RECursion-NITD · Shubham15986 · Dec 21, 2022 · Dec 21, 2022 · Dec 21, 2022 · Dec 21, 2022
diff --git a/.gitignore b/.gitignore
@@ -60,6 +60,8 @@ website/db.sqlit
 .env
 .venv
 env/
+myEnv/
+myenv/
 venv/
 ENV/
 env.bak/
@@ -83,4 +85,7 @@ website/events_calendar/migrations/
 website/migrations/
 
 # Media files
-media/
+media/
+
+staticfiles/
+.agent/
diff --git a/README.md b/README.md
@@ -22,3 +22,6 @@ SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET='googleSECRET'
 4. run ```python manage.py makemigrations```
 5. run ```python manage.py migrate```
 6. run ```python manage.py runserver```
+
+POSTMAN API
+COLLECTION: [REC DRF](https://postman.com/rec-drf-backend-00/workspace/recursion-drf-port-backend/api/3ccf67a5-e059-4d31-8d22-8f3302f94876/version/b021621d-8a18-4f86-aede-8e2737156e9c)
diff --git a/old_requirements.txt b/old_requirements.txt
diff --git a/requirements.txt b/requirements.txt
diff --git a/website/.env.example b/website/.env.example
diff --git a/website/blog/templates/blog/blog_list.html b/website/blog/templates/blog/blog_list.html
@@ -1,4 +1,6 @@
+{% load static %}
 {% load blog_tags %}
+
 {% for post in posts %} 
 <li class="col-sm-12 col-lg-12 ques_div mt-2 mb-1" id="content">
     <ul id="attributeList">
@@ -7,56 +9,63 @@
             <div class="col-sm-1 col-lg-1 mr-2">
                 {% for p in profile %}
                     {% if p.user == post.user_id %}
-                <img src="{{ p.image.url }}" class="rounded-circle mt-2 mb-1" width="55px" height="55px" alt="img">
+                        {% if p.image %}
+                            <img src="{{ p.image.url }}" class="rounded-circle mt-2 mb-1" width="55px" height="55px" alt="img">
+                        {% else %}
+                            <img src="{% static 'image/profile_pic/default.png' %}" class="rounded-circle mt-2 mb-1" width="55px" height="55px" alt="default">
+                        {% endif %}
                     {% endif %}
                 {% endfor %}    
             </div>    
+
             <div class="col-lg-6 col-sm-12">
                 <div>
-                    <a id="questionDetail" href="{% url 'blog:detail_blogs' post.id  %}">
+                    <a id="questionDetail" href="{% url 'blog:detail_blogs' post.id %}">
                         <strong>{{ post.title }}</strong>
                     </a>
                     <br>
                 </div>
+
                 <div id="addedBy" class="text-muted">
-                    <li>Posted by <a href="{% url 'user_profile:view_profile' post.user_id.id  %}">{{post.user_id}}</a> on</li>
+                    <li>Posted by <a href="{% url 'user_profile:view_profile' post.user_id.id %}">{{ post.user_id }}</a> on</li>
                 </div>
-                <li id="postedOn" class="text-muted">{{post.created_at}}</li>
+
+                <li id="postedOn" class="text-muted">{{ post.created_at }}</li>
                 <br>
+
                 <li id="tagList">
                     <ul>
-                        {% for tagging in taggings %} 
-                          {% if tagging.post == post %} 
-                            {% for tag in tags %} 
-                              {% if tagging.tag == tag %}
-                              {% comment %} <li class="tagName" class="font-italic text-muted">{{tag.name}}</li> {% endcomment %}
-                              <li style="display:inline-block;"><a class="tagName" href="{% url 'blog:filter_blog' tag.id  %}">{{ tag.name }}</a></li>
-                              {% endif %} 
-                            {% endfor %} 
-                          {%endif%} 
+                        {% for tagging in taggings %}
+                            {% if tagging.post == post %}
+                                {% for tag in tags %}
+                                    {% if tagging.tag == tag %}
+                                        <li style="display:inline-block;">
+                                            <a class="tagName" href="{% url 'blog:filter_blog' tag.id %}">{{ tag.name }}</a>
+                                        </li>
+                                    {% endif %}
+                                {% endfor %}
+                            {% endif %}
                         {% endfor %}
                     </ul>
                 </li>
             </div>
-                <!-- <div id="AnswerFollow_block" style="display: inline-block;"> -->
-                    <div class="col-sm-5 col-md-3 col-lg-3 mt-auto mb-auto" id="answerBox" style="display: inline-block;">
-                      <div class="row">
-                          <div class="col-sm-6">
-                            {%if post.reply_set.count == 1 %}
-                            <span id="followValue" style="font-size:70%;">{{ post.reply_set.count }} comment
-                            {%else %}
-                            <span id="followValue" style="font-size:70%;">{{ post.reply_set.count }} comments
-                            {%endif%}
-                            </span>
-                          </div>
-                          <div class="col-sm-5 col-md-3 col-lg-6" id="followBox" style="display: inline-block;">
-                            <span id="followValue" style="font-size:70%;">{{post.id|postlike_count}} vote(s)</span>
-                          </div>
-                      </div>
