User can delete appointment either with view or ajax related view (#49)

* User can delete appointment either with view or ajax related view

* Updated documentation

Author: adamspd

README.md

@@ -39,52 +39,40 @@ notes](https://github.com/adamspd/django-appointment/tree/main/docs/release_note
 - For more information, please refer to
   this [documentation](https://github.com/adamspd/django-appointment/tree/main/docs/history/readme_v2_1_1.md).
 
-## Added Features in version 2.1.3
+## Added Features in version 2.1.5
 
 This release of Django Appointment brings a series of improvements and updates aimed at enhancing the overall
 functionality and user experience:
 
-1. **Dynamic Label Customization in Appointment Pages (#19)**:
-    - Added a new configuration option `app_offered_by_label` to the `Config` model.
-    - This feature allows for dynamic labeling in the appointment HTML page to showcase the staff members or services
-      offering the appointment.
-    - The default value is "Offered by", which can be customized to fit different contexts, such as "Provided by" or "
-      Choose Photographer" for photography services.
+1. **Dynamic Label Customization in Appointment Pages (#19)**
 
-2. **Updated Documentation and Workflow Enhancements (#25, #26, #27)**:
-    - Improved clarity and consistency in the project's documentation, making it more accessible and user-friendly.
-    - Updated workflow processes to streamline development and issue tracking.
+2. **Updated Documentation and Workflow Enhancements (#25, #26, #27)**
 
-3. **Community Engagement and Standards (#21, #22, #23, #24)**:
-    - Introduced a `CODE_OF_CONDUCT.md` to foster a respectful and inclusive community environment.
-    - Created `CONTRIBUTING.md` to guide contributors through the process of making contributions to the project.
-    - Established a `SECURITY.md` policy to address security protocols and reporting.
-    - Refined issue templates for bug reports and feature requests, enhancing the efficiency of community contributions
-      and feedback.
+3. **Community Engagement and Standards (#21, #22, #23, #24)**
 
-4. **Library Updates and Security Patches (#14, #15, #18)**:
-    - Updated dependencies such as `phonenumbers` and `django` to their latest versions, ensuring better performance and
-      security.
+4. **Library Updates and Security Patches (#14, #15, #18)**
 
-5. **Enhanced Project Visibility (#16)**:
-    - Added GitHub Badges to the README for better visibility and quick access to project metrics like build status,
-      versioning, and contribution activities.
+5. **Enhanced Project Visibility (#16)**
 
-6. **Translation Refinements (#31)**:
-    - Removed inconsistencies in translations, improving the internationalization aspect of the application.
+6. **Translation Refinements (#31)**
 
-These updates collectively contribute to the robustness and versatility of the Django Appointment package, aligning with
-our commitment to providing a high-quality and user-friendly appointment management solution.
+7. **Bug Fixes (#48)**
 
-### Breaking Changes in version 2.1.2:
+See more at the [release notes](https://github.com/adamspd/django-appointment/tree/main/docs/release_notes/latest.md).
 
-- None
+These updates collectively contribute to the robustness and versatility of the Django Appointment package, aligning with
+our commitment to providing a high-quality and user-friendly appointment management solution.
 
-### New Features  & Bug Fixes 🆕
+### Bug Fixes 🆕
 
 See the [release notes](https://github.com/adamspd/django-appointment/tree/main/docs/release_notes/latest.md)
 for more information.
 
+### Breaking Changes in version 2.1.5:
+
+- None
+
+
 ## Quick Start 🚀
 
 1. Add "appointment" to your `INSTALLED_APPS` setting like so:

appointment/tests/test_views.py

@@ -38,6 +38,17 @@ def setUp(self):
         middleware = MessageMiddleware(lambda req: None)
         middleware.process_request(self.request)
         self.request.session.save()
+        self.appointment = self.create_appointment_for_user1()
+
+    def need_staff_login(self):
+        self.user1.is_staff = True
+        self.user1.save()
+        self.client.force_login(self.user1)
+
+    def clean_staff_member_objects(self):
+        """Delete all AppointmentRequests and Appointments linked to the StaffMember instance of self.user1."""
+        AppointmentRequest.objects.filter(staff_member__user=self.user1).delete()
+        Appointment.objects.filter(appointment_request__staff_member__user=self.user1).delete()
 
