Fakultas Ilmu Komputer UI

Commit 6d410f65 authored by RANI LASMA ULI's avatar RANI LASMA ULI
Browse files

1606885025 164 SPRINT 2

parent 7c413485
# -*- coding: utf-8 -*-
# Generated by Django 1.11.17 on 2019-11-15 14:04
# Generated by Django 1.11.17 on 2019-11-15 20:12
from __future__ import unicode_literals
import core.lib.validators
......@@ -37,9 +37,9 @@ class Migration(migrations.Migration):
('status', models.IntegerField(default=0)),
('logo', models.FileField(blank=True, null=True, upload_to=core.models.accounts.get_company_logo_file_path, validators=[core.lib.validators.validate_image_file_extension])),
('address', models.CharField(blank=True, max_length=1000, null=True)),
('category', models.CharField(default=b'Belum ada kategori perusahaan', max_length=140)),
('category', models.CharField(default='Belum ada kategori perusahaan', max_length=140)),
('size', models.CharField(blank=True, default=0, max_length=10, null=True)),
('website', models.CharField(default=b'Belum ada link website', max_length=100)),
('website', models.CharField(default='Belum ada link website', max_length=100)),
('linkedin_url', models.URLField(blank=True, null=True)),
('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
],
......@@ -52,7 +52,7 @@ class Migration(migrations.Migration):
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('created', models.DateTimeField(auto_now_add=True)),
('title', models.CharField(blank=True, default=b'', max_length=100)),
('title', models.CharField(blank=True, default='', max_length=100)),
('content', models.TextField()),
('companyId', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, to='core.Company')),
],
......@@ -67,16 +67,16 @@ class Migration(migrations.Migration):
('created', models.DateTimeField(auto_now_add=True)),
('updated', models.DateTimeField(auto_now=True)),
('npm', models.IntegerField(unique=True, validators=[core.lib.validators.validate_npm])),
('resume', models.FileField(blank=True, null=True, upload_to=core.models.accounts.get_student_resume_file_path, validators=[django.core.validators.FileExtensionValidator([b'pdf'])])),
('resume', models.FileField(blank=True, null=True, upload_to=core.models.accounts.get_student_resume_file_path, validators=[django.core.validators.FileExtensionValidator(['pdf'])])),
('sertifikat', models.FileField(blank=True, null=True, upload_to=core.models.accounts.get_student_sertifikat_file_path, validators=[core.lib.validators.validate_document_file_extension])),
('phone_number', models.CharField(blank=True, db_index=True, max_length=100, null=True, validators=[django.core.validators.RegexValidator(b'^0\\d{1,11}$')])),
('phone_number', models.CharField(blank=True, db_index=True, max_length=100, null=True, validators=[django.core.validators.RegexValidator('^0\\d{1,11}$')])),
('gender', models.CharField(blank=True, max_length=30, null=True)),
('birth_place', models.CharField(blank=True, max_length=30, null=True)),
('birth_date', models.DateField(blank=True, null=True)),
('major', models.CharField(blank=True, max_length=30, null=True)),
('batch', models.CharField(blank=True, max_length=4, null=True)),
('show_transcript', models.BooleanField(default=False)),
('photo', models.FileField(blank=True, null=True, upload_to=core.models.accounts.get_student_photo_file_path, validators=[django.core.validators.FileExtensionValidator([b'jpg', b'jpeg', b'png'])])),
('photo', models.FileField(blank=True, null=True, upload_to=core.models.accounts.get_student_photo_file_path, validators=[django.core.validators.FileExtensionValidator(['jpg', 'jpeg', 'png'])])),
('self_description', models.CharField(blank=True, db_index=True, max_length=500, null=True)),
('portfolio_link', models.URLField(blank=True, null=True)),
('linkedin_url', models.URLField(blank=True, null=True)),
......@@ -91,10 +91,11 @@ class Migration(migrations.Migration):
('latest_work', models.CharField(blank=True, max_length=100, null=True)),
('latest_work_desc', models.TextField(blank=True, null=True)),
('github_url', models.URLField(blank=True, null=True)),
('gitlab_url', models.URLField(blank=True, null=True)),
('intro', models.CharField(blank=True, max_length=50, null=True)),
('expected_salary', models.CharField(blank=True, max_length=10, null=True, validators=[django.core.validators.RegexValidator(b'^\\d{0,10}$')])),
('expected_salary', models.CharField(blank=True, max_length=10, null=True, validators=[django.core.validators.RegexValidator('^\\d{0,10}$')])),
('job_seeking_status', models.CharField(blank=True, max_length=30, null=True)),
('student_gpa', models.FloatField(blank=True, db_column=b'student_gpa', default=1.0, null=True, validators=[core.lib.validators.validate_student_gpa])),
('student_gpa', models.FloatField(blank=True, db_column='student_gpa', default=1.0, null=True, validators=[core.lib.validators.validate_student_gpa])),
