views.py
16.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
import django
from django.contrib import auth
from django.shortcuts import get_object_or_404
from django.utils.log import getLogger
from flashcards.api import StandardResultsSetPagination, IsEnrolledInAssociatedSection, IsFlashcardReviewer, \
IsAuthenticatedAndConfirmed
from flashcards.models import Section, User, Flashcard, FlashcardHide, UserFlashcardQuiz, \
FlashcardAlreadyPulledException, FlashcardNotInDeckException
from flashcards.notifications import notify_new_card, notify_pull
from flashcards.serializers import SectionSerializer, UserUpdateSerializer, RegistrationSerializer, UserSerializer, \
PasswordResetSerializer, PasswordResetRequestSerializer, EmailPasswordSerializer, FlashcardSerializer, \
FlashcardUpdateSerializer, QuizRequestSerializer, QuizResponseSerializer, \
QuizAnswerRequestSerializer, DeepSectionSerializer, EmailVerificationSerializer, FeedRequestSerializer
from rest_framework.decorators import detail_route, permission_classes, api_view, list_route
from rest_framework.generics import ListAPIView, GenericAPIView
from rest_framework.mixins import CreateModelMixin, RetrieveModelMixin, UpdateModelMixin
from rest_framework.permissions import IsAuthenticated
from rest_framework.viewsets import ReadOnlyModelViewSet, GenericViewSet
from django.core.mail import send_mail
from django.contrib.auth import authenticate
from django.contrib.auth.tokens import default_token_generator
from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_201_CREATED, HTTP_200_OK
from rest_framework.response import Response
from rest_framework.exceptions import AuthenticationFailed, NotAuthenticated, ValidationError, PermissionDenied
from simple_email_confirmation import EmailAddress
def log_event(request, event=''):
logstr = u'%s %s %s %s' % (request.META['REMOTE_ADDR'], request.user, request.path, event)
getLogger('flashy.events').info(logstr)
class SectionViewSet(ReadOnlyModelViewSet):
queryset = Section.objects.all()
serializer_class = DeepSectionSerializer
pagination_class = StandardResultsSetPagination
permission_classes = [IsAuthenticatedAndConfirmed]
@detail_route(methods=['GET'])
def flashcards(self, request, pk):
"""
Gets flashcards for a section, excluding hidden cards.
Returned in strictly chronological order (material date).
"""
flashcards = Flashcard.cards_visible_to(request.user)
if 'hidden' in request.GET:
if request.GET['hidden'] == 'only':
flashcards = Flashcard.cards_hidden_by(request.user)
else:
flashcards |= Flashcard.cards_hidden_by(request.user)
flashcards = flashcards.filter(section=self.get_object()).order_by('material_date').all()
log_event(request, str(self.get_object()))
return Response(FlashcardSerializer(flashcards, context={"user": request.user}, many=True).data)
@detail_route(methods=['POST'])
def enroll(self, request, pk):
"""
Add the current user to a specified section
If the class has a whitelist, but the user is not on the whitelist, the request will fail.
---
view_mocker: flashcards.api.mock_no_params
"""
try:
self.get_object().enroll(request.user)
log_event(request, str(self.get_object()))
except django.core.exceptions.PermissionDenied as e:
raise PermissionDenied(e)
except django.core.exceptions.ValidationError as e:
raise ValidationError(e)
return Response(status=HTTP_204_NO_CONTENT)
@detail_route(methods=['POST'])
def drop(self, request, pk):
"""
Remove the current user from a specified section
If the user is not in the class, the request will fail.
---
view_mocker: flashcards.api.mock_no_params
"""
try:
self.get_object().drop(request.user)
log_event(request, str(self.get_object()))
except django.core.exceptions.PermissionDenied as e:
raise PermissionDenied(e)
except django.core.exceptions.ValidationError as e:
raise ValidationError(e)
return Response(status=HTTP_204_NO_CONTENT)
@list_route(methods=['GET'])
def search(self, request):
"""
Returns a list of sections which match a user's query
---
parameters:
- name: q
description: space-separated list of terms
required: true
type: form
response_serializer: SectionSerializer
"""
query = request.GET.get('q', None)
if not query: return Response('[]')
qs = Section.search(query.split(' '))[:20]
data = SectionSerializer(qs, many=True, context={'user': request.user}).data
log_event(request, query)
return Response(data)
@detail_route(methods=['GET'])
def deck(self, request, pk):
"""
Gets the contents of a user's deck for a given section.
"""
qs = request.user.get_deck(self.get_object())
serializer = FlashcardSerializer(qs, many=True)
log_event(request, str(self.get_object()))
return Response(serializer.data)
@detail_route(methods=['GET'])
def feed(self, request, pk):
"""
Gets the contents of a user's feed for a section.
