APP-35: auxiliary user table and booking endpoints

Author: NoahCardoza

Diff for: backend/api/admin.py

@@ -1,12 +1,21 @@
 from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin
+from django.contrib.auth.models import User
 
-from .models.User import User
+from .models.Account import Account
 from .models.Booking import Booking
 
 
-class UserAdmin(admin.ModelAdmin):
-    list = ('id', 'email', 'travel_points', 'username', 'password', 'created_at')
+class AccountInline(admin.StackedInline):
+    model = Account
+    can_delete = False
+    verbose_name_plural = 'Accounts'
 
 
+class MyUserAdmin(UserAdmin):
+    inlines = (AccountInline, )
+
+
+admin.site.unregister(User)
+admin.site.register(User, MyUserAdmin)
 admin.site.register(Booking)
-admin.site.register(User)

Diff for: backend/api/models/Account.py

@@ -0,0 +1,11 @@
+from django.contrib.auth.models import User
+from django.db import models
+from django.db.models import IntegerField
+
+
+class Account(models.Model):
+    user = models.OneToOneField(User, on_delete=models.CASCADE)
+    travel_points = IntegerField()
+
+    def _str_(self):
+        return self.user.username

Diff for: backend/api/models/Booking.py

@@ -1,6 +1,7 @@
+from django.contrib.auth.models import User
 from django.db import models
-from django.db.models import IntegerField, CharField, FloatField, DateTimeField, TextChoices, ForeignKey
-from .User import User
+from django.db.models import (CharField, DateTimeField, FloatField, ForeignKey,
+                              IntegerField, TextChoices)
 
 
 class Booking(models.Model):
@@ -12,16 +13,18 @@ class BookingStatus(TextChoices):
         CANCELLED = 'CA', ('Cancelled')
         PAST = 'PA', ('Past')
 
-    id = IntegerField(primary_key=True)
     stripe_id = CharField(max_length=200)
+    hotel_id = CharField(max_length=200, null=True)
+    room_id = CharField(max_length=20, null=True)
     amount_paid = FloatField()
     guest_count = IntegerField()
     points_earned = IntegerField()
-    status = CharField(max_length=2, choices=BookingStatus.choices, default=BookingStatus.PENDING)
-    user_id = ForeignKey(User, on_delete=models.CASCADE)
+    status = CharField(
+        max_length=2, choices=BookingStatus.choices, default=BookingStatus.PENDING)
+    user = ForeignKey(User, on_delete=models.CASCADE)
     start_date = DateTimeField()
     end_date = DateTimeField()
     created_at = DateTimeField()
 
     def _str_(self):
-        return self.title
+        return self.hotel_id

Diff for: backend/api/models/User.py

@@ -0,0 +1 @@
+from . import Account, Booking

Diff for: backend/api/models/__init__.py

@@ -1,4 +1,5 @@
-from amadeus import Client, ResponseError
+from amadeus import Client, ResponseError  # type: ignore
+
 from app import config
 
 amadeus = Client(

Diff for: backend/api/modules/amadeus.py

@@ -1,9 +1,10 @@
 import hashlib
 import time
 
-from app import config
 from requests import Session
 
+from app import config
+
 
 def generate_signature(api_key: str, secret: str) -> str:
     """Generates a signature for the Hotelbeds API.

Diff for: backend/api/modules/hotelbeds.py

@@ -1,14 +1,29 @@
+from django.contrib.auth.models import User
 from rest_framework import serializers
 
-from .models.User import User
 from .models.Booking import Booking
 
 
 class UserSerializer(serializers.ModelSerializer):
     class Meta:
+        fields = ('id', 'username', 'email', 'first_name',
+                  'last_name', 'date_joined', 'last_login')
         model = User
 
 
 class BookingSerializer(serializers.ModelSerializer):
+    # TODO: setup permissions
     class Meta:
+        fields = ('id',
+                  'stripe_id',
+                  'hotel_id',
+                  'room_id',
+                  'amount_paid',
+                  'guest_count',
+                  'points_earned',
+                  'status',
+                  'user',
+                  'start_date',
+                  'end_date',
+                  'created_at')
         model = Booking

