Added CRUD for Pictures and Users (extensively tested with Postman, n…

…o test cases written yet)
HE-Arc · Mar 21, 2024 · 5d9be73 · 5d9be73
1 parent 97bbf74
commit 5d9be73
Show file tree

Hide file tree

Showing 6 changed files with 95 additions and 9 deletions.
diff --git a/backend/kodecupid/urls.py b/backend/kodecupid/urls.py
@@ -16,7 +16,7 @@
 """
 from django.contrib import admin
 from django.urls import path
-from kodecupidapp.views import UserView, TagListView
+from kodecupidapp.views import UserView, TagListView, PictureView
 from rest_framework_simplejwt.views import (
     TokenObtainPairView,
     TokenRefreshView,
@@ -27,5 +27,6 @@
     path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
     path('api/token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
     path('api/user/', UserView.as_view(), name='user'),
+    path('api/picture/', PictureView.as_view(), name='picture'),
     path('api/tags/', TagListView.as_view(), name='tag-list'),
 ]
diff --git a/backend/kodecupidapp/serializers/__init__.py b/backend/kodecupidapp/serializers/__init__.py
@@ -1,4 +1,4 @@
-from .user import UserRegistrationSerializer, UserConfigurationSerializer
+from .user import UserSerializer, UserRegistrationSerializer, UserConfigurationSerializer
 from .tag import TagSerializer
 from .picture import PictureSerializer
 from .like import LikeSerializer
diff --git a/backend/kodecupidapp/serializers/user.py b/backend/kodecupidapp/serializers/user.py
@@ -1,8 +1,14 @@
 from rest_framework import serializers
+from ..models import User
 from django.contrib.auth import get_user_model
 
 User = get_user_model()
 
+class UserSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = User
+        fields = ['username','bio','looking_for','pfp']
+
 class UserRegistrationSerializer(serializers.ModelSerializer):
     class Meta:
         model = User
@@ -27,7 +33,7 @@ class Meta:
 
     def update(self, instance, validated_data):
         instance.username=validated_data.get('username', instance.username)
-        instance.password=validated_data.get('password', instance.password)
+        instance.set_password(validated_data.get('password', instance.password))
         instance.bio=validated_data.get('bio', instance.bio)
         instance.looking_for=validated_data.get('looking_for', instance.looking_for)
         instance.pfp=validated_data.get('pfp', instance.pfp)

diff --git a/backend/kodecupidapp/views/__init__.py b/backend/kodecupidapp/views/__init__.py
@@ -1,2 +1,3 @@
 from .user import UserView
-from .tag import TagListView
+from .tag import TagListView
+from .picture import PictureView
diff --git a/backend/kodecupidapp/views/picture.py b/backend/kodecupidapp/views/picture.py
@@ -0,0 +1,41 @@
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework import status
+from rest_framework.permissions import IsAuthenticated
+from ..models import Picture
+from ..serializers import PictureSerializer
+
+import random
+
+class PictureView(APIView):
+
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        serializer = PictureSerializer(data=request.data)
+        if serializer.is_valid():
+            if request.user.id == int(request.data["user"]):
+                serializer.save()
+                return Response({"message": "Picture added successfully."}, status=status.HTTP_201_CREATED)
+            return Response({"message": "Picture cannot be added to another user."}, status=status.HTTP_403_FORBIDDEN)
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+    def get(self, request):
+        id = request.data["id"]
+        if Picture.objects.filter(id = id).exists():
+            pic = Picture.objects.get(id = id)
+            serializer = PictureSerializer(pic, many=False)
+            return Response(serializer.data, status=status.HTTP_200_OK)
+        else:
+            return Response({"message": "Picture not found."}, status=status.HTTP_404_NOT_FOUND)
+
+    def delete(self, request):
+        id = int(request.data["id"])
+        if Picture.objects.filter(id = id).exists():
+            pic = Picture.objects.get(id = id)
+            if request.user.id == pic.user.id:
+                pic.delete()
+                return Response({"message": "Picture successfully deleted."},status=status.HTTP_204_NO_CONTENT)
+            return Response({"message": "Picture cannot be deleted by another user."}, status=status.HTTP_403_FORBIDDEN)
+        return Response({"message": "Picture not found."}, status=status.HTTP_404_NOT_FOUND)
+
diff --git a/backend/kodecupidapp/views/user.py b/backend/kodecupidapp/views/user.py
@@ -2,15 +2,18 @@
 from rest_framework.response import Response
 from rest_framework import status
 from rest_framework.permissions import AllowAny, IsAuthenticated
-from ..serializers import UserRegistrationSerializer, UserConfigurationSerializer
+from ..models import User
+from ..serializers import UserSerializer, UserRegistrationSerializer, UserConfigurationSerializer
+
+import random
 
 class UserView(APIView):
 
-    def get_permission_classes(self):
+    def get_permissions(self):
         if self.request.method in ["POST"]:
-            return [AllowAny]
+            return [AllowAny()]
         else:
-            return [IsAuthenticated]
+            return [IsAuthenticated()]
 
     def post(self, request):
         serializer = UserRegistrationSerializer(data=request.data)
@@ -20,7 +23,41 @@ def post(self, request):
         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
 
     def patch(self, request):
-        serializer = UserConfigurationSerializer(data=request.data)
+        serializer = UserConfigurationSerializer(request.user, data=request.data)
         if serializer.is_valid():
             serializer.save()
             return Response({"message": "User configured successfully."}, status=status.HTTP_204_NO_CONTENT)   
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+    def get(self, request):
+        id = request.data["id"]
+        if id == "random":
+            try:
+                users = User.objects.all()
+                user = random.choice(users)
+                # while loop not safe if only 1 user (infinite loop)
+                while user.id == request.user.id:
+                    user = random.choice(users) 
+                serializer = UserSerializer(user, many=False)
+                return Response(serializer.data, status=status.HTTP_200_OK)
+            except:
+                return Response({"message": "No random user could be found."}, status=status.HTTP_404_NOT_FOUND)
+
+        else:
+            if User.objects.filter(id = id).exists():
+                user = User.objects.get(id = id)
+                serializer = UserSerializer(user, many=False)
+                return Response(serializer.data, status=status.HTTP_200_OK)
+            else:
+                return Response({"message": "User not found."}, status=status.HTTP_404_NOT_FOUND)
+
+    def delete(self, request):
+        id = int(request.data["id"])
+        if User.objects.filter(id = id).exists():
+            if id == request.user.id:
+                user = User.objects.get(id = id)
+                user.delete()
+                return Response({"message": "User successfully deleted."},status=status.HTTP_204_NO_CONTENT)
+            return Response({"message": "User cannot be deleted."}, status=status.HTTP_403_FORBIDDEN)
+        return Response({"message": "User not found."}, status=status.HTTP_404_NOT_FOUND)
+