('volunteer', models.CharField(blank=True, max_length=100, null=True)),
('awards', models.CharField(blank=True, max_length=100, null=True)),
('projects', models.CharField(blank=True, max_length=100, null=True)),
......@@ -102,7 +103,7 @@ class Migration(migrations.Migration):
('languages', models.CharField(blank=True, max_length=100, null=True)),
('seminar', models.CharField(blank=True, max_length=100, null=True)),
('interests', models.CharField(blank=True, max_length=100, null=True)),
('dependants', models.IntegerField(blank=True, db_column=b'dependants', default=0, null=True)),
('dependants', models.IntegerField(blank=True, db_column='dependants', default=0, null=True)),
],
options={
'ordering': ['-updated'],
......@@ -162,7 +163,7 @@ class Migration(migrations.Migration):
name='ReasonRejected',
fields=[
('application', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, primary_key=True, serialize=False, to='core.Application')),
('reason', models.TextField(default=b'Tidak memenuhi kualifikasi perusahaan.')),
('reason', models.TextField(default='Tidak memenuhi kualifikasi perusahaan.')),
],
),
migrations.AddField(
......
# -*- coding: utf-8 -*-
# Generated by Django 1.11.17 on 2019-11-15 17:55
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('core', '0001_initial'),
]
operations = [
migrations.AddField(
model_name='student',
name='gitlab_url',
field=models.URLField(blank=True, null=True),
),
]
......@@ -4,7 +4,10 @@ from rest_framework import status
from rest_framework.test import APIClient, APITestCase
from django.contrib.auth.models import User
from django.core.exceptions import ValidationError
from StringIO import StringIO
try:
from StringIO import StringIO ## for Python 2
except ImportError:
from io import StringIO ## for Python 3
from core.models.accounts import Company, Supervisor, Student, get_current_age
from core.tests.mocks import (mock_csui_oauth_verify, mock_csui_ldap_student, mock_csui_ldap_lecturer,
mock_csui_ldap_fail, mock_csui_siak_student)
......@@ -117,43 +120,43 @@ class ProfileUpdateTests(APITestCase):
student_id = response.data.get('student').get('id')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'self_description': 'I am very happy'}, format='multipart')
response = self.client.patch(url, {'self_description': 'I am very happy'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('self_description'), 'I am very happy')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'linkedin_url': 'https://www.linkedin.com/in/jojo/'}, format='multipart')
response = self.client.patch(url, {'linkedin_url': 'https://www.linkedin.com/in/jojo/'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('linkedin_url'), 'https://www.linkedin.com/in/jojo/')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'linkedin_url': 'https://linkedin.com/in/jojo/'}, format='multipart')
response = self.client.patch(url, {'linkedin_url': 'https://linkedin.com/in/jojo/'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('linkedin_url'), 'https://linkedin.com/in/jojo/')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'linkedin_url': 'https://id.linkedin.com/in/jojo/'}, format='multipart')
response = self.client.patch(url, {'linkedin_url': 'https://id.linkedin.com/in/jojo/'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('linkedin_url'), 'https://id.linkedin.com/in/jojo/')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'linkedin_url': 'https://www.linkedin.com/jojo/'}, format='multipart')
response = self.client.patch(url, {'linkedin_url': 'https://www.linkedin.com/jojo/'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data.get('linkedin_url'), None)
response = self.client.patch(url, {'hackerrank_url': 'https://www.hackerrank.com/james'}, format='multipart')
response = self.client.patch(url, {'hackerrank_url': 'https://www.hackerrank.com/james'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('hackerrank_url'), 'https://www.hackerrank.com/james')
response = self.client.patch(url, {'hackerrank_url': 'https://www.hackerank.com/james'}, format='multipart')
response = self.client.patch(url, {'hackerrank_url': 'https://www.hackerank.com/james'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data.get('hackerrank_url'), None)
response = self.client.patch(url, {'github_url': 'https://github.com/bob'}, format='multipart')
response = self.client.patch(url, {'github_url': 'https://github.com/bob'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('github_url'), 'https://github.com/bob')
response = self.client.patch(url, {'github_url': 'https://gitlab.com/bob'}, format='multipart')
response = self.client.patch(url, {'github_url': 'https://gitlab.com/bob'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data.get('github_url'), None)
......@@ -247,12 +250,12 @@ class ProfileUpdateTests(APITestCase):
new_student = Student.objects.create(user=new_user, npm="1212121212")
