def post(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
except CV.DoesNotExist:
return ErrorResponse('Nie znaleziono CV. Upewnij się, że uwzględniono cv_id w url-u', status.HTTP_404_NOT_FOUND)
serializer = CVSerializer(instance=cv)
data = serializer.data
try:
pict = request.FILES['picture']
ext = pict.name.split('.')[-1]
pict.name = create_unique_filename('cv_pics', ext)
data['basic_info']['picture'] = pict
cv.has_picture = True
cv.save()
except MultiValueDictKeyError:
ErrorResponse('Upewnij się, że form key to "picture"', status.HTTP_400_BAD_REQUEST)
serializer = CVSerializer(data=data)
delete_previous_cv_file(cv)
delete_previous_picture(cv.basic_info)
if serializer.is_valid():
serializer.update(cv, serializer.validated_data)
return MessageResponse('Zdjęcie dodano pomyślnie')
else:
return Response(serializer.errors, status.HTTP_400_BAD_REQUEST)
def patch(self, request, pk):
try:
account = Account.objects.get(pk=pk)
except Account.DoesNotExist:
return ErrorResponse(
'Użytkownik o podanym id nie został znaleziony',
status.HTTP_404_NOT_FOUND)
if account.type == AccountType.STANDARD.value:
serializer = DefaultAccountSerializer(account,
data=request.data,
partial=True)
elif account.type == AccountType.EMPLOYER.value:
serializer = EmployerAccountSerializer(account,
data=request.data,
partial=True)
elif account.type == AccountType.STAFF.value:
return ErrorResponse("Nie możesz edytować danych tego użytkownika",
status.HTTP_403_FORBIDDEN)
if serializer.is_valid():
serializer.update(account, serializer.validated_data)
send_account_data_change_email(pk, request.data)
return MessageResponse("Dane konta zostały zaktualizowane")
else:
return Response(serializer.errors, status.HTTP_400_BAD_REQUEST)
def post(self, request, pk):
try:
parent = Step.objects.get(id=pk)
except Step.DoesNotExist:
return ErrorResponse(
'Nie znaleziono podanego kroku usamodzielnienia',
status.HTTP_404_NOT_FOUND)
try:
sub1 = request.data['sub1']
sub2 = request.data['sub2']
except KeyError:
return ErrorResponse(
'Nie podano, które podkroki mają być zamienione miejscami',
status.HTTP_400_BAD_REQUEST)
n_substeps = parent.substeps.count() - 1
try:
sub1 = parent.substeps.get(order=sub1)
except SubStep.DoesNotExist:
return ErrorResponse(
f'Numer pierwszego podanego podkroku nie mieści się w zakresie 0-{n_substeps}',
status.HTTP_400_BAD_REQUEST)
try:
sub2 = parent.substeps.get(order=sub2)
except SubStep.DoesNotExist:
return ErrorResponse(
f'Numer drugiego podanego podkroku nie mieści się w zakresie 0-{n_substeps}',
status.HTTP_400_BAD_REQUEST)
sub1.switch_places(sub2)
return Response(StepSerializer(instance=parent).data,
status=status.HTTP_200_OK)
def delete(self, request, pk):
try:
account = Account.objects.get(pk=pk)
if account.type == AccountType.STAFF.value:
return ErrorResponse("Nie możesz wykonać tej operacji", status.HTTP_403_FORBIDDEN)
account.delete()
return MessageResponse("Konto zostało usunięte")
except Account.DoesNotExist:
return ErrorResponse("Użytkownik o podanym id nie został znaleziony", status.HTTP_404_NOT_FOUND)
def get(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv) \
and not IsStaffResponsibleForCVs().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
except CV.DoesNotExist:
return ErrorResponse('Nie znaleziono CV o podanym id', status.HTTP_404_NOT_FOUND)
return Response({"is_verified": cv.is_verified}, status.HTTP_200_OK)
def get(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv) \
and not IsStaffResponsibleForCVs().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
except CV.DoesNotExist:
return ErrorResponse("Nie znaleziono CV. Upewnij się, że uwzględniono cv_id w url-u", status.HTTP_404_NOT_FOUND)
return Response({'url': cv.document.url}, status.HTTP_200_OK)
def delete(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv) \
and not IsStaffResponsibleForCVs().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
cv.delete()
except CV.DoesNotExist:
return ErrorResponse("Nie znaleziono CV. Upewnij się, że uwzględniono cv_id w url-u", status.HTTP_404_NOT_FOUND)
return MessageResponse('CV usunięto pomyślnie')
def post(self, request):
user = DefaultAccount.objects.get(user=request.user)
try:
perspective = UserPerspective.objects.get(user=user)
except UserPerspective.DoesNotExist:
return ErrorResponse('Nie zacząłeś_aś oglądać kroków usamodzielnienia', status.HTTP_400_BAD_REQUEST)
if perspective.step.substeps.count() <= perspective.substep_order + 1:
return ErrorResponse('Przekroczono liczbę podkroków', status.HTTP_400_BAD_REQUEST)
else:
perspective.substep_order += 1
perspective.save()
return MessageResponse('Gratulacje, przechodzisz dalej!')
