# __1. SAMPLE__

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-17%20204503.png?raw=true)

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-17%20204737.png?raw=true)

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-17%20204957.png?raw=true)

# __How my app models.py looks.__

In [None]:
"""
from django.db import models

class Author(models.Model):
    name = models.CharField(max_length=100)

    def __str__(self):
        return self.name

class Book(models.Model):
    title = models.CharField(max_length=200)
    author = models.ForeignKey(Author, on_delete=models.CASCADE)

    def __str__(self):
        return self.title

class Library(models.Model):
    name = models.CharField(max_length=100, unique=True)  # Prevent duplicates
    books = models.ManyToManyField(Book)

    def __str__(self):
        return self.name

class Librarian(models.Model):
    name = models.CharField(max_length=100)
    library = models.OneToOneField(Library, on_delete=models.CASCADE)

    def __str__(self):
        return self.name
"""

# __After Knowing how the models.py looks we can start aswering questions.__

## __1. Implement Function-based View:__

- ### Create a function-based view in __relationship_app/views.py__ that lists all books stored in the database.
- ### This view should render a simple text list of book titles and their authors.

In [None]:
"""
from django.shortcuts import render
from .models import Book

def list_books(request):
    books = Book.objects.all()
    return render(request, 'relationship_app/list_books.html', {'books': books})

"""

### __2. Implement Class-based View:__

- Create a class-based view in __relationship_app/views.py__ that displays details for a specific library, listing all books available in that library.
- Utilize Django’s ListView or DetailView to structure this class-based view.

In [None]:
"""
# Class-Based View: Library Detail View

from django.views.generic.detail import DetailView
from .models import Library

class LibraryDetailView(DetailView):
    model = Library
    template_name = 'relationship_app/library_detail.html'
    context_object_name = 'library'
"""


### __3. Configure URL Patterns:__

- Edit __relationship_app/urls.py__ to include URL patterns that route to the newly created views. Make sure to link both the function-based and class-based views.

In [None]:
"""
from django.urls import path
from .views import list_books, LibraryDetailView

urlpatterns = [
    path('books/', list_books, name='list_books'),
    path('library/<int:pk>/', LibraryDetailView.as_view(), name='library_detail'),
]
"""

### __4. Create Templates (Optional for Display):__

- ###  For a more structured output, using the code below as templates for each view to render the information in HTML format instead of plain text.

## __Template for Listing Books (list_books.html):__

### This template will be used by the function-based view to display a list of all books.

In [None]:
"""
<!-- list_books.html -->
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>List of Books</title>
</head>
<body>
    <h1>Books Available:</h1>
    <ul>
        {% for book in books %}
        <li>{{ book.title }} by {{ book.author.name }}</li>
        {% endfor %}
    </ul>
</body>
</html>
"""

## __Template for Displaying Library Details (library_detail.html):__

### This template will be used by the class-based view to show details of a specific library, including all books available in that library.

In [None]:
"""
<!-- library_detail.html -->
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Library Detail</title>
</head>
<body>
    <h1>Library: {{ library.name }}</h1>
    <h2>Books in Library:</h2>
    <ul>
        {% for book in library.books.all %}
        <li>{{ book.title }} by {{ book.author.name }} (Published {{ book.publication_year }})</li>
        {% endfor %}
    </ul>
</body>
</html>
"""

## 5. Register you models on __relationship_app/admin.py__

In [None]:
"""
# Register your models here.

from django.contrib import admin
from.models import Book, Author, Library, Librarian

admin.site.register(Book)
admin.site.register(Author)
admin.site.register(Library)
admin.site.register(Librarian)

"""

### __6. Register URLs in Main Project__

In [None]:
"""
from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path('admin/', admin.site.urls),
    path('', include('relationship_app.urls')),
]
"""

# __2. SAMPLE__

![screnshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20110314.png?raw=true)

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20110622.png?raw=true)

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20110929.png?raw=true)

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20111148.png?raw=true)

## __Solutions__

## __1. Setup User Authentication Views:__

## Utilize Django’s built-in views and forms for handling user authentication. You will need to create views for user login, logout, and registration.

