def patch(self, request, item):
form = Form.for_model(Item).with_request(request)
membership = Membership.objects.get(user=request.user)
# Check if this item already exists for the organisation or profile
if form.external_id:
if not is_item_external_id_unique_to_organisation(
form.external_id, membership.organisation):
return conflict(
"There is already an item with this id linked to your organisation"
)
item.set_external_id(form.external_id)
return accepted({'item': ItemSerialiser.serialise(item)})
def patch(self, request):
membership = Membership.objects.get(user=request.user)
if not membership.is_owner:
return not_permitted("Only owners can update the organisation")
form = Form.for_model(Organisation).with_request(request)
# Change the name
if form.new_name:
membership.organisation.change_name(form.new_name)
# Change owner
if form.new_owner:
# Get the account for that user
if not User.objects.filter(username=form.new_owner).exists():
return not_found(f"User {form.new_owner} doesn't exist")
new_owner_user = User.objects.get(username=form.new_owner)
# Check they are a member of this organisation
if not Membership.objects.filter(
user=new_owner_user, organisation=organisation).exists():
return not_found(
f"User {form.new_owner} needs to be part of the organisation before becoming owner"
)
new_owner_membership = Membership.objects.get(
user=new_owner_user, organisation=organisation)
if new_owner_membership.moderator:
# Create the contract
contract = Contract.make(
contract_type=Contract.OWNERSHIP_TRANSFER,
organisation=membership.organisation,
user=new_owner_user)
else:
return not_permitted(
"Only moderators can be transferred ownership")
return accepted(
{'organisation': OrganisationSerialiser.serialise(organisation)})
def delete(self, request, survey):
# Todo check ownership
return accepted({'message': f"Survey {survey.id} has been deleted"})
def patch(self, request, survey):
# Todo check ownership
return accepted({'survey': SurveySerialiser.serialise(survey)})
def delete(self, request, item):
return accepted({'message': f"Item {item.id} has been deleted"})
def delete(self, request, survey_id, survey_item):
return accepted(
{'message': f"Survey item {survey_item.id} has been deleted"})
def patch(self, request, survey, survey_item):
return accepted(
{'survey_item': SurveyItemSerialiser.serialise(survey_item)})
def delete(self, request):
#TODO Only owners of enterprise organisations can delete the organisation (requires email confirmation)
# On confirmation, all profiles are returned to their personal organisation
return accepted({'message': f"organisation has been deleted"})