mirror of
https://github.com/Rushilwiz/SkoolOS.git
synced 2025-04-16 02:10:19 -04:00
Merge branch 'development' of https://github.com/rushilwiz/SkoolOs into development
This commit is contained in:
commit
f77452c59d
|
|
@ -1,4 +1,4 @@
|
|||
# Generated by Django 3.0.7 on 2020-06-12 23:18
|
||||
# Generated by Django 3.0.7 on 2020-06-13 18:15
|
||||
|
||||
from django.conf import settings
|
||||
from django.db import migrations, models
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ class IsOwnerOrReadOnly(permissions.BasePermission):
|
|||
return True
|
||||
|
||||
# Write permissions are only allowed to the owner of the snippet.
|
||||
return obj.owner == request.user
|
||||
return obj.owner == request.user or request.user.is_superuser
|
||||
|
||||
class isTeacher(permissions.BasePermission):
|
||||
#only teachers can make classes and assignmenst
|
||||
|
|
@ -22,4 +22,4 @@ class isTeacher(permissions.BasePermission):
|
|||
return True
|
||||
|
||||
# Write permissions are only allowed to the owner of the snippet.
|
||||
return obj.user.groups.filter(name__in=['teachers']).exists()
|
||||
return request.user.groups.filter(name__in=['teachers']).exists() or request.user.is_superuser
|
||||
|
|
|
|||
|
|
@ -2,15 +2,15 @@ from django.contrib.auth.models import User, Group
|
|||
from .models import Student, Teacher, Classes, Assignment, DefFiles
|
||||
from rest_framework import serializers, permissions
|
||||
from django.contrib.auth.models import User
|
||||
from .permissions import IsOwnerOrReadOnly,isTeacher
|
||||
|
||||
class UserSerializer(serializers.HyperlinkedModelSerializer):
|
||||
students = serializers.PrimaryKeyRelatedField(many=True, queryset=Student.objects.all())
|
||||
owner = serializers.ReadOnlyField(source='owner.username')
|
||||
permission_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
teachers = serializers.PrimaryKeyRelatedField(many=True, queryset=Teacher.objects.all())
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ['id', 'username', 'students']
|
||||
fields = ['id', 'username', 'students','teachers']
|
||||
|
||||
# class DefFilesSerializer(serializers.HyperlinkedModelSerializer):
|
||||
# class Meta:
|
||||
|
|
@ -20,37 +20,36 @@ class UserSerializer(serializers.HyperlinkedModelSerializer):
|
|||
class AssignmentSerializer(serializers.HyperlinkedModelSerializer):
|
||||
#permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
# files = DefFilesSerializer(many=True, read_only=True,allow_null=True)
|
||||
permission_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
owner = serializers.ReadOnlyField(source='owner.username')
|
||||
permission_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
|
||||
class Meta:
|
||||
model = Assignment
|
||||
fields = ['url','name', 'due_date', 'path' , "classes","teacher",'owner']
|
||||
# fields = ['url','name', 'due_date', 'path' , "classes","teacher",'owner']
|
||||
fields = ['name', 'due_date', 'path' , "classes","teacher",'owner']
|
||||
|
||||
class ClassesSerializer(serializers.HyperlinkedModelSerializer):
|
||||
# assignments = AssignmentSerializer(many=True, read_only=True,allow_null=True)
|
||||
# default_file=DefFilesSerializer(many=True, read_only=True,allow_null=True)
|
||||
owner = serializers.ReadOnlyField(source='owner.username')
|
||||
permission_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
class Meta:
|
||||
model = Classes
|
||||
fields = ['url', 'name', 'repo','path', "teacher",'assignments',"default_file", 'confirmed', 'unconfirmed','owner']
|
||||
# fields = ['url','name', 'repo','path', "teacher",'assignments',"default_file", 'confirmed', 'unconfirmed','owner']
|
||||
fields = ['name', 'repo','path', "teacher",'assignments',"default_file", 'confirmed', 'unconfirmed','owner']
|
||||
|
||||
class StudentSerializer(serializers.HyperlinkedModelSerializer):
|
||||
# classes = ClassesSerializer(many=True, read_only=True,allow_null=True)
|
||||
owner = serializers.ReadOnlyField(source='owner.username')
|
||||
permission_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
class Meta:
|
||||
model = Student
|
||||
fields = ['url', 'first_name', 'last_name', 'grade','email','student_id', 'git','ion_user','classes','added_to','completed', 'repo','owner']
|
||||
# fields = ['url','first_name', 'last_name', 'grade','email','student_id', 'git','ion_user','classes','added_to','completed', 'repo','owner']
|
||||
fields = ['first_name', 'last_name', 'grade','email','student_id', 'git','ion_user','classes','added_to','completed', 'repo','owner']
|
||||
|
||||
class TeacherSerializer(serializers.ModelSerializer):
|
||||
# classes = ClassesSerializer(many=True, read_only=True,allow_null=True)
|
