diff --git a/UI/Database API/hyrieus/flavoursAPI/hyrieus/migrations/0003_auto_20190113_0009.py b/UI/Database API/hyrieus/flavoursAPI/hyrieus/migrations/0003_auto_20190113_0009.py new file mode 100644 index 0000000..1751b7e --- /dev/null +++ b/UI/Database API/hyrieus/flavoursAPI/hyrieus/migrations/0003_auto_20190113_0009.py @@ -0,0 +1,35 @@ +# Generated by Django 2.1.4 on 2019-01-13 00:09 + +from django.conf import settings +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + + dependencies = [ + ('hyrieus', '0002_auto_20190110_2042'), + ] + + operations = [ + migrations.AlterField( + model_name='userratesdrink', + name='rating_date', + field=models.DateField(auto_now=True), + ), + migrations.AlterField( + model_name='userratesdrink', + name='user', + field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.DO_NOTHING, to=settings.AUTH_USER_MODEL), + ), + migrations.AlterField( + model_name='userratesfood', + name='rating_date', + field=models.DateField(auto_now=True), + ), + migrations.AlterField( + model_name='userratesfood', + name='user', + field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.DO_NOTHING, to=settings.AUTH_USER_MODEL), + ), + ] diff --git a/UI/Database API/hyrieus/flavoursAPI/hyrieus/models.py b/UI/Database API/hyrieus/flavoursAPI/hyrieus/models.py index 8b20e65..6169350 100644 --- a/UI/Database API/hyrieus/flavoursAPI/hyrieus/models.py +++ b/UI/Database API/hyrieus/flavoursAPI/hyrieus/models.py @@ -138,10 +138,10 @@ class UserProhibitsIngredient(models.Model): unique_together = (('user', 'ingredient_name'),) class UserRatesDrink(models.Model): - user = models.ForeignKey(settings.AUTH_USER_MODEL, models.DO_NOTHING) + user = models.ForeignKey(settings.AUTH_USER_MODEL, models.DO_NOTHING, blank=True, null=True) drink = models.ForeignKey(Drink, models.DO_NOTHING) rating_grade = models.IntegerField() - rating_date = models.DateField() + rating_date = models.DateField(auto_now=True) rating_text = models.CharField(max_length=700, blank=True, null=True) rating_pοrtion_size = models.CharField(max_length=6, blank=True, null=True) @@ -151,10 +151,10 @@ class UserRatesDrink(models.Model): unique_together = (('user', 'drink'),) class UserRatesFood(models.Model): - user = models.ForeignKey(settings.AUTH_USER_MODEL, models.DO_NOTHING) + user = models.ForeignKey(settings.AUTH_USER_MODEL, models.DO_NOTHING, blank=True, null=True) food = models.ForeignKey(Food, models.DO_NOTHING) rating_grade = models.IntegerField() - rating_date = models.DateField() + rating_date = models.DateField(auto_now=True) rating_text = models.CharField(max_length=700, blank=True, null=True) rating_pοrtion_size = models.CharField(max_length=6, blank=True, null=True) diff --git a/UI/Database API/hyrieus/flavoursAPI/hyrieus/serializers.py b/UI/Database API/hyrieus/flavoursAPI/hyrieus/serializers.py index a81661b..3251be7 100644 --- a/UI/Database API/hyrieus/flavoursAPI/hyrieus/serializers.py +++ b/UI/Database API/hyrieus/flavoursAPI/hyrieus/serializers.py @@ -86,7 +86,6 @@ class UserPublicInfoSerializer(UserSerializer): 'username' ) - class UserFollowsDietSerializer(serializers.ModelSerializer): class Meta: model = UserFollowsDiet diff --git a/UI/Database API/hyrieus/flavoursAPI/hyrieus/views.py b/UI/Database API/hyrieus/flavoursAPI/hyrieus/views.py index 0b6a78a..5d99206 100644 --- a/UI/Database API/hyrieus/flavoursAPI/hyrieus/views.py +++ b/UI/Database API/hyrieus/flavoursAPI/hyrieus/views.py @@ -293,6 +293,19 @@ class UserRatesDrinkViewSet(viewsets.ModelViewSet): authentication_classes = (SessionAuthentication, BasicAuthentication) permission_classes = (IsAuthenticated,) + def perform_create(self, serializer): + user = self.request.user + + try: + drink = Drink.objects.get(pk=self.request._data.get('drink')) + except Drink.DoesNotExist: + raise Http404 + + if drink.drink_is_approved == 0: + raise PermissionDenied({"message":"You don't have permission to access"}) + + serializer.save(user=user) + def get(self, request, format=None): content = { 'user': unicode(request.user), @@ -307,6 +320,19 @@ class UserRatesFoodViewSet(viewsets.ModelViewSet): authentication_classes = (SessionAuthentication, BasicAuthentication) permission_classes = (IsAuthenticated,) + def perform_create(self, serializer): + user = self.request.user + + try: + food = Food.objects.get(pk=self.request._data.get('food')) + except Food.DoesNotExist: + raise Http404 + + if food.food_is_approved == 0: + raise PermissionDenied({"message":"You don't have permission to access"}) + + serializer.save(user=user) + def get(self, request, format=None): content = { 'user': unicode(request.user), @@ -673,10 +699,10 @@ class AddDiet(APIView): for ingredient in ingredientsList: relation = { - 'drink': diet.diet_id, + 'diet': diet.diet_id, 'ingredient_name': ingredient.ingredient_name } - serializer = DrinkHasIngredientSerializer(data = relation) + serializer = DietProhibitsIngredientSerializer(data = relation) if serializer.is_valid(): serializer.save() return Response(dietSerializer.data)