From ea8cd97baf3000b59aef7d26b408f1578d3e59e2 Mon Sep 17 00:00:00 2001 From: Sam Date: Wed, 3 Feb 2021 14:20:55 +0000 Subject: [PATCH 1/4] search function basics --- back_latienda/urls.py | 1 + products/tests.py | 34 ++++++++++++++++++++++++++++++++++ products/views.py | 39 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 74 insertions(+) diff --git a/back_latienda/urls.py b/back_latienda/urls.py index 5541f26..a61f814 100644 --- a/back_latienda/urls.py +++ b/back_latienda/urls.py @@ -34,5 +34,6 @@ urlpatterns = [ path('api/v1/user/update//', core_views.UpdateUserView.as_view(), name="update-user"), path('api/v1/load_coops/', core_views.load_coop_managers, name='coop-loader'), path('api/v1/load_products/', product_views.load_coop_products, name='product-loader'), + path('api/v1/search_products/', product_views.product_search, name='product-search'), path('api/v1/', include(router.urls)), ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) diff --git a/products/tests.py b/products/tests.py index 85940ae..2361bfa 100644 --- a/products/tests.py +++ b/products/tests.py @@ -2,8 +2,10 @@ import random import string import json import datetime +from urllib.parse import quote from django.utils import timezone +from django.test import TestCase from rest_framework.test import APITestCase from rest_framework import status @@ -334,3 +336,35 @@ class LoadCoopProductsTestCase(APITestCase): # check for object creation self.assertEqual(0, self.model.objects.count()) + +class ProductSearchTest(TestCase): + + def setUp(self): + """Tests setup + """ + self.endpoint = '/api/v1/search_products/' + self.model = Product + self.factory = ProductFactory + # create admin user + self.admin_email = f"admin_user@mail.com" + self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) + self.admin_user = CustomUserFactory(email=self.admin_email, password=self.password, is_staff=True, is_active=True) + # create regular user + self.reg_email = f"user@mail.com" + self.user = CustomUserFactory(email=self.reg_email, is_active=True) + self.user.set_password(self.password) + self.user.save() + + def test_anon_user_can_search(self): + query_string = quote("zapatos rojos") + + url = f"{self.endpoint}?query_string={query_string}" + # send in request + response = self.client.get(url) + import ipdb; ipdb.set_trace() + + # check re sponse + self.assertEqual(response.status_code, 200) + # check for object creation + self.assertEquals(5, self.model.objects.count()) + diff --git a/products/views.py b/products/views.py index d4af09b..49026e2 100644 --- a/products/views.py +++ b/products/views.py @@ -100,3 +100,42 @@ def load_coop_products(request): return Response({"errors": {"details": str(type(e))}}) +@api_view(['GET',]) # include allowed methods +def product_search(request): + """ + Takes a string of data, return relevant products + """ + query_string = request.GET.get('query_string', None) + if query_string is None: + return Response({"errors": {"details": "No query string to parse"}}) + try: + chunks = query_string.split(' ') + + result_set = set() + import ipdb; ipdb.set_trace() + for chunk in chunks: + import ipdb; ipdb.set_trace() + # search in name + products = Product.objects.filter(name__in=chunk) + for item in products: + result_set.add(item) + # search in description + products = Product.objects.filter(description__in=chunk) + for item in products: + result_set.add(item) + # search in tags + products = Product.objects.filter(tags__in=chunk) + for item in products: + result_set.add(item) + # search in category + products = Product.objects.filter(category__in=chunk) + for item in products: + result_set.add(item) + # search in attributes + products = Product.objects.filter(attributes__in=chunk) + for item in products: + result_set.add(item) + + return Response(data=result_set) + except Exception as e: + return Response({"errors": {"details": str(type(e))}}) From 77acc668b85edbd89dbfb0a93a49cd15dc65b781 Mon Sep 17 00:00:00 2001 From: Sam Date: Thu, 4 Feb 2021 10:14:28 +0000 Subject: [PATCH 2/4] added user-specific endpoints --- back_latienda/urls.py | 4 ++++ companies/tests.py | 35 +++++++++++++++++++++++++++++++++++ companies/views.py | 13 ++++++++++++- core/tests.py | 35 +++++++++++++++++++++++++++++++++++ core/views.py | 22 +++++++++++++++------- products/tests.py | 34 ++++++++++++++++++++++++++++++++++ products/views.py | 11 ++++++++++- 7 files changed, 145 insertions(+), 9 deletions(-) diff --git a/back_latienda/urls.py b/back_latienda/urls.py index a61f814..a7acd16 100644 --- a/back_latienda/urls.py +++ b/back_latienda/urls.py @@ -22,6 +22,7 @@ from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView from core import views as core_views from products import views as product_views +from companies import views as company_views from .routers import router @@ -35,5 +36,8 @@ urlpatterns = [ path('api/v1/load_coops/', core_views.load_coop_managers, name='coop-loader'), path('api/v1/load_products/', product_views.load_coop_products, name='product-loader'), path('api/v1/search_products/', product_views.product_search, name='product-search'), + path('api/v1/my_user/', core_views.my_user, name='my-user'), + path('api/v1/my_company/', company_views.my_company , name='my-company'), + path('api/v1/my_products/', product_views.my_products, name='my-products'), path('api/v1/', include(router.urls)), ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) diff --git a/companies/tests.py b/companies/tests.py index 41750b0..fe81bfb 100644 --- a/companies/tests.py +++ b/companies/tests.py @@ -239,3 +239,38 @@ class CompanyViewSetTest(APITestCase): self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) # Assert instance doesn't exists anymore on db self.assertFalse(self.model.objects.filter(id=instance.pk).exists()) + + +class MyCompanyViewTest(APITestCase): + """CompanyViewset tests + """ + + def setUp(self): + """Tests setup + """ + self.endpoint = '/api/v1/my_company/' + self.factory = CompanyFactory + self.model = Company + # create user + self.email = f"user@mail.com" + self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) + self.user = CustomUserFactory(email=self.email, is_active=True) + self.user.set_password(self.password) + self.user.save() + + def test_auth_user_gets_data(self): + # Authenticate + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Query endpoint + response = self.client.get(self.endpoint) + # Assert forbidden code + self.assertEqual(response.status_code, status.HTTP_200_OK) + + def test_anon_user_cannot_access(self): + # send in request + response = self.client.get(self.endpoint) + + # check response + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) diff --git a/companies/views.py b/companies/views.py index 194c26c..9c49dfe 100644 --- a/companies/views.py +++ b/companies/views.py @@ -1,8 +1,11 @@ from django.shortcuts import render +from django.core import serializers +from rest_framework.decorators import api_view, permission_classes # Create your views here. from rest_framework import viewsets -from rest_framework.permissions import IsAuthenticatedOrReadOnly +from rest_framework.response import Response +from rest_framework.permissions import IsAuthenticatedOrReadOnly, IsAuthenticated from companies.models import Company from companies.serializers import CompanySerializer @@ -14,3 +17,11 @@ class CompanyViewSet(viewsets.ModelViewSet): queryset = Company.objects.all() serializer_class = CompanySerializer permission_classes = [IsAuthenticatedOrReadOnly, IsCreator] + + +@api_view(['GET',]) +@permission_classes([IsAuthenticated,]) +def my_company(request): + qs = Company.objects.filter(creator=request.user) + data = serializers.serialize('json', qs) + return Response(data=data) diff --git a/core/tests.py b/core/tests.py index 9ce297c..66c7a5d 100644 --- a/core/tests.py +++ b/core/tests.py @@ -460,3 +460,38 @@ class LoadCoopManagerTestCase(APITestCase): self.assertEqual(company_count, self.company_model.objects.count()) self.assertEqual(user_count, self.user_model.objects.count()) + +class MyUserViewTest(APITestCase): + """my_user tests + """ + + def setUp(self): + """Tests setup + """ + self.endpoint = '/api/v1/my_user/' + self.factory = factories.CustomUserFactory + self.model = models.CustomUser + # create user + self.email = f"user@mail.com" + self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) + self.user = self.factory(email=self.email, is_active=True) + self.user.set_password(self.password) + self.user.save() + + def test_auth_user_gets_data(self): + # Authenticate + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Query endpoint + response = self.client.get(self.endpoint) + # Assert forbidden code + self.assertEqual(response.status_code, status.HTTP_200_OK) + + def