class RegisterDriver(APIView): permission_classes([permissions.AllowAny]) def post(self, request, *args, **kwargs): driver_data = OrderedDict( [ ('name', request.POST.get('name')), ('phone', request.POST.get('phone')), ('address', request.POST.get('address')), ('avatar', request.FILES.get('avatar')), ] ) user_data = OrderedDict( [ ('first_name', request.POST.get('first_name')), ('last_name', request.POST.get('last_name')), ] ) user_serializer = UserSerializer(data = user_data, partial = True) driver_serializer = OrderDriverSerializer(data = driver_data) if driver_serializer.is_valid(): user = user_serializer.update(instance = request.user, validated_data = user_data) driver = driver_serializer.save(user = request.user) return JsonResponse({"message": "Success"}, status = status.HTTP_201_CREATED) else: return JsonResponse({"error": {"driver": driver_serializer.errors}}, status = status.HTTP_400_BAD_REQUEST)
class SearchShop(generics.ListAPIView): permission_classes(IsAuthenticated, ) model = Shop queryset = Shop.objects.all() serializer_class = ShopSerializer filter_backends = (DjangoFilterBackend, ) filter_fields = ('id', 'SName')
class CreateUserAPIView(APIView): # Any new user can create a profile permission_classes(AllowAny, ) def post(self, request): try: user = request.data serializer = UserSerializer(data=user) except (TypeError, ValueError, OverflowError): user = None serializer = None if user and serializer.is_valid(raise_exception=True): serializer.save() user_obj = User.objects.get_by_natural_key( serializer.data['username']) token = account_activation_token.make_token(user_obj) message = 'http://127.0.0.1:8000/user/activate_account/%s/%s' % ( serializer.data['username'], token) send_mail('Registered user', message, settings.EMAIL_HOST_USER, [serializer.data['email']], fail_silently=False) return Response("User Created Successfully", status=status.HTTP_201_CREATED) else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
class MeApiHandler(RetrieveAPIView): def post(self, request, format=None): return Response("ok") permission_classes(IsAuthenticated,) parser_classes = [FormParser, MultiPartParser, JSONParser] queryset = UserProfile.objects.all()#filter(username=self.context["request"].user) serializer_class = UserSerializers # def get_object(self): # pk = self.kwargs.get('pk') # if pk == "current": # return self.request.user # return super(userviewsets, self).get_object() # def get_queryset(slf): # return UserProfile.objects.filter(user=self.request.user) def get_object(self): #user_id = Token.objects.get(key=self.request.auth.key).user_id user = Token.objects.get(key="197f6893cff9a66aec1cbbbf913244d0f74f22b5 ").user queryset = UserProfile.objects.filter(user=user) return queryset
class version111(APIView): permission_classes(AllowAny) def get(self, request, *args, **kwargs): print('11111111111111111111') data = {"version": 2} return Response(data, status=status.HTTP_200_OK)
class UsuarioDelete(APIView): # Função que retorna os detalhes sobre um usuário específico def get(self, request, pk, format=None): usuario = self.get_object(pk) serializer = UsuarioSerializer(usuario) return Response(serializer.data) # Função que retorna um objeto Usuário def get_object(self, pk): try: return Usuario.objects.get(pk=pk) except Usuario.DoesNotExist: raise Http404 # Deleta um usuário e seu user associado def delete(self, request, pk, format=None): usuario = self.get_object(pk) serializer = UsuarioSerializer(usuario) u = User.objects.get(id=serializer.data['user']) u.delete() usuario.delete() return Response(status=status.HTTP_204_NO_CONTENT) permission_classes(IsAdminUser)
class RingAlarmView(View): @method_decorator(authentication_classes([])) @method_decorator(permission_classes([])) @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super().dispatch(*args, **kwargs) def post(self, request): body_unicode = request.body.decode('utf-8') body_data = json.loads(body_unicode) name=body_data['name'] reason=body_data['reason'] recaptcha_response=body_data['recaptchaValue'] url = 'https://www.google.com/recaptcha/api/siteverify' values = { 'secret': os.environ['CAPTCHA_SECRET'], 'response': recaptcha_response } data = urllib.parse.urlencode(values).encode() req = urllib.request.Request(url, data=data) response = urllib.request.urlopen(req) recaptcharesult = json.loads(response.read().decode()) bot=recaptcharesult['success'] alarm=RingAlarm(name=name, reason=reason, recaptcha=bot) result=alarm.do_work() response = JsonResponse(result) return response