## __views.py__

In [None]:
"""
from django.shortcuts import render, redirect
from django.contrib.auth import login
from django.contrib.auth.forms import UserCreationForm
from .models import Book, Library  # import your models if needed
from django.views.generic.detail import DetailView

def list_books(request):
    books = Book.objects.all()
    return render(request, 'relationship_app/book_list.html', {'books': books})

class LibraryDetailView(DetailView):
    model = Library
    template_name = 'relationship_app/library_detail.html'
    context_object_name = 'library'

def register(request):
    if request.method == 'POST':
        form = UserCreationForm(request.POST)
        if form.is_valid():
            user = form.save()
            login(request, user)
            return redirect('home')
    else:
        form = UserCreationForm()
    return render(request, 'relationship_app/register.html', {'form': form})
"""

## __urls.py__

In [None]:
"""
from django.urls import path
from django.contrib.auth.views import LoginView, LogoutView
from . import views
from django.contrib.auth import login
from django.contrib.auth import logout
from django.contrib.auth.forms import UserCreationForm
from django.contrib.auth.forms import AuthenticationForm

urlpatterns = [
    path('', views.list_books, name='home'),
    path('books/', views.list_books, name='list_books'),
    path('library/<int:pk>/', views.LibraryDetailView.as_view(), name='library_detail'),

    path('register/', views.register, name='register'),  # renamed for checker
    path('login/', LoginView.as_view(template_name='relationship_app/login.html'), name='login'),
    path('logout/', LogoutView.as_view(template_name='relationship_app/logout.html'), name='logout'),
]

"""

## __2.Create Templates for Authentication:__

## Provide HTML templates for each authentication action (login, logout, and registration). Templates will be provided, allowing you to focus on backend integrations. Below is the recommended templates structure:

## __HTML Templates:__

## __login.html__

In [None]:
"""
<!-- login.html -->
{% load static %}
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Login</title>
    <link rel="stylesheet" href="{% static 'css/styles.css' %}">
</head>
<body>
    <h1>Login</h1>
    <form method="post">
        {% csrf_token %}
        {{ form.as_p }}
        <button type="submit">Login</button>
    </form>
    <a href="{% url 'register' %}">Register</a>
</body>
</html>
"""

## __logout.html__

In [None]:
"""
<!-- logout.html -->
{% load static %}
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Logout</title>
</head>
<body>
    <h1>You have been logged out</h1>
    <a href="{% url 'login' %}">Login again</a>
</body>
</html>
"""

## __register.html__

In [None]:
"""
<!-- register.html -->
{% load static %}
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Register</title>
    <link rel="stylesheet" href="{% static 'css/styles.css' %}">
</head>
<body>
    <h1>Register</h1>
    <form method="post">
        {% csrf_token %}
        {{ form.as_p }}
        <button type="submit">Register</button>
    </form>
    <p>Already have an account? <a href="{% url 'login' %}">Login here</a>.</p>
</body>
</html>
"""

## __Test Authentication Functionality:__

## Ensure that users can register, log in, and log out.

## __After Running the Development Server__

In [None]:
"""
python manage.py runserver
"""

## Visit:

- Admin: http://127.0.0.1:8000/admin/

- Register: http://127.0.0.1:8000/register/

- Login: http://127.0.0.1:8000/login/

- Logout: http://127.0.0.1:8000/logout/

- Books: http://127.0.0.1:8000/books/

- Library Detail: Try http://127.0.0.1:8000/library/1/ (assuming a library with ID 1 exists)

# __3.SAMPLE__

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20125610.png?raw=true)

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20125909.png?raw=true)

# __Solutions__

## __1. Extend the User Model with a UserProfile__

## Create a UserProfile model that includes a role field with predefined roles. This model should be linked to Django’s built-in User model with a one-to-one relationship.

