def delete(self, request, post_id): """ Deletes a single restaurant post """ user = request.user check_user_status(user) post_deleted = RestaurantPost.remove_post(post_id) return JsonResponse({"Deleted post": model_to_json(post_deleted)})
def get(self, request): """ Retrieves a restaurant owner profile """ user = request.user check_user_status(user) user_id = user.id restaurant_owner = RestaurantOwner.get_by_user_id(user_id=user_id) return JsonResponse(model_to_json(restaurant_owner))
def get(self, request): """ Get all restaurants favourited by a user """ user = request.user check_user_status(user) user_id = user.id response = UserFavRestrs.getUserFavourites(user_id) return JsonResponse(response, safe=False)
def get(self, request): """ Get all posts for a restaurant (for ROs) """ user = request.user check_user_status(user) user_id = user.id posts = RestaurantPost.get_by_user_id(user_id) return JsonResponse(posts)
def get(self, request): """ Retrieves the 5 (or less) nearest restaurants from an sduser """ user = request.user check_user_status(user) user_id = user.id role = user.role nearest = get_nearby_restaurants(user_id, role) return JsonResponse(nearest, safe=False)
def delete(self, request, dish_id): """ Deletes dish from database """ user = request.user check_user_status(user) user_id = user.id restaurant = PendingRestaurant.get_by_owner(user_id) deleted_dish = PendingFood.remove_dish(dish_id, restaurant._id) return JsonResponse(model_to_json(deleted_dish))
def put(self, request): body = request.data user = request.user check_user_status(user) for field in body: setattr(user, field, body[field]) user.save() return JsonResponse(model_to_dict(user))
def put(self, request): """ Modifies a SubscriberProfile record in the database """ body = request.data user = request.user check_user_status(user) body['user_id'] = user.id SubscriberProfile.field_validate(body) profile = SubscriberProfile.edit(body) return JsonResponse(model_to_json(profile))
def get(self, request): """ Retrieve restaurant from pending collection by the owner's user_id """ user = request.user check_user_status(user) user_id = user.id restaurant = PendingRestaurant.get_by_owner(user_id) restaurant = model_to_json(restaurant) return JsonResponse(restaurant)
def delete(self, request, rest_id): """ Remove a new user-restaurant-favourite relation """ user = request.user check_user_status(user) user_id = user.id body = {'user_id': user_id, 'restaurant_id': rest_id} UserFavRestrs.field_validate(body) response = UserFavRestrs.remove_fav(user_id, rest_id) return JsonResponse(response, safe=False)
def post(self, request): """ Insert new restaurant as a draft into database """ user = request.user check_user_status(user) validate(instance=request.data, schema=schemas.restaurant_insert_draft_schema) body = request.data PendingRestaurant.field_validate_draft(body) restaurant = PendingRestaurant.insert(body) return JsonResponse(model_to_json(restaurant))
def put(self, request): """ Updates a restaurant owner profile """ user = request.user check_user_status(user) user_id = user.id validate(instance=request.data, schema=schemas.restaurant_owner_edit_schema) body = request.data RestaurantOwner.field_validate(body) profile = RestaurantOwner.edit_profile(user_id, body) return JsonResponse(model_to_json(profile))
def get(self, request): """ Retrieves a SubscriberProfile record from the database """ user = request.user check_user_status(user) profile = SubscriberProfile.objects.get(user_id=user.id) if not profile: raise ObjectDoesNotExist( 'No subscriber profile found with owner user id of this: ' + str(user_id)) return JsonResponse(model_to_dict(profile))
def get(self, request): """ Retrieve all dishes from restaurant owned by user """ user = request.user check_user_status(user) user_id = user.id restaurant = PendingRestaurant.get_by_owner(user_id) rest_id = restaurant._id dishes = PendingFood.get_by_restaurant(rest_id) response = {'Dishes': models_to_json(dishes)} return JsonResponse(response)
def put(self, request): """ For updating existing image caption for a restaurant """ user = request.user check_user_status(user) user_id = user.id body = request.data validate(instance=body, schema=schemas.image_captions_schema) restaurant = PendingRestaurant.get_by_owner(user_id) restaurant = PendingRestaurant.update_image_captions(restaurant, body) return JsonResponse(model_to_json(restaurant))
def put(self, request): """ Edit a restaurant profile and save it as a draft in the database """ user = request.user check_user_status(user) user_id = user.id validate(instance=request.data, schema=schemas.restaurant_edit_draft_schema) body = request.data PendingRestaurant.field_validate_draft(body) restaurant = PendingRestaurant.edit_draft(user_id, body) return JsonResponse(model_to_json(restaurant))