||||
owner = serializers.ReadOnlyField(source='owner.username')
|
||||
permission_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
class Meta:
|
||||
model = Teacher
|
||||
fields = ['url', 'first_name', 'last_name','git','ion_user', 'email','classes','owner']
|
||||
# fields = ['url','first_name', 'last_name','git','ion_user', 'email','classes','owner']
|
||||
fields = ['first_name', 'last_name','git','ion_user', 'email','classes','owner']
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,16 @@
|
|||
from django.urls import path
|
||||
from rest_framework.urlpatterns import format_suffix_patterns
|
||||
from . import views
|
||||
|
||||
urlpatterns = [
|
||||
path('students/', views.StudentList.as_view()),
|
||||
path('students/<str:pk>/', views.StudentDetail.as_view()),
|
||||
path('teachers/', views.TeacherList.as_view()),
|
||||
path('teachers/<str:pk>/', views.TeacherDetail.as_view()),
|
||||
path('assignments/', views.AssignmentList.as_view()),
|
||||
path('assignments/<str:pk>/', views.AssignmentDetail.as_view()),
|
||||
path('classes/', views.ClassesList.as_view()),
|
||||
path('classes/<str:pk>/', views.ClassesDetail.as_view()),
|
||||
]
|
||||
|
||||
urlpatterns = format_suffix_patterns(urlpatterns)
|
||||
|
|
@ -1,131 +1,89 @@
|
|||
# class StudentList(APIView):
|
||||
# """
|
||||
# List all snippets, or create a new snippet.
|
||||
# """
|
||||
# def get(self, request, format=None):
|
||||
# snippets = Student.objects.all()
|
||||
# serializer = StudentSerializer(snippets, many=True)
|
||||
# return response.Response(serializer.data)
|
||||
from .models import Student, Teacher, Classes, Assignment, DefFiles
|
||||
from .serializers import StudentSerializer, TeacherSerializer, ClassesSerializer, AssignmentSerializer, UserSerializer
|
||||
from rest_framework import generics, viewsets, permissions, response, status
|
||||
from django.http import Http404
|
||||
from rest_framework.views import APIView
|
||||
from django.contrib.auth.models import User
|
||||
from .permissions import isTeacher, IsOwnerOrReadOnly
|
||||
from django.shortcuts import render, redirect
|
||||
from rest_framework.parsers import JSONParser
|
||||
from django.http.response import JsonResponse
|
||||
from rest_framework.response import Response
|
||||
from rest_framework import mixins
|
||||
|
||||
# def post(self, request, format=None):
|
||||
# serializer = StudentSerializer(data=request.data)
|
||||
# if serializer.is_valid():
|
||||
# serializer.save()
|
||||
# return response.Response(serializer.data, status=status.HTTP_201_CREATED)
|
||||
# return response.Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
# class StudentDetail(APIView):
|
||||
# """
|
||||
# Retrieve, update or delete a snippet instance.
|
||||
# """
|
||||
# def get_object(self, pk):
|
||||
# try:
|
||||
# return Student.objects.get(pk=pk)
|
||||
# except Student.DoesNotExist:
|
||||
# raise Http404
|
||||
class StudentList(generics.ListCreateAPIView):
|
||||
queryset = Student.objects.all()
|
||||
serializer_class = StudentSerializer
|
||||
def perform_create(self, serializer):
|
||||
serializer.save(owner=self.request.user)
|
||||
|
||||
# def get(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# serializer = StudentSerializer(snippet)
|
||||
# return response.Response(serializer.data)
|
||||
class StudentDetail(generics.RetrieveAPIView):
|
||||
queryset = Student.objects.all()
|
||||
serializer_class = StudentSerializer
|
||||
permissions_classes = [permissions.IsAuthenticated, IsOwnerOrReadOnly]
|
||||
|
||||
# def put(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# serializer = StudentSerializer(snippet, data=request.data)
|
||||
# if serializer.is_valid():
|
||||
# serializer.save()
|
||||
# return response.Response(serializer.data)
|
||||
# return response.Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
class TeacherList(generics.ListCreateAPIView):
|
||||
queryset = Teacher.objects.all()
|
||||
serializer_class = TeacherSerializer
|
||||
def perform_create(self, serializer):
|
||||
if(self.request.user.groups.filter(name__in=['teachers']).exists() or self.request.user.is_superuser):
|
||||
serializer.save(owner=self.request.user)
|
||||
else:
|
||||
print("UNAUTHORIZED POST")
|
||||
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
# def delete(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# snippet.delete()
|
||||
# return response.Response(status=status.HTTP_204_NO_CONTENT)
|
||||
class TeacherDetail(generics.RetrieveAPIView):
|
||||
queryset = Teacher.objects.all()
|
||||
serializer_class = TeacherSerializer
|
||||
permissions_classes = [permissions.IsAuthenticated, IsOwnerOrReadOnly]