Exclude cards that are already in the user's deck
request_serializer: FeedRequestSerializer
response_serializer: FlashcardSerializer
"""
feed_serializer = FeedRequestSerializer(data=request.data)
feed_serializer.is_valid(raise_exception=True)
page = feed_serializer.validated_data['page']
serializer = FlashcardSerializer(self.get_object().get_feed_for_user(request.user, page=page),
many=True, context={'user': request.user})
log_event(request, str(self.get_object()))
return Response(serializer.data)
class UserSectionListView(ListAPIView):
serializer_class = DeepSectionSerializer
permission_classes = [IsAuthenticatedAndConfirmed]
def get_queryset(self):
return self.request.user.sections.all()
def paginate_queryset(self, queryset): return None
class UserDetail(GenericAPIView):
serializer_class = UserSerializer
permission_classes = [IsAuthenticated]
def patch(self, request, format=None):
"""
Updates the user's password
---
request_serializer: UserUpdateSerializer
response_serializer: UserSerializer
"""
data = UserUpdateSerializer(data=request.data, context={'user': request.user})
data.is_valid(raise_exception=True)
data = data.validated_data
if 'new_password' in data:
if not request.user.check_password(data['old_password']):
raise ValidationError('old_password is incorrect')
request.user.set_password(data['new_password'])
request.user.save()
log_event(request, 'change password')
return Response(UserSerializer(request.user).data)
def get(self, request, format=None):
"""
Return data about the user
---
response_serializer: UserSerializer
"""
serializer = UserSerializer(request.user, context={'request': request})
return Response(serializer.data)
def delete(self, request):
"""
Irrevocably delete the user and their data
Yes, really
"""
request.user.delete()
log_event(request)
return Response(status=HTTP_204_NO_CONTENT)
@api_view(['POST'])
@permission_classes([IsAuthenticated])
def resend_confirmation_email(request):
"Resends a confirmation email to a user"
request.user.send_confirmation_email()
return Response(status=HTTP_204_NO_CONTENT)
@api_view(['POST'])
@permission_classes([IsAuthenticated])
def verify_email(request):
"""
Accepts a user's email confirmation_key to verify their email address
---
request_serializer: EmailVerificationSerializer
"""
data = EmailVerificationSerializer(data=request.data)
data.is_valid(raise_exception=True)
try:
email = User.confirm_email(data.validated_data['confirmation_key'])
except EmailAddress.DoesNotExist:
raise ValidationError('confirmation_key is invalid')
log_event(request, 'confirm email' + str(email))
return Response(status=HTTP_204_NO_CONTENT)
@api_view(['POST'])
def register(request, format=None):
"""
Register a new user
---
request_serializer: EmailPasswordSerializer
response_serializer: UserSerializer
"""
data = RegistrationSerializer(data=request.data)
data.is_valid(raise_exception=True)
User.objects.create_user(**data.validated_data)
user = authenticate(**data.validated_data)
auth.login(request, user)
log_event(request)
return Response(UserSerializer(request.user).data, status=HTTP_201_CREATED)
@api_view(['POST'])
def login(request):
"""
Authenticates user and returns user data if valid.
---
request_serializer: EmailPasswordSerializer
response_serializer: UserSerializer
"""
data = EmailPasswordSerializer(data=request.data)
data.is_valid(raise_exception=True)
user = authenticate(**data.validated_data)
if user is None:
raise AuthenticationFailed('Invalid email or password')
if not user.is_active:
raise NotAuthenticated('Account is disabled')
auth.login(request, user)
log_event(request)
return Response(UserSerializer(request.user).data)
@api_view(['POST'])
@permission_classes((IsAuthenticated,))
def logout(request, format=None):
"""
Logs the authenticated user out.
"""
auth.logout(request)
log_event(request)
return Response(status=HTTP_204_NO_CONTENT)
@api_view(['POST'])
def request_password_reset(request, format=None):
"""
Send a password reset token/link to the provided email.
---
request_serializer: PasswordResetRequestSerializer
"""
data = PasswordResetRequestSerializer(data=request.data)
data.is_valid(raise_exception=True)
log_event(request, 'email: ' + str(data['email']))
get_object_or_404(User, email=data['email'].value).request_password_reset()
return Response(status=HTTP_204_NO_CONTENT)
@api_view(['POST'])
def reset_password(request, format=None):
"""
Updates user's password to new password if token is valid.