def post(self, request): """ Add a new user-restaurant-favourite relation """ user = request.user check_user_status(user) user_id = user.id validate(instance=request.data, schema=schemas.user_fav_schema) body = request.data body['user_id'] = user_id rest_id = body['restaurant'] UserFavRestrs.field_validate(body) response = UserFavRestrs.insert(user_id, rest_id) return JsonResponse(response, safe=False)
def post(self, request): """ Insert a new post for a restaurant """ user = request.user check_user_status(user) user_id = user.id validate(instance=request.data, schema=schemas.post_schema) body = request.data body['owner_user_id'] = user_id RestaurantPost.field_validate(body) post = RestaurantPost.insert(body, request) return JsonResponse(model_to_json(post))
def post(self, request): """ Inserts a new SubscriberProfile record into the database """ body = request.data user = request.user check_user_status(user) body['user_id'] = user.id SubscriberProfile.field_validate(body) if SubscriberProfile.objects.filter(user_id=body['user_id']).exists(): raise IntegrityError( 'Cannot insert subscriber profile, an object with this user id already exists' ) profile = SubscriberProfile.signup(body) return JsonResponse(model_to_json(profile))
def put(self, request): """ For inserting or updating restaurant media """ user = request.user check_user_status(user) user_id = user.id restaurant = PendingRestaurant.get_by_owner(user_id) form = RestaurantMediaForm(request.data, request.FILES) if not form.is_valid(): raise ValidationError(message=form.errors, code="invalid_input") restaurant = PendingRestaurant.upload_media( restaurant, request.data, request.FILES) return JsonResponse(model_to_json(restaurant))
def post(self, request): """ Insert dish into database """ user = request.user check_user_status(user) user_id = user.id validate(instance=request.data, schema=schemas.food_insert_edit_schema) body = request.data PendingFood.field_validate(body) restaurant = PendingRestaurant.get_by_owner(user_id) rest_id = restaurant._id food = PendingFood.add_dish(body, rest_id) return JsonResponse(model_to_json(food))
def put(self, request, dish_id): """ Updates dish data """ user = request.user check_user_status(user) user_id = user.id validate(instance=request.data, schema=schemas.food_insert_edit_schema) body = request.data PendingFood.field_validate(body) restaurant = PendingRestaurant.get_by_owner(user_id) dish = PendingFood.edit_dish(dish_id, body, restaurant._id) return JsonResponse(model_to_json(dish))
def delete(self, request): """ For removing image(s) from the restaurant_image_url field and Google Cloud bucket """ user = request.user check_user_status(user) user_id = user.id restaurant = PendingRestaurant.get_by_owner(user_id) form = RestaurantImageDeleteForm(request.data, request.FILES) if not form.is_valid(): raise ValidationError(message=form.errors, code="invalid_input") restaurant = PendingRestaurant.delete_media(restaurant, request.data) return JsonResponse(model_to_json(restaurant))
def post(self, request): """ Inserts a new restaurant profile record into the database and attaches user_id to the corresponding restaurant """ user = request.user check_user_status(user) user_id = user.id validate(instance=request.data, schema=schemas.restaurant_owner_signup_schema) body = request.data RestaurantOwner.field_validate(body) body['user_id'] = user_id profile = RestaurantOwner.signup(body) return JsonResponse(model_to_json(profile))
def put(self, request, dish_id): """ For inserting or updating restaurant media """ user = request.user check_user_status(user) user_id = user.id dish = PendingFood.objects.filter(_id=dish_id).first() if not dish: raise IntegrityError("Could not find the dish with id: " + dish_id) form = FoodMediaForm(request.data, request.FILES) if not form.is_valid(): raise ValidationError(message=form.errors, code="invalid_input") dish = PendingFood.upload_media(dish, request.data, request.FILES) return JsonResponse(model_to_json(dish))
def put(self, request): """ Insert or update a restaurant record for admin approval """ user = request.user check_user_status(user) user_id = user.id validate(instance=request.data, schema=schemas.restaurant_insert_for_approval_schema) body = request.data PendingRestaurant.field_validate(body) rest_filter = PendingRestaurant.objects.filter(owner_user_id=user_id) if not rest_filter.exists(): body['status'] = Status.Pending.value restaurant = PendingRestaurant.insert(body) else: restaurant = PendingRestaurant.edit_approval(user_id, body) return JsonResponse(model_to_json(restaurant))
