diff --git a/apiserver/apiserver/api/serializers.py b/apiserver/apiserver/api/serializers.py index 2a6106c..fc3e075 100644 --- a/apiserver/apiserver/api/serializers.py +++ b/apiserver/apiserver/api/serializers.py @@ -42,24 +42,31 @@ def process_image(upload): return small, medium, large - - -# member viewing member list or other member -class OtherMemberSerializer(serializers.ModelSerializer): - q = serializers.CharField(write_only=True, max_length=64) - seq = serializers.IntegerField(write_only=True) - - class Meta: - model = models.Member - fields = ['q', 'seq', 'id', 'preferred_name', 'last_name', 'status', 'current_start_date', 'photo_small', 'photo_large'] - class UserEmailField(serializers.ModelField): def to_representation(self, obj): return getattr(obj.user, 'email', obj.old_email) def to_internal_value(self, data): return serializers.EmailField().run_validation(data) -# member viewing himself + + +class AdminCardSerializer(serializers.ModelSerializer): + card_number = serializers.CharField() + class Meta: + model = models.Card + fields = '__all__' + read_only_fields = ['last_seen_at'] + + + + +# member viewing other members +class OtherMemberSerializer(serializers.ModelSerializer): + class Meta: + model = models.Member + fields = ['id', 'preferred_name', 'last_name', 'status', 'current_start_date', 'photo_small', 'photo_large'] + +# member viewing his own details class MemberSerializer(serializers.ModelSerializer): photo = serializers.ImageField(write_only=True, required=False) email = UserEmailField(serializers.EmailField) @@ -85,12 +92,15 @@ class MemberSerializer(serializers.ModelSerializer): 'photo_medium', 'photo_small', 'user', + 'old_email', ] def update(self, instance, validated_data): if instance.user: instance.user.email = validated_data.get('email', instance.user.email) instance.user.save() + else: + instance.old_email = validated_data.get('email', instance.old_email) photo = validated_data.get('photo', None) if photo: @@ -101,7 +111,7 @@ class MemberSerializer(serializers.ModelSerializer): return super().update(instance, validated_data) -# adming viewing member +# admin viewing member details class AdminMemberSerializer(MemberSerializer): class Meta: model = models.Member @@ -113,10 +123,41 @@ class AdminMemberSerializer(MemberSerializer): 'photo_medium', 'photo_small', 'user', + 'old_email', ] +# member viewing member list or search result +class SearchSerializer(serializers.Serializer): + q = serializers.CharField(write_only=True, max_length=64) + seq = serializers.IntegerField(write_only=True) + member = serializers.SerializerMethodField() + + def get_member(self, obj): + serializer = OtherMemberSerializer(obj) + return serializer.data + +# admin viewing search result +class AdminSearchSerializer(serializers.Serializer): + cards = serializers.SerializerMethodField() + member = serializers.SerializerMethodField() + + def get_member(self, obj): + serializer = AdminMemberSerializer(obj) + return serializer.data + + def get_cards(self, obj): + if obj.user: + queryset = obj.user.cards + else: + queryset = models.Card.objects.filter(member_id=obj.id) + serializer = AdminCardSerializer(data=queryset, many=True) + serializer.is_valid() + return serializer.data + + + class UserTrainingSerializer(serializers.ModelSerializer): class Meta: model = models.Training @@ -174,6 +215,7 @@ class AdminCourseSerializer(serializers.ModelSerializer): fields = '__all__' + class RegistrationSerializer(RegisterSerializer): first_name = serializers.CharField(max_length=32) last_name = serializers.CharField(max_length=32) diff --git a/apiserver/apiserver/api/views.py b/apiserver/apiserver/api/views.py index a078d9e..717e50d 100644 --- a/apiserver/apiserver/api/views.py +++ b/apiserver/apiserver/api/views.py @@ -21,6 +21,7 @@ class IsOwnerOrAdmin(BasePermission): def has_object_permission(self, request, view, obj): return obj.user == request.user or is_admin_director(request.user) + class RetrieveUpdateViewSet( viewsets.GenericViewSet, mixins.RetrieveModelMixin, @@ -41,12 +42,20 @@ def gen_search_strings(): NUM_SEARCH_RESULTS = 10 class SearchViewSet(viewsets.GenericViewSet, mixins.RetrieveModelMixin): permission_classes = [AllowMetadata | IsAuthenticated] - serializer_class = serializers.OtherMemberSerializer + + def get_serializer_class(self): + if is_admin_director(self.request.user) and self.action == 'retrieve': + return serializers.AdminSearchSerializer + else: + return serializers.SearchSerializer def get_queryset(self): queryset = models.Member.objects.all() search = self.request.data.get('q', '').lower() + if not search_strings: + gen_search_strings() # init cache + if len(search): choices = search_strings.keys() @@ -68,7 +77,7 @@ class SearchViewSet(viewsets.GenericViewSet, mixins.RetrieveModelMixin): queryset = result_objects else: - gen_search_strings() + gen_search_strings() # update cache queryset = queryset.order_by('-vetted_date') return queryset @@ -81,7 +90,7 @@ class SearchViewSet(viewsets.GenericViewSet, mixins.RetrieveModelMixin): seq = 0 queryset = self.get_queryset()[:NUM_SEARCH_RESULTS] - serializer = self.serializer_class(queryset, many=True) + serializer = serializers.SearchSerializer(queryset, many=True) return Response({'seq': seq, 'results': serializer.data}) diff --git a/webclient/src/Account.js b/webclient/src/Account.js index e069aad..bf55598 100644 --- a/webclient/src/Account.js +++ b/webclient/src/Account.js @@ -17,7 +17,7 @@ function ChangePasswordForm(props) { const handleSubmit = (e) => { setLoading(true); - requester('/rest-auth/password/change/', 'POST', props.token, input) + requester('/password/change/', 'POST', props.token, input) .then(res => { setError({}); history.push('/'); @@ -32,7 +32,7 @@ function ChangePasswordForm(props) { const makeProps = (name) => ({ name: name, onChange: handleChange, - value: input[name], + value: input[name] || '', error: error[name], }); @@ -43,16 +43,19 @@ function ChangePasswordForm(props) {