Index: backend/auth_form/permissions.py =================================================================== --- backend/auth_form/permissions.py (revision 522e6290294133bb73f7150fe715fc9848aeafc3) +++ backend/auth_form/permissions.py (revision 3a9376388153f51a5125ff6db854e7dd21cda6ad) @@ -12,2 +12,6 @@ def has_permission(self, request, view): return hasattr(request.user, 'student') and request.user.student.has_filled_form + +class IsAdmin(BasePermission): + def has_permission(self, request, view): + return request.user.user_type in ['admin'] Index: backend/auth_form/views.py =================================================================== --- backend/auth_form/views.py (revision 522e6290294133bb73f7150fe715fc9848aeafc3) +++ backend/auth_form/views.py (revision 3a9376388153f51a5125ff6db854e7dd21cda6ad) @@ -1,11 +1,10 @@ -from .models import Student -from .serializers import RegistrationSerializer, LoginSerializer, StudentFormSerializer, UserSerializer -from rest_framework import serializers, status, views +from auth_form.models import Student +from auth_form.serializers import RegistrationSerializer, LoginSerializer, StudentFormSerializer, UserSerializer +from rest_framework import status from rest_framework.views import APIView from rest_framework.response import Response from rest_framework.permissions import IsAuthenticated, AllowAny -from rest_framework.decorators import api_view, permission_classes from rest_framework_simplejwt.tokens import RefreshToken -from .permissions import IsStudent, CanSubmitForm, CanUpdateForm +from auth_form.permissions import IsStudent, CanSubmitForm, CanUpdateForm from dj_rest_auth.registration.views import SocialLoginView from allauth.socialaccount.providers.google.views import GoogleOAuth2Adapter @@ -56,5 +55,5 @@ # as it tells the client to reset its view. return Response(status=status.HTTP_205_RESET_CONTENT) - except Exception as e: + except Exception: return Response(status=status.HTTP_400_BAD_REQUEST) @@ -95,5 +94,4 @@ return Response({"detail": "No student profile found."}, status=status.HTTP_404_NOT_FOUND) - index_match = Student.objects.filter(index=request.data['index']) index = request.data['index'] index_match = Student.objects.filter(index=index).exclude(pk=request.user.student.pk) Index: backend/backend/urls.py =================================================================== --- backend/backend/urls.py (revision 522e6290294133bb73f7150fe715fc9848aeafc3) +++ backend/backend/urls.py (revision 3a9376388153f51a5125ff6db854e7dd21cda6ad) @@ -1,5 +1,5 @@ from django.contrib import admin from django.urls import path, include -from subjects.views import index, all_subjects, get_recommendations, ToggleSubjectPreferences, PreferencesView +from subjects.views import index urlpatterns = [ Index: ckend/subjects/permissions.py =================================================================== --- backend/subjects/permissions.py (revision 522e6290294133bb73f7150fe715fc9848aeafc3) +++ (revision ) @@ -1,14 +1,0 @@ -from rest_framework.permissions import BasePermission - -class IsUserType(BasePermission): - allowed_user_types = [] - - def has_permission(self, request, view): - user = request.user - return user.is_authenticated and user.user_type in self.allowed_user_types - -class IsAdminUserType(IsUserType): - allowed_user_types = ['admin'] - -class IsStudentUserType(IsUserType): - allowed_user_types = ['student'] Index: backend/subjects/urls.py =================================================================== --- backend/subjects/urls.py (revision 522e6290294133bb73f7150fe715fc9848aeafc3) +++ backend/subjects/urls.py (revision 3a9376388153f51a5125ff6db854e7dd21cda6ad) @@ -1,8 +1,8 @@ from django.urls import path from .views import (ToggleSubjectPreferences, PreferencesView, all_subjects, - get_recommendations, SubjectReview, ReviewsForSubject, ToggleVote, ReviewListView) + RecommendationsView, SubjectReview, ReviewsForSubject, ToggleVote, ReviewListView) urlpatterns = [ path('all/', all_subjects, name='all_subjects'), - path('recommendations/', get_recommendations, name='get_recommendations'), + path('recommendations/', RecommendationsView.as_view(), name='get_recommendations'), path('preferences/', PreferencesView.as_view(), name='student-preferences'), path('toggle-subject-pref/', ToggleSubjectPreferences.as_view(), name='student-toggle-preferences'), Index: backend/subjects/views.py =================================================================== --- backend/subjects/views.py (revision 522e6290294133bb73f7150fe715fc9848aeafc3) +++ backend/subjects/views.py (revision 3a9376388153f51a5125ff6db854e7dd21cda6ad) @@ -7,10 +7,11 @@ from rest_framework.views