Fakultas Ilmu Komputer UI

Commit bf0eb3ae authored by Zamil Majdy's avatar Zamil Majdy
Browse files

Refactor API endpoints

parent 2a9de52c
...@@ -239,7 +239,7 @@ export default class ProfilePage extends React.Component { ...@@ -239,7 +239,7 @@ export default class ProfilePage extends React.Component {
<Container textAlign="center"> <Container textAlign="center">
<div className="buttonProfile"> <div className="buttonProfile">
<Button onClick={this.gotoStudentResume} primary size="small">Resume</Button> <Button onClick={this.gotoStudentResume} disabled={!this.state.resume} primary size="small">Resume</Button>
</div> </div>
<br /> <br />
<div> <div>
......
...@@ -25,7 +25,7 @@ export default class SupervisorPage extends React.Component { ...@@ -25,7 +25,7 @@ export default class SupervisorPage extends React.Component {
} }
UserList() { UserList() {
Server.get('/student-applications/', false).then((data) => { Server.get('/applications/', false).then((data) => {
this.setState({ list: data.results }); this.setState({ list: data.results });
}); });
} }
...@@ -44,7 +44,7 @@ export default class SupervisorPage extends React.Component { ...@@ -44,7 +44,7 @@ export default class SupervisorPage extends React.Component {
</Grid.Row> </Grid.Row>
<Grid.Row> <Grid.Row>
<div id="layout-content" className="layout-content-wrapper"> <div id="layout-content" className="layout-content-wrapper">
<Pagination url={'/student-applications/'} child={<ApplicationList cols={cols} />} /> <Pagination url={'/applications/'} child={<ApplicationList cols={cols} />} />
</div> </div>
</Grid.Row> </Grid.Row>
</Grid> </Grid>
......
...@@ -10,8 +10,9 @@ export default class TranscriptPage extends React.Component { ...@@ -10,8 +10,9 @@ export default class TranscriptPage extends React.Component {
constructor(props) { constructor(props) {
super(props); super(props);
/* istanbul ignore next */ /* istanbul ignore next */
console.log(this.props.params);
this.state = {}; this.state = {};
Server.get(`/applications/${this.props.params.id}/`).then(response => this.setState({ data: response })); Server.get(`/applications/${this.props.params.id}/transcript/`).then(response => this.setState({ data: response }));
} }
render() { render() {
......
...@@ -115,7 +115,7 @@ export default class ApproveModal extends React.Component { ...@@ -115,7 +115,7 @@ export default class ApproveModal extends React.Component {
<b> <b>
{this.props.data.student.resume ? <a onClick={this.gotoStudentResume} href="#" >CV Pelamar </a> : 'Pelamar tidak memiliki CV'} {this.props.data.student.resume ? <a onClick={this.gotoStudentResume} href="#" >CV Pelamar </a> : 'Pelamar tidak memiliki CV'}
<br /> <br />
{this.props.data.student.show_transcript ? <a onClick={this.gotoStudentTranscript} href="#" >Transkrip Pelamar</a> : 'Pelamar tidak mengijinkan transktip dilihat'} {this.props.data.student.show_transcript ? <a onClick={this.gotoStudentTranscript} href="#" >Transkrip Pelamar</a> : 'Pelamar tidak mengijinkan transkrip dilihat'}
<br /> <br />
</b> </b>
</div> </div>
......
...@@ -26,18 +26,15 @@ export default class CourseList extends React.Component { ...@@ -26,18 +26,15 @@ export default class CourseList extends React.Component {
render = () => ( render = () => (
<Segment className="transkrip"> <Segment className="transkrip">
<Grid> <Grid>
<Grid.Row columns={2}> <Grid.Row>
<Grid.Column width={2} > <Segment basic >
<Image src="/assets/img/UI.png" size="tiny" floated="right" /> <Image src="/assets/img/UI.png" size="tiny" floated="right" />
</Grid.Column> </Segment>
<Grid.Column width={4}>
<Segment basic > <Segment basic >
<h3 style={{ lineHeight: '1%' }}>Universitas Indonesia </h3> <h3 style={{ lineHeight: '1%' }}>Universitas Indonesia </h3>
<h3 style={{ lineHeight: '1%' }}>Fakultas Ilmu Komputer </h3> <h3 style={{ lineHeight: '1%' }}>Fakultas Ilmu Komputer </h3>
<h3 style={{ lineHeight: '1%' }}>Program Studi S1</h3> <h3 style={{ lineHeight: '1%' }}>Program Studi S1</h3>
</Segment> </Segment>
</Grid.Column>
</Grid.Row> </Grid.Row>
<Container fluid> <Container fluid>
<hr /> <hr />
......