def get(self, request, id): """ Retrieve an article given id (restricted by user's visibility) """ user = request.user if user.is_anonymous: article = Article.objects.filter( visibility="ALL", published=True, id=id).values() else: check_user_status(user) article = Article.objects.filter( visibility__in=[user.role, "ALL"], published=True, id=id).values() # evaluate it instead of calling exists() because we need the cached result in response if article: response = {'article': article[0]} else: raise NotFound('Cannot find article with id: ' + str(id)) # model to dict (and therefore model to json) does not work for date fields # so we get the queryset by calling values() and let DRF handles the serialization (Response) return Response(response)
def post(self, request): refresh_token = request.COOKIES.get('refresh_token') user_id = request.data.get('id') current_user = request.user check_user_status(current_user) if current_user.id is not user_id: return JsonResponse( { 'message': 'deactivation failed: user mismatch!', 'code': 'deactivation_fail' }, status=400) try: user = User.objects.get(id=user_id) if refresh_token == user.refresh_token: user.is_active = False user.save() send_email_deactivate(user=user, request=request) return JsonResponse(model_to_dict(user)) else: return JsonResponse( { 'message': 'deactivation failed: token mismatch', 'code': 'deactivation_fail' }, status=400) except User.DoesNotExist: return JsonResponse( { 'message': 'deactivation failed: User not found', 'code': 'deactivation_fail' }, status=400) except (BadHeaderError, SMTPException): return JsonResponse( { 'message': ' There is an error sending the notification email. However, this user account has been successfully deactivated. No further action is required.', 'code': 'fail_to_send_email' }, status=503)
def post(self, request): passwords = request.data old_password = passwords.get('old_password') new_password1 = passwords.get('new_password1') new_password2 = passwords.get('new_password2') user = request.user check_user_status(user) # if not user.check_password(old_password): # Django way of validation form = SDPasswordChangeForm(user=user, data=passwords) if form.is_valid(): form.save() # user.set_password(form.cleaned_data['new_password2']) # user.save() # need to renew the JWT return construct_token_response_for_user(user) else: return JsonResponse(form.errors.get_json_data(escape_html=True), status=400)
def post(self, request): """ FLOW 1 (for new signup) creates a disabled SDUser and associate it with the google account, if for any reason the google account has unverified email, it will send a verification email to that address returns messages indicating the above for frontend to handle FLOW 2 (for verified user) updates the SDUser associated with the google account and authenticate this user returns access token in response body with refresh token set in the httpOnly cookie """ payload = {'access_token': request.data.get("authToken")} # verify the token and use it to get user info r = requests.get('https://www.googleapis.com/oauth2/v2/userinfo', params=payload) data = json.loads(r.text) # print(data) if 'error' in data: content = { 'message': 'wrong google token / this google token is already expired.' } return Response(content) auth_id = data['id'] # this should be the same as the one obtained from google idToken email = data['email'] role = request.data.get('role') try: googleJWT = id_token.verify_oauth2_token( request.data.get('idToken'), google_requests.Request(), settings.GOOGLE_OAUTH2_CLIENT_ID) #print('user info from google idToken:') # print(googleJWT) # this is definitive as it is not modifiable email = googleJWT['email'] # get user by auth Id (3rd party id) Or email user = User.objects.get( Q(auth_id=auth_id) | Q(email__iexact=email)) ''' if user.email is not email: user.email = email user.save() ''' check_user_status(user) # if verify_oauth2_token failed except ValueError: return JsonResponse({'message': 'idToken is invalid'}, status=400) # if user not in db, create one with random password except User.DoesNotExist: if role is None or role == "": return JsonResponse( { 'message': 'no user is associated with this google account, please register an account first' }, status=400) user = create_default_user_for_3rd_party(email, auth_id, role) # if email is not verified with 3rd party we create a disabled user and send an email for verification if not googleJWT['email_verified']: user.is_active = False user.save() create_disable_user_and_send_verification_email( user, password, request) check_user_status(user) response = construct_token_response_for_user(user) return response