def to_representation(self, student_obj): user = FilterSecurity(self.context.get('request')) current_user = user.get_user() representation = super().to_representation(student_obj) representation["studentId"] = representation.pop("id") representation[ "studentName"] = student_obj.first_name + " " + student_obj.middle_name + " " + student_obj.last_name representation["gender"] = student_obj.gender representation["schoolId"] = student_obj.current_school.id program = Program.objects.get(student=representation["studentId"]).id representation["programId"] = program representation["schoolName"] = student_obj.current_school.name representation["birthdate"] = student_obj.birth_date representation["stateId"] = student_obj.state_id representation["studentYear"] = student_obj.grade_year representation["reasonInProgram"] = student_obj.reason_in_program representation["noteSet"] = NoteSerializer( student_obj.notes.filter(user=current_user), many=True).data representation["gradeSet"] = GradeSerializer(student_obj.grade_set, many=True, read_only=True).data representation["attendanceSet"] = AttendanceSerializer( student_obj.attendance_set, many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( student_obj.behavior_set, many=True, read_only=True).data representation["referralSet"] = ReferralDetailSerializer( student_obj.referral_set, many=True, read_only=True).data return representation
def get(self, request, access_level, format=None): user = FilterSecurity(request) if access_level == user.get_my_access(): my_queryset = user.get_my_students() notmy_queryset = user.get_not_my_students() my_serializer = StudentSerializer(my_queryset, many=True) notmy_serializer = StudentSerializer(notmy_queryset, many=True) return Response({ "my_students": my_serializer.data, "notmy_students": notmy_serializer.data })
def post(self, request, access_level, format=None): """ This method allows a user to select what students they want to be counted in the "my student" list. This post allows users to both add a student to the list and remove a student to the list depending on the value of remove. If remove is true then it will remove student from my student. If remove is false it will add the student to my student. This will take in more than one student at a time. The body of the post request this method handles should be in JSON format: [ {"student_id": "student id", "remove": true/false }, {"student_id": "student id", "remove": true/false }, ..., {"student_id": "student id", "remove": true/false } ] """ user = FilterSecurity(request) current_user = user.get_user().id user_instance = User.objects.get(pk=current_user) json = request.data try: for json_slice in range(0, len(json)): student_data = { "student_id": json[json_slice]["student_id"], "remove": json[json_slice]["remove"] } student_instance = Student.objects.get( pk=student_data["student_id"]) accessible_student_instance = StudentUserHasAccess.objects.get( user=user_instance, student=student_instance) if (student_data["remove"]): MyStudents.objects.get( student_user_has_access=accessible_student_instance ).delete() else: MyStudents.objects.create( student_user_has_access=accessible_student_instance) return HttpResponseRedirect( f"/gsndb/{access_level}/modify-my-students/") except Exception as e: return Response({ "Sorry": "The model denied modifying these students.", "The model raised the following errors": str(e), })
def post(self, request, access_level, format=None): """ This method allows new referrals to be posted to the database. It redirects to the selfsame ReferralList view, allowing the user to see the new referral they created among their list of referrals. The body of the post request this method handles should be in JSON format: {"student": "student id here", "program": "program pk", "type": "list of types that can be found in referral model", "date_given": "YYYY-MM-DD", "reference_name": "the name of the person who referred whatever", "reference_phone": integer goes here, "reference_address": "an address goes here", "reason": "reason..." } """ user = FilterSecurity(request) json = request.data student = Student.objects.get(pk=json["student"]) if student not in user.get_accessible_students(): return Response({ "Sorry": "this user does not have access to add a referral for this student." }) else: referral_data = { "user": user.get_user().id, "student": json["student"], "program": json["program"], "type": json["type"], "date_given": json["date_given"], "reference_name": json["reference_name"], "reference_phone": json["reference_phone"], "reference_address": json["reference_address"], "reason": json["reason"], } serializer = ReferralSerializer(data=referral_data) if serializer.is_valid(): serializer.save() return HttpResponseRedirect( f"/gsndb/{access_level}/student/{serializer.data['student']}/" ) else: return Response({ "Sorry": "The serializer denied saving this referral.", "The serializer raised the following errors": serializer.errors })
def delete(self, request, pk, access_level, format=None): """ This method allows individual notes to be deleted. interact via: DELETE <host>/gsndb/<accessLevel>/note/<note_id> """ user = FilterSecurity(request) current_note = Note.objects.get(pk=pk) accessible_notes = Note.objects.filter(user_id=user.get_user().id) if current_note not in accessible_notes: return Response( {"Sorry": "this user does not have access to do that."}) else: current_note.delete() return HttpResponseRedirect(f"/gsndb/{access_level}/note/")
