All stages done - CSOC-task-2 #8
Conversation
There was a problem hiding this comment.
Great work on the assignment! @PaRaDoX50 I loved how you've utilized the related_name field.
Will update the points later!
|
|
||
| class LoginForm(forms.Form): | ||
| username = forms.CharField(max_length=254) | ||
| password = forms.CharField(label=("Password")) |
There was a problem hiding this comment.
You must add widget=forms.PasswordInput, so that the input would be a password, not plain text.
Who likes to show his password on the screen to the fellow users? 😅
| book = models.ForeignKey(Book, on_delete=models.CASCADE) | ||
| rating_by = models.ForeignKey(User, related_name='rating_by', null=False, blank=False, on_delete=models.CASCADE) | ||
| rating = models.FloatField() |
There was a problem hiding this comment.
The rating shall be given as an integer - please read proper instructions.
Also, you could have also used unique_together META option here.
| desired_book = get_object_or_404(Book,id=bid) | ||
|
|
||
| count = BookCopy.objects.filter(Q(book=desired_book) & Q(status=True)).count() | ||
| issued = False | ||
| if request.user.is_authenticated: | ||
| user_book_copies = request.user.borrower.all() | ||
| for bc in user_book_copies: | ||
| if bc.book == desired_book: | ||
| issued = True | ||
| break |
| get_data = request.GET | ||
| print(get_data,"hello") |
| @@ -54,15 +105,32 @@ def viewLoanedBooks(request): | |||
| @csrf_exempt | |||
| @login_required | |||
| def loanBookView(request): | |||
| book_id = request.POST.get('bid') | |||
| count = BookCopy.objects.filter(Q(book=Book.objects.get(id=book_id)) & Q(status=True)).count() | |||
There was a problem hiding this comment.
This is not a good way to call ORM queries. This will run two queries on database, one to get the book and another to filter it.
Better, you should've used: book=book_id
| bookcopy_id = request.POST.get('bid') | ||
| bookcopy = get_object_or_404(BookCopy,id=bookcopy_id) | ||
| bookcopy.borrower = None | ||
| bookcopy.borrow_date = None | ||
| bookcopy.status = True | ||
| bookcopy.save() | ||
| print(request.POST) | ||
| msg = 'success' | ||
|
|
||
| response_data={ | ||
| 'message': msg | ||
| } | ||
|
|
||
| return JsonResponse(response_data) |
There was a problem hiding this comment.
There must be a validation in the backend when a user is returning the book, to make sure that he has only borrowed the book. Otherwise, a simple POST request will make the BookCopy to be returned, and would set its status as True.
| form = forms.RatingForm(request.POST) | ||
| if form.is_valid(): | ||
| rating = form.cleaned_data.get('rating') | ||
| ratings_by_user =request.user.rating_by.all() | ||
| print(ratings_by_user,'hellllsaldlasldlasldl') | ||
| if ratings_by_user.count() > 0: | ||
| rating_object = ratings_by_user[0] | ||
| rating_object.rating = rating | ||
| rating_object.save() |
There was a problem hiding this comment.
You've not put a backend validation on the rating, so the user can simply edit the JS code you've written in the template and easily put invalid values of rating.
|
Points Updated! 🎉 |
|
Thank you for reviewing! |
CSoC Task 2 Submission
I have completed the following tasks