+
+            <div class="col-sm-5 col-md-3 col-lg-3 mt-auto mb-auto" id="answerBox" style="display:inline-block;">
+                <div class="row">
+                    <div class="col-sm-6">
+                        {% if post.reply_set.count == 1 %}
+                            <span id="followValue" style="font-size:70%;">{{ post.reply_set.count }} comment</span>
+                        {% else %}
+                            <span id="followValue" style="font-size:70%;">{{ post.reply_set.count }} comments</span>
+                        {% endif %}
                     </div>
-                <!-- </div> -->
-          </div>
+                    <div class="col-sm-5 col-md-3 col-lg-6" id="followBox" style="display:inline-block;">
+                        <span id="followValue" style="font-size:70%;">{{ post.id|postlike_count }} vote(s)</span>
+                    </div>
+                </div>
+            </div>
+        </div>
     </ul>
 </li>
-<hr> 
-{% endfor %}
+<hr>
+{% endfor %}
diff --git a/website/blog/views.py b/website/blog/views.py
@@ -1,4 +1,6 @@
 from django.shortcuts import render, redirect,get_object_or_404, get_list_or_404
+from utils.content_filter import check_content_safety
+from django_ratelimit.decorators import ratelimit
 from .models import *
 from user_profile.models import *
 from events.models import *
@@ -78,13 +80,19 @@ def valid_url_extension(url, extension_list=VALID_IMAGE_EXTENSIONS):
     return type
 
 @login_required
+@ratelimit(key='user', rate='1/10m', method='POST', block=True)
 def add_blog(request):
     form = Postform(request.POST or None)
 
     Tagform = modelformset_factory(Tags, fields=('name',), extra=5)
     if request.method=='POST':
         form2 = Tagform(request.POST)
         if form.is_valid() and form2.is_valid():
+            description = form.cleaned_data.get('description')
+            title = form.cleaned_data.get('title')
+            if not check_content_safety(description, title):
+                form.add_error('description', "Your post contains irrelevant/inappropriate content and cannot be published.")
+                return render(request, 'blog/blog_form.html', {'form': form,'form2':form2,})
             f = form.save(commit=False)
             f.user_id = request.user
             form.save()
@@ -112,7 +120,7 @@ def add_blog(request):
                     'domain': current_site.domain,
                     'post' : Posts.objects.get(pk=f.id),
                 })
-                msg=(subject, message, 'webmaster@localhost', [user.email])
+                msg=(subject, message, settings.SERVER_EMAIL, [user.email])
                 messages += (msg,)
                 result = send_mass_mail(messages, fail_silently=False)
             return redirect('blog:list_blogs')
@@ -263,7 +271,7 @@ def update_blogs(request, id):
                     'domain': current_site.domain,
                     'post': post,
                 })
-                msg = (subject, message, 'webmaster@localhost', [user.email])
+                msg = (subject, message, settings.SERVER_EMAIL, [user.email])
                 messages += (msg,)
             '''for follow in follows:
                 user = follow.user
@@ -324,7 +332,7 @@ def add_reply(request, id):
                     'domain': current_site.domain,
                     'post': post,
                 })
-                msg = (subject, message, 'webmaster@localhost', [user.email])
+                msg = (subject, message, settings.SERVER_EMAIL, [user.email])
                 messages += (msg,)
             '''for follow in follows:
                 user = follow.user
@@ -386,7 +394,7 @@ def update_reply(request, id):
                             'domain': current_site.domain,
                             'post': post,
                         })
-                        msg = (subject, message, 'webmaster@localhost', [user.email])
+                        msg = (subject, message, settings.SERVER_EMAIL, [user.email])
                         messages += (msg,)
                     '''for follow in follows:
                         user = follow.user
@@ -436,7 +444,7 @@ def add_comment(request, id):
                 'domain': current_site.domain,
                 'post': post,
             })
-            msg = (subject, message, 'webmaster@localhost', [user.email])
+            msg = (subject, message, settings.SERVER_EMAIL, [user.email])
             messages += (msg,)
         '''for follow in follows:
             user = follow.user
@@ -488,7 +496,7 @@ def update_comment(request, id):
                             'domain': current_site.domain,
                             'post': post,
                         })
-                        msg = (subject, message, 'webmaster@localhost', [user.email])
+                        msg = (subject, message, settings.SERVER_EMAIL, [user.email])
                         messages += (msg,)
                     '''for follow in follows:
                         user = follow.user
@@ -750,7 +758,7 @@ def add_comment_reply(request, id):
                 'domain': current_site.domain,
                 'post': reply.post_id,
             })
-            msg = (subject, message, 'webmaster@localhost', [user.email])
+            msg = (subject, message, settings.SERVER_EMAIL, [user.email])
             messages += (msg,)