def post(self, request, pk, access_level, format=None): """ Interact via: POST <host>/gsndb/<access_level>/course/<pk> body = {"text": "My note text"} """ user = FilterSecurity(request) response = post_note(request, Course, pk, access_level) return response
def get(self, request, access_level, format=None): user = FilterSecurity(request) if access_level == user.get_my_access(): queryset = user.get_my_students() elif access_level == user.get_not_my_access(): queryset = user.get_not_my_students() elif access_level == user.get_all_access(): queryset = user.get_accessible_students() serializer = StudentSerializer(queryset, many=True) return Response(serializer.data)
def to_representation(self, referral_obj): representation = super().to_representation(referral_obj) user = FilterSecurity(self.context.get('request')) representation["referralId"] = representation.pop("id") representation["user"] = referral_obj.user.id representation["student"] = referral_obj.student.id representation["program"] = referral_obj.program.id representation["type"] = referral_obj.type representation["dateGiven"] = referral_obj.date_given return representation
def put(self, request, pk, access_level, format=None): user = FilterSecurity(request) """ This method allows a user to update an existing referral via a PUT request. """ referral_obj = Referral.objects.get(pk=pk) json = request.data student = Student.objects.get(pk=json["student"]) if student not in user.get_accessible_students(): return Response({ "Sorry": "this user does not have access to edit this referral for this student." }) else: referral_data = { "user": user.get_user().id, "student": json["student"], "program": json["program"], "type": json["type"], "date_given": json["date_given"], "reference_name": json["reference_name"], "reference_phone": json["reference_phone"], "reference_address": json["reference_address"], "reason": json["reason"], } serializer = ReferralSerializer(referral_obj, data=referral_data) if serializer.is_valid(): serializer.save() return HttpResponseRedirect( f"/gsndb/{access_level}/referral/{serializer.data['referralId']}/" ) else: return Response({ "Sorry": "The serializer denied saving this note.", "The serializer raised the following errors": serializer.errors })
def to_representation(self, course_obj): user = FilterSecurity(self.context.get('request')) current_user = user.get_user() accessible_students = user.get_accessible_students() my_students = user.get_my_students() access_level = self.context.get("access", False) representation = super().to_representation(course_obj) representation["courseId"] = representation.pop("id") representation["courseName"] = course_obj.name representation["schoolId"] = course_obj.school.id representation["schoolName"] = course_obj.school.name representation["courseSubject"] = course_obj.subject representation["courseCode"] = course_obj.code representation["noteSet"] = NoteSerializer( course_obj.notes.filter(user=current_user), many=True).data if access_level == user.get_all_access(): representation["gradeSet"] = GradeSerializer(Grade.objects.filter( student_id__in=accessible_students.values("id"), course_id=course_obj.id), many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( Behavior.objects.filter( student_id__in=accessible_students.values("id"), course_id=course_obj.id), many=True, read_only=True).data representation["studentSet"] = StudentSerializer( accessible_students.filter(pk__in=Grade.objects.filter( course_id=course_obj.id).values("student")), many=True, read_only=True).data elif access_level == user.get_my_access(): representation["gradeSet"] = GradeSerializer(Grade.objects.filter( student_id__in=my_students.values("id"), course_id=course_obj.id), many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( Behavior.objects.filter( student_id__in=my_students.values("id"), course_id=course_obj.id), many=True, read_only=True).data representation["studentSet"] = StudentSerializer( my_students.filter(pk__in=Grade.objects.filter( course_id=course_obj.id).values("student")), many=True, read_only=True).data return representation
def to_representation(self, program_obj): user = FilterSecurity(self.context.get('request')) current_user = user.get_user() accessible_students = user.get_accessible_students() my_students = user.get_my_students() access_level = self.context.get("access", False) representation = super().to_representation(program_obj) representation["programId"] = representation.pop("id") representation["programName"] = program_obj.name representation["noteSet"] = NoteSerializer( program_obj.notes.filter(user=current_user), many=True).data if access_level == user.get_all_access(): representation["gradeSet"] = GradeSerializer( program_obj.grade_set.filter(student__in=accessible_students), many=True, read_only=True).data representation["attendanceSet"] = AttendanceSerializer( program_obj.attendance_set.filter( student__in=accessible_students), many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( program_obj.behavior_set.filter( student__in=accessible_students), many=True, read_only=True).data representation["studentSet"] = StudentSerializer( program_obj.student_set.filter(pk__in=accessible_students), many=True, read_only=True).data if access_level == user.get_my_access(): representation["gradeSet"] = GradeSerializer( program_obj.grade_set.filter(student__in=my_students), many=True, read_only=True).data representation["attendanceSet"] = AttendanceSerializer( program_obj.attendance_set.filter(student__in=my_students), many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( program_obj.behavior_set.filter(student__in=my_students), many=True, read_only=True).data representation["studentSet"] = StudentSerializer( program_obj.student_set.filter(pk__in=my_students), many=True, read_only=True).data return representation