...@@ -16,7 +16,7 @@ def is_admin_or_company(user): ...@@ -16,7 +16,7 @@ def is_admin_or_company(user):
if user.is_superuser or user.is_staff: if user.is_superuser or user.is_staff:
return True return True
if not hasattr(user, "company") or user.company.status != Company.VERIFIED : if not hasattr(user, "company") or user.company.status != Company.VERIFIED:
raise PermissionDenied("This account is not valid company account or has not been verified") raise PermissionDenied("This account is not valid company account or has not been verified")
return True return True
...@@ -147,10 +147,12 @@ class IsAdminOrVacancyOwner(permissions.BasePermission): ...@@ -147,10 +147,12 @@ class IsAdminOrVacancyOwner(permissions.BasePermission):
"Checking owner permission on non-application object" "Checking owner permission on non-application object"
) )
class AsAdminOrSupervisor(permissions.BasePermission): class AsAdminOrSupervisor(permissions.BasePermission):
def has_permission(self, request, view): def has_permission(self, request, view):
return is_admin_or_supervisor(request.user) return is_admin_or_supervisor(request.user)
class VacancyApprovalPermission(permissions.BasePermission): class VacancyApprovalPermission(permissions.BasePermission):
def has_permission(self, request, view): def has_permission(self, request, view):
return is_admin_or_supervisor(request.user) return is_admin_or_supervisor(request.user)
......
...@@ -128,22 +128,22 @@ class ProfileUpdateTests(APITestCase): ...@@ -128,22 +128,22 @@ class ProfileUpdateTests(APITestCase):
format='json') format='json')
student_id = response.data.get('student').get('id') student_id = response.data.get('student').get('id')
url = '/api/profiles/students/' + str(student_id) + "/" url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'phone_number': '08123123123'}, format='multipart') response = self.client.patch(url, {'phone_number': '08123123123'}, format='multipart')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED) self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('phone_number'), '08123123123') self.assertEqual(response.data.get('phone_number'), '08123123123')
url = '/api/profiles/students/' + str(student_id) + "/" url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'email': 'saasdasd'}, format='multipart') response = self.client.patch(url, {'email': 'saasdasd'}, format='multipart')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
url = '/api/profiles/students/123123123/' url = '/api/students/123123123/profile/'
response = self.client.patch(url, {'phone_number': '08123123123'}, format='multipart') response = self.client.patch(url, {'phone_number': '08123123123'}, format='multipart')
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND) self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
new_user = User.objects.create_user('dummy.student2', 'dummy.student@student.com', 'lalala123') new_user = User.objects.create_user('dummy.student2', 'dummy.student@student.com', 'lalala123')
new_student = Student.objects.create(user=new_user, npm="1212121212") new_student = Student.objects.create(user=new_user, npm="1212121212")
url = '/api/profiles/students/' + str(new_student.pk) + "/" url = '/api/students/' + str(new_student.pk) + "/profile/"
response = self.client.patch(url, {'phone_number': '08123123123'}, format='multipart') response = self.client.patch(url, {'phone_number': '08123123123'}, format='multipart')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
...@@ -31,7 +31,8 @@ class ApplicationTests(APITestCase): ...@@ -31,7 +31,8 @@ class ApplicationTests(APITestCase):
url = '/api/login/' url = '/api/login/'
response = self.client.post(url, {'username': 'dummy.mahasiswa', 'password': 'lalala', 'login-type': 'sso-ui'}, format='json') response = self.client.post(url, {'username': 'dummy.mahasiswa', 'password': 'lalala', 'login-type': 'sso-ui'},
format='json')
student_id = response.data.get('student').get('id') student_id = response.data.get('student').get('id')
url = '/api/students/' + str(student_id) + '/applied-vacancies/' url = '/api/students/' + str(student_id) + '/applied-vacancies/'
...@@ -65,11 +66,14 @@ class ApplicationTests(APITestCase): ...@@ -65,11 +66,14 @@ class ApplicationTests(APITestCase):
student_id = response.data.get('student').get('id') student_id = response.data.get('student').get('id')
