from datetime import datetime from django.urls import path, re_path from django.contrib.auth.decorators import permission_required from rest_framework import routers, viewsets, serializers from rest_framework.decorators import api_view, permission_classes from rest_framework.response import Response from rest_framework.permissions import IsAuthenticated from files.models import File from inventory.models import Event, Container, Item class EventSerializer(serializers.ModelSerializer): class Meta: model = Event fields = ['eid', 'slug', 'name', 'start', 'end', 'pre_start', 'post_end'] read_only_fields = ['eid'] class EventViewSet(viewsets.ModelViewSet): serializer_class = EventSerializer queryset = Event.objects.all() permission_classes = [] class ContainerSerializer(serializers.ModelSerializer): itemCount = serializers.SerializerMethodField() class Meta: model = Container fields = ['cid', 'name', 'itemCount'] read_only_fields = ['cid', 'itemCount'] def get_itemCount(self, instance): return Item.objects.filter(container=instance.cid).count() class ContainerViewSet(viewsets.ModelViewSet): serializer_class = ContainerSerializer queryset = Container.objects.all() class ItemSerializer(serializers.ModelSerializer): dataImage = serializers.CharField(write_only=True, required=False) cid = serializers.SerializerMethodField() box = serializers.SerializerMethodField() file = serializers.SerializerMethodField() returned = serializers.SerializerMethodField(required=False) class Meta: model = Item fields = ['cid', 'box', 'uid', 'description', 'file', 'dataImage', 'returned'] read_only_fields = ['uid'] def get_cid(self, instance): return instance.container.cid def get_box(self, instance): return instance.container.name def get_file(self, instance): if len(instance.files.all()) > 0: return instance.files.all().order_by('-created_at')[0].hash return None def get_returned(self, instance): return instance.returned_at is not None def to_internal_value(self, data): container = None returned = False if 'cid' in data: container = Container.objects.get(cid=data['cid']) if 'returned' in data: returned = data['returned'] internal = super().to_internal_value(data) if container: internal['container'] = container if returned: internal['returned_at'] = datetime.now() return internal def validate(self, attrs): return super().validate(attrs) def create(self, validated_data): if 'dataImage' in validated_data: file = File.objects.create(data=validated_data['dataImage']) validated_data.pop('dataImage') item = Item.objects.create(**validated_data) item.files.set([file]) return item return Item.objects.create(**validated_data) def update(self, instance, validated_data): if 'returned' in validated_data: if validated_data['returned']: validated_data['returned_at'] = datetime.now() validated_data.pop('returned') if 'dataImage' in validated_data: file = File.objects.create(data=validated_data['dataImage']) validated_data.pop('dataImage') instance.files.add(file) return super().update(instance, validated_data) @api_view(['GET']) @permission_classes([IsAuthenticated]) @permission_required('view_item', raise_exception=True) def search_items(request, event_slug, query): try: event = Event.objects.get(slug=event_slug) query_tokens = query.split(' ') q = Item.objects.filter(event=event) for token in query_tokens: if token: q = q.filter(description__icontains=token) return Response(ItemSerializer(q, many=True).data) except Event.DoesNotExist: return Response(status=404) @api_view(['GET', 'POST']) @permission_classes([IsAuthenticated]) def item(request, event_slug): try: event = Event.objects.get(slug=event_slug) if request.method == 'GET': if not request.user.has_event_perm(event, 'view_item'): return Response(status=403) return Response(ItemSerializer(Item.objects.filter(event=event), many=True).data) elif request.method == 'POST': if not request.user.has_event_perm(event, 'add_item'): return Response(status=403) validated_data = ItemSerializer(data=request.data) if validated_data.is_valid(): validated_data.save(event=event) return Response(validated_data.data, status=201) except Event.DoesNotExist: return Response(status=404) @api_view(['GET', 'PUT', 'DELETE', 'PATCH']) @permission_classes([IsAuthenticated]) def item_by_id(request, event_slug, id): try: event = Event.objects.get(slug=event_slug) item = Item.objects.get(event=event, uid=id) if request.method == 'GET': if not request.user.has_event_perm(event, 'view_item'): return Response(status=403) return Response(ItemSerializer(item).data) elif request.method == 'PUT': if not request.user.has_event_perm(event, 'change_item'): return Response(status=403) validated_data = ItemSerializer(item, data=request.data) if validated_data.is_valid(): validated_data.save() return Response(validated_data.data) return Response(validated_data.errors, status=400) elif request.method == 'PATCH': if not request.user.has_event_perm(event, 'change_item'): return Response(status=403) validated_data = ItemSerializer(item, data=request.data, partial=True) if validated_data.is_valid(): validated_data.save() return Response(validated_data.data) return Response(validated_data.errors, status=400) elif request.method == 'DELETE': if not request.user.has_event_perm(event, 'delete_item'): return Response(status=403) item.delete() return Response(status=204) except Item.DoesNotExist: return Response(status=404) except Event.DoesNotExist: return Response(status=404) router = routers.SimpleRouter() router.register(r'events', EventViewSet, basename='events') router.register(r'boxes', ContainerViewSet, basename='boxes') router.register(r'box', ContainerViewSet, basename='boxes') urlpatterns = router.urls + [ path('/items/', item), path('/items//', search_items), path('/item/', item), path('/item//', item_by_id), ]