
if isAuthorizedADMIN < 1:
data["success"] = False
data["message"] = f"USER_NOT_ADMIN"
return Response(data=data,
status=status.HTTP_401_UNAUTHORIZED)
else:
try:
ticket_ref = Ticket.objects.get(pk=int(pk))
except Ticket.DoesNotExist:
data["success"] = False
data["message"] = "TICKET_ID_INVALID"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
else:
try:
ticket_ref.prime = request.data["solved"]
ticket_ref.save()
except Exception as ex:
data["success"] = False
data["message"] = "INVALID_JSON_DATA[true/false]"
return Response(data=data,
status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = True
data["data"] = Ticket_Serializer(ticket_ref,
many=False).data
return Response(data=data,
status=status.HTTP_201_CREATED)
else:
data["success"] = False
data["message"] = {
"METHOD": "PUT",
"URL_FORMAT": "/api/analytics/ticket/<id>"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data)
else:
isAuthorizedADMIN = am_I_Authorized(request, "ADMIN")
if isAuthorizedADMIN != 69: # TODO : Only Admin Prime has access to change privileges
data["success"] = False
data["message"] = "ADMIN_NOT_ADMIN_PRIME"
return Response(data=data,
status=status.HTTP_401_UNAUTHORIZED)
else:
try:
privilege_ref = Privilege.objects.get(pk=pk)
except Privilege.DoesNotExist:
data["success"] = False
data["message"] = "PRIVILEG_ID_INVALID"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
else:
privilege_de_serialized = Privilege_Serializer(
privilege_ref, data=request.data)
if privilege_de_serialized.is_valid():
privilege_de_serialized.save()
data["success"] = True
data["data"] = privilege_de_serialized.data
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = privilege_de_serialized.errors
return Response(data=data,
status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = False
data["message"] = {
"METHOD": "PUT",
"URL_FORMAT": "/api/admin/priv/<id>"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if not isAuthorizedUSER[0]:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
if int(
pk
) == 0: # TODO : User needs all notifications that have not been sent to TG
notifications = [
one.notification_ref
for one in User_Notification.objects.filter(
pk=isAuthorizedUSER[1], prime_1=False).order_by(
"-notification_ref")
]
data["success"] = True
data["data"] = Notification_Serializer(notifications,
many=True).data
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else: # TODO : User needs specific notification
try:
notification_ref = Notification.objects.get(pk=int(pk))
except Notification.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_NOTIFICATION_ID"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
else:
data["success"] = True
data["data"] = Notification_Serializer(
notification_ref, many=False).data
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {
"METHOD": "GET",
"URL_FORMAT": "/api/personal/notification/<id>"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, pk=None): # TODO : Only Coordinator can edit assignment
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
coordinator_ref = Coordinator.objects.get(user_ref=isAuthorizedUSER[1])
except Coordinator.DoesNotExist:
data["success"] = False
data["message"] = "USER_NOT_COORDINATOR"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
assignment_ref = Assignment.objects.get(pk=int(pk))
except Assignment.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_ASSIGNMENT_ID"
return Response(data=data, status=status.HTTP_404_NOT_FOUND)
else:
assignment_de_serialized = Assignment_Serializer(assignment_ref, data=request.data)
if assignment_de_serialized.is_valid():
assignment_de_serialized.save()
Clear_Permalink(assignment_de_serialized.data["id"]).start()
Set_Permalink(assignment_de_serialized.data["id"]).start()
UnCheck_Submission(assignment_de_serialized.data["id"]).start()
data["success"] = True
data["data"] = assignment_de_serialized.data
return Response(data=data, status=status.HTTP_201_CREATED)
else:
data["success"] = False
data["message"] = assignment_de_serialized.errors
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = False
data["message"] = {"METHOD": "PUT", "URL_FORMAT": "/api/content/assignment/<id>"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
post_de_serialized = Post_Serializer(data=request.data)
Subject_Coordinator.objects.get(