     def test_get_available_slots_ajax(self):
         """get_available_slots_ajax view should return a JSON response with available slots for the selected date."""
@@ -142,17 +153,13 @@ def test_default_thank_you(self):
 
     def test_staff_user_without_staff_member_instance(self):
         """Test that a staff user without a staff member instance receives an appropriate error message."""
-        self.user1.is_staff = True
-
-        # Delete any AppointmentRequests and Appointments linked to the StaffMember instance of self.user1
-        AppointmentRequest.objects.filter(staff_member__user=self.user1).delete()
-        Appointment.objects.filter(appointment_request__staff_member__user=self.user1).delete()
+        self.clean_staff_member_objects()
 
         # Now safely delete the StaffMember instance
         StaffMember.objects.filter(user=self.user1).delete()
 
         self.user1.save()  # Save the user to the database after updating
-        self.client.force_login(self.user1)  # Log in as self.user1
+        self.need_staff_login()
 
         url = reverse('appointment:get_user_appointments')
         response = self.client.get(url)
@@ -161,5 +168,55 @@ def test_staff_user_without_staff_member_instance(self):
         self.assertTrue(any(
             message.message == "User doesn't have a staff member instance. Please contact the administrator." for
             message in message_list),
-                        "Expected error message not found in messages.")
+            "Expected error message not found in messages.")
+
+    def test_delete_appointment(self):
+        self.need_staff_login()
+
+        url = reverse('appointment:delete_appointment', args=[self.appointment.id])
+        response = self.client.get(url)
+
+        self.assertEqual(response.status_code, 302)  # Redirect status code
+        self.assertRedirects(response, reverse('appointment:get_user_appointments'))
+
+        # Check for success messages
+        messages_list = list(get_messages(response.wsgi_request))
+        self.assertTrue(any(_("Appointment deleted successfully!") in str(message) for message in messages_list))
+
+        # Check if appointment is deleted
+        appointment_exists = Appointment.objects.filter(pk=self.appointment.id).exists()
+        self.assertFalse(appointment_exists, "Appointment should be deleted but still exists.")
+
+    def test_delete_appointment_ajax(self):
+        self.need_staff_login()
+
+        url = reverse('appointment:delete_appointment_ajax')
+        data = json.dumps({'appointment_id': self.appointment.id})
+        response = self.client.post(url, data, content_type='application/json')
+
+        self.assertEqual(response.status_code, 200)
+        # Expecting both 'message' and 'success' in the response
+        expected_response = {"message": "Appointment deleted successfully.", "success": True}
+        self.assertEqual(json.loads(response.content), expected_response)
+
+        # Check if appointment is deleted
+        appointment_exists = Appointment.objects.filter(pk=self.appointment.id).exists()
+        self.assertFalse(appointment_exists, "Appointment should be deleted but still exists.")
+
+    def test_remove_staff_member(self):
+        self.need_staff_login()
+        self.clean_staff_member_objects()
+
+        url = reverse('appointment:remove_staff_member', args=[self.staff_member.user_id])
+        response = self.client.get(url)
+
+        self.assertEqual(response.status_code, 302)  # Redirect status code
+        self.assertRedirects(response, reverse('appointment:user_profile'))
+
+        # Check for success messages
+        messages_list = list(get_messages(response.wsgi_request))
+        self.assertTrue(any(_("Staff member deleted successfully!") in str(message) for message in messages_list))
 
+        # Check if staff member is deleted
+        staff_member_exists = StaffMember.objects.filter(pk=self.staff_member.id).exists()
+        self.assertFalse(staff_member_exists, "Appointment should be deleted but still exists.")