|
||||
|
||||
# class TeacherList(APIView):
|
||||
# """
|
||||
# List all snippets, or create a new snippet.
|
||||
# """
|
||||
# def get(self, request, format=None):
|
||||
# snippets = Teacher.objects.all()
|
||||
# serializer = TeacherSerializer(snippets, many=True)
|
||||
# return response.Response(serializer.data)
|
||||
|
||||
# def post(self, request, format=None):
|
||||
# serializer = TeacherSerializer(data=request.data)
|
||||
# if serializer.is_valid():
|
||||
# serializer.save()
|
||||
# return response.Response(serializer.data, status=status.HTTP_201_CREATED)
|
||||
# return response.Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
class ClassesList(generics.ListCreateAPIView):
|
||||
queryset = Classes.objects.all()
|
||||
serializer_class = ClassesSerializer
|
||||
#permissions_classes = [isTeacher]
|
||||
def perform_create(self, serializer):
|
||||
if(self.request.user.groups.filter(name__in=['teachers']).exists() or self.request.user.is_superuser):
|
||||
serializer.save(owner=self.request.user)
|
||||
else:
|
||||
print("UNAUTHORIZED POST")
|
||||
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
# class TeacherDetail(APIView):
|
||||
# """
|
||||
# Retrieve, update or delete a snippet instance.
|
||||
# """
|
||||
# def get_object(self, pk):
|
||||
# try:
|
||||
# return Teacher.objects.get(pk=pk)
|
||||
# except Teacher.DoesNotExist:
|
||||
# raise Http404
|
||||
# class ClassesDetail(generics.RetrieveAPIView):
|
||||
# queryset = Classes.objects.all()
|
||||
# serializer_class = ClassesSerializer
|
||||
# # permissions_classes = [permissions.IsAuthenticated, IsOwnerOrReadOnly]
|
||||
|
||||
# def get(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# serializer = TeacherSerializer(snippet)
|
||||
# return response.Response(serializer.data)
|
||||
class ClassesDetail(mixins.RetrieveModelMixin,
|
||||
mixins.UpdateModelMixin,
|
||||
mixins.DestroyModelMixin,
|
||||
generics.GenericAPIView):
|
||||
queryset = Classes.objects.all()
|
||||
serializer_class = ClassesSerializer
|
||||
|
||||
# def put(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# serializer = TeacherSerializer(snippet, data=request.data)
|
||||
# if serializer.is_valid():
|
||||
# serializer.save()
|
||||
# return response.Response(serializer.data)
|
||||
# return response.Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
def get(self, request, *args, **kwargs):
|
||||
return self.retrieve(request, *args, **kwargs)
|
||||
|
||||
# def delete(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# snippet.delete()
|
||||
# return response.Response(status=status.HTTP_204_NO_CONTENT)
|
||||
def put(self, request, *args, **kwargs):
|
||||
print(self.owner)
|
||||
if(request.user == self.owner):
|
||||
return self.update(request, *args, **kwargs)
|
||||
|
||||
# class ClassesList(APIView):
|
||||
# """
|
||||
# List all snippets, or create a new snippet.
|
||||
# """
|
||||
# def get(self, request, format=None):
|
||||
# snippets = Classes.objects.all()
|
||||
# serializer = ClassesSerializer(snippets, many=True)
|
||||
# return response.Response(serializer.data)
|
||||
def delete(self, request, *args, **kwargs):
|
||||
return self.destroy(request, *args, **kwargs)
|
||||
|
||||
# def post(self, request, format=None):
|
||||
# serializer = ClassesSerializer(data=request.data)
|
||||
# if serializer.is_valid():
|
||||
# serializer.save()
|
||||
# return response.Response(serializer.data, status=status.HTTP_201_CREATED)
|
||||
# return response.Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
class AssignmentList(generics.ListCreateAPIView):
|
||||
queryset = Assignment.objects.all()
|
||||
serializer_class = AssignmentSerializer
|
||||
def perform_create(self, serializer):
|
||||
if(self.request.user.groups.filter(name__in=['teachers']).exists() or self.request.user.is_superuser):
|
||||
serializer.save(owner=self.request.user)
|
||||
else:
|
||||
print("UNAUTHORIZED POST")