coordinator_ref=Coordinator.objects.get(user_ref=isAuthorizedUSER[1]),
subject_ref=post_de_serialized.initial_data["subject_ref"],
)
except Coordinator.DoesNotExist:
data["success"] = False
data["message"] = "USER_NOT_COORDINATOR"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
except Subject_Coordinator.DoesNotExist: # TODO : Only accessed subject post can be created by coordinators
data["success"] = False
data["message"] = "COORDINATOR_NOT_ACCESSED_TO_SUBJECT"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
except KeyError or ValueError:
data["success"] = False
data["message"] = "CHECK_SUBJECT_ID_KEY"
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
else:
post_de_serialized.initial_data["user_ref"] = isAuthorizedUSER[1]
if post_de_serialized.is_valid():
post_de_serialized.save()
# TODO : create notification for concerned part(y/ies)
notification_thread = Post_Notification_Gen(post_de_serialized.data)
notification_thread.start()
# TODO : =================================================================
data["success"] = True
data["data"] = post_de_serialized.data
return Response(data=data, status=status.HTTP_201_CREATED)
else:
data["success"] = False
data["message"] = post_de_serialized.errors
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def delete(
self,
request,
pk=None
): # TODO : Only Coordinators can delete--# FIX : All delete given to no one
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
coordinator_ref = Coordinator.objects.get(
user_ref=isAuthorizedUSER[1])
except Coordinator.DoesNotExist:
data["success"] = False
data["message"] = "USER_NOT_COORDINATOR"
return Response(data=data,
status=status.HTTP_401_UNAUTHORIZED)
else:
try:
forum_ref = Forum.objects.get(pk=int(pk))
except Forum.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_FORUM_ID"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
else:
forum_ref.delete()
data["success"] = True
data["message"] = "FORUM_DELETED"
return Response(data=data,
status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {
"METHOD": "DELETE",
"URL_FORMAT": "/api/content/forum/<id>"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self,
request,
pk_a=None,
pk_s=None): # TODO : Anyone can fetch marks data
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk_a not in (None, "") and pk_s not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
try:
submission_ref = SubmissionMCQ.objects.get(
assignment_ref=pk_a, pk=pk_s)
except SubmissionMCQ.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_ASSIGNMENT_SUBMISSION_PAIR"
return Response(data=data,
status=status.HTTP_404_NOT_FOUND)
except ValueError or TypeError:
data["success"] = False
data["message"] = {
"URL_FORMAT":
"/api/content/multi_mark/<assignent_id>/<submission_id>"
}
return Response(data=data,
status=status.HTTP_400_BAD_REQUEST)
else:
data["success"] = True
data["data"] = SubmissionMCQ_Serializer(submission_ref,
many=False).data
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {
"METHOD":
"GET",
"URL_FORMAT":
"/api/content/multi_mark/<assignent_id>/<submission_id>"
}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def options(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "error:ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
temp = dict()
data["Allow"] = "POST GET PUT DELETE OPTIONS".split()
temp["Content-Type"] = "application/json"
temp["Authorization"] = "Token JWT"
temp["uauth"] = "Token JWT"
data["HEADERS"] = temp.copy()
temp.clear()
data["name"] = "Coordinator"
temp["POST"] = {"user_id": "Number [FK]"}
temp["GET"] = None
temp["PUT"] = {"subject_id": "Number [FK]"}
temp["DELETE"] = None
data["method"] = temp.copy()
temp.clear()
return Response(data=data, status=status.HTTP_200_OK)
def options(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "error:ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
temp = dict()
data["Allow"] = "POST GET PUT DELETE OPTIONS".split()
temp["Content-Type"] = "application/json"
temp["Authorization"] = "Token JWT"
temp["uauth"] = "Token JWT"
data["HEADERS"] = temp.copy()
temp.clear()
data["name"] = "Lecture"
temp["POST"] = {"body": "String", "external_url_1": "String : 255 / null", "external_url_2": "String : 255 / null"}
temp["GET"] = None
temp["PUT"] = {"body": "String", "external_url_1": "String : 255 / null", "external_url_2": "String : 255 / null"}