---
request_serializer: PasswordResetSerializer
"""
data = PasswordResetSerializer(data=request.data)
data.is_valid(raise_exception=True)
user = User.objects.get(id=data['uid'].value)
# Check token validity.
if default_token_generator.check_token(user, data['token'].value):
user.set_password(data['new_password'].value)
user.save()
log_event(request)
else:
raise ValidationError('Could not verify reset token')
return Response(status=HTTP_204_NO_CONTENT)
class FlashcardViewSet(GenericViewSet, CreateModelMixin, RetrieveModelMixin):
queryset = Flashcard.objects.all()
serializer_class = FlashcardSerializer
permission_classes = [IsAuthenticatedAndConfirmed, IsEnrolledInAssociatedSection]
# Override create in CreateModelMixin
def create(self, request, *args, **kwargs):
serializer = FlashcardSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.validated_data
if not request.user.is_in_section(data['section']):
raise PermissionDenied('The user is not enrolled in that section')
data['author'] = request.user
flashcard = Flashcard.objects.create(**data)
self.perform_create(flashcard)
notify_new_card(flashcard)
headers = self.get_success_headers(data)
request.user.pull(flashcard)
response_data = FlashcardSerializer(flashcard).data
log_event(request, response_data)
return Response(response_data, status=HTTP_201_CREATED, headers=headers)
@detail_route(methods=['POST'])
def unhide(self, request, pk):
"""
Unhide the given card
---
view_mocker: flashcards.api.mock_no_params
"""
hide = get_object_or_404(FlashcardHide, user=request.user, flashcard=self.get_object())
hide.delete()
log_event(request, str(self.get_object()))
return Response(status=HTTP_204_NO_CONTENT)
@detail_route(methods=['POST'])
def report(self, request, pk):
"""
Hide the given card
---
view_mocker: flashcards.api.mock_no_params
"""
self.get_object().report(request.user)
log_event(request, str(self.get_object()))
return Response(status=HTTP_204_NO_CONTENT)
hide = report
@detail_route(methods=['POST'])
def pull(self, request, pk):
"""
Pull a card from the live feed into the user's deck.
---
view_mocker: flashcards.api.mock_no_params
"""
try:
request.user.pull(self.get_object())
log_event(request, self.get_object())
return Response(status=HTTP_204_NO_CONTENT)
except FlashcardAlreadyPulledException:
raise ValidationError('Cannot pull a card already in deck')
@detail_route(methods=['POST'])
def unpull(self, request, pk):
"""
Unpull a card from the user's deck
---
view_mocker: flashcards.api.mock_no_params
"""
user = request.user
flashcard = self.get_object()
try:
user.unpull(flashcard)
log_event(request, self.get_object())
return Response(status=HTTP_204_NO_CONTENT)
except FlashcardNotInDeckException:
raise ValidationError('Cannot unpull a card not in deck')
def partial_update(self, request, *args, **kwargs):
"""
Edit settings related to a card for the user.
---
request_serializer: FlashcardUpdateSerializer
"""
user = request.user
flashcard = self.get_object()
data = FlashcardUpdateSerializer(data=request.data)
data.is_valid(raise_exception=True)
new_flashcard = data.validated_data
new_flashcard = flashcard.edit(user, new_flashcard)
log_event(request, str(new_flashcard))
return Response(FlashcardSerializer(new_flashcard, context={'user': request.user}).data, status=HTTP_200_OK)
class UserFlashcardQuizViewSet(GenericViewSet, CreateModelMixin, UpdateModelMixin):
permission_classes = [IsAuthenticatedAndConfirmed, IsFlashcardReviewer]
queryset = UserFlashcardQuiz.objects.all()
def get_serializer_class(self):
if self.request.method == 'POST':
return QuizRequestSerializer
return QuizAnswerRequestSerializer
def create(self, request, *args, **kwargs):
"""
Return a card based on the request params.
:param request: A request object.
:param format: Format of the request.
:return: A response containing
request_serializer: serializers.QuizRequestSerializer
response_serializer: serializers.QuizResponseSerializer
"""
serializer = QuizRequestSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.validated_data
user_flashcard = request.user.by_retention(**data).first()
mask = user_flashcard.get_mask().get_random_blank()
blanked_word = ""
if mask:
blanked_word = user_flashcard.flashcard.text[slice(*mask)]
user_flashcard_quiz = UserFlashcardQuiz(user_flashcard=user_flashcard, blanked_word=blanked_word)
user_flashcard_quiz.save()
response = QuizResponseSerializer(instance=user_flashcard_quiz, mask=mask)
log_event(request, response.data)
return Response(response.data, status=HTTP_200_OK)
def partial_update(self, request, *args, **kwargs):
"""
Receive the user's response to the quiz.
:param request: A request object.
:param format: Format of the request.
:return: A response containing
request_serializer: serializers.QuizAnswerRequestSerializer
"""
user_flashcard_quiz = self.get_object()
serializer = QuizAnswerRequestSerializer(instance=user_flashcard_quiz, data=request.data)
serializer.is_valid(raise_exception=True)
serializer.update(user_flashcard_quiz, serializer.validated_data)
user_flashcard_quiz.user_flashcard.review(user_flashcard_quiz)
log_event(request, serializer.data)
return Response(status=HTTP_204_NO_CONTENT)