new_user = User.objects.create_user('dummy.company', 'dummy.company@company.com', 'lalala123') new_user = User.objects.create_user('dummy.company', 'dummy.company@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala",status=Company.VERIFIED,logo=None,address=None) new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0), description="lalala", close_time=datetime.today()) address=None)
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0),
description="lalala", close_time=datetime.today())
url = '/api/students/' + str(student_id) + '/applied-vacancies/' url = '/api/students/' + str(student_id) + '/applied-vacancies/'
response = self.client.post(url, {'vacancy_id' : new_vacancy.pk, 'cover_letter' : 'this is a cover letter.'}, format='json') response = self.client.post(url, {'vacancy_id': new_vacancy.pk, 'cover_letter': 'this is a cover letter.'},
format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.status_code, status.HTTP_200_OK)
url = '/api/students/' + str(student_id) + '/applied-vacancies/' + str(new_vacancy.pk) + '/' url = '/api/students/' + str(student_id) + '/applied-vacancies/' + str(new_vacancy.pk) + '/'
...@@ -99,7 +103,8 @@ class BookmarkApplicationTests(APITestCase): ...@@ -99,7 +103,8 @@ class BookmarkApplicationTests(APITestCase):
url = '/api/login/' url = '/api/login/'
response = self.client.post(url, {'username': 'dummy.mahasiswa', 'password': 'lalala', 'login-type': 'sso-ui'}, format='json') response = self.client.post(url, {'username': 'dummy.mahasiswa', 'password': 'lalala', 'login-type': 'sso-ui'},
format='json')
student_id = response.data.get('student').get('id') student_id = response.data.get('student').get('id')
url = '/api/students/' + str(student_id) + '/bookmarked-vacancies/' url = '/api/students/' + str(student_id) + '/bookmarked-vacancies/'
...@@ -133,11 +138,13 @@ class BookmarkApplicationTests(APITestCase): ...@@ -133,11 +138,13 @@ class BookmarkApplicationTests(APITestCase):
student_id = response.data.get('student').get('id') student_id = response.data.get('student').get('id')
new_user = User.objects.create_user('dummy.company2', 'dummy.compan2y@company.com', 'lalala123') new_user = User.objects.create_user('dummy.company2', 'dummy.compan2y@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala",status=Company.VERIFIED,logo=None,address=None) new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0), description="lalala", close_time=datetime.today()) address=None)
new_vacancy = Vacancy.objects.create(company=new_company, verified=True, open_time=datetime.fromtimestamp(0),
description="lalala", close_time=datetime.today())
url = '/api/students/' + str(student_id) + '/bookmarked-vacancies/' url = '/api/students/' + str(student_id) + '/bookmarked-vacancies/'
response = self.client.post(url, {'vacancy_id' : new_vacancy.pk}, format='json') response = self.client.post(url, {'vacancy_id': new_vacancy.pk}, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.status_code, status.HTTP_200_OK)
url = '/api/students/' + str(student_id) + '/bookmarked-vacancies/' + str(new_vacancy.pk) + '/' url = '/api/students/' + str(student_id) + '/bookmarked-vacancies/' + str(new_vacancy.pk) + '/'
...@@ -169,10 +176,10 @@ class VacancyTest(APITestCase): ...@@ -169,10 +176,10 @@ class VacancyTest(APITestCase):
class CompanyListsTests(APITestCase): class CompanyListsTests(APITestCase):
def test_company_vacancy_list(self): def test_company_vacancy_list(self):
new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123') new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None, address=None) new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
self.client.force_authenticate(new_user) self.client.force_authenticate(new_user)
...@@ -182,10 +189,12 @@ class CompanyListsTests(APITestCase): ...@@ -182,10 +189,12 @@ class CompanyListsTests(APITestCase):
def test_company_vacancy_list_unauthorized(self): def test_company_vacancy_list_unauthorized(self):
new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123') new_user = User.objects.create_user('dummy.company3', 'dummy.company3@company.com', 'lalala123')
new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None, address=None) new_company = Company.objects.create(user=new_user, description="lalala", status=Company.VERIFIED, logo=None,
address=None)
new_user2 = User.objects.create_user('dummy.companyzxc', 'dummy.companyzxc@company.com', 'lalala123') new_user2 = User.objects.create_user('dummy.companyzxc', 'dummy.companyzxc@company.com', 'lalala123')
