diff --git a/project/activities/serializers.py b/project/activities/serializers.py new file mode 100644 index 0000000..15cca49 --- /dev/null +++ b/project/activities/serializers.py @@ -0,0 +1,10 @@ +from rest_framework import serializers +from .models import Activity + + +class ActivitySerializer(serializers.ModelSerializer): + """Serializer for the Activities""" + + class Meta: + model = Activity + fields = '__all__' diff --git a/project/activities/urls.py b/project/activities/urls.py index 6e63589..4da08e2 100644 --- a/project/activities/urls.py +++ b/project/activities/urls.py @@ -9,7 +9,21 @@ ActivityUpdateView, ) + +from activities import views + urlpatterns = [ + + path( + "api", + views.activity_list, + name="activity_list" + ), + path( + "api/", + views.activity_details, + name="activity_details" + ), path( "create", ActivityCreateView.as_view(), diff --git a/project/activities/views.py b/project/activities/views.py index c4e61e4..2940747 100644 --- a/project/activities/views.py +++ b/project/activities/views.py @@ -7,6 +7,73 @@ from .forms import ActivityModelForm from .models import Activity +from .serializers import ActivitySerializer + +from rest_framework.decorators import api_view +from rest_framework.response import Response +from rest_framework import status + + +@api_view(['GET', 'POST']) +def activity_list(request): + """ + Circle member(s) can create a Circle Activity via a POST request + Circle members and coordinators can view all Circle Activities via a GET request + """ + circle_id = Activity.objects.values_list("circle_id", flat=True).first() + circle = Circle.objects.get(id=circle_id) + + if request.user in circle.companions: + + if request.method == 'GET': + activities = Activity.objects.all() + serializer = ActivitySerializer(activities, many=True) + return Response(serializer.data) + + if request.method == 'POST': + serializer = ActivitySerializer(data=request.data) + if serializer.is_valid(): + serializer.save() + return Response(serializer.data, status=status.HTTP_201_CREATED) + + return Response(status=status.HTTP_403_FORBIDDEN) + + +@api_view(['GET', 'PUT', 'DELETE']) +def activity_details(request, id): + """ + Circle member(s) can update a single Circle Activity via a PUT request + Circle coordinator(s) can delete a single Circle Activity via a DELETE request + Circle members and coordinators can view a single Circle Activity via a GET request + """ + try: + activity = Activity.objects.get(pk=id) + except Activity.DoesNotExist: + return Response(status=status.HTTP_404_NOT_FOUND) + + circle_id = Activity.objects.values_list("circle_id", flat=True).get(pk=id) + circle = Circle.objects.get(id=circle_id) + + if request.user in circle.companions: + + if request.method == 'GET': + serializer = ActivitySerializer(activity) + return Response(serializer.data) + + if request.method == 'PUT': + serializer = ActivitySerializer(activity, data=request.data) + if serializer.is_valid(): + serializer.save() + return Response(serializer.data) + return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) + + if request.method == 'DELETE': + if request.user in circle.organizers: + activity.delete() + return Response(status=status.HTTP_204_NO_CONTENT) + return Response(status=status.HTTP_403_FORBIDDEN) + + return Response(status=status.HTTP_403_FORBIDDEN) class ActivityCreateView(UserPassesTestMixin, LoginRequiredMixin, View): diff --git a/project/core/settings.py b/project/core/settings.py index a6b9b46..2ede65c 100644 --- a/project/core/settings.py +++ b/project/core/settings.py @@ -178,6 +178,7 @@ REST_FRAMEWORK = { "DEFAULT_AUTHENTICATION_CLASSES": ( "rest_framework.authentication.TokenAuthentication", + 'rest_framework.authentication.SessionAuthentication', # 'dj_rest_auth.jwt_auth.JWTCookieAuthentication' ), "DEFAULT_SCHEMA_CLASS": "rest_framework.schemas.coreapi.AutoSchema", diff --git a/project/core/urls.py b/project/core/urls.py index 8dcb31c..d6a9875 100644 --- a/project/core/urls.py +++ b/project/core/urls.py @@ -43,6 +43,7 @@ path("i18n/", include("django.conf.urls.i18n")), path("circles/", include("circles.urls")), path("__reload__/", include("django_browser_reload.urls")), + path("api-auth/", include("rest_framework.urls", namespace="rest_framework")), ] + media_urlpatterns handler404 = "error_handling.views.handler404"