Implement Orders/Bills permissions, unpaid bill views

This commit is contained in:
fnux 2020-05-07 13:12:38 +02:00
parent 718abab9d2
commit 56d98cbb55

View file

@ -182,8 +182,13 @@ class BillViewSet(viewsets.ReadOnlyModelViewSet):
def get_queryset(self): def get_queryset(self):
return Bill.objects.filter(owner=self.request.user) return Bill.objects.filter(owner=self.request.user)
@action(detail=False, methods=['get'])
def unpaid(self, request): def unpaid(self, request):
return Bill.objects.filter(owner=self.request.user, paid=False) serializer = self.get_serializer(
Bill.get_unpaid_for(self.request.user),
many=True)
return Response(serializer.data)
class OrderViewSet(viewsets.ReadOnlyModelViewSet): class OrderViewSet(viewsets.ReadOnlyModelViewSet):
@ -247,7 +252,7 @@ class BillingAddressViewSet(mixins.CreateModelMixin,
class AdminPaymentViewSet(viewsets.ModelViewSet): class AdminPaymentViewSet(viewsets.ModelViewSet):
serializer_class = PaymentSerializer serializer_class = PaymentSerializer
permission_classes = [permissions.IsAuthenticated] permission_classes = [permissions.IsAdminUser]
def get_queryset(self): def get_queryset(self):
return Payment.objects.all() return Payment.objects.all()
@ -260,25 +265,28 @@ class AdminPaymentViewSet(viewsets.ModelViewSet):
headers = self.get_success_headers(serializer.data) headers = self.get_success_headers(serializer.data)
return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers) return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
class AdminBillViewSet(viewsets.ModelViewSet): # Bills are generated from orders and should not be created or updated by hand.
class AdminBillViewSet(viewsets.ReadOnlyModelViewSet):
serializer_class = BillSerializer serializer_class = BillSerializer
permission_classes = [permissions.IsAuthenticated] permission_classes = [permissions.IsAdminUser]
def get_queryset(self): def get_queryset(self):
return Bill.objects.all() return Bill.objects.all()
@action(detail=False, methods=['get'])
def unpaid(self, request): def unpaid(self, request):
return Bill.objects.filter(owner=self.request.user, paid=False) unpaid_bills = []
# XXX: works but we can do better than number of users + 1 SQL requests...
for user in get_user_model().objects.all():
unpaid_bills = unpaid_bills + Bill.get_unpaid_for(self.request.user)
def create(self, request): serializer = self.get_serializer(unpaid_bills, many=True)
serializer = self.get_serializer(data=request.data) return Response(serializer.data)
serializer.is_valid(raise_exception=True)
serializer.save(creation_date=datetime.now())
headers = self.get_success_headers(serializer.data) class AdminOrderViewSet(mixins.ListModelMixin,
return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers) mixins.RetrieveModelMixin,
mixins.CreateModelMixin,
class AdminOrderViewSet(viewsets.ModelViewSet): viewsets.GenericViewSet):
permission_classes = [permissions.IsAdminUser] permission_classes = [permissions.IsAdminUser]
def get_serializer(self, *args, **kwargs): def get_serializer(self, *args, **kwargs):