b-angelov
diff --git a/‎izpitnik/articles/api/permissions.py‎
Lines changed: 9 additions & 0 deletions b/‎izpitnik/articles/api/permissions.py‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎izpitnik/articles/api/serializers.py‎
Lines changed: 19 additions & 1 deletion b/‎izpitnik/articles/api/serializers.py‎
Lines changed: 19 additions & 1 deletion
diff --git a/‎izpitnik/articles/api/views.py‎
Lines changed: 15 additions & 2 deletions b/‎izpitnik/articles/api/views.py‎
Lines changed: 15 additions & 2 deletions
diff --git a/‎izpitnik/urls.py‎
Lines changed: 2 additions & 1 deletion b/‎izpitnik/urls.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎media/QpuO5zQy.jpeg‎
254 KB b/‎media/QpuO5zQy.jpeg‎
254 KB
diff --git a/‎media/_acXkkrl.jpeg‎
333 KB b/‎media/_acXkkrl.jpeg‎
333 KB
diff --git a/‎media/generated_video1.gif‎
4.08 MB b/‎media/generated_video1.gif‎
4.08 MB
@@ -10,6 +10,15 @@ def has_object_permission(self, request, view, obj):
         if request.method in permissions.SAFE_METHODS:
             return True
 
+        return (
+                request.user.is_superuser or
+                request.user.has_perm("articles.change_article") or
+                obj.author.pk == request.user.pk
+        )
+
+class IsAuthorOnAllMethodsPermission(IsAuthorPermission):
+
+    def has_object_permission(self, request, view, obj):
         return (
                 request.user.is_superuser or
                 request.user.has_perm("articles.change_article") or
 
@@ -1,6 +1,7 @@
 from rest_framework import serializers
 
 from izpitnik.articles.models import Article
+from izpitnik.orth_calendar.models import Saint, Feast, HolidayOccurrences
 from izpitnik.orth_calendar.serializers.feasts import FeastsSerializer
 from izpitnik.orth_calendar.serializers.holiday_occurrences import HolidayOccurrencesSerializer
 from izpitnik.orth_calendar.serializers.saints import SaintsSerializer
@@ -23,7 +24,24 @@ class ArticleSerializer(serializers.ModelSerializer):
         read_only=True
     )
 
+    saint_ids = serializers.PrimaryKeyRelatedField(
+        source='saint', many=True, write_only=True,
+        queryset=Saint.objects.all(), required=False
+    )
+    feast_ids = serializers.PrimaryKeyRelatedField(
+        source='feast', many=True, write_only=True,
+        queryset=Feast.objects.all(), required=False
+    )
+    holiday_ids = serializers.PrimaryKeyRelatedField(
+        source='holiday', many=True, write_only=True,
+        queryset=HolidayOccurrences.objects.all(), required=False
+    )
+
+    image = serializers.ImageField(required=False,allow_null=True,allow_empty_file=True)
+
+
+
     class Meta:
         model = Article
-        fields = ['id', 'title', 'content', 'image', 'saint', 'feast', 'holiday', 'author']
+        fields = ['id', 'title', 'content', 'image', 'saint', 'feast', 'holiday', 'author','saint_ids','feast_ids','holiday_ids','holiday_ids']
         read_only_fields = ['author']
@@ -1,12 +1,12 @@
 from django.db.models import Q
 from rest_framework import status
 from rest_framework.exceptions import NotFound, ParseError
-from rest_framework.generics import ListAPIView, CreateAPIView
+from rest_framework.generics import ListAPIView, CreateAPIView, RetrieveUpdateDestroyAPIView
 from rest_framework.permissions import IsAuthenticatedOrReadOnly
 from rest_framework.response import Response
 from rest_framework.status import HTTP_404_NOT_FOUND
 
-from izpitnik.articles.api.permissions import IsAuthorPermission
+from izpitnik.articles.api.permissions import IsAuthorPermission, IsAuthorOnAllMethodsPermission
 from izpitnik.articles.api.serializers import ArticleSerializer
 from izpitnik.articles.models import Article
 from izpitnik.orth_calendar.models import HolidayOccurrences
@@ -54,3 +54,16 @@ class CreateArticleAPIView(CreateAPIView):
 
     def perform_create(self, serializer):
         serializer.save(author=self.request.user)
+
+class GetUpdateDeleteArticleAPIView(RetrieveUpdateDestroyAPIView):
+    permission_classes = [IsAuthorOnAllMethodsPermission]
+    serializer_class = ArticleSerializer
+    lookup_url_kwarg = "id"
+
+    def get_queryset(self):
+        queryset = Article.objects.filter(id=self.kwargs['id'])#,author=self.request.user.pk)
+        return queryset
+
+    def perform_update(self, serializer):
+        serializer.save()#(author=self.request.user)
+
@@ -25,7 +25,7 @@
 
 from izpitnik import settings
 from izpitnik.accounts.api.views import CustomTokenObtainPairView, CookieTokenRefreshView, ApiLogoutView
-from izpitnik.articles.api.views import ArtilceAPIView, CreateArticleAPIView
+from izpitnik.articles.api.views import ArtilceAPIView, CreateArticleAPIView, GetUpdateDeleteArticleAPIView
 
 urlpatterns = [
     path('admin/', admin.site.urls),
@@ -36,6 +36,7 @@
         path('token/logout/', ApiLogoutView.as_view(), name='logout-api'),
         path('articles/', ArtilceAPIView.as_view(), name='articles-api'),
         path('articles/create', CreateArticleAPIView.as_view(), name='articles-create-api'),
+        path('articles/<int:id>/edit', GetUpdateDeleteArticleAPIView.as_view(), name='articles-edit-api'),
         path('schema/', SpectacularAPIView.as_view(), name='schema'),
         path('schema/redoc/', SpectacularRedocView.as_view(url_name='schema'), name='redoc'),
     ])),