url = '/api/students/' + str(new_student.pk) + "/profile/"
response = self.client.patch(url, {'phone_number': '08123123123'}, format='multipart')
response = self.client.patch(url, {'phone_number': '08123123123'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
url = '/api/students/' + str(student_id) + "/profile/"
data = self._create_test_file('./assets/pdf/pdf-coba.pdf')
response = self.client.patch(url, data, format='multipart')
response = self.client.patch(url, data, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_200_OK)
url = '/api/students/' + str(student_id) + "/profile/"
......@@ -261,69 +264,69 @@ class ProfileUpdateTests(APITestCase):
self.assertEqual(response.status_code, status.HTTP_415_UNSUPPORTED_MEDIA_TYPE)
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'latest_work': 'Teaching assistant at Fasilkom UI'}, format='multipart')
response = self.client.patch(url, {'latest_work': 'Teaching assistant at Fasilkom UI'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('latest_work'), 'Teaching assistant at Fasilkom UI')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'latest_work_desc': 'Evaluate weekly assignment for 15 students'}, format='multipart')
response = self.client.patch(url, {'latest_work_desc': 'Evaluate weekly assignment for 15 students'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('latest_work_desc'), 'Evaluate weekly assignment for 15 students')
url = '/api/students/' + str(student_id) + '/profile/'
response = self.client.patch(url, {'intro': 'Saya tertarik dengan dunia front-end development'}, format='multipart')
response = self.client.patch(url, {'intro': 'Saya tertarik dengan dunia front-end development'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('intro'), 'Saya tertarik dengan dunia front-end development')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'awards': 'Juara 2 UIUX Gemastik 2019'}, format='multipart')
response = self.client.patch(url, {'awards': 'Juara 2 UIUX Gemastik 2019'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('awards'), 'Juara 2 UIUX Gemastik 2019')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'projects': 'Ow-Jek - Android Mobile Project'}, format='multipart')
response = self.client.patch(url, {'projects': 'Ow-Jek - Android Mobile Project'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('projects'), 'Ow-Jek - Android Mobile Project')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'certification': 'TOEFL'}, format='multipart')
response = self.client.patch(url, {'certification': 'TOEFL'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('certification'), 'TOEFL')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'languages': 'Indonesia, Inggris'}, format='multipart')
response = self.client.patch(url, {'languages': 'Indonesia, Inggris'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('languages'), 'Indonesia, Inggris')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'seminar': 'Seminar CompFest'}, format='multipart')
response = self.client.patch(url, {'seminar': 'Seminar CompFest'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('seminar'), 'Seminar CompFest')
failing_desc = "a" * 501
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'self_description': failing_desc}, format='multipart')
response = self.client.patch(url, {'self_description': failing_desc}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'student_gpa': '4'}, format='multipart')
response = self.client.patch(url, {'student_gpa': '4'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'student_gpa': '8'}, format='multipart')
response = self.client.patch(url, {'student_gpa': '8'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
response = self.client.patch(url, {'interests': 'Machine Learning'}, format='multipart')
response = self.client.patch(url, {'interests': 'Machine Learning'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('interests'), 'Machine Learning')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'skills': ''}, format='multipart')
response = self.client.patch(url, {'skills': ''}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
self.assertEqual(response.data.get('skills'), '')
url = '/api/students/' + str(student_id) + "/profile/"
response = self.client.patch(url, {'skills': '1231231231'}, format='multipart')
response = self.client.patch(url, {'skills': '1231231231'}, format='multipart', encoding='utf-8')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
@requests_mock.Mocker()
......
......@@ -4,7 +4,7 @@ from django.contrib.auth.models import User
from rest_framework.test import APITestCase
from core.models.accounts import get_current_age, get_display_name
from core.views.accounts import determine_first_name_last_name
from core.views.accounts.utils import determine_first_name_last_name
class ProfileAccountsTests(APITestCase):
......