import APIView from rest_framework.permissions import IsAuthenticated -from django.db.models import Case, When, F +from django.db.models import Case, When from subjects.utils import get_eligible_subjects, get_recommendations_cache_key, get_recommended_subjects, map_to_subjects_vector, score_for_preferences, get_student_vector from .serializers import SubjectSerializer, EvaluationReviewSerializer, OtherReviewSerializer from .models import Subject, Review, EvaluationReview, OtherReview, ReviewVote from rest_framework.pagination import LimitOffsetPagination -from .permissions import IsAdminUserType, IsStudentUserType +from auth_form.permissions import IsStudent, IsAdmin + def index(request): return HttpResponse("ok") @@ -22,44 +23,45 @@ return Response(serializer.data) -@api_view(['GET']) -def get_recommendations(request): - season = request.query_params.get('season', 2) - not_activated = request.query_params.get('not_activated', 0) - try: - not_activated = int(not_activated) - season = int(season) - except ValueError: - return Response({"message": "invalid params"}, status=status.HTTP_400_BAD_REQUEST) - - student = request.user.student - if not student: - return Response({"message": "Could not find student"}, status=status.HTTP_400_BAD_REQUEST) - cache_key = get_recommendations_cache_key(student, season, not_activated) - if cache_key: - cached_data = cache.get(cache_key) - if cached_data: - return Response({"data": json.loads(cached_data)}, status=status.HTTP_200_OK) - try: - subjects = get_eligible_subjects(student, season=season, not_activated=not_activated) - subject_vectors = map_to_subjects_vector(subjects) - student_vector = get_student_vector(student) - - final_subjects = get_recommended_subjects(score_for_preferences(student_vector, subject_vectors)) - - order = Case(*[When(name=subject_name, then=pos) for pos, subject_name in enumerate(final_subjects)]) - - recommended_subject_objects = Subject.objects.filter(name__in=final_subjects).order_by(order) - - serializer = SubjectSerializer(recommended_subject_objects, many=True) +class RecommendationsView(APIView): + permission_classes = [IsAuthenticated, IsStudent] + def get(self, request): + season = request.query_params.get('season', 2) + not_activated = request.query_params.get('not_activated', 0) + try: + not_activated = int(not_activated) + season = int(season) + except ValueError: + return Response({"message": "invalid params"}, status=status.HTTP_400_BAD_REQUEST) + + student = request.user.student + if not student: + return Response({"message": "Could not find student"}, status=status.HTTP_400_BAD_REQUEST) + cache_key = get_recommendations_cache_key(student, season, not_activated) if cache_key: - cache.set(cache_key, json.dumps(serializer.data), timeout=60 * 60 * 24 * 14) # 14 days - return Response({"data": serializer.data}, status=status.HTTP_200_OK) - - except Exception as e: - return Response({"message": f"An error occurred: {str(e)}"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) + cached_data = cache.get(cache_key) + if cached_data: + return Response({"data": json.loads(cached_data)}, status=status.HTTP_200_OK) + try: + subjects = get_eligible_subjects(student, season=season, not_activated=not_activated) + subject_vectors = map_to_subjects_vector(subjects) + student_vector = get_student_vector(student) + + final_subjects = get_recommended_subjects(score_for_preferences(student_vector, subject_vectors)) + + order = Case(*[When(name=subject_name, then=pos) for pos, subject_name in enumerate(final_subjects)]) + + recommended_subject_objects = Subject.objects.filter(name__in=final_subjects).order_by(order) + + serializer = SubjectSerializer(recommended_subject_objects, many=True) + if cache_key: + cache.set(cache_key, json.dumps(serializer.data), timeout=60 * 60 * 24 * 14) # 14 days + return Response({"data": serializer.data}, status=status.HTTP_200_OK) + + except Exception as e: + return Response({"message": f"An error occurred: {str(e)}"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) class PreferencesView(APIView): - permission_classes = [IsAuthenticated, IsStudentUserType] + permission_classes = [IsAuthenticated, IsStudent] def get(self, request, *args, **kwargs): @@ -78,5 +80,5 @@ Expects a POST request with {'subject_id': }. """ - permission_classes = [IsAuthenticated, IsStudentUserType] + permission_classes = [IsAuthenticated, IsStudent] def post(self, request, *args, **kwargs): subject_id = request.data.get('subject_id') @@ -238,5 +240,5 @@ class ReviewListView(APIView): - # permission_classes = [IsAuthenticated, IsAdminUserType] + permission_classes = [IsAuthenticated, IsAdmin] def get(self, request):