1from rest_framework.views import APIView 

2from rest_framework.response import Response 

3from rest_framework import status 

4from rest_framework import permissions 

5from policorp.serializers import BookingSerializer 

6from policorp.permissions import IsSupervisorUser 

7from policorp.models import Location 

8 

9import sys 

10 

11class BookOnTheFlyView(APIView): 

12 http_method_names = ['post'] 

13 permission_classes = [permissions.IsAuthenticated&IsSupervisorUser] 

14 

15 def post(self, request, format=None): 

16 

17 # Check if IsSupervisorUser 

18 self.check_object_permissions(self.request, None) 

19 

20 serializer = BookingSerializer(data=request.data) 

21 

22 if serializer.is_valid(raise_exception=True): 

23 

24 # Get location ID to check if user is a supervisor at that location 

25 data = serializer.validated_data 

26 location = data['availability']['where'] 

27 

28 if request.user not in location.supervisors.all(): 

29 return Response(status=status.HTTP_403_FORBIDDEN) 

30 

31 serializer.save() 

32 return Response(status=status.HTTP_204_NO_CONTENT)