# Notes:
Whenever you add new python script in this folder, don't forget to register the module in __init__.py.
from .company import CompanyViewSet
from .login import LoginViewSet
from .registration import CompanyRegisterViewSet
from .student import StudentViewSet
from .supervisor import SupervisorViewSet
from .user import UserViewSet
\ No newline at end of file
from rest_framework import viewsets, status
from rest_framework.decorators import detail_route
from rest_framework.response import Response
from rest_framework.parsers import FormParser, MultiPartParser
from core.lib.permissions import IsAdminOrSelfOrReadOnly, IsAdminOrCompany
from core.models.accounts import Company
from core.serializers.accounts import CompanySerializer, CompanyUpdateSerializer
class CompanyViewSet(viewsets.ModelViewSet):
queryset = Company.objects.all()
serializer_class = CompanySerializer
permission_classes = [IsAdminOrSelfOrReadOnly, IsAdminOrCompany]
filter_fields = ('status',)
@detail_route(methods=['patch'], permission_classes=[IsAdminOrCompany],
serializer_class=CompanyUpdateSerializer, parser_classes=(MultiPartParser, FormParser,))
def profile(self, request, pk=None):
"""
Update company's profile information
---
"""
user = self.get_object()
serializer = self.serializer_class(
user, data=request.data, partial=True)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_202_ACCEPTED)
else:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
\ No newline at end of file
import requests
from django.contrib.auth import authenticate, login
from django.contrib.auth.models import User
from rest_framework import viewsets, status
from rest_framework.permissions import AllowAny
from rest_framework.response import Response
from core.views.sso_login import get_access_token, verify_user, get_riwayat_user, get_summary_user
from .utils import determine_first_name_last_name
from core.models.accounts import Student, Supervisor
from core.serializers.accounts import UserSerializer
class LoginViewSet(viewsets.GenericViewSet):
permission_classes = (AllowAny, )
serializer_class = UserSerializer
queryset = User.objects.all()
def create(self, request):
"""
Authentication for user by means of logging in
---
parameters:
- name: body
description: JSON object containing three strings: username, password and login-type. login-type should be either 'sso-ui' or 'company'.
required: true
type: string
paramType: body
"""
username = request.data.get('username')
password = request.data.get('password')
login_type = request.data.get('login-type')
if username is None or password is None or login_type is None:
return Response(status=status.HTTP_400_BAD_REQUEST)
if login_type == "sso-ui":
return self.login_via_sso(request, username, password)
elif login_type == "company":
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
serializer = UserSerializer(user, context={'request': request})
return Response(serializer.data, status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_401_UNAUTHORIZED)
else:
return Response(status=status.HTTP_400_BAD_REQUEST)
def login_via_sso(self, request, username, password):
r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
data={"username": username, "password": password})
resp = r.json()
if resp.get('state') != 0:
# create user
name = resp.get('nama')
first_name, last_name = determine_first_name_last_name(name)
user, created = User.objects.get_or_create(
username=username,
defaults={
'email': username + "@ui.ac.id",
'first_name': first_name,
'last_name': last_name
}
)
user.set_password(password)
user.save()
login(request, user)
if created:
if resp.get('nama_role') == "mahasiswa":
access_token = get_access_token(username, password)
ver_user = verify_user(access_token)
resp_student_detail = get_summary_user(
access_token, ver_user['identity_number'])
student = Student.objects.create(
user=user,
npm=resp.get("kodeidentitas"),
birth_place=resp_student_detail.get('kota_lahir'),
birth_date=resp_student_detail.get('tgl_lahir'),
major=resp_student_detail.get(
'program')[0].get('nm_org'),
batch=resp_student_detail.get(
'program')[0].get('angkatan')
)
student.save()
else:
supervisor = Supervisor.objects.create(
user=user,
nip=resp.get("kodeidentitas")
)
supervisor.save()
serializer = UserSerializer(user, context={'request': request})
return Response(serializer.data, status=status.HTTP_201_CREATED)
serializer = UserSerializer(user, context={'request': request})
return Response(serializer.data, status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_401_UNAUTHORIZED)
from django.contrib.auth.models import User
from django.contrib.auth import login
from rest_framework import viewsets, status
from rest_framework.parsers import FormParser, MultiPartParser
from rest_framework.permissions import AllowAny
from rest_framework.response import Response