def as_view(cls, *args, **kwargs): """ Set DRF attributes in the view """ view = super(DRFAuthenticatedGraphQLView, cls).as_view(*args, **kwargs) view = permission_classes((AllowAny,))(view) view = authentication_classes(api_settings.DEFAULT_AUTHENTICATION_CLASSES)(view) view = api_view(["GET", "POST"])(view) return view
def as_view(cls, *args, **kwargs): view = super(DRFAuthenticatedGraphQLView, cls).as_view(*args, **kwargs) view = permission_classes((IsAuthenticated, ))(view) view = authentication_classes( api_settings.DEFAULT_AUTHENTICATION_CLASSES)(view) view = api_view(['GET', 'POST'])(view) return view
class QuestionDetail(APIView): permission_classes(IsAdminOrReadOnly) def get_permissions(self): if self.request.method != 'PUT': return [permission() for permission in (IsAdminOrReadOnly, )] return super(QuestionDetail, self).get_permissions() def get_object(self, pk): return Question.objects.get(pk=pk) def get(self, request, pk): question = self.get_object(pk) serializer = QuestionSerializer(question) return Response(serializer.data) def put(self, request, pk): question = self.get_object(pk) serializer = QuestionSerializer(question, data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) def delete(self, request, pk): question = self.get_object(pk) question.delete() return Response(status=status.HTTP_204_NO_CONTENT)
class EditData(APIView): permission_classes([permissions.IsAdminUser]) def get(self, request): try: query = Book.objects.get(pk=request.GET['id']) serializers = BookModelSerializer(query, context={'request': request}) return Response(serializers.data, status=status.HTTP_200_OK) except: return Response(status=status.HTTP_404_NOT_FOUND) def put(self, request): try: query = Book.objects.get(pk=request.GET['id']) serializers = BookModelSerializer(query, data=request.data) if serializers.is_valid(): serializers.save() return Response(serializers.data, status=status.HTTP_201_CREATED) return Response(serializers.errors, status=status.HTTP_400_BAD_REQUEST) except: return Response(status=status.HTTP_404_NOT_FOUND) def delete(self, request): try: query = Book.objects.get(pk=request.GET['id']) serializers = BookModelSerializer(query) query.delete() return Response(serializers.data, status=status.HTTP_204_NO_CONTENT) except: return Response(status=status.HTTP_404_NOT_FOUND)
class ApiViewAuthenticationMixin(object): @method_decorator(api_view(['POST'])) @method_decorator(authentication_classes(TokenAuthentication)) @method_decorator(permission_classes(IsAuthenticated, )) @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(ApiViewAuthenticationMixin, self).dispatch(*args, **kwargs)
def as_view(cls, *args, **kwargs): backend = DepthAnalysisBackend() view = super(GraphQLView, cls).as_view(backend=backend, *args, **kwargs) view = permission_classes((permissions.AllowAny, ))(view) view = api_view(['GET', 'POST'])(view) return view
def as_view(cls, *args, **kwargs): """Add the relevant DRF-view logic to the view.""" view = super(AuthenticatedGraphQLView, cls).as_view(*args, **kwargs) view = permission_classes((IsUserAllowed, ))(view) view = authentication_classes( (CsrfExemptSessionAuthentication, ))(view) view = api_view(["GET", "POST"])(view) return view
def as_view(cls, *args, **kwargs): view = super(DOTAuthenticatedGraphQLView, cls).as_view(*args, **kwargs) view = permission_classes(( IsAuthenticated, TokenHasReadWriteScope, ))(view) # add permissions to the view view = authentication_classes((OAuth2Authentication, ))(view) view = api_view(['POST'])(view) return view
def as_view(cls, *args, **kwargs): view = super().as_view(*args, **kwargs) view = permission_classes((IsAuthenticated,))(view) view = authentication_classes(api_settings.DEFAULT_AUTHENTICATION_CLASSES)(view) view = parser_classes([JSONParser])(view) view = throttle_classes(api_settings.DEFAULT_THROTTLE_CLASSES)(view) view = api_view(["GET", "POST"])(view) view = csrf_exempt(view) return view
def as_view(cls, *args, **kwargs): view = super(PrivateGraphQLView, cls).as_view(*args, **kwargs) view = permission_classes(( TokenHasReadWriteScope, FireBaseAuth, ))(view) view = authentication_classes((OAuth2Authentication, ))(view) view = api_view(['POST', 'GET'])(view) return view
def as_view(cls: "DRFGraphQL", schema: Schema) -> "DRFGraphQL": """Wraps the graphql view in the authentication_classes, permission_classes and api_view functions available from DRF. """ view = super().as_view(graphiql=True, schema=schema) view = authentication_classes(api_settings.DEFAULT_AUTHENTICATION_CLASSES)(view) view = permission_classes(api_settings.DEFAULT_PERMISSION_CLASSES)(view) return api_view(http_method_names=("GET", "POST"))(view)
