solution

mate-academy · Nov 22, 2023 · 1900e49 · 1900e49
1 parent 4ebb540
commit 1900e49
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 46 deletions.
diff --git a/cinema/views.py b/cinema/views.py
@@ -1,9 +1,10 @@
 from datetime import datetime
 
 from django.db.models import F, Count
-from rest_framework import viewsets
+from rest_framework import viewsets, mixins
 from rest_framework.authentication import TokenAuthentication
 from rest_framework.pagination import PageNumberPagination
+from rest_framework.permissions import IsAuthenticated
 
 from cinema.models import Genre, Actor, CinemaHall, Movie, MovieSession, Order
 
@@ -20,35 +21,52 @@
     OrderSerializer,
     OrderListSerializer,
 )
-from user.permissions import IsAdminOrIfAuthenticatedListCreate, IsAdminOrIfAuthenticatedCRUD
+from user.permissions import IsAdminOrIfAuthenticatedReadOnly
 
 
-class GenreViewSet(viewsets.ModelViewSet):
+class GenreViewSet(
+    viewsets.GenericViewSet,
+    mixins.ListModelMixin,
+    mixins.CreateModelMixin
+):
     queryset = Genre.objects.all()
     serializer_class = GenreSerializer
     authentication_classes = (TokenAuthentication,)
-    permission_classes = (IsAdminOrIfAuthenticatedListCreate,)
+    permission_classes = (IsAdminOrIfAuthenticatedReadOnly,)
 
 
-class ActorViewSet(viewsets.ModelViewSet):
+class ActorViewSet(
+    viewsets.GenericViewSet,
+    mixins.ListModelMixin,
+    mixins.CreateModelMixin
+):
     queryset = Actor.objects.all()
     serializer_class = ActorSerializer
     authentication_classes = (TokenAuthentication,)
-    permission_classes = (IsAdminOrIfAuthenticatedListCreate,)
+    permission_classes = (IsAdminOrIfAuthenticatedReadOnly,)
 
 
-class CinemaHallViewSet(viewsets.ModelViewSet):
+class CinemaHallViewSet(
+    viewsets.GenericViewSet,
+    mixins.ListModelMixin,
+    mixins.CreateModelMixin
+):
     queryset = CinemaHall.objects.all()
     serializer_class = CinemaHallSerializer
     authentication_classes = (TokenAuthentication,)
-    permission_classes = (IsAdminOrIfAuthenticatedListCreate,)
+    permission_classes = (IsAdminOrIfAuthenticatedReadOnly,)
 
 
-class MovieViewSet(viewsets.ModelViewSet):
+class MovieViewSet(
+    viewsets.GenericViewSet,
+    mixins.ListModelMixin,
+    mixins.CreateModelMixin,
+    mixins.RetrieveModelMixin,
+):
     queryset = Movie.objects.prefetch_related("genres", "actors")
     serializer_class = MovieSerializer
     authentication_classes = (TokenAuthentication,)
-    permission_classes = (IsAdminOrIfAuthenticatedListCreate,)
+    permission_classes = (IsAdminOrIfAuthenticatedReadOnly,)
 
     @staticmethod
     def _params_to_ints(qs):
@@ -86,19 +104,28 @@ def get_serializer_class(self):
         return MovieSerializer
 
 
-class MovieSessionViewSet(viewsets.ModelViewSet):
+class MovieSessionViewSet(
+    mixins.ListModelMixin,
+    mixins.CreateModelMixin,
+    mixins.RetrieveModelMixin,
+    mixins.UpdateModelMixin,
+    mixins.DestroyModelMixin,
+    viewsets.GenericViewSet,
+):
     queryset = (
         MovieSession.objects.all()
         .select_related("movie", "cinema_hall")
         .annotate(
-            tickets_available=F("cinema_hall__rows")
-                              * F("cinema_hall__seats_in_row")
-                              - Count("tickets")
+            tickets_available=(
+                F("cinema_hall__rows")
+                * F("cinema_hall__seats_in_row")
+                - Count("tickets")
+            )
         )
     )
     serializer_class = MovieSessionSerializer
     authentication_classes = (TokenAuthentication,)
-    permission_classes = (IsAdminOrIfAuthenticatedCRUD,)
+    permission_classes = (IsAdminOrIfAuthenticatedReadOnly,)
 
