diff --git a/account/views.py b/account/views.py index 6b93ac8..3a5f974 100644 --- a/account/views.py +++ b/account/views.py @@ -5,6 +5,7 @@ from rest_framework import viewsets, status, views from rest_framework.decorators import action import random import logging +from PIL import Image from django.views.decorators.csrf import csrf_exempt from django.utils import timezone import jwt @@ -24,6 +25,7 @@ from .serializers import (SuperUserSerializer, GuardianSerializer, JuniorSeriali UserNotificationSerializer, UpdateUserNotificationSerializer, UserPhoneOtpSerializer) from rest_framework_simplejwt.tokens import RefreshToken from base.messages import ERROR_CODE, SUCCESS_CODE +from base.constants import NUMBER from guardian.tasks import generate_otp from account.utils import send_otp_email, send_support_email, custom_response, custom_error_response from rest_framework.permissions import IsAuthenticated @@ -165,26 +167,29 @@ class UpdateProfileImage(views.APIView): """Update profile image""" permission_classes = [IsAuthenticated] def put(self, request, format=None): - if str(request.data['user_type']) == '1': - junior_query = Junior.objects.filter(auth=request.user).last() + try: image = request.data['image'] + img = Image.open(image) + width, height = img.size + if width == NUMBER['zero'] or height == NUMBER['zero']: + return custom_error_response(ERROR_CODE['2035'], response_status=status.HTTP_400_BAD_REQUEST) filename = f"images/{image.name}" image_url = upload_image_to_alibaba(image, filename) image_data = image_url - serializer = UpdateJuniorProfileImageSerializer(junior_query, - data={'image':image_data}, partial=True) - if str(request.data['user_type']) == '2': - guardian_query = Guardian.objects.filter(user=request.user).last() - image = request.data['image'] - filename = f"images/{image.name}" - image_url = upload_image_to_alibaba(image, filename) - image_data = image_url - serializer = UpdateGuardianImageSerializer(guardian_query, - data={'image':image_data}, partial=True) - if serializer.is_valid(): - serializer.save() - return custom_response(SUCCESS_CODE['3017'], serializer.data, response_status=status.HTTP_200_OK) - return custom_error_response(serializer.errors, response_status=status.HTTP_400_BAD_REQUEST) + if str(request.data['user_type']) == '1': + junior_query = Junior.objects.filter(auth=request.user).last() + serializer = UpdateJuniorProfileImageSerializer(junior_query, + data={'image':image_data}, partial=True) + elif str(request.data['user_type']) == '2': + guardian_query = Guardian.objects.filter(user=request.user).last() + serializer = UpdateGuardianImageSerializer(guardian_query, + data={'image':image_data}, partial=True) + if serializer.is_valid(): + serializer.save() + return custom_response(SUCCESS_CODE['3017'], serializer.data, response_status=status.HTTP_200_OK) + return custom_error_response(serializer.errors, response_status=status.HTTP_400_BAD_REQUEST) + except Exception as e: + return custom_error_response(ERROR_CODE['2036'],response_status=status.HTTP_400_BAD_REQUEST) class ChangePasswordAPIView(views.APIView): """change password""" @@ -430,6 +435,10 @@ class UploadImageAPIViewSet(viewsets.ModelViewSet): """profile view""" image_data = request.data['image_url'] filename = f"default_task_images/{image_data.name}" + img = Image.open(image_data) + width, height = img.size + if width == NUMBER['zero'] or height == NUMBER['zero']: + return custom_error_response(ERROR_CODE['2035'], response_status=status.HTTP_400_BAD_REQUEST) image = upload_image_to_alibaba(image_data, filename) image_data = image request.data['image_url'] = image_data diff --git a/base/messages.py b/base/messages.py index f811439..2c0d9cd 100644 --- a/base/messages.py +++ b/base/messages.py @@ -57,7 +57,9 @@ ERROR_CODE = { "2031": "Invalid