- ## __Fields Required:__
- ### __user:__ OneToOneField linked to Django’s User.
- ### __role:__ CharField with choices for ‘Admin’, ‘Librarian’, and ‘Member’.
- ## __Automatic Creation:__ Use Django signals to automatically create a UserProfile when a new user is registered.

## Updated __models.py__

In [None]:
"""
from django.db import models
from django.contrib.auth.models import User
from django.db.models.signals import post_save
from django.dispatch import receiver

class Author(models.Model):
    name = models.CharField(max_length=100)

    def __str__(self):
        return self.name

class Book(models.Model):
    title = models.CharField(max_length=200)
    author = models.ForeignKey(Author, on_delete=models.CASCADE)

    def __str__(self):
        return self.title

class Library(models.Model):
    name = models.CharField(max_length=100, unique=True)  # Prevent duplicates
    books = models.ManyToManyField(Book)

    def __str__(self):
        return self.name

class Librarian(models.Model):
    name = models.CharField(max_length=100)
    library = models.OneToOneField(Library, on_delete=models.CASCADE)

    def __str__(self):
        return self.name


class UserProfile(models.Model):
    ROLE_CHOICES = (
        ('Admin', 'Admin'),
        ('Librarian', 'Librarian'),
        ('Member', 'Member'),
    )

    user = models.OneToOneField(User, on_delete=models.CASCADE)
    role = models.CharField(max_length=20, choices=ROLE_CHOICES)

    def __str__(self):
        return f"{self.user.username} - {self.role}"

# Automatically create a UserProfile when a User is created
@receiver(post_save, sender=User)
def create_user_profile(sender, instance, created, **kwargs):
    if created:
        UserProfile.objects.create(user=instance)
"""

## __2: Set Up Role-Based Views__

## Create three separate views to manage content access based on user roles:

## __Views to Implement:__

- ### An __‘Admin’__ view that only users with the ‘Admin’ role can access, the name of the file should be admin_view
- ### A __‘Librarian’__ view accessible only to users identified as ‘Librarians’. The file should be named librarian_view
- ### A __‘Member’__ view for users with the ‘Member’ role, the name of the file should be member_view.
## __Access Control:__

- ### Utilize the __@user_passes_test__ decorator to check the user’s role before granting access to each view.

## Updated __views.py__

In [None]:
"""
from django.shortcuts import render, redirect
from django.contrib.auth import login
from django.contrib.auth.forms import UserCreationForm
from .models import Book, Library  # import your models if needed
from django.views.generic.detail import DetailView
from django.contrib.auth.decorators import login_required, user_passes_test
from .models import UserProfile


def list_books(request):
    books = Book.objects.all()
    return render(request, 'relationship_app/book_list.html', {'books': books})

class LibraryDetailView(DetailView):
    model = Library
    template_name = 'relationship_app/library_detail.html'
    context_object_name = 'library'

def register(request):
    if request.method == 'POST':
        form = UserCreationForm(request.POST)
        if form.is_valid():
            user = form.save()
            login(request, user)
            return redirect('home')
    else:
        form = UserCreationForm()
    return render(request, 'relationship_app/register.html', {'form': form})

# Role check helpers
def is_admin(user):
    return hasattr(user, 'userprofile') and user.userprofile.role == 'Admin'

def is_librarian(user):
    return hasattr(user, 'userprofile') and user.userprofile.role == 'Librarian'

def is_member(user):
    return hasattr(user, 'userprofile') and user.userprofile.role == 'Member'

# Role-based views
@login_required
@user_passes_test(is_admin)
def admin_view(request):
    return render(request, 'relationship_app/admin_view.html')

@login_required
@user_passes_test(is_librarian)
def librarian_view(request):
    return render(request, 'relationship_app/librarian_view.html')

@login_required
@user_passes_test(is_member)
def member_view(request):
    return render(request, 'relationship_app/member_view.html')
"""

## __3. Configuring URL Patterns__

### Define URL patterns that will route to the newly created role-specific views. Ensure that each URL is correctly linked to its respective view and that the URLs are named for easy reference.

