Add document requests app

2025-04-27 18:21:23 +08:00 · 2024-11-24 02:20:18 +08:00 · 2024-11-24 02:20:18 +08:00 · ba19412d31
commit ba19412d31
parent bb9fcc3d7c
23 changed files with 484 additions and 53 deletions
--- a/docmanager_backend/documents/migrations/0001_initial.py
+++ b/docmanager_backend/documents/migrations/0001_initial.py
@ -1,6 +1,7 @@
-# Generated by Django 5.1.3 on 2024-11-23 14:13
+# Generated by Django 5.1.3 on 2024-11-23 17:01

 import django.utils.timezone
+import documents.models
 from django.db import migrations, models


@ -38,7 +39,11 @@ class Migration(migrations.Migration):
                        max_length=32,
                    ),
                ),
-                ("file", models.FileField(upload_to="documents/")),
+                ("number_pages", models.IntegerField()),
+                (
+                    "file",
+                    models.FileField(upload_to=documents.models.Document.upload_to),
+                ),
                (
                    "date_uploaded",
                    models.DateTimeField(
--- a/docmanager_backend/documents/models.py
+++ b/docmanager_backend/documents/models.py
@ -17,14 +17,15 @@ class Document(models.Model):
    document_type = models.CharField(
        max_length=32, choices=DOCUMENT_TYPE_CHOICES, null=False, blank=False
    )
+    number_pages = models.IntegerField(null=False, blank=False)

    def upload_to(instance, filename):
        _, extension = filename.split(".")
-        return "documents/%s_%s.%s" % (now, str(uuid.uuid4()), extension)
+        return "documents/%s_%s.%s" % (now(), str(uuid.uuid4()), extension)

    file = models.FileField(upload_to=upload_to)

    date_uploaded = models.DateTimeField(default=now, editable=False)

    def __str__(self):
-        return self.name
+        return f"{self.name} ({self.document_type})"
--- a/docmanager_backend/documents/permissions.py
+++ b/docmanager_backend/documents/permissions.py
@ -1,10 +0,0 @@
-from rest_framework.permissions import BasePermission
-
-
-class IsStaff(BasePermission):
-    """
-    Allows access only to users with staff role
-    """
-
-    def has_permission(self, request, view):
-        return bool(request.user and request.user.role == "staff")
--- a/docmanager_backend/documents/serializers.py
+++ b/docmanager_backend/documents/serializers.py
@ -1,4 +1,5 @@
 from rest_framework import serializers
+from config import settings
 from .models import Document


@ -11,7 +12,14 @@ class DocumentUploadSerializer(serializers.ModelSerializer):

    class Meta:
        model = Document
-        fields = ["id", "name", "file", "document_type", "date_uploaded"]
+        fields = [
+            "id",
+            "name",
+            "file",
+            "document_type",
+            "number_pages",
+            "date_uploaded",
+        ]
        read_only_fields = ["id", "date-uploaded"]


@ -29,5 +37,38 @@ class DocumentSerializer(serializers.ModelSerializer):

    class Meta:
        model = Document
-        fields = ["id", "name", "document_type", "date_uploaded"]
-        read_only_fields = ["id", "name", "document_type", "date_uploaded"]
+        fields = ["id", "name", "document_type", "number_pages", "date_uploaded"]
+        read_only_fields = [
+            "id",
+            "name",
+            "document_type",
+            "number_pages",
+            "date_uploaded",
+        ]
+
+
+class DocumentFileSerializer(serializers.ModelSerializer):
+    # Read-only serializer which includes the actual link to the file
+    date_uploaded = serializers.DateTimeField(
+        format="%m-%d-%Y %I:%M %p", read_only=True
+    )
+    file = serializers.FileField()
+
+    class Meta:
+        model = Document
+        fields = [
+            "id",
+            "name",
+            "document_type",
+            "file",
+            "number_pages",
+            "date_uploaded",
+        ]
+        read_only_fields = [
+            "id",
+            "name",
+            "document_type",
+            "number_pages",
+            "date_uploaded",
+            "file",
+        ]
--- a/docmanager_backend/documents/urls.py
+++ b/docmanager_backend/documents/urls.py
@ -1,8 +1,14 @@
 from django.urls import include, path
-from .views import DocumentUploadView, DocumentDeleteView, DocumentListView
+from .views import (
+    DocumentUploadView,
+    DocumentDeleteView,
+    DocumentListView,
+    DocumentStaffListView,
+)

 urlpatterns = [
    path("upload/", DocumentUploadView.as_view()),
    path("delete/<int:pk>/", DocumentDeleteView.as_view()),
    path("list/", DocumentListView.as_view()),
+    path("list/staff/", DocumentStaffListView.as_view()),
 ]
--- a/docmanager_backend/documents/views.py
+++ b/docmanager_backend/documents/views.py
@ -1,31 +1,56 @@
 from rest_framework import generics
 from .serializers import (
    DocumentSerializer,
+    DocumentFileSerializer,
    DocumentUploadSerializer,
    DocumentDeleteSerializer,
 )
-from .permissions import IsStaff
-from .models import Document
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.pagination import PageNumberPagination
+from accounts.permissions import IsStaff
+from .models import Document


 class DocumentUploadView(generics.CreateAPIView):
+    """
+    Used by staff to upload documents.
+    """
+
    http_method_names = ["post"]
    serializer_class = DocumentUploadSerializer
-    # permission_classes = [IsAuthenticated, IsStaff]
+    permission_classes = [IsAuthenticated, IsStaff]


 class DocumentDeleteView(generics.DestroyAPIView):
+    """
+    Used by staff to delete documents. Accepts the document id as a URL parameter
+    """
+
    http_method_names = ["delete"]
    serializer_class = DocumentDeleteSerializer
    queryset = Document.objects.all()
-    # permission_classes = [IsAuthenticated, IsStaff]
+    permission_classes = [IsAuthenticated, IsStaff]


 class DocumentListView(generics.ListAPIView):
+    """
+    Used by clients to view documents. Does not include actual download links to documents
+    """
+
    http_method_names = ["get"]
    serializer_class = DocumentSerializer
    queryset = Document.objects.all()
    pagination_class = PageNumberPagination
-    # permission_classes = [IsAuthenticated]
+    permission_classes = [IsAuthenticated]
+
+
+class DocumentStaffListView(generics.ListAPIView):
+    """
+    Used by staff to view documents. Includes actual download links to documents
+    """
+
+    http_method_names = ["get"]
+    serializer_class = DocumentFileSerializer
+    queryset = Document.objects.all()
+    pagination_class = PageNumberPagination
+    permission_classes = [IsAuthenticated, IsStaff]