mitri4
/
skill-back
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
256 Commits
5 Branches
0 Tags
165 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 683e95de2d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '683e95de2d'
${ noResults }
skill-back/access/views.py

195 lines
6.8 KiB
Raw Blame History

from django.contrib.auth import get_user_model
from django.contrib import auth
from django.shortcuts import redirect
from rest_framework.views import APIView
from rest_framework.renderers import JSONRenderer
from rest_framework.response import Response
from django.db.models import Q
from access.models import Invite, Progress, ExtraPrivilege
from access.serializers import UserInitSerializer, UserSearchSerializer
from courses.models import Vertex
class TeacherListView(APIView):
renderer_classes = (JSONRenderer,)
status_code = 200
def get(self, request):
return Response([i.email for i in get_user_model().objects.filter(groups__name='teachers')], self.status_code)
class CheckUserView(APIView):
renderer_classes = (JSONRenderer,)
status_code = 200
def get(self, request):
if request.user.is_authenticated() and (request.user.is_staff or request.user.is_superuser):
return Response(True, status=self.status_code)
return Response(False, status=self.status_code)
class InfoUserView(APIView):
renderer_classes = (JSONRenderer,)
status_code = 200
def get(self, request):
if request.user.is_authenticated():
return Response(UserInitSerializer(request.user).data, status=self.status_code)
return Response('anonymous', status=self.status_code)
class FindUserView(APIView):
renderer_classes = (JSONRenderer,)
status_code = 200
def get(self, request):
if request.user.is_authenticated() and \
(request.user.is_superuser
or 'managers' in request.user.groups.all() or 'lead_managers' in request.user.groups.all()):
key = request.GET.get('key', None)
count = int(request.GET.get('count', '10'))
if key:
res = get_user_model().objects.filter(
Q(id__contains=key) | Q(email__contains=key.lower()) | Q(first_name__contains=key) |
Q(last_name__contains=key) | Q(account__phone__contains=key), groups__name='students'
)
else:
res = get_user_model().objects.all()
res = res[:(count if len(res) > count else len(res))]
return Response([
UserSearchSerializer(i).data for i in res],
status=self.status_code
)
return Response('Permission denied', status=403)
class DetailUserView(APIView):
renderer_classes = (JSONRenderer,)
@staticmethod
def get(request, pk):
if request.user.is_authenticated() and \
(request.user.is_superuser or request.user.is_staff or request.user.id == pk):
try:
user = get_user_model().objects.get(id=pk)
except get_user_model().DoesNotExist:
return Response("User doesn't exist", status=404)
return Response(UserInitSerializer(user).data, status=200)
return Response('Permission denied', status=403)
class RegistrationView(APIView):
renderer_classes = (JSONRenderer,)
@staticmethod
def get(request):
try:
invite = Invite.objects.get(hash=request.GET['hash'])
invite.owner.is_active = True
invite.owner.save()
auth.login(request, invite.owner)
invite.delete()
return redirect('/')
except Invite.DoesNotExist:
return Response('Приглошения не существует возможно оно сгорело', status=404)
@staticmethod
def post(request):
try:
get_user_model().objects.get(email=request.JSON['email'].lower())
return Response('user already exist', status=403)
except get_user_model().DoesNotExist:
password = request.JSON.get('password')
if password:
user = get_user_model().objects.create_student(
email=request.JSON['email'].lower(),
password=request.JSON['password']
)
else:
user = get_user_model().objects.create_student(
email=request.JSON['email'].lower(),
)
return Response(UserInitSerializer(user).data, status=200)
class ChangePasswordView(APIView):
renderer_classes = (JSONRenderer,)
@staticmethod
def post(request):
if request.user.is_authenticated() and not request.user.check_password(request.JSON['old_password']):
return Response("Неверный пароль", status=404)
request.user.set_password(request.JSON['new_password'])
request.user.save()
return Response("Пароль был изменён", status=200)
class LoginView(APIView):
renderer_classes = (JSONRenderer,)
@staticmethod
def post(request):
if not request.user.is_authenticated():
user = auth.authenticate(email=request.JSON.get('email'), password=request.JSON.get('password'))
try:
auth.login(request, user)
except AttributeError:
return Response("Неверный пароль", status=404)
return Response(UserInitSerializer(request.user).data, status=200)
class LogoutView(APIView):
renderer_classes = (JSONRenderer,)
@staticmethod
def post(request):
if request.user.is_authenticated():
auth.logout(request)
return Response(status=204)
class UpdateProgress(APIView):
"""
Переводит ученика на следующую стадию прохождения курса
Запрос идёт синхронно возвращает id нового объекта прогресса
"""
renderer_classes = (JSONRenderer,)
@staticmethod
def post(request):
pk = int(request.JSON.get('id'))
try:
vertex = Vertex.objects.get(id=pk)
except Vertex.DoesNotExist:
return Response("Объект не найден", status=404)
next_vertex = vertex.get_next(['task', 'tutorial'])
try:
progress = Progress.objects.get(user=request.user, course=vertex.course)
if progress.active_obj == vertex:
if next_vertex.is_more(progress.active_obj):
progress.active_obj = next_vertex
progress.save()
return Response({'id': progress.active_obj.id, 'type': progress.active_obj.content_type.model}, status=200)
except Progress.DoesNotExist:
pass
try:
privilege = ExtraPrivilege.objects.get(user=request.user, subject=vertex)
privilege.is_done = True
privilege.save()
return Response({'id': next_vertex.id, 'type': next_vertex.content_type.model}, status=200)
except ExtraPrivilege.DoesNotExist:
return Response('У вас нет прав', status=403)