## __URLs to Define:__
- ### A URL for the ‘Admin’ view.
- ### A URL for the ‘Librarian’ view.
- ### A URL for the ‘Member’ view.

## Updated __app urls.py__

In [None]:
"""
from django.urls import path
from django.contrib.auth.views import LoginView, LogoutView
from . import views
from django.contrib.auth import login
from django.contrib.auth import logout
from django.contrib.auth.forms import UserCreationForm
from django.contrib.auth.forms import AuthenticationForm

urlpatterns = [
    path('', views.list_books, name='home'),
    path('books/', views.list_books, name='list_books'),
    path('library/<int:pk>/', views.LibraryDetailView.as_view(), name='library_detail'),
    path('', views.list_books, name='home'),
    path('books/', views.list_books, name='list_books'),
    path('library/<int:pk>/', views.LibraryDetailView.as_view(), name='library_detail'),
    path('register/', views.register, name='register'),
    path('admin-view/', views.admin_view, name='admin_view'),
    path('librarian-view/', views.librarian_view, name='librarian_view'),
    path('member-view/', views.member_view, name='member_view'),
    path('register/', views.register, name='register'),  # renamed for checker
    path('login/', LoginView.as_view(template_name='relationship_app/login.html'), name='login'),
    path('logout/', LogoutView.as_view(template_name='relationship_app/logout.html'), name='logout'),
]
"""

## Update __account urls.py__

In [None]:
'''


"""
URL configuration for LibraryProject project.

The `urlpatterns` list routes URLs to views. For more information please see:
    https://docs.djangoproject.com/en/5.2/topics/http/urls/
Examples:
Function views
    1. Add an import:  from my_app import views
    2. Add a URL to urlpatterns:  path('', views.home, name='home')
Class-based views
    1. Add an import:  from other_app.views import Home
    2. Add a URL to urlpatterns:  path('', Home.as_view(), name='home')
Including another URLconf
    1. Import the include() function: from django.urls import include, path
    2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path, include
from django.contrib.auth import views as auth_views



urlpatterns = [
    path('admin/', admin.site.urls),
    path('', include('relationship_app.urls')),
    path('bookshelf/', include('bookshelf.urls')),
    path('login/', auth_views.LoginView.as_view(template_name='relationship_app/login.html'), name='login'),
    path('logout/', auth_views.LogoutView.as_view(), name='logout'),
]
'''

## __4. Create Role-Based HTML Templates__

### For each role, create an HTML template to display relevant content when users access their respective views.

## Templates to Create:

- ### __admin_view.html__ for Admin users.
- ### __librarian_view.html__ for Librarians.
- ### __member_view.html__ for Members.

## __admin_view.html__

In [None]:
"""
<h1>Welcome Admin!</h1>
<p>This page is accessible only to Admin users.</p>
"""

## __librarian_view.html__

In [None]:
"""
<h1>Welcome Librarian!</h1>
<p>This page is accessible only to Librarians.</p>
"""


## __member_view.html__

In [None]:
"""
<h1>Welcome Member!</h1>
<p>This page is accessible only to Members.</p>
"""

### __Since you have changed models.py make sure you run migrates__

In [None]:
"""
python manage.py makemigrations
python manage.py migrate
"""

### __Then run your server__

In [None]:
"""
python manage.py runserver
"""

### __Visit__

In [None]:
"""
http://127.0.0.1:8000/admin
"""

## You should now see:

- ### Books

- ### Authors

- ### Libraries

- ### Librarians

- ### User Profiles

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20134229.png?raw=true)

### Select on User Profile to add new users.

# __4. SAMPLE__

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20144420.png?raw=true)