test_anon_user_cannot_access(self): + # send in request + response = self.client.get(self.endpoint) + + # check response + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) + diff --git a/core/views.py b/core/views.py index 6c99566..8ca328b 100644 --- a/core/views.py +++ b/core/views.py @@ -6,18 +6,19 @@ import io from django.shortcuts import render from django.http import HttpResponse from django.contrib.auth import get_user_model +from django.core import serializers from rest_framework import status from rest_framework import viewsets from rest_framework.response import Response -from rest_framework.permissions import IsAdminUser +from rest_framework.permissions import IsAdminUser, IsAuthenticated from rest_framework.generics import UpdateAPIView from rest_framework.decorators import api_view, permission_classes from companies.models import Company from . import models -from . import serializers +from . import serializers as core_serializers from back_latienda.permissions import CustomUserPermissions, YourOwnUserPermissions @@ -37,9 +38,9 @@ logging.basicConfig( class CustomUserViewSet(viewsets.ModelViewSet): model = models.CustomUser - # serializer_class = serializers.CustomUserSerializer - serializer_class = serializers.CustomUserReadSerializer - write_serializer_class =serializers.CustomUserWriteSerializer + # serializer_class = core_serializers.CustomUserSerializer + serializer_class = core_serializers.CustomUserReadSerializer + write_serializer_class = core_serializers.CustomUserWriteSerializer model_name = 'custom_user' queryset = models.CustomUser.objects.all() permission_classes = [CustomUserPermissions,] @@ -74,7 +75,7 @@ class ChangeUserPasswordView(UpdateAPIView): model = models.CustomUser queryset = model.objects.all() permission_classes = (YourOwnUserPermissions,) - serializer_class = serializers.ChangePasswordSerializer + serializer_class = core_serializers.ChangePasswordSerializer class UpdateUserView(UpdateAPIView): @@ -82,9 +83,16 @@ class UpdateUserView(UpdateAPIView): model = models.CustomUser queryset = model.objects.all() permission_classes = (YourOwnUserPermissions,) - serializer_class = serializers.UpdateUserSerializer + serializer_class = core_serializers.UpdateUserSerializer +@api_view(['GET',]) +@permission_classes([IsAuthenticated,]) +def my_user(request): + qs = User.objects.filter(email=request.user.email) + data = serializers.serialize('json', qs) + return Response(data=data) + @api_view(['POST',]) @permission_classes([IsAdminUser,]) def load_coop_managers(request): diff --git a/products/tests.py b/products/tests.py index 2361bfa..5632b79 100644 --- a/products/tests.py +++ b/products/tests.py @@ -368,3 +368,37 @@ class ProductSearchTest(TestCase): # check for object creation self.assertEquals(5, self.model.objects.count()) + +class MyProductsViewTest(APITestCase): + """my_products tests + """ + + def setUp(self): + """Tests setup + """ + self.endpoint = '/api/v1/my_products/' + self.factory = ProductFactory + self.model = Product + # create user + self.email = f"user@mail.com" + self.password = ''.join(random.choices(string.ascii_uppercase, k = 10)) + self.user = CustomUserFactory(email=self.email, is_active=True) + self.user.set_password(self.password) + self.user.save() + + def test_auth_user_gets_data(self): + # Authenticate + token = get_tokens_for_user(self.user) + self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}") + + # Query endpoint + response = self.client.get(self.endpoint) + # Assert forbidden code + self.assertEqual(response.status_code, status.HTTP_200_OK) + + def test_anon_user_cannot_access(self): + # send in request + response = self.client.get(self.endpoint) + + # check response + self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) diff --git a/products/views.py b/products/views.py index 49026e2..bd14d58 100644 --- a/products/views.py +++ b/products/views.py @@ -3,11 +3,12 @@ import csv from django.shortcuts import render from django.conf import settings +from django.core import serializers # Create your views here. from rest_framework import viewsets from rest_framework.response import Response -from rest_framework.permissions import IsAuthenticatedOrReadOnly, IsAdminUser +from rest_framework.permissions import IsAuthenticatedOrReadOnly, IsAdminUser, IsAuthenticated from rest_framework.decorators import