appointment/urls.py

@@ -11,7 +11,9 @@
 from appointment.views import appointment_request, get_available_slots_ajax, get_next_available_date_ajax, \
     appointment_request_submit, appointment_client_information, default_thank_you, enter_verification_code, \
     get_non_working_days_ajax
-from appointment.views_admin import get_user_appointments, display_appointment, user_profile, update_working_hours, \
+from appointment.views_admin import delete_appointment, delete_appointment_ajax, get_user_appointments, \
+    display_appointment, user_profile, \
+    update_working_hours, \
     add_working_hours, delete_working_hours, add_day_off, update_day_off, delete_day_off, add_or_update_staff_info, \
     fetch_service_list_for_staff, update_appt_min_info, update_appt_date_time, validate_appointment_date, \
     email_change_verification_code, update_personal_info, create_new_staff_member, make_superuser_staff_member, \
@@ -70,6 +72,9 @@
     path('update-working-hours/<int:working_hours_id>/', update_working_hours, name='update_working_hours'),
     path('add-working-hours/', add_working_hours, name='add_working_hours'),
     path('delete-working-hours/<int:working_hours_id>/', delete_working_hours, name='delete_working_hours'),
+
+    # delete appointment
+    path('delete-appointment/<int:appointment_id>/', delete_appointment, name='delete_appointment'),
 ]
 
 ajax_urlpatterns = [
@@ -81,6 +86,8 @@
     path('update_appt_min_info/', update_appt_min_info, name="update_appt_min_info"),
     path('update_appt_date_time/', update_appt_date_time, name="update_appt_date_time"),
     path('validate_appointment_date/', validate_appointment_date, name="validate_appointment_date"),
+    # delete appointment ajax
+    path('delete_appointment/', delete_appointment_ajax, name="delete_appointment_ajax"),
 ]
 
 urlpatterns = [

appointment/views_admin.py

@@ -11,23 +11,24 @@
 import json
 
 from django.contrib import messages
-from django.shortcuts import render, get_object_or_404, redirect
+from django.shortcuts import get_object_or_404, redirect, render
 from django.utils.translation import gettext as _
 from django.views.decorators.http import require_POST
 
-from appointment.decorators import require_user_authenticated, require_staff_or_superuser, require_ajax, \
-    require_superuser
-from appointment.forms import StaffAppointmentInformationForm, PersonalInformationForm, ServiceForm
-from appointment.models import Appointment, StaffMember, WorkingHours, DayOff
-from appointment.services import fetch_user_appointments, prepare_appointment_display_data, prepare_user_profile_data, \
-    handle_entity_management_request, save_appointment, save_appt_date_time, update_personal_info_service, \
-    email_change_verification_service, create_staff_member_service, handle_service_management_request
-from appointment.utils.db_helpers import get_user_model, get_staff_member_by_user_id, get_day_off_by_id, \
-    get_working_hours_by_id, Service
+from appointment.decorators import require_ajax, require_staff_or_superuser, require_superuser, \
+    require_user_authenticated
+from appointment.forms import PersonalInformationForm, ServiceForm, StaffAppointmentInformationForm
+from appointment.models import Appointment, DayOff, StaffMember, WorkingHours
+from appointment.services import create_staff_member_service, email_change_verification_service, \
+    fetch_user_appointments, handle_entity_management_request, handle_service_management_request, \
+    prepare_appointment_display_data, prepare_user_profile_data, save_appointment, save_appt_date_time, \
+    update_personal_info_service
+from appointment.utils.db_helpers import Service, get_day_off_by_id, get_staff_member_by_user_id, get_user_model, \
+    get_working_hours_by_id
 from appointment.utils.error_codes import ErrorCode
-from appointment.utils.json_context import convert_appointment_to_json, json_response, \
-    get_generic_context_with_extra, get_generic_context, handle_unauthorized_response
-from appointment.utils.permissions import check_permissions, check_extensive_permissions
+from appointment.utils.json_context import convert_appointment_to_json, get_generic_context, \
+    get_generic_context_with_extra, handle_unauthorized_response, json_response
+from appointment.utils.permissions import check_extensive_permissions, check_permissions
 