![screenshot](https://github.com/IruraMwongera/irurajackblogs/blob/main/Screenshot%202025-07-18%20144703.png?raw=true)

## __1.Extend the Book Model with Custom Permissions__

### Add custom permissions to the Book model to specify who can add, edit, or delete the entries.

## Model Changes Required:
- ### Inside the __Book__ model, define a nested __Meta__ class.
- ### Within this __Meta__ class, specify a __permissions__ tuple that includes permissions like __can_add_book__, __can_change_book__, and __can_delete_book.__

## __Updated models.py__

In [None]:
"""
from django.db import models
from django.contrib.auth.models import User
from django.db.models.signals import post_save
from django.dispatch import receiver

class Author(models.Model):
    name = models.CharField(max_length=100)

    def __str__(self):
        return self.name

class Book(models.Model):
    title = models.CharField(max_length=200)
    author = models.ForeignKey(Author, on_delete=models.CASCADE)

    class Meta:
        permissions = [
            ("can_add_book", "Can add book"),
            ("can_change_book", "Can change book"),
            ("can_delete_book", "Can delete book"),
        ]

    def __str__(self):
        return self.title

class Library(models.Model):
    name = models.CharField(max_length=100, unique=True)  # Prevent duplicates
    books = models.ManyToManyField(Book)

    def __str__(self):
        return self.name

class Librarian(models.Model):
    name = models.CharField(max_length=100)
    library = models.OneToOneField(Library, on_delete=models.CASCADE)

    def __str__(self):
        return self.name


class UserProfile(models.Model):
    ROLE_CHOICES = (
        ('Admin', 'Admin'),
        ('Librarian', 'Librarian'),
        ('Member', 'Member'),
    )

    user = models.OneToOneField(User, on_delete=models.CASCADE)
    role = models.CharField(max_length=20, choices=ROLE_CHOICES)

    def __str__(self):
        return f"{self.user.username} - {self.role}"

# Automatically create a UserProfile when a User is created
@receiver(post_save, sender=User)
def create_user_profile(sender, instance, created, **kwargs):
    if created:
        UserProfile.objects.create(user=instance)
"""

## __2.  Update Views to Enforce Permissions__

### Adjust your views to check if a user has the necessary permissions before allowing them to perform create, update, or delete operations.

## __Views to Modify:__
- ### Use Django’s __permission_required__ decorator to secure views that add, edit, or delete books.
- ### For each view, apply the corresponding permission.

## Updated __views.py__

In [None]:
"""
from django.shortcuts import render, redirect
from django.contrib.auth import login
from django.contrib.auth.forms import UserCreationForm
from .models import Book, Library  # import your models if needed
from django.views.generic.detail import DetailView
from django.contrib.auth.decorators import login_required, user_passes_test
from .models import UserProfile
from django.contrib.auth.decorators import permission_required
from django.shortcuts import get_object_or_404
from .forms import BookForm



def list_books(request):
    books = Book.objects.all()
    return render(request, 'relationship_app/book_list.html', {'books': books})

class LibraryDetailView(DetailView):
    model = Library
    template_name = 'relationship_app/library_detail.html'
    context_object_name = 'library'

def register(request):
    if request.method == 'POST':
        form = UserCreationForm(request.POST)
        if form.is_valid():
            user = form.save()
            login(request, user)
            return redirect('home')
    else:
        form = UserCreationForm()
    return render(request, 'relationship_app/register.html', {'form': form})

# Role check helpers
def is_admin(user):
    return hasattr(user, 'userprofile') and user.userprofile.role == 'Admin'

def is_librarian(user):
    return hasattr(user, 'userprofile') and user.userprofile.role == 'Librarian'

def is_member(user):
    return hasattr(user, 'userprofile') and user.userprofile.role == 'Member'

# Role-based views
@login_required
@user_passes_test(is_admin)
def admin_view(request):
    return render(request, 'relationship_app/admin_view.html')