def post(self, request, user_id):
if user_id is not None:
try:
user = Account.objects.get(pk=user_id)
except Account.DoesNotExist:
return ErrorResponse('Nie znaleziono użytkownika', status.HTTP_404_NOT_FOUND)
user.status = AccountStatus.VERIFIED.value
user.save()
send_verification_email(user_id)
return MessageResponse('Użytkownik został pomyślnie zweryfikowany')
return ErrorResponse('Nie podano id użytkownika', status.HTTP_400_BAD_REQUEST)
def post(self, request, pk):
try:
parent = Step.objects.get(id=pk)
except Step.DoesNotExist:
return ErrorResponse('Nie znaleziono podanego kroku usamodzielnienia', status.HTTP_404_NOT_FOUND)
try:
sub = request.data['sub']
new_position = request.data['new_position']
except KeyError:
return ErrorResponse('Nie podano, jaki krok ma przejść na które miejsce', status.HTTP_400_BAD_REQUEST)
sub = parent.substeps.get(order=sub)
sub.move_to_spot(new_position)
return Response(StepSerializer(instance=parent).data, status=status.HTTP_200_OK)
def put(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
except CV.DoesNotExist:
return ErrorResponse('Nie znaleziono CV o podanym id', status.HTTP_404_NOT_FOUND)
try:
cv.name = request.data['name']
cv.save()
return MessageResponse(f'Nazwa CV zmieniona na: {request.data["name"]}')
except KeyError:
return ErrorResponse('Nie podano nowej nazwy CV', status.HTTP_400_BAD_REQUEST)
def post(self, request, cv_id):
if cv_id is not None:
try:
cv = CV.objects.get(cv_id=cv_id)
except CV.DoesNotExist:
return ErrorResponse('Nie znaleziono CV o podanym id', status.HTTP_404_NOT_FOUND)
cv.is_verified = True
cv.save()
notify.send(request.user, recipient=cv.cv_user.user,
verb=f'CV {cv.name} zostało zatwierdzone',
app='myCVs',
object_id=None
)
return MessageResponse('CV zweryfikowano pomyślnie')
return ErrorResponse('Nie podano cv_id', status.HTTP_400_BAD_REQUEST)
def post(self, request, user_id):
if user_id is not None:
try:
user = Account.objects.get(pk=user_id)
except Account.DoesNotExist:
return ErrorResponse('Użytkownik o podanym ID nie został znaleziony', status.HTTP_404_NOT_FOUND)
if user.type == AccountType.STAFF.value:
return ErrorResponse('Nie możesz zablokować tego użytkownika', status.HTTP_403_FORBIDDEN)
user.status = AccountStatus.BLOCKED.value
user.save()
return MessageResponse('Użytkownik został pomyślnie zablokowany')
return ErrorResponse('ID użytkownika nie zostało podane', status.HTTP_400_BAD_REQUEST)
def post(self, request):
request_data = request.data
def_account = DefaultAccount.objects.get(user=request.user)
users_cvs = CV.objects.filter(cv_user=def_account)
if not users_cvs.count() < 5:
return ErrorResponse("Użytkownik posiada już 5 CV!",
status.HTTP_403_FORBIDDEN)
request_data['cv_user'] = def_account.id
serializer = self.serializer_class(data=request_data)
if serializer.is_valid():
cv = serializer.create(serializer.validated_data)
response = {"cv_id": cv.pk}
notify.send(
request.user,
recipient=Account.objects.filter(
groups__name__contains='staff_cv'),
verb=
f'Użytkownik {def_account.user.username} utworzył_a nowe CV',
app='cv/generator/',
object_id=cv.cv_id)
return Response(response, status.HTTP_201_CREATED)
else:
return Response(serializer.errors, status.HTTP_400_BAD_REQUEST)
def get(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv) \
