mamweb/korektury/api/views.py

from http import HTTPStatus

from django.http import JsonResponse, HttpResponse
from django.shortcuts import get_object_or_404
from django.utils.html import linebreaks

from rest_framework import serializers

from korektury.utils import send_email_notification_komentar
from korektury.models import Oprava, KorekturovanePDF, Komentar, KorekturaTag
from personalni.models import Organizator


def korektury_stav_view(request, pdf_id: int, **kwargs):
	q = request.POST
	pdf = get_object_or_404(KorekturovanePDF, id=pdf_id)
	status = q.get('state')
	if status is not None:
		assert status in KorekturovanePDF.STATUS.values
		pdf.status = status
		pdf.save()
	return JsonResponse({'status': pdf.status})


def oprava_stav_view(request, **kwargs):
	q = request.POST
	op_id_str = q.get('id')
	assert op_id_str is not None
	op_id = int(op_id_str)
	op = get_object_or_404(Oprava, id=op_id)
	status = q.get('action')
	if status is not None:
		assert status in Oprava.STATUS.values
		op.status = status
		op.save()
	return JsonResponse({'status': op.status})

def oprava_smaz_view(request, **kwargs):
	q = request.POST
	op_id_str = q.get('oprava_id')
	assert op_id_str is not None
	op_id = int(op_id_str)
	oprava = get_object_or_404(Oprava, id=op_id)
	oprava.delete()
	return HttpResponse(status=HTTPStatus.NO_CONTENT)

def komentar_smaz_view(request, **kwargs):
	q = request.POST
	kom_id_str = q.get('komentar_id')
	assert kom_id_str is not None
	kom_id = int(kom_id_str)
	komentar = get_object_or_404(Komentar, id=kom_id)
	komentar.delete()
	return HttpResponse(status=HTTPStatus.NO_CONTENT)

class KomentarSerializer(serializers.ModelSerializer):
	class Meta:
		model = Komentar
		fields = '__all__'

	def to_representation(self, instance):
		ret = super().to_representation(instance)
		ret["autor"] = str(instance.autor)
		ret["text"] = linebreaks(ret["text"], autoescape=True) # Autora není třeba escapovat, ten se vkládá jako text.
		return ret

class KorekturaTagSerializer(serializers.ModelSerializer):
	class Meta:
		model = KorekturaTag
		fields = '__all__'


class OpravaSerializer(serializers.ModelSerializer):
	class Meta:
		model = Oprava
		fields = '__all__'

	def to_representation(self, instance):
		ret = super().to_representation(instance)
		ret["komentare"] = [KomentarSerializer(komentar).data for komentar in instance.komentar_set.all()]
		ret["tagy"] = [KorekturaTagSerializer(tag).data for tag in instance.tagy.all()]
		return ret

	# komentar_set = serializers.ListField(child=KomentarSerializer())

def opravy_a_komentare_view(request, pdf_id: int, **kwargs):
	if request.method == 'POST':
		q = request.POST

		x = int(q.get('x'))
		y = int(q.get('y'))
		img_id = int(q.get('img_id'))
		oprava_id = int(q.get('oprava_id'))
		komentar_id = int(q.get('komentar_id'))
		text = q.get('text')

		# prirazeni autora podle prihlaseni
		autor_user = request.user
		# pokud existuje ucet (user), ale neni to organizator = 403
		autor = Organizator.objects.filter(osoba__user=autor_user).first()

		if komentar_id != -1:
			komentar = get_object_or_404(Komentar, id=komentar_id)
			if komentar.text != text:
				komentar.text = text
				komentar.autor = autor
				komentar.save()
			oprava = komentar.oprava
		else:
			if oprava_id != -1:
				oprava = get_object_or_404(Oprava, id=oprava_id)
			else:
				pdf = get_object_or_404(KorekturovanePDF, id=pdf_id)
				oprava = Oprava.objects.create(
					pdf=pdf,
					strana=img_id,
					x=x,
					y=y,
				)

			Komentar.objects.create(oprava=oprava, autor=autor, text=text)
			send_email_notification_komentar(oprava, autor, request)

		tagy_raw = q.get('tagy')
		if tagy_raw is not None:
			oprava.tagy.clear()
			if tagy_raw != "":
				tagy = list(map(int, tagy_raw.split(",")))
				oprava.tagy.add(*KorekturaTag.objects.filter(id__in=tagy))


	opravy = Oprava.objects.filter(pdf=pdf_id).all()
	# Serializovat list je prý security vulnerability, tedy je přidán slovník pro bezpečnost
	return JsonResponse({"context": [OpravaSerializer(oprava).data for oprava in opravy]})