def put(self, request, pk, access_level, format=None): """ This method allows individual notes to be updated. interact via: http PUT <host>/gsndb/<accessLevel>/note/<note_id> {"text": "My note text here."} Note: the CamelCaseJSONParser that our backend defaults to automatically turns camelCase requests generated on the front end into snake_case in the back end. """ user = FilterSecurity(request) current_note = Note.objects.get(pk=pk) accessible_notes = Note.objects.filter(user_id=user.get_user().id) if current_note not in accessible_notes: return Response( {"Sorry": "this user does not have access to do that."}) else: note_text = request.data["text"] note_data = { "user": user.get_user().id, "created": timezone.now(), "text": note_text, "content_type": ContentType.objects.get(model="note").id, "object_id": pk } serializer = NoteSerializer(current_note, data=note_data) if serializer.is_valid(): serializer.save() return HttpResponseRedirect( f"/gsndb/{access_level}/note/{pk}/") #return HttpResponseRedirect(redirect_to = f"/{accessLevel}/gsndb/district/{pk}") else: return Response({ "Sorry": "data parsed isn't valid for serializer", "serializer errors": serializer.errors })
def get(self, request, pk, access_level, format=None): user = FilterSecurity(request) if access_level == user.get_my_access(): queryset = user.get_my_programs().filter(pk=pk) elif access_level == user.get_all_access(): queryset = user.get_accessible_programs().filter(pk=pk) serializer = ProgramDetailSerializer(queryset, many=True, context={"access": access_level}) return Response(serializer.data)
def to_representation(self, referral_obj): user = FilterSecurity(self.context.get('request')) representation = super().to_representation(referral_obj) representation["referralId"] = representation.pop("id") representation["user"] = referral_obj.user.id representation["student"] = referral_obj.student.id representation["program"] = referral_obj.program.id representation["type"] = referral_obj.type representation["dateGiven"] = referral_obj.date_given representation["referenceName"] = referral_obj.reference_name representation["referencePhone"] = referral_obj.reference_phone representation["referenceAddress"] = referral_obj.reference_address representation["reason"] = referral_obj.reason # representation["notes"] = NoteSerializer(referral_obj.notes.filter(user = self.user.get_user()), many = True).data return representation
def get(self, request, pk, access_level, format=None): user = FilterSecurity(request) queryset = Referral.objects.filter(pk=pk, ) serializer = ReferralDetailSerializer(queryset, many=True) return Response(serializer.data)
def post_note(request, Model, pk, access_level): """ This method allows notes to be posted to any object referenced in this function's dictionary: access_dict. It should only be called in the POST methods of views displaying these models. The body of the post request this method handles should be in JSON format: {"text": "note text here"} """ user = FilterSecurity(request) access_dict = { "Program": user.get_accessible_programs(), "District": user.get_accessible_districts(), "School": user.get_accessible_schools(), "Course": user.get_accessible_courses(), "Student": user.get_accessible_students(), "Referral": Referral.objects.filter(user_id=user.get_user()), "Calendar": Calendar.objects.filter( Q(pk__in=Grade.objects.filter( student_id__in=user.get_accessible_students().values( "id")).values("calendar")) | Q(pk__in=Attendance.objects.filter( student_id__in=user.get_accessible_students().values( "id")).values("calendar")) | Q(pk__in=Behavior.objects.filter( student_id__in=user.get_accessible_students().values( "id")).values("calendar"))), "Behavior": Behavior.objects.filter( student_id__in=user.get_accessible_students().values("id")), "Grade": Grade.objects.filter( student_id__in=user.get_accessible_students().values("id")), "Attendance": Attendance.objects.filter( student_id__in=user.get_accessible_students().values("id")), "Bookmark": Bookmark.objects.filter(user_id=user.get_user()), } ModelInstance = Model.objects.get(pk=pk) model_name = ModelInstance.__class__.__name__ accessible_instances = access_dict[model_name] if ModelInstance not in accessible_instances: return Response( {"Sorry": "this user does not have access to do that."}) else: note_text = request.data["text"] note_data = { "user": user.get_user().id, "created": timezone.now(), "text": note_text, "content_type": ContentType.objects.get(model=model_name.lower()).id, "object_id": pk } serializer = NoteSerializer(data=note_data) if serializer.is_valid(): serializer.save() if Model in [Program, District, School, Course, Student]: return HttpResponseRedirect( f"/gsndb/{access_level}/{model_name.lower()}/{pk}/") else: return HttpResponseRedirect( f"/gsndb/{access_level}/note/{model_name.lower()}/{pk}/") else: return Response({ "Sorry": "The serializer denied saving this note.", "The serializer raised the following errors": serializer.errors })