new_company2 = Company.objects.create(user=new_user2, description="lalalaasdsad", status=Company.VERIFIED, logo=None, new_company2 = Company.objects.create(user=new_user2, description="lalalaasdsad", status=Company.VERIFIED,
logo=None,
address=None) address=None)
self.client.force_authenticate(new_user2) self.client.force_authenticate(new_user2)
...@@ -326,7 +335,8 @@ class CompanyListsTests(APITestCase): ...@@ -326,7 +335,8 @@ class CompanyListsTests(APITestCase):
self.client.force_authenticate(new_user) self.client.force_authenticate(new_user)
url = '/api/companies/' + str(new_company.pk) + '/applications/' + str(new_vacancy.pk) + '/by_vacancy/?status=lalala' url = '/api/companies/' + str(new_company.pk) + '/applications/' + str(
new_vacancy.pk) + '/by_vacancy/?status=lalala'
response = self.client.get(url, format='json') response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
...@@ -344,7 +354,8 @@ class CompanyListsTests(APITestCase): ...@@ -344,7 +354,8 @@ class CompanyListsTests(APITestCase):
self.client.force_authenticate(new_user) self.client.force_authenticate(new_user)
url = '/api/companies/' + str(new_company.pk) + '/applications/' + str(new_vacancy.pk) + '/by_vacancy/?status=-1' url = '/api/companies/' + str(new_company.pk) + '/applications/' + str(
new_vacancy.pk) + '/by_vacancy/?status=-1'
response = self.client.get(url, format='json') response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
...@@ -366,14 +377,14 @@ class CompanyListsTests(APITestCase): ...@@ -366,14 +377,14 @@ class CompanyListsTests(APITestCase):
response = self.client.get(url, format='json') response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
class SupervisorStudentApplicationTests(APITestCase):
class SupervisorStudentApplicationTests(APITestCase):
def test_list_student_application(self): def test_list_student_application(self):
new_user = User.objects.create_user('dummy.supervisor', 'dummy.supervisor@asd.asd', 'lalala123') new_user = User.objects.create_user('dummy.supervisor', 'dummy.supervisor@asd.asd', 'lalala123')
new_supervisor = Supervisor.objects.create(user=new_user, nip=1212121212) new_supervisor = Supervisor.objects.create(user=new_user, nip=1212121212)
self.client.force_authenticate(user=new_user) self.client.force_authenticate(user=new_user)
url = '/api/student-applications/' url = '/api/applications/'
response = self.client.get(url, format='json') response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.status_code, status.HTTP_200_OK)
...@@ -381,12 +392,12 @@ class SupervisorStudentApplicationTests(APITestCase): ...@@ -381,12 +392,12 @@ class SupervisorStudentApplicationTests(APITestCase):
new_user = User.objects.create_user('dummy.supervisor', 'dummy.supervisor@asd.asd', 'lalala123') new_user = User.objects.create_user('dummy.supervisor', 'dummy.supervisor@asd.asd', 'lalala123')
self.client.force_authenticate(user=new_user) self.client.force_authenticate(user=new_user)
url = '/api/student-applications/' url = '/api/applications/'
response = self.client.get(url, format='json') response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
class SupervisorApprovalTests(APITestCase):
class SupervisorApprovalTests(APITestCase):
def test_supervisor_approve_vacancy(self): def test_supervisor_approve_vacancy(self):
new_user = User.objects.create_user('dummy.supervisor', 'dummy.supervisor@asd.asd', 'lalala123') new_user = User.objects.create_user('dummy.supervisor', 'dummy.supervisor@asd.asd', 'lalala123')
new_supervisor = Supervisor.objects.create(user=new_user, nip=1212121212) new_supervisor = Supervisor.objects.create(user=new_user, nip=1212121212)
...@@ -399,7 +410,7 @@ class SupervisorApprovalTests(APITestCase): ...@@ -399,7 +410,7 @@ class SupervisorApprovalTests(APITestCase):
description="lalala", close_time=datetime.today()) description="lalala", close_time=datetime.today())
url = '/api/vacancies/' + str(new_vacancy2.pk) + '/verify/' url = '/api/vacancies/' + str(new_vacancy2.pk) + '/verify/'
response = self.client.patch(url, {'verified' : True}, format='json') response = self.client.patch(url, {'verified': True}, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertEqual(response.status_code, status.HTTP_200_OK)
retrieve_vacancy = Vacancy.objects.get(pk=new_vacancy2.pk) retrieve_vacancy = Vacancy.objects.get(pk=new_vacancy2.pk)
...@@ -418,4 +429,3 @@ class SupervisorApprovalTests(APITestCase): ...@@ -418,4 +429,3 @@ class SupervisorApprovalTests(APITestCase):
