[#44] [GREEN] added implementation for supervisor to verify vacancy

4e7e0d36 · Joshua Casey · 01e5c1ed · 4e7e0d36 · 4e7e0d36 · 4e7e0d36
Commit 4e7e0d36 authored May 23, 2017 by Joshua Casey
--- a/core/lib/permissions.py
+++ b/core/lib/permissions.py
@@ -5,6 +5,7 @@ from core.models import Company
 from core.models import Student
 from core.models import Supervisor
 from core.models import Application
+from core.models import Vacancy


 def is_admin_or_student(user):
@@ -145,3 +146,11 @@ class IsAdminOrVacancyOwner(permissions.BasePermission):
            raise PermissionDenied(
                "Checking owner permission on non-application object"
            )
+
+
+class VacancyApprovalPermission(permissions.BasePermission):
+    def has_permission(self, request, view):
+        return is_admin_or_supervisor(request.user)
+
+    def has_object_permission(self, request, view, obj):
+        return isinstance(obj, Vacancy)
--- a/core/serializers/vacancies.py
+++ b/core/serializers/vacancies.py
@@ -43,3 +43,10 @@ class VacancyApplicationSerializer(serializers.ModelSerializer):
    class Meta:
        model = Application
        fields = ['cover_letter', 'vacancy', 'status']
+
+
+class VacancyVerifiedSerializer(serializers.ModelSerializer):
+
+    class Meta:
+        model = Vacancy
+        fields = ['verified']
--- a/core/tests/test_vacancies.py
+++ b/core/tests/test_vacancies.py
@@ -203,7 +203,6 @@ class SupervisorApprovalTests(APITestCase):

        url = '/api/vacancies/' + str(new_vacancy2.pk) + '/verify/'
        response = self.client.patch(url, {'verified' : True}, format='json')
-        print response.data
        self.assertEqual(response.status_code, status.HTTP_200_OK)

        retrieve_vacancy = Vacancy.objects.get(pk=new_vacancy2.pk)

--- a/core/views/vacancies.py
+++ b/core/views/vacancies.py
@@ -8,11 +8,11 @@ from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response

 from core.lib.mixins import MultiSerializerViewSetMixin
-from core.lib.permissions import IsAdminOrStudent, IsAdminOrCompany, IsAdminOrVacancyOwner
+from core.lib.permissions import IsAdminOrStudent, IsAdminOrCompany, IsAdminOrVacancyOwner, VacancyApprovalPermission
 from core.models import Student, Company
 from core.models.vacancies import Vacancy, Application
 from core.serializers.vacancies import VacancySerializer, ApplicationSerializer, ApplicationStatusSerializer, \
-    VacancyApplicationSerializer, PostVacancySerializer
+    VacancyApplicationSerializer, PostVacancySerializer, VacancyVerifiedSerializer


 class VacancyViewSet(MultiSerializerViewSetMixin, viewsets.ModelViewSet):
@@ -43,6 +43,15 @@ class VacancyViewSet(MultiSerializerViewSetMixin, viewsets.ModelViewSet):
        count_new = Application.objects.filter(vacancy=vacancy, status=Application.NEW).count()
        return Response({"count": count, "count_new": count_new}, status=status.HTTP_200_OK)

+    @detail_route(methods=['patch'], permission_classes=[VacancyApprovalPermission], serializer_class=VacancyVerifiedSerializer)
+    def verify(self, request, pk=None):
+        vacancy = self.get_object()
+        serializer = self.get_serializer_class()(vacancy, data=request.data, partial=True)
+        if serializer.is_valid():
+            serializer.save()
+            return Response(serializer.data, status=status.HTTP_200_OK)
+        return Response({"error" : "bad request"}, status=status.HTTP_400_BAD_REQUEST)
+

 class ApplicationViewSet(viewsets.GenericViewSet):
    serializer_class = ApplicationSerializer