def to_representation(self, school_obj): user = FilterSecurity(self.context.get('request')) current_user = user.get_user() accessible_students = user.get_accessible_students() my_students = user.get_my_students() accessible_courses = user.get_accessible_courses() my_courses = user.get_my_courses() access_level = self.context.get("access", False) representation = super().to_representation(school_obj) representation["schoolId"] = representation.pop("id") representation["schoolName"] = school_obj.name representation["districtId"] = school_obj.district.id representation["districtName"] = school_obj.district.name representation["noteSet"] = NoteSerializer( school_obj.notes.filter(user=current_user), many=True).data if access_level == user.get_all_access(): representation["gradeSet"] = GradeSerializer(Grade.objects.filter( student_id__in=accessible_students.values("id"), course__school_id=school_obj.id), many=True, read_only=True).data representation["attendanceSet"] = AttendanceSerializer( school_obj.attendance_set.filter( student_id__in=accessible_students.values("id")), many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( school_obj.behavior_set.filter( student_id__in=accessible_students.values("id")), many=True, read_only=True).data representation["studentSet"] = StudentSerializer( accessible_students.filter(current_school_id=school_obj.id), many=True, read_only=True).data representation["courseSet"] = CourseSerializer( accessible_courses.filter(school_id=school_obj.id), many=True, read_only=True).data elif access_level == user.get_my_access(): representation["gradeSet"] = GradeSerializer(Grade.objects.filter( student_id__in=my_students.values("id"), course__school_id=school_obj.id), many=True, read_only=True).data representation["attendanceSet"] = AttendanceSerializer( school_obj.attendance_set.filter( student_id__in=my_students.values("id")), many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( school_obj.behavior_set.filter( student_id__in=my_students.values("id")), many=True, read_only=True).data representation["studentSet"] = StudentSerializer( my_students.filter(current_school_id=school_obj.id), many=True, read_only=True).data representation["courseSet"] = CourseSerializer( my_courses.filter(school_id=school_obj.id), many=True, read_only=True).data return representation
def post(self, request, pk, access_level, format=None): user = FilterSecurity(request) response = post_note(request, Referral, pk, access_level) return response
def to_representation(self, district_obj): user = FilterSecurity(self.context.get('request')) current_user = user.get_user() accessible_schools = user.get_accessible_schools() my_schools = user.get_my_schools() accessible_students = user.get_accessible_students() my_students = user.get_my_students() access_level = self.context.get("access", False) representation = super().to_representation(district_obj) representation["districtId"] = representation.pop("id") representation["districtName"] = district_obj.name representation["state"] = district_obj.state representation["city"] = district_obj.city representation["code"] = district_obj.code representation["noteSet"] = NoteSerializer( district_obj.notes.filter(user=current_user), many=True).data if access_level == user.get_all_access(): representation["schoolSet"] = SchoolSerializer( accessible_schools.filter(district=district_obj.id), many=True, read_only=True).data representation["studentSet"] = StudentSerializer( accessible_students.filter( current_school__district_id=district_obj.id), many=True, read_only=True).data representation["gradeSet"] = GradeSerializer(Grade.objects.filter( student_id__in=accessible_students.values('id'), course__school__district_id=district_obj.id), many=True, read_only=True).data representation["attendanceSet"] = AttendanceSerializer( Attendance.objects.filter( student_id__in=accessible_students.values('id'), school__district_id=district_obj.id), many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( Behavior.objects.filter(student_id__in=accessible_students, school__district_id=district_obj.id), many=True, read_only=True).data elif access_level == user.get_my_access(): representation["schoolSet"] = SchoolSerializer( my_schools.filter(district=district_obj.id), many=True, read_only=True).data representation["studentSet"] = StudentSerializer( my_students.filter( current_school__district_id=district_obj.id), many=True, read_only=True).data representation["gradeSet"] = GradeSerializer(Grade.objects.filter( student_id__in=my_students.values('id'), course__school__district_id=district_obj.id), many=True, read_only=True).data representation["attendanceSet"] = AttendanceSerializer( Attendance.objects.filter( student_id__in=my_students.values('id'), school__district_id=district_obj.id), many=True, read_only=True).data representation["behaviorSet"] = BehaviorSerializer( Behavior.objects.filter(student_id__in=my_students, school__district_id=district_obj.id), many=True, read_only=True).data return representation
def get(self, request): user = FilterSecurity(request) queryset = Note.objects.filter(user_id=user.get_user().id) serializer = NoteSerializer(queryset, many=True) return Response(serializer.data)
def get(self, request, pk, access_level, format=None): user = FilterSecurity(request) queryset = Note.objects.filter(user_id=user.get_user().id, pk=pk) serializer = NoteSerializer(queryset, many=True) return Response(serializer.data)