Allow author creation by api.

[wolnelektury.git] / src / catalogue / api / views.py

diff --git a/src/catalogue/api/views.py b/src/catalogue/api/views.py
index 885df24..b45ad46 100644 (file)
--- a/src/catalogue/api/views.py
+++ b/src/catalogue/api/views.py
@@ -7,7 +7,8 @@ from django.conf import settings
 from django.http import Http404, HttpResponse
 from django.utils.decorators import method_decorator
 from django.views.decorators.cache import never_cache
-from rest_framework.generics import ListAPIView, RetrieveAPIView, get_object_or_404
+from rest_framework.generics import (ListAPIView, RetrieveAPIView,
+                                     RetrieveUpdateAPIView, get_object_or_404)
 from rest_framework.permissions import DjangoModelPermissionsOrAnonReadOnly
 from rest_framework.response import Response
 from rest_framework import status
@@ -26,13 +27,31 @@ from . import serializers
 book_tag_categories = ['author', 'epoch', 'kind', 'genre']
 
 
+class CreateOnPutMixin:
+    '''
+    Creates a new model instance when PUTting a nonexistent resource.
+    '''
+    def get_object(self):
+        try:
+            return super().get_object()
+        except Http404:
+            if self.request.method == 'PUT':
+                lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_field
+                return self.get_queryset().model(**{
+                    self.lookup_field: self.kwargs[lookup_url_kwarg]
+                })
+            else:
+                raise
+
+
 class CollectionList(ListAPIView):
     queryset = Collection.objects.filter(listed=True)
     serializer_class = serializers.CollectionListSerializer
 
 
 @vary_on_auth  # Because of 'liked'.
-class CollectionDetail(RetrieveAPIView):
+class CollectionDetail(CreateOnPutMixin, RetrieveUpdateAPIView):
+    permission_classes = [DjangoModelPermissionsOrAnonReadOnly]
     queryset = Collection.objects.all()
     lookup_field = 'slug'
     serializer_class = serializers.CollectionSerializer
@@ -289,14 +308,33 @@ class TagCategoryView(ListAPIView):
 
 
 class TagView(RetrieveAPIView):
+    permission_classes = [DjangoModelPermissionsOrAnonReadOnly]
     serializer_class = serializers.TagDetailSerializer
-
+    queryset = Tag.objects.all()
+    
     def get_object(self):
-        return get_object_or_404(
-            Tag,
-            category=self.kwargs['category'],
-            slug=self.kwargs['slug']
-        )
+        try:
+            return get_object_or_404(
+                Tag,
+                category=self.kwargs['category'],
+                slug=self.kwargs['slug']
+            )
+        except Http404:
+            if self.method == 'PUT':
+                return Tag(
+                    category=self.kwargs['category'],
+                    slug=self.kwargs['slug']
+                )
+            else:
+                raise
+
+    def post(self, request, **kwargs):
+        data = json.loads(request.POST.get('data'))
+        desc = data['description_pl']
+        obj = self.get_object()
+        obj.description_pl = desc
+        obj.save(update_fields=['description_pl'], quick=True)
+        return Response({})
 
 
 @vary_on_auth  # Because of 'liked'.