     def get_queryset(self):
         date = self.request.query_params.get("date")
@@ -130,14 +157,18 @@ class OrderPagination(PageNumberPagination):
     max_page_size = 100
 
 
-class OrderViewSet(viewsets.ModelViewSet):
+class OrderViewSet(
+    viewsets.GenericViewSet,
+    mixins.ListModelMixin,
+    mixins.CreateModelMixin,
+):
     queryset = Order.objects.prefetch_related(
         "tickets__movie_session__movie", "tickets__movie_session__cinema_hall"
     )
     serializer_class = OrderSerializer
     pagination_class = OrderPagination
-    authentication_classes = (TokenAuthentication,)
-    permission_classes = (IsAdminOrIfAuthenticatedListCreate,)
+    authentication_classes = [TokenAuthentication]
+    permission_classes = [IsAuthenticated]
 
     def get_queryset(self):
         return Order.objects.filter(user=self.request.user)

diff --git a/cinema_service/settings.py b/cinema_service/settings.py
@@ -137,4 +137,3 @@
 # https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field
 
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
-
diff --git a/user/permissions.py b/user/permissions.py
@@ -1,33 +1,13 @@
-
 from rest_framework.permissions import BasePermission, SAFE_METHODS
 
 
 class IsAdminOrIfAuthenticatedReadOnly(BasePermission):
     def has_permission(self, request, view):
         return bool(
             (
-                    request.method in SAFE_METHODS
-                    and request.user
-                    and request.user.is_authenticated
+                request.method in SAFE_METHODS
+                and request.user
+                and request.user.is_authenticated
             )
             or (request.user and request.user.is_staff)
         )
-
-
-class IsAdminOrIfAuthenticatedListCreate(BasePermission):
-    def has_permission(self, request, view):
-        if request.method in ("GET", "HEAD", "OPTIONS"):
-            return request.user and request.user.is_authenticated
-        if request.method == "delete":
-            return False
-        return IsAdminOrIfAuthenticatedReadOnly
-
-    def has_object_permission(self, request, view, obj):
-        return False
-
-
-class IsAdminOrIfAuthenticatedCRUD(BasePermission):
-    def has_permission(self, request, view):
-        if view.action in ["list", "create", "update", "partial_update", "delete"]:
-            return request.user and request.user.is_authenticated
-        return IsAdminOrIfAuthenticatedReadOnly
diff --git a/user/serializers.py b/user/serializers.py
@@ -21,6 +21,3 @@ def update(self, instance, validated_data):
             user.save()
 
         return user
-
-
-
diff --git a/user/views.py b/user/views.py
@@ -29,4 +29,3 @@ class MyView(viewsets.ModelViewSet):
     serializer_class = UserSerializer
     authentication_classes = (TokenAuthentication,)
     permission_classes = (IsAdminOrIfAuthenticatedReadOnly,)
-
Original file line number	Diff line number	Diff line change
Expand Up		@@ -137,4 +137,3 @@
		# https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field

		DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
Original file line number	Diff line number	Diff line change
Expand Up		@@ -21,6 +21,3 @@ def update(self, instance, validated_data):
		user.save()

		return user
Original file line number	Diff line number	Diff line change
Expand Up		@@ -29,4 +29,3 @@ class MyView(viewsets.ModelViewSet):
		serializer_class = UserSerializer
		authentication_classes = (TokenAuthentication,)
		permission_classes = (IsAdminOrIfAuthenticatedReadOnly,)