Coverage for policorp/views.py : 78%
Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1from django.shortcuts import render
2from django.http import HttpResponse, JsonResponse, HttpResponseRedirect, Http404
3from django.urls import reverse
4from django.contrib.auth import authenticate, login, logout
5from django.core.serializers.json import DjangoJSONEncoder
6from django.utils.translation import gettext as _
7from datetime import datetime, timezone
8import json
9import sys
10from .models import Task, Availability, Booking, User, Location
11from policorp.lib.schedule import Schedule
13# Create your views here.
14def index(request):
15 if not request.user.is_authenticated:
16 return render(request, "policorp/login.html")
18 return render(request, "policorp/index.html");
20def login_view(request):
21 if request.method == "POST":
23 # Attempt to sign user in
24 username = request.POST["username"]
25 password = request.POST["password"]
26 user = authenticate(request, username=username, password=password)
28 # Check if authentication successful
29 if user is not None and user.is_supervisor:
30 login(request, user)
31 return HttpResponseRedirect(reverse("policorp:index"))
32 else:
33 return render(request, "policorp/login.html", {
34 "message": _("Invalid username and/or password")
35 })
36 else:
37 return render(request, "policorp/login.html")
39def logout_view(request):
40 logout(request)
41 return HttpResponseRedirect(reverse("policorp:index"))
43def tasks(request):
45 # Only GET requests allowed
46 if request.method != "GET":
47 return JsonResponse({"error": "GET request required."}, status=400)
49 return JsonResponse([t.json() for t in Task.objects.get_all()], safe=False)
51def availabilities(request, taskid):
53 # Only GET requests allowed
54 if request.method != "GET":
55 return JsonResponse({"error": "GET request required."}, status=400)
57 t = Task.objects.get(pk=taskid)
58 availabilities = Availability.objects.get_next_by_task_and_date(t.name, None)
60 return JsonResponse([a.json() for a in availabilities], status=200, safe=False)
62def dailyavailabilities(request, taskid, date):
64 # Only GET requests allowed
65 if request.method != "GET":
66 return JsonResponse({"error": "GET request required."}, status=400)
68 t = Task.objects.get(pk=taskid)
69 availabilities = Availability.objects.get_next_by_task_and_date(t.name, datetime.strptime(date, "%Y%m%d"))
71 return JsonResponse([a.json() for a in availabilities], status=200, safe=False)
73def book(request, availabilityid):
75 # Only POST requests allowed
76 if request.method != "POST":
77 return JsonResponse({"error": "POST request required."}, status=400)
79 # Only authenticated users
80 if not request.user.is_authenticated:
81 return JsonResponse({"error": _("Unauthorized")}, status=401)
83 availability = Availability.objects.get(pk=availabilityid)
84 booking = Booking.objects.book(availability, request.user)
86 return JsonResponse(booking.json(), status=201)
88def myschedule(request):
90 # Only GET requests allowed
91 if request.method != "GET":
92 return JsonResponse({"error": "GET request required."}, status=400)
94 # Only authenticated users
95 if not request.user.is_authenticated:
96 return JsonResponse({"error": _("Unauthorized")}, status=401)
98 bookings = Booking.objects.get_by_user(request.user)
100 return JsonResponse([b.json() for b in bookings], safe=False)
102def cancelbooking(request, bookingid):
103 # Only POST requests allowed
104 if request.method != "POST":
105 return JsonResponse({"error": "POST request required."}, status=400)
107 # Only authenticated users
108 if not request.user.is_authenticated:
109 return JsonResponse({"error": _("Unauthorized")}, status=401)
111 b = Booking.objects.get(pk=bookingid)
112 location = b.availability.where
113 user = User.objects.get(username=request.user.username)
115 # Only users who booked or that supervise the location are allowed to cancel
116 if request.user != b.user and location not in user.get_supervised_locations():
117 return JsonResponse({"error": _("Unauthorized")}, status=401)
119 b = b.cancel()
121 return JsonResponse (b.json(),status=201)
123def mysupervisedlocations(request):
124 # Only GET requests allowed
125 if request.method != "GET":
126 return JsonResponse({"error": "GET request required."}, status=400)
128 # Only authenticated users
129 if not request.user.is_authenticated:
130 return JsonResponse({"error": _("Unauthorized")}, status=401)
132 user = User.objects.get(username=request.user.username)
134 if not user.is_supervisor:
135 return JsonResponse({"error": _("Unauthorized")}, status=401)
137 return JsonResponse([l.json() for l in user.get_supervised_locations()], safe=False)
139def locationschedule(request, locationid, date):
140 # Only GET requests allowed
141 if request.method != "GET":
142 return JsonResponse({"error": "GET request required."}, status=400)
144 # Only authenticated, supervisor users allowed
145 if not request.user.is_authenticated:
146 return JsonResponse({"error": _("Unauthorized")}, status=401)
148 user = User.objects.get(username=request.user.username)
150 if not user.is_supervisor:
151 return JsonResponse({"error": _("Unauthorized")}, status=401)
153 location = Location.objects.get(pk=locationid)
155 if user not in location.supervisors.all():
156 return JsonResponse({"error": _("Unauthorized")}, status=401)
158 dateObj = datetime.strptime(date, "%Y%m%d")
159 bookings = Booking.objects.get_by_location_and_date(location, dateObj)
160 availabilities = Availability.objects.get_all_by_location_and_date(location, dateObj)
161 sch = Schedule(dateObj.date(), location, availabilities, bookings)
163 return JsonResponse(sch.json(), safe=False)
165def createavailabilitysingle(request):
166 # Only POST requests allowed
167 if request.method != "POST":
168 return JsonResponse({"error": "POST request required."}, status=400)
170 # Only authenticated, supervisor users allowed
171 if not request.user.is_authenticated:
172 return JsonResponse({"error": _("Unauthorized")}, status=401)
174 user = User.objects.get(username=request.user.username)
176 if not user.is_supervisor:
177 return JsonResponse({"error": _("Unauthorized")}, status=401)
179 data = json.loads(request.body)
181 # User needs to be supervising requested location
182 location = Location.objects.get(pk=data.get("locationid"))
183 if user not in location.supervisors.all():
184 return JsonResponse({"error": _("Unauthorized")}, status=401)
186 when = datetime.fromisoformat(data.get("when"))
187 task = Task.objects.get(pk=data.get("taskid"))
188 a = Availability.objects.create_availability(when, location, task)
190 return JsonResponse(a.json(), safe=False, status=201)
192def createavailabilities(request):
193 # Only POST requests allowed
194 if request.method != "POST":
195 return JsonResponse({"error": "POST request required."}, status=400)
197 # Only authenticated, supervisor users allowed
198 if not request.user.is_authenticated:
199 return JsonResponse({"error": _("Unauthorized")}, status=401)
201 user = User.objects.get(username=request.user.username)
203 if not user.is_supervisor:
204 return JsonResponse({"error": _("Unauthorized")}, status=401)
206 data = json.loads(request.body)
208 response = []
210 for a in data:
212 location = Location.objects.get(pk=a.get("locationid"))
213 if user not in location.supervisors.all():
214 response.append({
215 "locationid": a.get("locationid"),
216 "taskid": a.get("taskid"),
217 "when": a.get("when"),
218 "error": "Unauthorized"
219 })
220 else:
221 when = datetime.fromisoformat(a.get("when"))
222 task = Task.objects.get(pk=a.get("taskid"))
223 a = Availability.objects.create_availability(when, location, task)
224 response.append(a.json())
226 return JsonResponse(response, safe=False, status=201)