 
 ###############################################################
@@ -466,3 +467,22 @@ def get_service_list(request, response_type='html'):
         return json_response("Successfully fetched services.", custom_data={'services': service_data}, safe=False)
     context = get_generic_context_with_extra(request=request, extra={'services': services})
     return render(request, 'administration/service_list.html', context=context)
+
+
+@require_user_authenticated
+@require_staff_or_superuser
+def delete_appointment(request, appointment_id):
+    appointment = get_object_or_404(Appointment, pk=appointment_id)
+    appointment.delete()
+    messages.success(request, _("Appointment deleted successfully!"))
+    return redirect('appointment:get_user_appointments')
+
+
+@require_user_authenticated
+@require_staff_or_superuser
+def delete_appointment_ajax(request):
+    data = json.loads(request.body)
+    appointment_id = data.get("appointment_id")
+    appointment = get_object_or_404(Appointment, pk=appointment_id)
+    appointment.delete()
+    return json_response("Appointment deleted successfully.")

docs/release_notes/latest.md

@@ -14,10 +14,11 @@ internationalization, alongside some crucial library updates and new dynamic fea
 
 ### Dynamic Label Customization in Appointment Pages (#19)
 
-- Added a new configuration option `app_offered_by_label` in the `Config` model.
-- Enables dynamic labeling in the appointment HTML page, showcasing the staff members or services offering the
-  appointment.
-- Default label is "Offered by", customizable to suit different service contexts.
+- Added a new configuration option `app_offered_by_label` to the `Config` model.
+- This feature allows for dynamic labeling in the appointment HTML page to showcase the staff members or services
+  offering the appointment.
+- The default value is "Offered by", which can be customized to fit different contexts, such as "Provided by" or "
+  Choose Photographer" for photography services.
 
 ### Updated Documentation and Workflow Enhancements (#25, #26, #27)
 
@@ -43,6 +44,61 @@ internationalization, alongside some crucial library updates and new dynamic fea
 
 - Inconsistencies in translations removed, improving the internationalization aspect.
 
+### Provided an endpoint to delete an appointment (#49)
+
+- Added an endpoint to delete an appointment. Either with an ajax call or a simple request.
+
+## Bug Fixes 🐛
+
+---
+
+- Fixed a bug where a stack trace was displayed when a user that is staff but didn't have a staff member profile tried
+  to access its appointment's page list (/app-admin/user-event/)
+
+  #### Description of the bug
+    If a staff (Django-related role) is authenticated and tries to retrieved this endpoint :
+    `/app-admin/user-event/` he'll get the following error if debug = true
+    ```
+      Traceback (most recent call last):
+      File ".../django/core/handlers/exception.py", line 55, in inner
+        response = get_response(request)
+                   ^^^^^^^^^^^^^^^^^^^^^
+      File ".../django/core/handlers/base.py", line 197, in _get_response
+        response = wrapped_callback(request, *callback_args, **callback_kwargs)
+                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+      File ".../appointment/decorators.py", line 26, in wrapper
+        return func(request, *args, **kwargs)
+               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+      File ".../appointment/decorators.py", line 39, in wrapper
+        return func(request, *args, **kwargs)
+               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+      File ".../appointment/views_admin.py", line 39, in get_user_appointments
+        appointments = fetch_user_appointments(request.user)
+                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+      File ".../appointment/services.py", line 44, in fetch_user_appointments
+        staff_member_instance = user.staffmember
+                                ^^^^^^^^^^^^^^^^
+      File ".../django/utils/functional.py", line 268, in inner
+        return func(_wrapped, *args)
+               ^^^^^^^^^^^^^^^^^^^^^
+      File ".../django/db/models/fields/related_descriptors.py", line 492, in __get__
+        raise self.RelatedObjectDoesNotExist(
+        client.models.UserClient.staffmember.RelatedObjectDoesNotExist: UserClient has no staffmember.
+    ```
+    If debug = false, the user will get a 500 error
+    #### To Reproduce
+    ##### Steps to reproduce the behavior:
+
+      Create a user/account (user1)
+      Login as admin/superuser (admin) and add user1 to staff.
+      Login as user1 and go to /appointment/app-admin/user-event/
+      See error
+
+    #### Expected behavior
+    Not an error but a redirection or anything more concise than just an error or a 5xx code return.
+
+---
+
 ### Breaking Changes 🚨
 
 - None