def as_view(cls, *args, **kwargs): view = super(DRFAuthenticatedGraphQLView, cls).as_view(*args, **kwargs) view = permission_classes((IsAuthenticated, ))(view) view = authentication_classes(( JSONWebTokenAuthentication, TokenAuthentication, ))(view) #view = authentication_classes((TokenAuthentication,))(view) view = api_view(['POST'])(view) return view
class MeApiHandler(RetrieveUpdateAPIView): """ API Endpoint that returns currently logged-in account's user information. This includes information that is not publicly-available. """ permission_classes(IsAuthenticated) parser_classes = [FormParser, MultiPartParser, JSONParser] serializer_class = AccountSerializer def get_object(self): return self.request.user
class QuizListView(generics.ListAPIView): permission_classes([IsAuthenticated]) queryset = Quiz.objects.all() serializer_class = QuizSerializer filter_backends = [ filters.SearchFilter, filters.OrderingFilter, DjangoFilterBackend ] search_fields = ('quiz_title', 'subject', 'create_at', 'room__id', 'questionquiz__description') filterset_fields = ('quiz_title', 'subject', 'create_at', 'room__id', 'questionquiz__description') ordering_fields = ('quiz_title', 'id', 'create_at') pagination_class = QuizListPaginator
def as_view(cls, *args, **kwargs): view = super().as_view(*args, **kwargs) # if settings.DEBUG is False: # view = permission_classes((IsAuthenticated,))(view) # else: # view = permission_classes((AllowAny,))(view) view = permission_classes((IsAuthenticated, ))(view) view = authentication_classes( api_settings.DEFAULT_AUTHENTICATION_CLASSES)(view) view = api_view(["GET", "POST"])(view) return view
def as_view(cls: "RestGraphQL", schema: graphene.Schema) -> "RestGraphQL": """Instantiate the RestGraphQL instance and wrap the view with the DRF authentication_classes, permission_classes and api_view decorators. Args: cls (RestGraphQL): The RestGraphQL class object schema (Schema): A graphene Schema object Returns: A django view """ view = super().as_view(graphiql=True, schema=schema) view = authentication_classes(api_settings.DEFAULT_AUTHENTICATION_CLASSES)(view) view = permission_classes(api_settings.DEFAULT_PERMISSION_CLASSES)(view) return api_view(http_method_names=("GET", "POST"))(view)
class UpdateUserView(APIView): permission_classes(IsAuthenticated, ) serializer_class = UserSerializer def get(self, request): user = User.objects.get(email=request.user) serializer = UserSerializer(user) return Response(serializer.data, status=status.HTTP_200_OK) def put(self, request): user = User.objects.get(email=request.user) serializer = UserSerializer(user, data=request.data, partial=True) if serializer.is_valid(): serializer.save() return Response(serializer.data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
class ProfileViewSet(viewsets.ModelViewSet): queryset = Profile.objects.all() serializer_class = ProfileSerializer permission_classes(IsAuthenticatedOrReadOnly) def create(self, request, *args, **kwargs): response = {'message': 'You cant create profile like that'} return Response(response, status=status.HTTP_400_BAD_REQUEST) def update(self, request, *args, **kwargs): response = {'message': 'You cant update profile like that'} return Response(response, status=status.HTTP_400_BAD_REQUEST) def destroy(self, request, *args, **kwargs): response = {'message': 'You cant delete profile like that'} return Response(response, status=status.HTTP_400_BAD_REQUEST)
class VerifyUserAPIView(APIView): # Any user can verify from an email link permission_classes(AllowAny, ) def get(self, request, uidb64, token): try: uid = force_text(uidb64) user = User.objects.get_by_natural_key(uid) except (TypeError, ValueError, OverflowError): user = None if user and account_activation_token.check_token(user, token): user.email_verified = True user.save() # Response("User has been verified successfully", status=status.HTTP_200_OK) return redirect("/") else: return Response("Failed to verify User", status=status.HTTP_400_BAD_REQUEST)
class WalletRetrieve(generics.ListAPIView): authentication_classes = (TokenAuthentication, SessionAuthentication) permission_classes(IsAuthenticated, ) #queryset = Wallet.objects.all() serializer_class = WalletSerializer def get_queryset(self): return Wallet.objects.filter(user=self.request.user) def list(self, request, *args, **kwargs): queryset = self.filter_queryset(self.get_queryset()) page = self.paginate_queryset(queryset) if page is not None: serializer = self.get_serializer(page, many=True) return self.get_paginated_response(serializer.data) serializer = self.get_serializer(queryset, many=True) return utils.render_response(serializer.data)