password", "2032": "Failed to send email", "2033": "Missing required fields", - "2034": "Junior is not associated" + "2034": "Junior is not associated", + "2035": "Image should not be 0 kb", + "2036": "Choose valid user" } SUCCESS_CODE = { # Success code for password diff --git a/guardian/serializers.py b/guardian/serializers.py index 109343e..592502e 100644 --- a/guardian/serializers.py +++ b/guardian/serializers.py @@ -13,7 +13,6 @@ from account.serializers import JuniorSerializer from junior.serializers import JuniorDetailSerializer from base.messages import ERROR_CODE, SUCCESS_CODE from base.constants import NUMBER -from .utils import upload_image_to_alibaba from junior.models import Junior, JuniorPoints class UserSerializer(serializers.ModelSerializer): """User serializer""" diff --git a/guardian/views.py b/guardian/views.py index 5d28bfe..420e521 100644 --- a/guardian/views.py +++ b/guardian/views.py @@ -5,6 +5,7 @@ from rest_framework import viewsets, status from rest_framework.pagination import PageNumberPagination from django.contrib.auth.models import User from django.utils import timezone +from PIL import Image from datetime import datetime, timedelta """Import Django app""" from .serializers import (UserSerializer, CreateGuardianSerializer, TaskSerializer, TaskDetailsSerializer, @@ -17,6 +18,7 @@ from .tasks import generate_otp from account.utils import send_otp_email from account.utils import custom_response, custom_error_response from base.messages import ERROR_CODE, SUCCESS_CODE +from base.constants import NUMBER from .utils import upload_image_to_alibaba from django.db.models import Sum # Create your views here. @@ -54,6 +56,10 @@ class UpdateGuardianProfile(viewsets.ViewSet): data = request.data image = request.data.get('image') image_url = '' + img = Image.open(image) + width, height = img.size + if width == NUMBER['zero'] or height == NUMBER['zero']: + return custom_error_response(ERROR_CODE['2035'], response_status=status.HTTP_400_BAD_REQUEST) if image: filename = f"images/{image.name}" image_url = upload_image_to_alibaba(image, filename) @@ -114,6 +120,10 @@ class CreateTaskAPIView(viewsets.ModelViewSet): image_data = image else: filename = f"images/{image}" + img = Image.open(image) + width, height = img.size + if width == NUMBER['zero'] or height == NUMBER['zero']: + return custom_error_response(ERROR_CODE['2035'], response_status=status.HTTP_400_BAD_REQUEST) image_url = upload_image_to_alibaba(image, filename) image_data = image_url data.pop('default_image') diff --git a/junior/views.py b/junior/views.py index bea0525..0dcdbbe 100644 --- a/junior/views.py +++ b/junior/views.py @@ -3,12 +3,14 @@ from rest_framework import viewsets, status, generics,views from rest_framework.permissions import IsAuthenticated from rest_framework.pagination import PageNumberPagination from rest_framework.response import Response +from PIL import Image """Django app import""" from junior.models import Junior from .serializers import (CreateJuniorSerializer, JuniorDetailListSerializer, AddJuniorSerializer,\ RemoveJuniorSerializer) from guardian.models import Guardian from base.messages import ERROR_CODE, SUCCESS_CODE +from base.constants import NUMBER from account.utils import custom_response, custom_error_response from guardian.utils import upload_image_to_alibaba # Create your views here. @@ -23,6 +25,10 @@ class UpdateJuniorProfile(viewsets.ViewSet): request_data = request.data image = request.data.get('image') image_url = '' + img = Image.open(image) + width, height = img.size + if width == NUMBER['zero'] or height == NUMBER['zero']: + return custom_error_response(ERROR_CODE['2035'], response_status=status.HTTP_400_BAD_REQUEST) if image: filename = f"images/{image.name}" image_url = upload_image_to_alibaba(image, filename)