| 1234567891011121314151617181920212223242526272829303132333435 |
- from rest_framework import generics, permissions, status
- from rest_framework.response import Response
- from rest_framework_api_key.permissions import HasAPIKey
- from tickets.api.permissions import UserTicketAccessPermission, UserTicketStatusAccessPermission
- from tickets.api.serializers import TicketDetailSerializer, TicketSerializer, TicketStatusSerializer
- from tickets.models import Ticket
- #TODO - maybe it's good idea to add concrete permission checks for handlers with API keys
- class TicketDetailAPIView(generics.RetrieveUpdateDestroyAPIView):
- queryset = Ticket.objects.all()
- serializer_class = TicketDetailSerializer
- permission_classes = [permissions.IsAuthenticated & UserTicketAccessPermission | HasAPIKey]
- def destroy(self, request, *args, **kwargs):
- instance = self.get_object()
- instance.archive()
- return Response(status=status.HTTP_204_NO_CONTENT)
- class TicketCreateAPIView(generics.CreateAPIView):
- queryset = Ticket.objects.all()
- serializer_class = TicketSerializer
- permission_classes = [permissions.IsAuthenticated & UserTicketAccessPermission | HasAPIKey]
- def perform_create(self, serializer):
- if serializer.is_valid():
- serializer.save(created_by=self.request.user)
- class TicketStatusAPIView(generics.RetrieveUpdateAPIView):
- queryset = Ticket.objects.all()
- serializer_class = TicketStatusSerializer
- permission_classes = [permissions.IsAuthenticated & UserTicketStatusAccessPermission | HasAPIKey]
|