response = self.client.patch(url, format='json') response = self.client.patch(url, format='json')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN) self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(new_vacancy.verified, False) self.assertEqual(new_vacancy.verified, False)
...@@ -30,7 +30,7 @@ class UserViewSet(viewsets.ModelViewSet): ...@@ -30,7 +30,7 @@ class UserViewSet(viewsets.ModelViewSet):
return Response(serializer.data) return Response(serializer.data)
def get_permissions(self): def get_permissions(self):
if self.action == "update": if self.action == "update" or self.action == "partial_update":
return [IsAdminOrSelfOrReadOnly(), IsAuthenticated()] return [IsAdminOrSelfOrReadOnly(), IsAuthenticated()]
if self.action == "create": if self.action == "create":
return [AllowAny()] return [AllowAny()]
...@@ -43,7 +43,7 @@ class StudentViewSet(viewsets.ModelViewSet): ...@@ -43,7 +43,7 @@ class StudentViewSet(viewsets.ModelViewSet):
permission_classes = [IsAdminUser] permission_classes = [IsAdminUser]
def get_permissions(self): def get_permissions(self):
if self.action == "update": if self.action == "update" or self.action == "partial_update":
return [IsAdminOrSelfOrReadOnly(), IsAdminOrStudent()] return [IsAdminOrSelfOrReadOnly(), IsAdminOrStudent()]
if self.action == "list": if self.action == "list":
return [IsAuthenticated(), IsAdminOrSupervisor()] return [IsAuthenticated(), IsAdminOrSupervisor()]
......
...@@ -4,15 +4,17 @@ from rest_framework import viewsets, status ...@@ -4,15 +4,17 @@ from rest_framework import viewsets, status
from rest_framework.decorators import detail_route from rest_framework.decorators import detail_route
from rest_framework.exceptions import ValidationError from rest_framework.exceptions import ValidationError
from rest_framework.generics import get_object_or_404 from rest_framework.generics import get_object_or_404
from rest_framework.pagination import PageNumberPagination
from rest_framework.permissions import IsAuthenticated from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.pagination import PageNumberPagination
from core.lib.mixins import MultiSerializerViewSetMixin from core.lib.mixins import MultiSerializerViewSetMixin
from core.lib.permissions import IsAdminOrStudent, IsAdminOrCompany, IsAdminOrVacancyOwner, AsAdminOrSupervisor, VacancyApprovalPermission from core.lib.permissions import IsAdminOrStudent, IsAdminOrCompany, IsAdminOrVacancyOwner, AsAdminOrSupervisor, \
VacancyApprovalPermission
from core.models import Student, Company from core.models import Student, Company
from core.models.vacancies import Vacancy, Application from core.models.vacancies import Vacancy, Application
from core.serializers.vacancies import VacancySerializer, ApplicationSerializer, ApplicationStatusSerializer, \ from core.serializers.vacancies import VacancySerializer, ApplicationSerializer, ApplicationStatusSerializer, \
VacancyApplicationSerializer, PostVacancySerializer, VacancyVerifiedSerializer, SupervisorStudentApplicationSerializer PostVacancySerializer, VacancyVerifiedSerializer, SupervisorStudentApplicationSerializer
class VacancyViewSet(MultiSerializerViewSetMixin, viewsets.ModelViewSet): class VacancyViewSet(MultiSerializerViewSetMixin, viewsets.ModelViewSet):
...@@ -48,17 +50,76 @@ class VacancyViewSet(MultiSerializerViewSetMixin, viewsets.ModelViewSet): ...@@ -48,17 +50,76 @@ class VacancyViewSet(MultiSerializerViewSetMixin, viewsets.ModelViewSet):
count_new = Application.objects.filter(vacancy=vacancy, status=Application.NEW).count() count_new = Application.objects.filter(vacancy=vacancy, status=Application.NEW).count()
return Response({"count": count, "count_new": count_new}, status=status.HTTP_200_OK) return Response({"count": count, "count_new": count_new}, status=status.HTTP_200_OK)
@detail_route(methods=['patch'], permission_classes=[VacancyApprovalPermission], serializer_class=VacancyVerifiedSerializer) @detail_route(methods=['patch'], permission_classes=[VacancyApprovalPermission],
serializer_class=VacancyVerifiedSerializer)
def verify(self, request, pk=None): def verify(self, request, pk=None):
vacancy = self.get_object() vacancy = self.get_object()
serializer = self.get_serializer_class()(vacancy, data=request.data, partial=True) serializer = self.get_serializer_class()(vacancy, data=request.data, partial=True)
if serializer.is_valid(): if serializer.is_valid():
serializer.save() serializer.save()
return Response(serializer.data, status=status.HTTP_200_OK) return Response(serializer.data, status=status.HTTP_200_OK)