and not IsStaffResponsibleForCVs().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
except CV.DoesNotExist:
return ErrorResponse('Nie znaleziono CV', status.HTTP_404_NOT_FOUND)
try:
fb = Feedback.objects.get(cv_id=cv_id)
except Feedback.DoesNotExist:
return ErrorResponse('Nie znaleziono feedbacku', status.HTTP_404_NOT_FOUND)
serializer = FeedbackSerializer(instance=fb)
return Response(serializer.data, status.HTTP_200_OK)
def patch(self, request, *args, **kwargs):
try:
if str(request.data['parent']) == str(kwargs['pk']):
return ErrorResponse('Krok nie może następować po sobie', status.HTTP_400_BAD_REQUEST)
except KeyError:
pass
return super().patch(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
if Root.objects.count() > 0:
return ErrorResponse(
'Może istnieć tylko jeden początek kroków usamodzielnienia',
status.HTTP_400_BAD_REQUEST)
else:
return super().post(request=request, args=args, kwargs=kwargs)
def delete(self, request, slug):
try:
instance = request.user.notifications.get(id=slug2id(slug))
except Notification.DoesNotExist:
return ErrorResponse('Nie ma takiego powiadomienia!',
status.HTTP_404_NOT_FOUND)
instance.delete()
return MessageResponse('Pomyślnie usunięto powiadomienie!')
def get(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv) \
and not IsStaffResponsibleForCVs().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
except CV.DoesNotExist:
return ErrorResponse('Nie znaleziono CV', status.HTTP_404_NOT_FOUND)
bi = BasicInfo.objects.get(cv=cv)
if not bi.picture:
return ErrorResponse('Nie znaleziono zdjęcia', status.HTTP_404_NOT_FOUND)
encoded_string = base64.b64encode(bi.picture.read())
response_data = {'file': encoded_string}
return Response(response_data, status.HTTP_200_OK)
def delete(self, request, contact_id):
try:
instance = PhoneContact.objects.get(pk=contact_id)
except ObjectDoesNotExist:
return ErrorResponse("Nie znaleziono kontaktu o podanym id",
status.HTTP_404_NOT_FOUND)
instance.delete()
return MessageResponse("Kontakt został pomyślnie usunięty")
def post(self, request, tile_id):
try:
tile = Tile.objects.get(pk=tile_id)
except Tile.DoesNotExist:
return ErrorResponse("Nie znaleziono kafelka o podanym id",
status.HTTP_404_NOT_FOUND)
try:
tile.photo = request.FILES['photo']
except MultiValueDictKeyError:
return ErrorResponse(
'Nie znaleziono pliku. Upewnij się, że został on załączony pod kluczem photo',
status.HTTP_400_BAD_REQUEST)
tile.save()
response_data = {"id": tile.id, "attachment_url": tile.photo.url}
return Response(response_data, status.HTTP_200_OK)
def delete(self, request, tile_id):
try:
instance = Tile.objects.get(pk=tile_id)
except ObjectDoesNotExist:
return ErrorResponse("Nie znaleziono kafelka o podanym id",
status.HTTP_404_NOT_FOUND)
instance.delete()
return MessageResponse("Kafelek został pomyślnie usunięty")
def put(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
except CV.DoesNotExist:
return ErrorResponse("Nie znaleziono cv", status.HTTP_404_NOT_FOUND)
serializer = CVSerializer(data=request.data)
delete_previous_cv_file(cv)
if serializer.is_valid():
serializer.update(cv, serializer.validated_data)
else:
return Response(serializer.errors, status.HTTP_400_BAD_REQUEST)
response = {'message': 'CV edytowane pomyślnie'}
return Response(response, status.HTTP_200_OK)
def delete(self, request, cv_id):
