Move to using inline todos, update .dockerignore, and remove duplicate timezone records in seed data

2025-06-28 16:15:44 +08:00 · 2024-11-13 17:43:36 +08:00 · 2024-11-13 17:43:36 +08:00 · f7b949a45e
commit f7b949a45e
parent b024a74364
7 changed files with 40 additions and 29 deletions
--- a/backend/notifications/models.py
+++ b/backend/notifications/models.py
@ -1,11 +1,17 @@
+from django.core.cache import cache
 from django.db import models


 class Notification(models.Model):
-    recipient = models.ForeignKey("accounts.CustomUser", on_delete=models.CASCADE)
+    recipient = models.ForeignKey(
+        "accounts.CustomUser", on_delete=models.CASCADE)
    content = models.CharField(max_length=1000, null=True)
    timestamp = models.DateTimeField(auto_now_add=True, editable=False)
    dismissed = models.BooleanField(default=False)

    def __str__(self):
        return self.content
+
+    def save(self, **kwargs):
+        cache.delete(f"notifications_user:{self.recipient.id}")
+        super().save(**kwargs)
--- a/backend/notifications/views.py
+++ b/backend/notifications/views.py
@ -3,12 +3,14 @@ from notifications.models import Notification
 from notifications.serializers import NotificationSerializer
 from rest_framework import viewsets
 from rest_framework.exceptions import PermissionDenied
+from rest_framework.permissions import IsAuthenticated


 class NotificationViewSet(viewsets.ModelViewSet):
-    http_method_names = ["get", "patch", "delete"]
+    http_method_names = ["get", "delete"]
    serializer_class = NotificationSerializer
    queryset = Notification.objects.all()
+    permission_classes = [IsAuthenticated]

    def get_queryset(self):
        user = self.request.user
@ -21,18 +23,14 @@ class NotificationViewSet(viewsets.ModelViewSet):
            cache.set(key, queryset, 60 * 60)
        return queryset

-    def update(self, request, *args, **kwargs):
-        instance = self.get_object()
-        if instance.recipient != request.user:
-            raise PermissionDenied(
-                "You do not have permission to update this notification."
-            )
-        return super().update(request, *args, **kwargs)
-
    def destroy(self, request, *args, **kwargs):
        instance = self.get_object()
+        user = self.request.user
        if instance.recipient != request.user:
            raise PermissionDenied(
                "You do not have permission to delete this notification."
            )
+
+        cache.delete(f"notifications_user:{user.id}")
+
        return super().destroy(request, *args, **kwargs)