General A/B testing.
[wolnelektury.git] / src / catalogue / api / views.py
index ee345ba..34971c4 100644 (file)
@@ -1,20 +1,23 @@
-# -*- coding: utf-8 -*-
 # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
 #
 import json
 from django.http import Http404, HttpResponse
 # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
 #
 import json
 from django.http import Http404, HttpResponse
+from django.utils.decorators import method_decorator
+from django.views.decorators.cache import never_cache
 from rest_framework.generics import ListAPIView, RetrieveAPIView, get_object_or_404
 from rest_framework.permissions import DjangoModelPermissionsOrAnonReadOnly
 from rest_framework.response import Response
 from rest_framework import status
 from rest_framework.generics import ListAPIView, RetrieveAPIView, get_object_or_404
 from rest_framework.permissions import DjangoModelPermissionsOrAnonReadOnly
 from rest_framework.response import Response
 from rest_framework import status
-from paypal.permissions import IsSubscribed
 from api.handlers import read_tags
 from api.handlers import read_tags
+from api.utils import vary_on_auth
+from club.models import Membership
 from .helpers import books_after, order_books
 from . import serializers
 from catalogue.forms import BookImportForm
 from .helpers import books_after, order_books
 from . import serializers
 from catalogue.forms import BookImportForm
-from catalogue.models import Book, Collection, Tag, Fragment
+from catalogue.models import Book, Collection, Tag, Fragment, BookMedia
 from catalogue.models.tag import prefetch_relations
 from catalogue.models.tag import prefetch_relations
+from club.permissions import IsClubMember
 from wolnelektury.utils import re_escape
 
 
 from wolnelektury.utils import re_escape
 
 
@@ -26,12 +29,14 @@ class CollectionList(ListAPIView):
     serializer_class = serializers.CollectionListSerializer
 
 
     serializer_class = serializers.CollectionListSerializer
 
 
+@vary_on_auth  # Because of 'liked'.
 class CollectionDetail(RetrieveAPIView):
     queryset = Collection.objects.all()
     lookup_field = 'slug'
     serializer_class = serializers.CollectionSerializer
 
 
 class CollectionDetail(RetrieveAPIView):
     queryset = Collection.objects.all()
     lookup_field = 'slug'
     serializer_class = serializers.CollectionSerializer
 
 
+@vary_on_auth  # Because of 'liked'.
 class BookList(ListAPIView):
     permission_classes = [DjangoModelPermissionsOrAnonReadOnly]
     queryset = Book.objects.none()  # Required for DjangoModelPermissions
 class BookList(ListAPIView):
     permission_classes = [DjangoModelPermissionsOrAnonReadOnly]
     queryset = Book.objects.none()  # Required for DjangoModelPermissions
@@ -49,6 +54,11 @@ class BookList(ListAPIView):
         new_api = self.request.query_params.get('new_api')
         after = self.request.query_params.get('after', self.kwargs.get('after'))
         count = self.request.query_params.get('count', self.kwargs.get('count'))
         new_api = self.request.query_params.get('new_api')
         after = self.request.query_params.get('after', self.kwargs.get('after'))
         count = self.request.query_params.get('count', self.kwargs.get('count'))
+        if count:
+            try:
+                count = int(count)
+            except TypeError:
+                raise Http404  # Fixme
 
         if tags:
             if self.kwargs.get('top_level'):
 
         if tags:
             if self.kwargs.get('top_level'):
@@ -62,6 +72,9 @@ class BookList(ListAPIView):
             books = Book.objects.all()
         books = order_books(books, new_api)
 
             books = Book.objects.all()
         books = order_books(books, new_api)
 
+        if not Membership.is_active_for(self.request.user):
+            books = books.exclude(preview=True)
+
         if self.kwargs.get('top_level'):
             books = books.filter(parent=None)
         if self.kwargs.get('audiobooks'):
         if self.kwargs.get('top_level'):
             books = books.filter(parent=None)
         if self.kwargs.get('audiobooks'):
@@ -87,7 +100,12 @@ class BookList(ListAPIView):
         return books
 
     def post(self, request, **kwargs):
         return books
 
     def post(self, request, **kwargs):
-        # Permission needed.
+        if kwargs.get('audiobooks'):
+            return self.post_audiobook(request, **kwargs)
+        else:
+            return self.post_book(request, **kwargs)
+
+    def post_book(self, request, **kwargs):
         data = json.loads(request.POST.get('data'))
         form = BookImportForm(data)
         if form.is_valid():
         data = json.loads(request.POST.get('data'))
         form = BookImportForm(data)
         if form.is_valid():
@@ -96,22 +114,57 @@ class BookList(ListAPIView):
         else:
             raise Http404
 
         else:
             raise Http404
 
+    def post_audiobook(self, request, **kwargs):
+        index = int(request.POST['part_index'])
+        parts_count = int(request.POST['parts_count'])
+        media_type = request.POST['type'].lower()
+        source_sha1 = request.POST.get('source_sha1')
+        name = request.POST.get('name', '')
+        part_name = request.POST.get('part_name', '')
+
+        _rest, slug = request.POST['book'].rstrip('/').rsplit('/', 1)
+        book = Book.objects.get(slug=slug)
 