temp["DELETE"] = None
data["method"] = temp.copy()
temp.clear()
return Response(data=data, status=status.HTTP_200_OK)
def options(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "error:ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
temp = dict()
data["Allow"] = "POST GET PUT DELETE OPTIONS".split()
temp["Content-Type"] = "multipart/form-data"
temp["Authorization"] = "Token JWT"
temp["uauth"] = "Token JWT"
data["HEADERS"] = temp.copy()
temp.clear()
data["name"] = "User_Profile_Image"
temp["POST"] = {"image": "FILE"}
temp["GET"] = None
temp["PUT"] = {"image": "FILE"}
temp["DELETE"] = None
data["method"] = temp.copy()
temp.clear()
return Response(data=data, status=status.HTTP_200_OK)
def options(self, request, dd=None, mm=None, yyyy=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "error:ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
temp = dict()
data["Allow"] = "GET DELETE OPTIONS".split()
temp["Content-Type"] = "application/json"
temp["Authorization"] = "Token JWT"
temp["uauth"] = "Token JWT"
data["HEADERS"] = temp.copy()
temp.clear()
data["name"] = "Log"
temp["GET"] = None
temp["DELETE"] = None
data["method"] = temp.copy()
temp.clear()
return Response(data=data, status=status.HTTP_200_OK)
def delete(self, request, pk=None): # TODO : Only Admins with SAGP Privilege can delete subjects
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
if am_I_Authorized(request, "ADMIN") < 1:
data["success"] = False
data["message"] = f"USER_NOT_ADMIN"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
if not do_I_Have_Privilege(request, "SAGP"):
data["success"] = False
data["message"] = f"ADMIN_DOES_NOT_HAVE_CAGP_PRIVILEGE"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
if int(pk) == 0: # TODO : Delete all subjects
Subject.objects.all().delete()
data["success"] = True
data["message"] = "ALL_SUBJECTS_DELETED"
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else: # TODO : Delete selected subjects
try:
subject_ref = Subject.objects.get(pk=int(pk))
except Subject.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_SUBJECT_ID"
return Response(data=data, status=status.HTTP_404_NOT_FOUND)
else:
subject_ref.delete()
data["success"] = True
data["message"] = "SUBJECT_DELETED"
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {"METHOD": "DELETE", "URL_FORMAT": "/api/content/subject/<id>"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
def get(self, request, pk=None):
data = dict()
isAuthorizedAPI = am_I_Authorized(request, "API")
if not isAuthorizedAPI[0]:
data["success"] = False
data["message"] = "ENDPOINT_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
if pk not in (None, ""):
isAuthorizedUSER = am_I_Authorized(request, "USER")
if isAuthorizedUSER[0] == False:
data["success"] = False
data["message"] = f"USER_NOT_AUTHORIZED"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
if int(pk) == 0: # TODO: Universal asking for all subjects
data["data"] = Subject_Serializer(Subject.objects.all(), many=True).data
data["success"] = True
return Response(data=data, status=status.HTTP_202_ACCEPTED)
elif int(pk) == 87795962440396049328460600526719: # TODO: Coordinator asking for subjects to form post
try:
coordinator_ref = Coordinator.objects.get(user_ref=isAuthorizedUSER[1])
except Coordinator.DoesNotExist:
data["success"] = True
data["message"] = "USER_NOT_COORINATOR"
return Response(data=data, status=status.HTTP_401_UNAUTHORIZED)
else:
subject_coordinator_ref = Subject_Coordinator.objects.filter(coordinator_ref=coordinator_ref)
data["success"] = True
data["data"] = [Subject_Serializer(one.subject_ref, many=False).data for one in subject_coordinator_ref]
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else: # TODO : User asking for specific subjects
try:
subject_ref = Subject.objects.get(pk=int(pk))
except Subject.DoesNotExist:
data["success"] = False
data["message"] = "INVALID_SUBJECT_ID"
return Response(data=data, status=status.HTTP_404_NOT_FOUND)
else:
data["success"] = True
data["data"] = Subject_Serializer(subject_ref, many=False).data
return Response(data=data, status=status.HTTP_202_ACCEPTED)
else:
data["success"] = False
data["message"] = {"METHOD": "GET", "URL_FORMAT": "/api/content/subject/<id>"}
return Response(data=data, status=status.HTTP_400_BAD_REQUEST)