return Response({"error" : "bad request"}, status=status.HTTP_400_BAD_REQUEST) return Response({"error": "bad request"}, status=status.HTTP_400_BAD_REQUEST)
class ApplicationViewSet(viewsets.GenericViewSet): class ApplicationViewSet(MultiSerializerViewSetMixin, viewsets.GenericViewSet):
queryset = Application.objects.all()
serializer_class = ApplicationSerializer
serializer_action_classes = {
'update': ApplicationStatusSerializer,
'partial_update': ApplicationStatusSerializer,
'list': SupervisorStudentApplicationSerializer
}
permission_classes = [IsAdminOrVacancyOwner]
pagination_class = PageNumberPagination
def list(self, request):
applications = Application.objects.order_by('student')
page = self.paginate_queryset(applications)
serializer = self.get_serializer_class()
if page is not None:
return self.get_paginated_response(
serializer(applications, many=True, context={'request': request}).data)
return Response(serializer(applications, many=True, context={'request': request}).data)
def partial_update(self, request, pk=None):
application = self.get_object()
print self.action
serializer = self.get_serializer_class()(application, data=request.data, partial=True)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_202_ACCEPTED)
else:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
@detail_route(methods=['get'], permission_classes=[IsAdminOrVacancyOwner])
def transcript(self, request, pk):
"""
Get student {student_id}'s academic transcript
---
"""
application = self.get_object()
student = application.student
if student.show_transcript:
s = requests.Session()
credentials = settings.API_CS_CREDENTIALS
s.get('https://api.cs.ui.ac.id/api-auth/login/')
csrf = s.cookies['csrftoken']
resp = s.post('https://api.cs.ui.ac.id/api-auth/login/',
data={'username': credentials["user"], 'password': credentials["password"],
'csrfmiddlewaretoken': csrf})
response = s.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/' + str(student.npm) + '/riwayat/')
return Response({'name': student.full_name, 'transcript': response.json()}, status=status.HTTP_200_OK)
else:
return Response({'name': student.full_name, 'error': 'student does not allow transcript to be shown'},
status=status.HTTP_200_OK)
def get_permissions(self):
if self.action == "list":
return [AsAdminOrSupervisor()]
return super(ApplicationViewSet, self).get_permissions()
class StudentApplicationViewSet(viewsets.GenericViewSet):
serializer_class = ApplicationSerializer serializer_class = ApplicationSerializer
permission_classes = [IsAdminOrStudent] permission_classes = [IsAdminOrStudent]
pagination_class = PageNumberPagination pagination_class = PageNumberPagination
...@@ -127,11 +188,16 @@ class CompanyApplicationViewSet(viewsets.GenericViewSet): ...@@ -127,11 +188,16 @@ class CompanyApplicationViewSet(viewsets.GenericViewSet):
applications = applications.filter(status=request.query_params['status']) applications = applications.filter(status=request.query_params['status'])
page = self.paginate_queryset(applications) page = self.paginate_queryset(applications)
if page is not None: if page is not None:
return self.get_paginated_response(ApplicationSerializer(page, many=True, context={'request': request}).data) return self.get_paginated_response(
ApplicationSerializer(page, many=True, context={'request': request}).data)
return Response(ApplicationSerializer(applications, many=True, context={'request': request}).data) return Response(ApplicationSerializer(applications, many=True, context={'request': request}).data)
@detail_route(methods=["get"]) @detail_route(methods=["get"])
def by_vacancy(self, request, company_id, pk=None): def by_vacancy(self, request, company_id, pk=None):
"""
Get list of company {company_id}'s applications by vacancy {id}
---
"""
if pk is None: if pk is None:
return list(self, request, company_id) return list(self, request, company_id)
company = get_object_or_404(Company.objects.all().order_by('-updated'), pk=company_id) company = get_object_or_404(Company.objects.all().order_by('-updated'), pk=company_id)
...@@ -159,35 +225,6 @@ class CompanyApplicationViewSet(viewsets.GenericViewSet): ...@@ -159,35 +225,6 @@ class CompanyApplicationViewSet(viewsets.GenericViewSet):
return Response(ApplicationSerializer(applications, many=True, context={'request': request}).data) return Response(ApplicationSerializer(applications, many=True, context={'request': request}).data)