 
+        try:
+            assert source_sha1
+            bm = book.media.get(type=media_type, source_sha1=source_sha1)
+        except (AssertionError, BookMedia.DoesNotExist):
+            bm = BookMedia(book=book, type=media_type)
+        bm.name = name
+        bm.part_name = part_name
+        bm.index = index
+        bm.file.save(None, request.data['file'], save=False)
+        bm.save(parts_count=parts_count)
+
+        return Response({}, status=status.HTTP_201_CREATED)
+
+
+@vary_on_auth  # Because of 'liked'.
 class BookDetail(RetrieveAPIView):
     queryset = Book.objects.all()
     lookup_field = 'slug'
     serializer_class = serializers.BookDetailSerializer
 
 
 class BookDetail(RetrieveAPIView):
     queryset = Book.objects.all()
     lookup_field = 'slug'
     serializer_class = serializers.BookDetailSerializer
 
 
+@vary_on_auth  # Because of embargo links.
 class EbookList(BookList):
     serializer_class = serializers.EbookSerializer
 
 
 class EbookList(BookList):
     serializer_class = serializers.EbookSerializer
 
 
+@method_decorator(never_cache, name='dispatch')
 class Preview(ListAPIView):
 class Preview(ListAPIView):
-    queryset = Book.objects.filter(preview=True)
+    #queryset = Book.objects.filter(preview=True)
     serializer_class = serializers.BookPreviewSerializer
 
     serializer_class = serializers.BookPreviewSerializer
 
+    def get_queryset(self):
+        qs = Book.objects.filter(preview=True)
+        # FIXME: temporary workaround for a problem with iOS app; see #3954.
+        if 'Darwin' in self.request.META.get('HTTP_USER_AGENT', '') and 'debug' not in self.request.GET:
+            qs = qs.none()
+        return qs
+
 
 
+@vary_on_auth  # Because of 'liked'.
 class FilterBookList(ListAPIView):
     serializer_class = serializers.FilterBookListSerializer
 
 class FilterBookList(ListAPIView):
     serializer_class = serializers.FilterBookListSerializer
 
@@ -127,6 +180,8 @@ class FilterBookList(ListAPIView):
         is_lektura = self.parse_bool(self.request.query_params.get('lektura'))
         is_audiobook = self.parse_bool(self.request.query_params.get('audiobook'))
         preview = self.parse_bool(self.request.query_params.get('preview'))
         is_lektura = self.parse_bool(self.request.query_params.get('lektura'))
         is_audiobook = self.parse_bool(self.request.query_params.get('audiobook'))
         preview = self.parse_bool(self.request.query_params.get('preview'))
+        if not Membership.is_active_for(self.request.user):
+            preview = False
 
         new_api = self.request.query_params.get('new_api')
         after = self.request.query_params.get('after')
 
         new_api = self.request.query_params.get('new_api')
         after = self.request.query_params.get('after')
@@ -186,8 +241,9 @@ class FilterBookList(ListAPIView):
 class EpubView(RetrieveAPIView):
     queryset = Book.objects.all()
     lookup_field = 'slug'
 class EpubView(RetrieveAPIView):
     queryset = Book.objects.all()
     lookup_field = 'slug'
-    permission_classes = [IsSubscribed]
+    permission_classes = [IsClubMember]
 
 
+    @method_decorator(never_cache)
     def get(self, *args, **kwargs):
         return HttpResponse(self.get_object().get_media('epub'))
 
     def get(self, *args, **kwargs):
         return HttpResponse(self.get_object().get_media('epub'))
 
@@ -224,6 +280,7 @@ class TagView(RetrieveAPIView):
         )
 
 
         )
 
 
+@vary_on_auth  # Because of 'liked'.
 class FragmentList(ListAPIView):
     serializer_class = serializers.FragmentSerializer
 
 class FragmentList(ListAPIView):
     serializer_class = serializers.FragmentSerializer
 
@@ -239,6 +296,7 @@ class FragmentList(ListAPIView):
         return Fragment.tagged.with_all(tags).select_related('book')
 
 
         return Fragment.tagged.with_all(tags).select_related('book')
 
 
+@vary_on_auth  # Because of 'liked'.
 class FragmentView(RetrieveAPIView):
     serializer_class = serializers.FragmentDetailSerializer
 
 class FragmentView(RetrieveAPIView):
     serializer_class = serializers.FragmentDetailSerializer