c3lf-system-3/core/inventory/api_v2.py

from django.urls import re_path
from django.contrib.auth.decorators import permission_required
from rest_framework import routers, viewsets, status
from rest_framework.decorators import api_view, permission_classes
from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated

from inventory.models import Event, Container, Item, Comment
from inventory.serializers import EventSerializer, ContainerSerializer, CommentSerializer, ItemSerializer, \
    SearchResultSerializer

from base64 import b64decode


class EventViewSet(viewsets.ModelViewSet):
    serializer_class = EventSerializer
    queryset = Event.objects.all()
    permission_classes = []


class ContainerViewSet(viewsets.ModelViewSet):
    serializer_class = ContainerSerializer
    queryset = Container.objects.all()


class ItemViewSet(viewsets.ModelViewSet):
    serializer_class = ItemSerializer

    def prefetch_queryset(self, queryset):
        serializer = self.get_serializer_class()
        if hasattr(serializer, 'Meta') and hasattr(serializer.Meta, 'prefetch_related_fields'):
            queryset = queryset.prefetch_related(*serializer.Meta.prefetch_related_fields)
        return queryset

    def get_queryset(self):
        queryset = Item.objects.all()
        return self.prefetch_queryset(queryset)


def filter_items(items, query):
    query_tokens = query.split(' ')
    for item in items:
        value = 0
        for token in query_tokens:
            if token in item.description:
                value += 1
        if value > 0:
            yield {'search_score': value, 'item': item}


@api_view(['GET'])
@permission_classes([IsAuthenticated])
def search_items(request, event_slug, query):
    try:
        event = Event.objects.get(slug=event_slug)
        if not request.user.has_event_perm(event, 'view_item'):
            return Response(status=403)
        items = filter_items(Item.objects.filter(event=event), b64decode(query).decode('utf-8'))
        return Response(SearchResultSerializer(items, many=True).data)
    except Event.DoesNotExist:
        return Response(status=404)


@api_view(['GET', 'POST'])
@permission_classes([IsAuthenticated])
def item(request, event_slug):
    vs = ItemViewSet()
    try:
        event = None
        if event_slug != 'none':
            event = Event.objects.get(slug=event_slug)
        if request.method == 'GET':
            if not request.user.has_event_perm(event, 'view_item'):
                return Response(status=403)
            return Response(ItemSerializer(vs.prefetch_queryset(Item.objects.filter(event=event)), many=True).data)
        elif request.method == 'POST':
            if not request.user.has_event_perm(event, 'add_item'):
                return Response(status=403)
            validated_data = ItemSerializer(data=request.data)
            if validated_data.is_valid():
                validated_data.save(event=event)
                return Response(validated_data.data, status=201)
            return Response(status=400)
    except Event.DoesNotExist:
        return Response(status=404)
    except KeyError:
        return Response(status=400)


@api_view(['POST'])
@permission_classes([IsAuthenticated])
@permission_required('tickets.add_comment', raise_exception=True)
def add_comment(request, event_slug, id):
    event = None
    if event_slug != 'none':
        event = Event.objects.get(slug=event_slug)
    item = Item.objects.get(event=event, id=id)
    if not request.user.has_event_perm(event, 'view_item'):
        return Response(status=403)
    if 'comment' not in request.data or request.data['comment'] == '':
        return Response({'status': 'error', 'message': 'missing comment'}, status=status.HTTP_400_BAD_REQUEST)
    comment = Comment.objects.create(
        item=item,
        comment=request.data['comment'],
    )
    return Response(CommentSerializer(comment).data, status=status.HTTP_201_CREATED)


@api_view(['GET', 'PUT', 'DELETE', 'PATCH'])
@permission_classes([IsAuthenticated])
def item_by_id(request, event_slug, id):
    try:
        event = Event.objects.get(slug=event_slug)
        item = Item.objects.get(event=event, id=id)
        if request.method == 'GET':
            if not request.user.has_event_perm(event, 'view_item'):
                return Response(status=403)
            return Response(ItemSerializer(item).data)
        elif request.method == 'PUT':
            if not request.user.has_event_perm(event, 'change_item'):
                return Response(status=403)
            validated_data = ItemSerializer(item, data=request.data)
            if validated_data.is_valid():
                validated_data.save()
                return Response(validated_data.data)
            return Response(validated_data.errors, status=400)
        elif request.method == 'PATCH':
            if not request.user.has_event_perm(event, 'change_item'):
                return Response(status=403)
            validated_data = ItemSerializer(item, data=request.data, partial=True)
            if validated_data.is_valid():
                validated_data.save()
                return Response(validated_data.data)
            return Response(validated_data.errors, status=400)
        elif request.method == 'DELETE':
            if not request.user.has_event_perm(event, 'delete_item'):
                return Response(status=403)
            item.delete()
            return Response(status=204)
    except Item.DoesNotExist:
        return Response(status=404)
    except Event.DoesNotExist:
        return Response(status=404)