Diff for: backend/api/serializers.py

@@ -19,10 +19,11 @@
 from . import views
 
 router = routers.DefaultRouter()
-# router.register(r'users', views.UserView, 'User')
+router.register(r'booking', views.BookingView, 'Booking')
+router.register(r'user', views.UserView, 'User')
+
 
 urlpatterns = [
     path('csrf', views.CSRFGeneratorView.as_view()),
-    path('user/me', views.UserView.as_view()),
     path('', include(router.urls)),
 ]

Diff for: backend/api/urls.py

@@ -1,25 +1,15 @@
+from django.contrib.auth.models import User
 from django.utils.decorators import method_decorator
 from django.views.decorators.csrf import ensure_csrf_cookie
 from rest_framework import permissions, views, viewsets
-from rest_framework.decorators import api_view
+from rest_framework.permissions import IsAuthenticated
 from rest_framework.request import Request
 from rest_framework.response import Response
 
-from .models.User import User
 from .models.Booking import Booking
-from .serializers import UserSerializer
-from .serializers import BookingSerializer
+from .serializers import BookingSerializer, UserSerializer
 
 
-class UserView(viewsets.ModelViewSet):
-    serializer_class = UserSerializer
-    queryset = User.objects.all()
-
-
-class BookingView(viewsets.ModelViewSet):
-    serializer_class = BookingSerializer
-    queryset = Booking.objects.all()
-
 @method_decorator(ensure_csrf_cookie, name='dispatch')
 class CSRFGeneratorView(views.APIView):
     permissions_classes = [permissions.AllowAny]
@@ -28,17 +18,41 @@ def get(self, request: Request, format=None):
         return Response({'success': True})
 
 
-class UserView(views.APIView):
-    # TODO: figure out why this doesn't work
-    permissions_classes = [permissions.IsAuthenticated]
+class BookingView(viewsets.ModelViewSet):
+    serializer_class = BookingSerializer
+    permission_classes = [IsAuthenticated]
 
-    def get(self, request: Request, format=None):
-        user = request.user
+    def get_queryset(self):
+        """
+        This view should return a list of all the purchases
+        for the currently authenticated user.
+        """
+        return Booking.objects.filter(user=self.request.user)
+
+    def get_object(self):
+        """Get a single booking object by pk
+
+        Returns:
+            _type_: _description_
+        """
+        pk = self.kwargs.get('pk')
+
+        if pk is not None:
+            return Booking.objects.get(id=pk, user=self.request.user)
+
+        return super().get_object()
+
+
+class UserView(viewsets.ModelViewSet):
+    queryset = User.objects.all()
+    serializer_class = UserSerializer
+    permission_classes = [IsAuthenticated]
+
+    def get_object(self):
+        pk = self.kwargs.get('pk')
 
-        if not user.is_authenticated:
-            return Response({'error': 'User not authenticated'}, status=401)
+        if pk == "me":
+            return self.request.user
 
-        return Response({
-            'username': user.username,
-            'email': user.email,
-        })
+        # TODO: only allow admins to list all other users
+        return super().get_object()

Diff for: backend/api/views.py

@@ -1,20 +1,15 @@
-Table User {
-  id integer
-  email varchar(200)
-  travel_points integer
-  username varchar(60)
-  password varchar(200)
-  created_at timestamp
+// from djando.contrib.auth.models import User
+Table User { 
+  id int [pk, increment]
+  first_name varchar(200)
+  last_name varchar(200)
+  email varchar(200) [unique]
 }
 
-Enum PropertyType {
-  Hotel
-  Motel
-  Cabin
-  Condo
-  Villa
-  Apartment
-  Resort
+// from api.models import Account
+Table Account {
+  user_id int [ref: > User.id]
+  travel_points integer
 }
 
 Enum BookingStatus {
@@ -24,6 +19,7 @@ Enum BookingStatus {
   Past
 }
 
+// from api.models import Booking
 Table Booking {
   id int [pk, increment]
   stripe_id varchar(200)
@@ -35,19 +31,4 @@ Table Booking {
   start_date date
   end_date date
   created_at timestamp
-}
-
-Table Review {
-  id int [pk, increment]
-  user_id int [ref: > User.id]
-  rating int
-  comment varchar(200)
-  created_at timestamp
-}
-
-Table Image {
-  id int [pk, increment]
-  url varchar(200)
-  created_at timestamp
-}
-
+}