@login_required
@user_passes_test(is_librarian)
def librarian_view(request):
    return render(request, 'relationship_app/librarian_view.html')

@login_required
@user_passes_test(is_member)
def member_view(request):
    return render(request, 'relationship_app/member_view.html')


@permission_required('relationship_app.can_add_book', raise_exception=True)
def add_book(request):
    if request.method == 'POST':
        form = BookForm(request.POST)
        if form.is_valid():
            form.save()
            return redirect('list_books')
    else:
        form = BookForm()
    return render(request, 'relationship_app/book_form.html', {'form': form, 'action': 'Add'})

@permission_required('relationship_app.can_change_book', raise_exception=True)
def edit_book(request, pk):
    book = get_object_or_404(Book, pk=pk)
    if request.method == 'POST':
        form = BookForm(request.POST, instance=book)
        if form.is_valid():
            form.save()
            return redirect('list_books')
    else:
        form = BookForm(instance=book)
    return render(request, 'relationship_app/book_form.html', {'form': form, 'action': 'Edit'})

@permission_required('relationship_app.can_delete_book', raise_exception=True)
def delete_book(request, pk):
    book = get_object_or_404(Book, pk=pk)
    if request.method == 'POST':
        book.delete()
        return redirect('list_books')
    return render(request, 'relationship_app/book_confirm_delete.html', {'book': book})

"""

## __3. Define URL Patterns for Secured Views__

### Ensure that the secured views are accessible through specific URLs. Set up these URLs in your urls.py file and ensure they are properly named for clarity.

## __URLs to Setup:__
- ### Create distinct paths for adding, editing, and deleting books.
- ### Link each path to its respective view with the appropriate permissions.

## Updated app __urls.py__

In [None]:
"""
from django.urls import path
from django.contrib.auth.views import LoginView, LogoutView
from . import views

urlpatterns = [
    # Existing ones...
    path('', views.list_books, name='home'),
    path('books/', views.list_books, name='list_books'),
    path('library/<int:pk>/', views.LibraryDetailView.as_view(), name='library_detail'),
    path('register/', views.register, name='register'),
    path('login/', views.login, name='login'),  # or use LoginView
    path('logout/', views.logout, name='logout'),  # or use LogoutView

    # Role-specific views
    path('admin-view/', views.admin_view, name='admin_view'),
    path('librarian-view/', views.librarian_view, name='librarian_view'),
    path('member-view/', views.member_view, name='member_view'),

    #  Add these to match checker expectations
    path('add_book/', views.add_book, name='add_book'),
    path('edit_book/<int:pk>/', views.edit_book, name='edit_book'),
    path('delete_book/<int:pk>/', views.delete_book, name='delete_book'),

    # Optional (if you want to keep books/ prefix too)
    # path('books/add/', views.add_book, name='add_book'),
    # path('books/edit/<int:pk>/', views.edit_book, name='edit_book'),
]
"""

## Updated account __urls.py__

In [None]:
'''
"""
URL configuration for LibraryProject project.

The `urlpatterns` list routes URLs to views. For more information please see:
    https://docs.djangoproject.com/en/5.2/topics/http/urls/
Examples:
Function views
    1. Add an import:  from my_app import views
    2. Add a URL to urlpatterns:  path('', views.home, name='home')
Class-based views
    1. Add an import:  from other_app.views import Home
    2. Add a URL to urlpatterns:  path('', Home.as_view(), name='home')
Including another URLconf
    1. Import the include() function: from django.urls import include, path
    2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path('admin/', admin.site.urls),
    path('', include('relationship_app.urls')),     # All views: home, books, add_book, login, etc.
    path('bookshelf/', include('bookshelf.urls')),  # If you're using another app
]

'''

## __Note:__Any time you change models.py make sure you apply migrations:

In [None]:
"""
python manage.py makemigrations
python manage.py migrate
"""