router = routers.SimpleRouter()
router.register(r'events', EventViewSet, basename='events')
router.register(r'boxes', ContainerViewSet, basename='boxes')
router.register(r'box', ContainerViewSet, basename='boxes')

urlpatterns = router.urls + [
    re_path(r'^(?P<event_slug>[\w-]+)/items/$', item, name='item'),
    re_path(r'^(?P<event_slug>[\w-]+)/items/(?P<query>[-A-Za-z0-9+/]*={0,3})/$', search_items, name='search_items'),
    re_path(r'^(?P<event_slug>[\w-]+)/item/$', item, name='item'),
    re_path(r'^(?P<event_slug>[\w-]+)/item/(?P<id>\d+)/comment/$', add_comment, name='add_comment'),
    re_path(r'^(?P<event_slug>[\w-]+)/item/(?P<id>\d+)/$', item_by_id, name='item_by_id'),
]
partition tickets by event 2024-11-13 22:51:54 +00:00			`from django.urls import re_path`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`from django.contrib.auth.decorators import permission_required`
add /item/comment endpoint and prefetch related models 2024-11-28 20:58:26 +00:00			`from rest_framework import routers, viewsets, status`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`from rest_framework.decorators import api_view, permission_classes`
			`from rest_framework.response import Response`
			`from rest_framework.permissions import IsAuthenticated`

add /item/comment endpoint and prefetch related models 2024-11-28 20:58:26 +00:00			`from inventory.models import Event, Container, Item, Comment`
			`from inventory.serializers import EventSerializer, ContainerSerializer, CommentSerializer, ItemSerializer, \`
			`SearchResultSerializer`
implement simple backend search for items and tickets 2024-11-09 04:05:05 +00:00
			`from base64 import b64decode`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00

			`class EventViewSet(viewsets.ModelViewSet):`
			`serializer_class = EventSerializer`
			`queryset = Event.objects.all()`
			`permission_classes = []`


			`class ContainerViewSet(viewsets.ModelViewSet):`
			`serializer_class = ContainerSerializer`
			`queryset = Container.objects.all()`


add /item/comment endpoint and prefetch related models 2024-11-28 20:58:26 +00:00			`class ItemViewSet(viewsets.ModelViewSet):`
			`serializer_class = ItemSerializer`

update prefetched fields 2024-11-29 00:32:54 +00:00			`def prefetch_queryset(self, queryset):`
add /item/comment endpoint and prefetch related models 2024-11-28 20:58:26 +00:00			`serializer = self.get_serializer_class()`
			`if hasattr(serializer, 'Meta') and hasattr(serializer.Meta, 'prefetch_related_fields'):`
			`queryset = queryset.prefetch_related(*serializer.Meta.prefetch_related_fields)`
			`return queryset`

update prefetched fields 2024-11-29 00:32:54 +00:00			`def get_queryset(self):`
			`queryset = Item.objects.all()`
			`return self.prefetch_queryset(queryset)`

add /item/comment endpoint and prefetch related models 2024-11-28 20:58:26 +00:00
implement simple backend search for items and tickets 2024-11-09 04:05:05 +00:00			`def filter_items(items, query):`
			`query_tokens = query.split(' ')`
			`for item in items:`
			`value = 0`
			`for token in query_tokens:`
			`if token in item.description:`
			`value += 1`
			`if value > 0:`
			`yield {'search_score': value, 'item': item}`


create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`@api_view(['GET'])`
			`@permission_classes([IsAuthenticated])`
			`def search_items(request, event_slug, query):`
			`try:`
			`event = Event.objects.get(slug=event_slug)`
implement simple backend search for items and tickets 2024-11-09 04:05:05 +00:00			`if not request.user.has_event_perm(event, 'view_item'):`
			`return Response(status=403)`
			`items = filter_items(Item.objects.filter(event=event), b64decode(query).decode('utf-8'))`
			`return Response(SearchResultSerializer(items, many=True).data)`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`except Event.DoesNotExist:`
			`return Response(status=404)`


