api.py
2.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import requests
from rest_framework.response import Response
from rest_framework.decorators import api_view
from django.conf import settings
import datetime
from actstream.models import actor_stream
from actstream.models import Action
from django.http import Http404
from django_filters.rest_framework import DjangoFilterBackend
from rest_framework import filters
from rest_framework.generics import get_object_or_404
from rest_framework.permissions import IsAuthenticated
from rest_framework_json_api.views import ReadOnlyModelViewSet
from core.permissions import CustomModelPermissions
from core.serializers import ActionSerializer
from usuario.models import Usuario
@api_view(['POST'])
def recaptcha(request):
r = requests.post(
'https://www.google.com/recaptcha/api/siteverify',
data={
'secret': settings.SECRET_KEY_CAPTCHA,
'response': request.data['captcha_value'],
}
)
return Response({'captcha': r.json()})
class AuditoriaViewSet(ReadOnlyModelViewSet):
queryset = Action.objects.all()
permission_classes = (IsAuthenticated, CustomModelPermissions)
serializer_class = ActionSerializer
filter_backends = (DjangoFilterBackend, filters.OrderingFilter)
ordering = '-timestamp'
def get_queryset(self):
queryset = super().get_queryset()
if not self.action == 'list':
return queryset
# en el caso de que la accion sea listar, controlar que se filtre por fecha obligatoriamente
usuario_id = self.request.GET.get('usuario_id', None)
fecha_desde = self.request.GET.get('fecha_desde', None)
fecha_hasta = self.request.GET.get('fecha_hasta', None)
if not fecha_desde:
return queryset.none()
if not fecha_hasta or fecha_hasta < fecha_desde:
fecha_hasta = datetime.datetime.now()
if usuario_id:
try:
usuario = get_object_or_404(Usuario, id=usuario_id)
queryset = usuario.actor_actions.public(timestamp__date__range=(fecha_desde, fecha_hasta))
except Http404:
return queryset.none()
else:
queryset = Action.objects.public(timestamp__date__range=(fecha_desde, fecha_hasta))
return queryset