class daily_report(APIView): permission_classes(IsAuthenticated,) def post(self, request, format="json"): created_at = request.data.get("created_at", datetime.today())[:10] q1 = request.data.get("q1","Not filled!") q2 = request.data.get("q2","Not filled!") q3 = request.data.get("q3","Not filled!") q4 = request.data.get("q4","Not filled!") q5 = request.data.get("q5","Not filled!") UserDailyReport.objects.create( username=request.user.username, created_at=created_at, what_was_done_this_day=q1, what_is_your_plan_for_the_next_day = q2, what_are_your_blockers = q3, do_you_have_enough_tasks_for_next_three_days = q4, if_you_get_stuck_are_you_still_able_to_work_on_something_else = q5 ) return Response(status=status.HTTP_200_OK)
def like_create(request, study_pk=None, format=None): if request.method == 'POST': #logging.warning("request.data : " + str(request.data), ) #logging.warning("request.data.__getitem__ :" + str(request.POST.__getitem__),) # issue?! : 스터디 좋아요는 한명의 사용자에 대해서 하나만 생성 - 프론트에서 # issue?! : 스터디 '가'에 대해 좋아요를 누른 사용자A가 스터디 '가' 페이지를 띄울때, 좋아요 정보를 GET해서 뿌려줘야 하나? # Like instance 생성할 때 인자로 받은 study_pk 값을 request.POST 에 추가 request.POST.__setitem__('study', study_pk) # study 좋아요 수 증가 및 적용 study = get_object_or_404(Study, pk=study_pk) study.like_count += 1 study.save() # logging.warning("study_like : " + str(study.like_count), ) serializer = LikeSerializer(data=request.data) if serializer.is_valid(): serializer.save() # logging.warning(request.data) return Response(serializer.data, status=status.HTTP_201_CREATED) return Response(serializer@permission_classes((AllowAny,)).errors, status=status.HTTP_400_BAD_REQUEST)
class PermList(ListAPIView): permission_classes(IsAuthenticated, ) def get(self, request): logged_in_user = request.user pdata = logged_in_user.get_all_permissions() print(logged_in_user.is_superuser) print(pdata) print(len(pdata)) return Response(({ "result": "OK", "taskType": "tasktype" }), status.HTTP_200_OK) # @api_view(['GET']) # @permission_classes((IsAuthenticated, )) # def get(request): # logged_in_user = request.user # pdata = logged_in_user.get_all_permissions() # print(logged_in_user.is_superuser) # print(pdata) # print(len(pdata)) # form = UserAdminCreationForm() # return render(request, 'register.html', {'form': form}) # def register(req): # form = UserAdminCreationForm() # logged_in_user = req.user # pdata = logged_in_user.get_all_permissions() # print(logged_in_user.is_superuser) # print(pdata) # print(len(pdata)) # if req.method == 'POST': # form = UserAdminCreationForm(req.POST) # if form.is_valid(): # form.save() # return redirect('register') # return render(req, 'register.html', {'form': form})
class PromptRejection(APIView): permission_classes(IsAuthenticated, ) def get(self, request, pk): data = {'detail': ''} try: user = request.user try: prompt = Prompt.objects.get(id=pk) dp = DistributedPrompt.objects.get(user=user, prompt=prompt) dp.rejected = True dp.save() data['detail'] = 'Prompt ID = %s has been rejected' % pk return Response(data, HTTP_200_OK) except ObjectDoesNotExist: data['detail'] = 'This annotation was not give to you' return Response(data, status=HTTP_406_NOT_ACCEPTABLE) except Exception as e: data['detail'] = str(e) if DEBUG else 'Something went wrong.' pass
def as_view(cls, *args, **kwargs): view = super(GraphQLView, cls).as_view(*args, **kwargs) view = permission_classes((IsAuthenticated,))(view) view = authentication_classes(api_settings.DEFAULT_AUTHENTICATION_CLASSES)(view) view = api_view(['GET', 'POST'])(view) return view
permission_classes = [IsAdminUser, ] class PermissionViewSet(ModelViewSet): """ A permission that can be given to or revoked from a user """ queryset = Permission.objects.all() serializer_class = PermissionSerializer permission_classes = [IsAdminUser, ] class TokenViewSet(ModelViewSet): """ A token for logging in to the API """ queryset = Token.objects.all() serializer_class = TokenSerializer permission_classes = [IsAdminUser, ] all_views = {} for routine_class in Routine.__subclasses__(): def view_func(request, routine=routine_class()): return Response(routine.to_json()) view_func.__name__ = routine_class.__name__ view_func.__doc__ = routine_class.__doc__ # We can't use `api_view` as a decorator because we can't call it until we # have set the __name__ and __doc__ of `view_func`. Thus, we explicitly # call `api_view` afterwards view_fun = permission_classes((IsAdminUser, ))(view_func) view_func = api_view()(view_func) all_views[slugify(routine_class.title.lower())] = view_func