try:
cv = CV.objects.get(cv_id=cv_id)
if not IsCVOwner().has_object_permission(request, self, cv):
return ErrorResponse("Nie masz uprawnień do wykonania tej czynności", status.HTTP_403_FORBIDDEN)
except CV.DoesNotExist:
return ErrorResponse('Nie znaleziono CV', status.HTTP_404_NOT_FOUND)
bi = BasicInfo.objects.get(cv=cv)
if not bi.picture:
return ErrorResponse('Nie znaleziono zdjęcia', status.HTTP_404_NOT_FOUND)
bi.picture.delete(save=True)
cv.has_picture = False
cv.save()
cv_serializer = CVSerializer(instance=cv)
delete_previous_picture(bi)
delete_previous_cv_file(cv)
cv_serializer.update(cv, cv_serializer.data)
return MessageResponse('Zdjęcie usunięto pomyślnie')
def patch(self, request):
account = request.user
serializer = PasswordChangeRequestSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
old_pass = request.data['old_password']
new_pass = request.data['new_password']
if check_password(old_pass, account.password):
account.set_password(new_pass)
account.save()
account.auth_token_set.all().delete()
return MessageResponse("Hasło zostało zmienione")
return ErrorResponse("Stare hasło jest niepoprawne", status.HTTP_403_FORBIDDEN)
def post(self, request, slug):
try:
instance = request.user.notifications.get(id=slug2id(slug))
except Notification.DoesNotExist:
return ErrorResponse('Nie ma takiego powiadomienia!',
status.HTTP_404_NOT_FOUND)
if instance.unread:
instance.mark_as_read()
return MessageResponse('Oznaczono powiadomienie jako przeczytane')
else:
instance.mark_as_unread()
return MessageResponse(
'Oznaczono powiadomienie jako nieprzeczytane')
def get(self, request):
user = request.user
if isinstance(user, DefaultAccount):
try:
perspective = UserPerspective.objects.get(id=user.id)
perspective.step = Root.objects.first()
perspective.substep_order = 0
except DefaultAccount.DoesNotExist:
perspective = UserPerspective(user=user, step=Root.objects.first(), substep_order=0)
perspective.save()
if Root.objects.count() > 0:
return Response(RootSerializer(instance=Root.objects.first()).data, status=status.HTTP_200_OK)
else:
return ErrorResponse('Nie znaleziono początku kroków usamodzielnienia', status.HTTP_404_NOT_FOUND)
def put(self, request, tile_id):
try:
instance = Tile.objects.get(id=tile_id)
serializer = TileSerializer(instance,
data=request.data,
partial=True)
if serializer.is_valid():
serializer.update(instance, serializer.validated_data)
response_data = {
"message": "Kafelek o podanym id został zaktualizowany"
}
return Response(response_data, status.HTTP_200_OK)
else:
return Response(serializer.errors, status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
return ErrorResponse("Nie znaleziono kafelka o podanym id",
status.HTTP_404_NOT_FOUND)
def post(self, request):
request_data = request.data
serializer = self.serializer_class(data=request_data)
try:
cv = CV.objects.get(cv_id=request_data['cv_id'])
except CV.DoesNotExist:
return ErrorResponse('Nie znaleziono CV o podanym id', status.HTTP_404_NOT_FOUND)
if serializer.is_valid():
feedback = serializer.create(serializer.validated_data)
notify.send(request.user, recipient=cv.cv_user.user,
verb=f'Nowy komentarz do CV: {cv.name}',
app='myCVs',
object_id=None
)
return MessageResponse('Feedback stworzono pomyślnie')
else:
return Response(serializer.errors, status.HTTP_400_BAD_REQUEST)