from core.models.accounts import Company
from core.serializers.accounts import RegisterSerializer
class CompanyRegisterViewSet(viewsets.GenericViewSet):
permission_classes = (AllowAny,)
serializer_class = RegisterSerializer
queryset = Company.objects.all()
parser_classes = (MultiPartParser, FormParser,)
def create(self, request):
"""
Create a new company user
---
parameters:
- name: username
description: username of the new account
required: true
type: string
- name: password
description: password of the new account
required: true
type: string
- name: email
description: email address of the new account
required: true
type: string
- name: name
description: the new company's name
required: true
type: string
- name: description
description: description of the new company
required: true
type: string
- name: logo
description: logo of the new company
required: false
type: image
- name: address
description: address of the new account
required: false
type: string
"""
data = {}
for attr in ['password', 'email', 'name', 'description', 'logo', 'address', 'category', 'size','website']:
data[attr] = request.data.get(attr)
if data[attr] is None:
return Response({'error': attr+' is required'}, status=status.HTTP_400_BAD_REQUEST)
user, created = User.objects.get_or_create(
username=data['email'],
email=data['email'],
first_name=data['name'],
last_name=""
)
if created:
user.set_password(data['password'])
company = Company.objects.create(
user=user,
description=data['description'],
logo=data['logo'],
address=data['address'],
category=data['category'],
size=data['size'],
website=data['website']
)
user.save()
company.save()
serializer = self.serializer_class(
user, context={'request': request})
login(request, user)
return Response(serializer.data, status=status.HTTP_201_CREATED)
else:
return Response({'error': 'Company with email '+data['email']+' already exist'}, status=status.HTTP_409_CONFLICT)
\ No newline at end of file
import requests
import re
from django.contrib.auth import authenticate, login
from django.contrib.auth.models import User
from django.shortcuts import get_object_or_404
from rest_framework import viewsets, status
from rest_framework.decorators import list_route, detail_route
from rest_framework.exceptions import PermissionDenied
from rest_framework.decorators import detail_route
from rest_framework.parsers import FormParser, MultiPartParser
from rest_framework.permissions import AllowAny
from rest_framework.permissions import IsAdminUser, IsAuthenticated
from rest_framework.response import Response
from .sso_login import get_access_token, verify_user, get_riwayat_user, get_summary_user
from core.lib.permissions import IsAdminOrStudent, IsAdminOrSelfOrReadOnly, IsAdminOrCompany, IsAdminOrSupervisor, \
from core.lib.permissions import IsAdminOrStudent
from core.models.accounts import Student
from core.lib.permissions import IsAdminOrStudent, IsAdminOrSelfOrReadOnly, IsAdminOrSupervisor, \
IsAdminOrSupervisorOrCompanyOrSelf
from core.models.accounts import Student, Company, Supervisor
from core.serializers.accounts import BasicUserSerializer, UserSerializer, StudentSerializer, CompanySerializer, \
SupervisorSerializer, RegisterSerializer, StudentUpdateSerializer, CompanyUpdateSerializer
from kape import settings
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
permission_classes = [IsAdminUser]
@list_route(methods=['get'], permission_classes=[IsAuthenticated])
def me(self, request):
"""
Get current user's details
"""
user = self.request.user
serializer = BasicUserSerializer(user, context={"request": request})
return Response(serializer.data)
def get_permissions(self):
if self.action == "update" or self.action == "partial_update":
return [IsAdminOrSelfOrReadOnly(), IsAuthenticated()]
if self.action == "create":
return [AllowAny()]
return super(UserViewSet, self).get_permissions()
from core.serializers.accounts import StudentSerializer, StudentUpdateSerializer
class StudentViewSet(viewsets.ModelViewSet):
queryset = Student.objects.all()
......@@ -129,202 +98,4 @@ class StudentViewSet(viewsets.ModelViewSet):
return Response({'name': student.full_name, 'transcript': response.json()}, status=status.HTTP_200_OK)
else:
return Response({'name': student.full_name, 'error': 'student does not allow transcript to be shown'},
status=status.HTTP_200_OK)
class CompanyViewSet(viewsets.ModelViewSet):
queryset = Company.objects.all()
serializer_class = CompanySerializer
permission_classes = [IsAdminOrSelfOrReadOnly, IsAdminOrCompany]
filter_fields = ('status',)
@detail_route(methods=['patch'], permission_classes=[IsAdminOrCompany],
serializer_class=CompanyUpdateSerializer, parser_classes=(MultiPartParser, FormParser,))
def profile(self, request, pk=None):
"""
Update company's profile information
---
"""