         '''for follow in follows:
             user = follow.user
@@ -801,7 +809,7 @@ def update_comment_reply(request, id):
                       'domain': current_site.domain,
                       'post': reply.post_id,
                   })
-                  msg = (subject, message, 'webmaster@localhost', [user.email])
+                  msg = (subject, message, settings.SERVER_EMAIL, [user.email])
                   messages += (msg,)
               '''for follow in follows:
                   user = follow.user

diff --git a/website/events_calendar/api/__init__.py b/website/events_calendar/api/__init__.py
diff --git a/website/events_calendar/api/filters.py b/website/events_calendar/api/filters.py
@@ -0,0 +1,14 @@
+from django_filters import rest_framework as filters
+from events_calendar.models import Events_Calendar
+
+
+class EventsFilter(filters.FilterSet):
+    event_type = filters.ChoiceFilter(field_name='event_type', choices=Events_Calendar.event_choices)
+    target_year = filters.ChoiceFilter(field_name='target_year', choices=Events_Calendar.year_choices)
+
+    class Meta:
+        model = Events_Calendar
+        fields = {
+            'start_time': ['gte', 'lte'],
+            'end_time': ['gte', 'lte'],
+        }
diff --git a/website/events_calendar/api/permissions.py b/website/events_calendar/api/permissions.py
@@ -0,0 +1,22 @@
+from rest_framework.permissions import IsAuthenticatedOrReadOnly, BasePermission, SAFE_METHODS
+
+
+class EventsListCreatePermission(BasePermission):
+    def has_permission(self, request, view):
+        if request.method in SAFE_METHODS:
+            return True
+        if not request.user.is_authenticated:
+            return False
+        role = request.user.profile.role
+        return role in ('1', '2')
+
+
+class EventRetrieveUpdateDestroyPermission(IsAuthenticatedOrReadOnly):
+    def has_object_permission(self, request, view, obj):
+        if request.method in SAFE_METHODS:
+            return True
+        if not bool(request.user and request.user.is_authenticated):
+            return False
+        role = request.user.profile.role
+        return role in ('1', '2')
+
diff --git a/website/events_calendar/api/serializers.py b/website/events_calendar/api/serializers.py
@@ -0,0 +1,16 @@
+from rest_framework import serializers
+
+from events_calendar.models import Events_Calendar
+from user_profile.api.serializers import UserSerializer
+
+
+class EventsSerializer(serializers.ModelSerializer):
+    url = serializers.HyperlinkedIdentityField(view_name='events_api:events_detail', lookup_field='id',
+                                               lookup_url_kwarg='slug')
+    user = UserSerializer(read_only=True)
+
+    class Meta:
+        model = Events_Calendar
+        # exclude = ['id', ]
+        fields = '__all__'
+        read_only_fields = ['user', 'url', 'duration', ]
diff --git a/website/events_calendar/api/urls.py b/website/events_calendar/api/urls.py
@@ -0,0 +1,14 @@
+from django.urls import path
+
+from .views import (
+    EventsListCreateView,
+    EventsRetrieveUpdateDestroyView,
+
+)
+
+app_name = 'events_api'
+
+urlpatterns = [
+    path('', EventsListCreateView.as_view(), name='events_list'),
+    path('<int:slug>/', EventsRetrieveUpdateDestroyView.as_view(), name='events_detail'),
+]
diff --git a/website/events_calendar/api/views.py b/website/events_calendar/api/views.py
@@ -0,0 +1,45 @@
+from django_filters import rest_framework as filters
+
+from rest_framework.filters import SearchFilter, OrderingFilter
+from rest_framework.generics import ListCreateAPIView, RetrieveUpdateDestroyAPIView
+from rest_framework.permissions import IsAuthenticatedOrReadOnly
+from events_calendar.models import Events_Calendar
+from events_calendar.views import get_event_duration
+from .serializers import EventsSerializer
+from .permissions import EventsListCreatePermission, EventRetrieveUpdateDestroyPermission
+from .filters import EventsFilter
+
+
+# HIGH POTENTIAL FOR CACHING
+
+class EventsListCreateView(ListCreateAPIView):
+    serializer_class = EventsSerializer
+    permission_classes = (EventsListCreatePermission,)
+    filter_backends = (filters.DjangoFilterBackend, SearchFilter, OrderingFilter)
+    filterset_class = EventsFilter
+    search_fields = ['title', 'description', 'venue']
+    ordering_fields = ['start_time', 'end_time', 'updated_at', 'duration']
+
+    def get_queryset(self):
+        return Events_Calendar.objects.all().order_by('-start_time')
+
+    def perform_create(self, serializer):
+        start_time, end_time = serializer.validated_data.get('start_time'), serializer.validated_data.get('end_time')
+        serializer.save(user=self.request.user, duration=get_event_duration(start_time, end_time))
+
+
+class EventsRetrieveUpdateDestroyView(RetrieveUpdateDestroyAPIView):
+    serializer_class = EventsSerializer
+    permission_classes = (EventRetrieveUpdateDestroyPermission,)
+    lookup_field = 'id'
+    lookup_url_kwarg = 'slug'
+
+    def get_queryset(self):
+        return Events_Calendar.objects.select_related('user').all()
+
+    def perform_update(self, serializer):
+        # Saving twice. Need to find a better way to do it
+        # Preferably using pre_save signals
+        event = serializer.save()
+        event.duration = get_event_duration(event.start_time, event.end_time)
+        event.save()