From 1de77062166cfcb91c50481777fb508dd726d61d Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Mon, 28 Nov 2022 14:42:48 +0000
Subject: [PATCH] Ensure previous classes aren't modified

---
 apiserver/apiserver/api/serializers.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/apiserver/apiserver/api/serializers.py b/apiserver/apiserver/api/serializers.py
index 2c61918..8a1d4f5 100644
--- a/apiserver/apiserver/api/serializers.py
+++ b/apiserver/apiserver/api/serializers.py
@@ -577,10 +577,23 @@ class SessionSerializer(serializers.ModelSerializer):
         else:
             return None
 
+    def create(self, validated_data):
+        if validated_data['datetime'] < now() - datetime.timedelta(days=2):
+            msg = 'Past class creation detected:\n' + str(validated_data)
+            utils.alert_tanner(msg)
+            raise ValidationError(dict(non_field_errors='Class can\'t be in the past.'))
+
+        return super().create(validated_data)
+
     def update(self, instance, validated_data):
         if not self.initial_data.get('instructor_id', None):
             raise ValidationError(dict(instructor_id='This field is required.'))
 
+        if validated_data['datetime'] < now() - datetime.timedelta(days=2):
+            msg = 'Past class modification detected:\n' + str(validated_data)
+            utils.alert_tanner(msg)
+            raise ValidationError(dict(non_field_errors='Can\'t modify past class.'))
+
         member = get_object_or_404(models.Member, id=self.initial_data['instructor_id'])
         if not (is_admin_director(member.user) or member.is_instructor):
             raise ValidationError(dict(instructor_id='Member is not an instructor.'))