___

<a href='https://www.learntocodeonline.com/'> <img src='files/IMGs/learn to code online.png' /></a>
___

# Plan Our Profiles API

Now that we have created a simple API, we can move on to a profiles API.

Basic requirements:
1. create a new profile (handle new registrations in the system)
    - validate profile data
2. list existing profiles
    - search for profiles
3. view specific profile (using an ID)
4. update "my profile" of a logged in user
    - update name/email address
    - change password
5. delete profile

URLs for our API:
1. list of all profiles:  **/api/profile/**
    - GET (list profiles)
    - POST (create profile)
    <br><br>
2. manage a specific profile:  **/api/profile/<profile_id>/**
    - GET (view specific profile)
    - PUT/PATCH (update profile)
    - DELETE (remove profile)

# Create User Profile Serializer

If you would like more information, check out the [ModelSerializer official documentation](http://www.django-rest-framework.org/api-guide/serializers/#modelserializer).

Ensure that you have the **profiles-rest-api** project open in your Atom!

Locate the `serializers.py` file in the profiles_api folder.

Now we will create a ModelSerializer - similar to the HelloSerializer created earlier, but these are designed to be used with models.

1. import the following:  `from . import models`
<br><br>
2. Create a new class below your HelloSerializer that will inherit from serializers.ModelSerializer

In [None]:
class UserProfileSerializer(serializers.ModelSerializer):
    """A serializer for our user profile objects."""
    
    # create a meta class that tells Django REST framework
    # what fields we want to take from our model
    class Meta:
        # assign model we want it to point to
        model = models.UserProfile
        
        # what fields to use in the serializer
        fields = ('id', 'email', 'name', 'password')
        
        # define extra keyword arguments for your model
        # allows you to tell Django REST framework special attributes
        # you want to apply to those fields above
        extra_kwargs = {'password': {'write_only': True}}
        
    # create a special function that overwrites the CREATE functionality
    # this will allow us control over how users are created
    # we want to encrypt the PW as a hash
    def create(self, validated_data):
        """Create and return a new user."""
        
        user = models.UserProfile(
            email=validated_data['email'],
            name=validated_data['name']
        )
        
        user.set_password(validated_data['password'])
        user.save()
        
        return user

# Create User Profiles Viewset

Open the `views.py` file in the profiles_app app folder.

Import your model file:  `from . import models`

Scroll to the bottom of the file to add the UserProfileViewSet class.

In [None]:
class UserProfileViewSet(viewsets.ModelViewSet):
    """Handles creating, reading and updating profiles."""
    # ModelViewSet is a special ViewSet by the Django REST framework
    # that takes care of all of the logic for CRU our model items
    
    # define the serializer class - this serializer has the model
    # in the metadata so it knows which model to look for
    # to handle user objects
    serializer_class = serializers.UserProfileSerializer
    
    # query the set which tells the ViewSet how to retrieve
    # the object from our DB
    queryset = models.UserProfile.objects.all() # this retrieves all of them

# Register Profile ViewSet With URL Router

Open the `urls.py` file in the profiles_api app folder.

Registering is simple - just need to register with a router and Django REST framework will do the rest.

Below the latest router registration add:<br>
`router.register('profile', views.UserProfileViewSet)`

**NOTE:** 
When specifying a Model ViewSet, you do not need to provide a base_name.

# Test Creating A Profile

Ensure the vagrant server is running - may have to restart.

1. In git bash, change directory to where you profiles-rest-api project is located:  `cd workspace/profiles-rest-api`
<br><br>
2. `vagrant up`
<br><br>
3. `vagrant ssh`
<br><br>
4. `workon profiles_api`
<br><br>
5. `cd /vagrant/src/profiles_project`
<br><br>
6. Start development server:  `python manage.py runserver 0.0.0.0:8080`

Once you have the server up, head over to the following in Chrome:
**127.0.0.1:8080/api**

Notice on the root API page that we have an additional entry to the list of APIs that are available.

<img src='files\IMGs\views\ProfilesAPI-01.png'>

Click on the link to head over to the **API/profile** of the API.

<img src='files\IMGs\views\ProfilesAPI-02.png'>

This is the **list** or HTTP GET to our **api/profile** endpoint. It lists all users in the system.

## Test POST Without Data

<img src='files\IMGs\views\ProfilesAPI-03.png'>

## Create A New User

<img src='files\IMGs\views\ProfilesAPI-04.png'>

Since the password was set to write_only, it never gets returned by the API.

## Test User Update

Go back to the root of the API for profiles:  **127.0.0.1:8080/api/profile**

<img src='files\IMGs\views\ProfilesAPI-05.png'>

You can now see the different users in the system.

Add the ID to the end of the URL to see the information from the new user you just created:  **127.0.0.1:8080/api/profile/2**

<img src='files\IMGs\views\ProfilesAPI-06.png'>

You can see at the bottom it has given you the option to modify the user profile.

- HTML form allows you to use PUT
<img src='files\IMGs\views\ProfilesAPI-07.png'>

- Raw Data form allows you to use PATCH
<img src='files\IMGs\views\ProfilesAPI-08.png'>

If using RAW DATA, delete the ID (you can't change that) and any other field you don't wish to update. Make the changes you wish to do, then click PATCH.

<img src='files\IMGs\views\ProfilesAPI-09.png'>

You will see that it updated on that screen ...

<img src='files\IMGs\views\ProfilesAPI-10.png'>

As well as at the root of the API:  **127.0.0.1:8080/api/profile**

<img src='files\IMGs\views\ProfilesAPI-11.png'>

## Commit To Git

In your **git bash** program ...

1. go to project directory:  `cd workspace/PROJECTNAME` (in this example **profiles-rest-api**)
2. Call `git add .`
3. Call `git commit -am "Added profile listing and creating feature."`

# Create Permission Class

If you would like more information, check out the [Permissions official documentation](http://www.django-rest-framework.org/api-guide/permissions).

# Add Authentication & Permissions To ViewSet

?

# Test New Permissions

?

# Add Search Profiles Feature

?

# Test Searching Profiles

?

## Commit To Git

In your **git bash** program ...

1. go to project directory:  `cd workspace/PROJECTNAME` (in this example **profiles-rest-api**)
2. Call `git add .`
3. Call `git commit -am "Added create, retrieve, update, partial_update, and destroy methods to our ViewSet."`