			`@api_view(['GET', 'POST'])`
			`@permission_classes([IsAuthenticated])`
			`def item(request, event_slug):`
add /item/comment endpoint and prefetch related models 2024-11-28 20:58:26 +00:00			`vs = ItemViewSet()`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`try:`
partition tickets by event 2024-11-13 22:51:54 +00:00			`event = None`
			`if event_slug != 'none':`
			`event = Event.objects.get(slug=event_slug)`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`if request.method == 'GET':`
			`if not request.user.has_event_perm(event, 'view_item'):`
			`return Response(status=403)`
update prefetched fields 2024-11-29 00:32:54 +00:00			`return Response(ItemSerializer(vs.prefetch_queryset(Item.objects.filter(event=event)), many=True).data)`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`elif request.method == 'POST':`
			`if not request.user.has_event_perm(event, 'add_item'):`
			`return Response(status=403)`
			`validated_data = ItemSerializer(data=request.data)`
			`if validated_data.is_valid():`
			`validated_data.save(event=event)`
			`return Response(validated_data.data, status=201)`
drop v1 API and rename id columns 2024-11-19 23:23:20 +00:00			`return Response(status=400)`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`except Event.DoesNotExist:`
			`return Response(status=404)`
add timeline information to the /items endpoint 2024-11-23 00:22:24 +00:00			`except KeyError:`
			`return Response(status=400)`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00

add /item/comment endpoint and prefetch related models 2024-11-28 20:58:26 +00:00			`@api_view(['POST'])`
			`@permission_classes([IsAuthenticated])`
			`@permission_required('tickets.add_comment', raise_exception=True)`
			`def add_comment(request, event_slug, id):`
			`event = None`
			`if event_slug != 'none':`
			`event = Event.objects.get(slug=event_slug)`
			`item = Item.objects.get(event=event, id=id)`
			`if not request.user.has_event_perm(event, 'view_item'):`
			`return Response(status=403)`
			`if 'comment' not in request.data or request.data['comment'] == '':`
			`return Response({'status': 'error', 'message': 'missing comment'}, status=status.HTTP_400_BAD_REQUEST)`
			`comment = Comment.objects.create(`
			`item=item,`
			`comment=request.data['comment'],`
			`)`
			`return Response(CommentSerializer(comment).data, status=status.HTTP_201_CREATED)`


create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`@api_view(['GET', 'PUT', 'DELETE', 'PATCH'])`
			`@permission_classes([IsAuthenticated])`
			`def item_by_id(request, event_slug, id):`
			`try:`
			`event = Event.objects.get(slug=event_slug)`
update prefetched fields 2024-11-29 00:32:54 +00:00			`item = Item.objects.get(event=event, id=id)`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`if request.method == 'GET':`
			`if not request.user.has_event_perm(event, 'view_item'):`
			`return Response(status=403)`
			`return Response(ItemSerializer(item).data)`
			`elif request.method == 'PUT':`
			`if not request.user.has_event_perm(event, 'change_item'):`
			`return Response(status=403)`
			`validated_data = ItemSerializer(item, data=request.data)`
			`if validated_data.is_valid():`
			`validated_data.save()`
			`return Response(validated_data.data)`
			`return Response(validated_data.errors, status=400)`
			`elif request.method == 'PATCH':`
			`if not request.user.has_event_perm(event, 'change_item'):`
			`return Response(status=403)`
			`validated_data = ItemSerializer(item, data=request.data, partial=True)`
			`if validated_data.is_valid():`
			`validated_data.save()`
			`return Response(validated_data.data)`
			`return Response(validated_data.errors, status=400)`
			`elif request.method == 'DELETE':`
			`if not request.user.has_event_perm(event, 'delete_item'):`
			`return Response(status=403)`
			`item.delete()`
			`return Response(status=204)`
			`except Item.DoesNotExist:`
			`return Response(status=404)`
			`except Event.DoesNotExist:`
			`return Response(status=404)`


			`router = routers.SimpleRouter()`
			`router.register(r'events', EventViewSet, basename='events')`
			`router.register(r'boxes', ContainerViewSet, basename='boxes')`
			`router.register(r'box', ContainerViewSet, basename='boxes')`

			`urlpatterns = router.urls + [`
partition tickets by event 2024-11-13 22:51:54 +00:00			`re_path(r'^(?P<event_slug>[\w-]+)/items/$', item, name='item'),`
			`re_path(r'^(?P<event_slug>[\w-]+)/items/(?P<query>[-A-Za-z0-9+/]*={0,3})/$', search_items, name='search_items'),`
			`re_path(r'^(?P<event_slug>[\w-]+)/item/$', item, name='item'),`
add /item/comment endpoint and prefetch related models 2024-11-28 20:58:26 +00:00			`re_path(r'^(?P<event_slug>[\w-]+)/item/(?P<id>\d+)/comment/$', add_comment, name='add_comment'),`
partition tickets by event 2024-11-13 22:51:54 +00:00			`re_path(r'^(?P<event_slug>[\w-]+)/item/(?P<id>\d+)/$', item_by_id, name='item_by_id'),`
create inventory API v2 und update tests 2024-01-07 20:13:44 +00:00			`]`