|
||||
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
# class ClassesDetail(APIView):
|
||||
# """
|
||||
# Retrieve, update or delete a snippet instance.
|
||||
# """
|
||||
# def get_object(self, pk):
|
||||
# try:
|
||||
# return Classes.objects.get(pk=pk)
|
||||
# except Classes.DoesNotExist:
|
||||
# raise Http404
|
||||
|
||||
# def get(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# serializer = ClassesSerializer(snippet)
|
||||
# return response.Response(serializer.data)
|
||||
|
||||
# def put(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# serializer = ClassesSerializer(snippet, data=request.data)
|
||||
# if serializer.is_valid():
|
||||
# serializer.save()
|
||||
# return response.Response(serializer.data)
|
||||
# return response.Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
# def delete(self, request, pk, format=None):
|
||||
# snippet = self.get_object(pk)
|
||||
# snippet.delete()
|
||||
# return response.Response(status=status.HTTP_204_NO_CONTENT)
|
||||
class AssignmentDetail(generics.RetrieveAPIView):
|
||||
queryset = Assignment.objects.all()
|
||||
serializer_class = AssignmentSerializer
|
||||
permissions_classes = [permissions.IsAuthenticated, IsOwnerOrReadOnly]
|
||||
|
|
|
|||
|
|
@ -4,10 +4,17 @@ from rest_framework import generics, viewsets, permissions, response, status
|
|||
from django.http import Http404
|
||||
from rest_framework.views import APIView
|
||||
from django.contrib.auth.models import User
|
||||
from .permissions import isTeacher, IsOwnerOrReadOnly
|
||||
from django.shortcuts import render, redirect
|
||||
from rest_framework.parsers import JSONParser
|
||||
from rest_framework.response import Response
|
||||
|
||||
|
||||
|
||||
class UserViewSet(viewsets.ModelViewSet):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = UserSerializer
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
|
||||
|
||||
class StudentViewSet(viewsets.ModelViewSet):
|
||||
|
|
@ -16,8 +23,10 @@ class StudentViewSet(viewsets.ModelViewSet):
|
|||
"""
|
||||
queryset = Student.objects.all()
|
||||
serializer_class = StudentSerializer
|
||||
permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
permission_classes = [permissions.IsAuthenticated, IsOwnerOrReadOnly]
|
||||
|
||||
def perform_create(self, serializer):
|
||||
serializer.save(owner=self.request.user)
|
||||
|
||||
class TeacherViewSet(viewsets.ModelViewSet):
|
||||
"""
|
||||
|
|
@ -25,8 +34,10 @@ class TeacherViewSet(viewsets.ModelViewSet):
|
|||
"""
|
||||
queryset = Teacher.objects.all()
|
||||
serializer_class = TeacherSerializer
|
||||
permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
permission_classes = [permissions.IsAuthenticated, IsOwnerOrReadOnly]
|
||||
|
||||
def perform_create(self, serializer):
|
||||
serializer.save(owner=self.request.user)
|
||||
|
||||
class ClassesViewSet(viewsets.ModelViewSet):
|
||||
"""
|
||||
|
|
@ -34,7 +45,14 @@ class ClassesViewSet(viewsets.ModelViewSet):
|
|||
"""
|
||||
queryset = Classes.objects.all()
|
||||
serializer_class = ClassesSerializer
|
||||
permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
permission_classes = [permissions.IsAuthenticated, IsOwnerOrReadOnly]
|
||||
|
||||
def perform_create(self, serializer):
|
||||
if(self.request.user.groups.filter(name__in=['teachers']).exists() or self.request.user.is_superuser):
|
||||
serializer.save(owner=self.request.user)
|
||||
else:
|
||||
print("UNAUTHORIZED POST")
|
||||
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
|
||||
class AssignmentViewSet(viewsets.ModelViewSet):
|
||||
|
|
@ -43,7 +61,14 @@ class AssignmentViewSet(viewsets.ModelViewSet):
|
|||
"""
|
||||
queryset = Assignment.objects.all()
|
||||
serializer_class = AssignmentSerializer
|
||||
permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
|
||||
permission_classes = [permissions.IsAuthenticated, isTeacher, IsOwnerOrReadOnly]
|
||||
|
||||
def perform_create(self, serializer):
|
||||
if(self.request.user.groups.filter(name__in=['teachers']).exists() or self.request.user.is_superuser):
|
||||
serializer.save(owner=self.request.user)
|
||||
else:
|
||||
print("UNAUTHORIZED POST")
|
||||
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
# class DefFilesViewSet(viewsets.ModelViewSet):
|
||||
# """
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
from django.urls import path
|
||||
from . import views
|
||||
|
||||
|
||||
|
||||
urlpatterns = [
|
||||
path('', views.home, name='home'),
|
||||
|
||||
]
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user