api_view, permission_classes import requests @@ -33,6 +34,14 @@ class ProductViewSet(viewsets.ModelViewSet): permission_classes = [IsAuthenticatedOrReadOnly, IsCreator] +@api_view(['GET',]) +@permission_classes([IsAuthenticated,]) +def my_products(request): + qs = Product.objects.filter(creator=request.user) + data = serializers.serialize('json', qs) + return Response(data=data) + + @api_view(['POST',]) @permission_classes([IsAdminUser,]) def load_coop_products(request): From 904db3b7942aa47f65f1f9884dc27c0e53982740 Mon Sep 17 00:00:00 2001 From: Sam Date: Thu, 4 Feb 2021 10:19:38 +0000 Subject: [PATCH 3/4] very basic and unoptimized search functionality is working --- products/tests.py | 5 ++++- products/views.py | 16 ++++++++-------- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/products/tests.py b/products/tests.py index 5632b79..db6a479 100644 --- a/products/tests.py +++ b/products/tests.py @@ -356,6 +356,9 @@ class ProductSearchTest(TestCase): self.user.save() def test_anon_user_can_search(self): + self.factory(description="zapatos") + self.factory(tags="rojos") + query_string = quote("zapatos rojos") url = f"{self.endpoint}?query_string={query_string}" @@ -366,7 +369,7 @@ class ProductSearchTest(TestCase): # check re sponse self.assertEqual(response.status_code, 200) # check for object creation - self.assertEquals(5, self.model.objects.count()) + self.assertEquals(2, self.model.objects.count()) class MyProductsViewTest(APITestCase): diff --git a/products/views.py b/products/views.py index bd14d58..e12d9bd 100644 --- a/products/views.py +++ b/products/views.py @@ -121,30 +121,30 @@ def product_search(request): chunks = query_string.split(' ') result_set = set() - import ipdb; ipdb.set_trace() + # import ipdb; ipdb.set_trace() for chunk in chunks: - import ipdb; ipdb.set_trace() # search in name - products = Product.objects.filter(name__in=chunk) + products = Product.objects.filter(name=chunk) for item in products: result_set.add(item) # search in description - products = Product.objects.filter(description__in=chunk) + products = Product.objects.filter(description=chunk) for item in products: result_set.add(item) # search in tags - products = Product.objects.filter(tags__in=chunk) + products = Product.objects.filter(tags=chunk) for item in products: result_set.add(item) # search in category - products = Product.objects.filter(category__in=chunk) + products = Product.objects.filter(category=chunk) for item in products: result_set.add(item) # search in attributes - products = Product.objects.filter(attributes__in=chunk) + products = Product.objects.filter(attributes=chunk) for item in products: result_set.add(item) - return Response(data=result_set) + data = serializers.serialize('json', result_set) + return Response(data=data) except Exception as e: return Response({"errors": {"details": str(type(e))}}) From 0107d86a27eeb025b145deb83ec75d41b7b7a799 Mon Sep 17 00:00:00 2001 From: Sam Date: Thu, 4 Feb 2021 10:27:02 +0000 Subject: [PATCH 4/4] readme update --- README.md | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 14d16a5..e072c58 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ This README aims to document functionality of backend as well as required steps - [Location Data](#location-data) - [Endpoints](#endpoints) - [Data Load](#data-load) +- [Development Utils](#development-utils) ## First Steps @@ -100,8 +101,11 @@ Refresh expired token endpoint: `/api/v1/token/refresh/` Endpoint url: `/api/v1/users/` +To get info on authenticated user: `/api/v1/my_user/` + Authenticated users cannot create new users -User are inactive by default + +User are active by default To create user: ```json @@ -118,10 +122,13 @@ To create user: Endpoint url: `/api/v1/companies/` +To get company linked to authenticated user: `/api/v1/my_company/` + ### Products Endpoint url: `/api/v1/products/` +To get products linked to authenticated user: `/api/v1/my_products/` ### History @@ -166,3 +173,14 @@ For massive load of product data. CSV headers: `id,nombre-producto,descripcion,imagen,url,precio,gastos-envio,cond-envio,descuento,stock,tags,categoria,identificadores` Only admin users have access to endoint + + +## Development Utils + +### Fake product load + +To create a dataset of fake companies and products: + +`python manage.py addtestdata` + +Creates 10 Companies, with 100 products each.