Mercurial Mercurial > ammico / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/ammico/views.py
changeset 86 2deead259283
parent 72 ed2ee692ff6f
child 90 faf2cdb47813 
--- a/server/ammico/views.py	Wed Apr 08 17:24:35 2015 +0200
+++ b/server/ammico/views.py	Thu Apr 23 18:17:10 2015 +0200
@@ -77,7 +77,7 @@
         """
         Return a list of all Books.
         """
-        books = Book.objects.all()
+        books = Book.objects.filter(user = request.user.id)
         serializer = BookSerializer(books, many=True)
         return Response(serializer.data)
     
@@ -92,7 +92,7 @@
         
         if ('idParent' in request.data):
             try:
-                book = Book.objects.get(id=request.data['idParent'])
+                book = Book.objects.get(user = request.user.id, id=request.data['idParent'])
             except Book.DoesNotExist:
                 return HttpResponse(status=404)
             new_book = deepcopy(book)
@@ -130,7 +130,7 @@
         Get information from a book
         """
         try:
-            book = Book.objects.get(id=idBook)
+            book = Book.objects.get(user = request.user.id, id=idBook)
         except Book.DoesNotExist:
             return HttpResponse(status=404)
         
@@ -141,7 +141,7 @@
         """
         delete a book
         """
-        book = Book.objects.get(id = idBook)
+        book = Book.objects.get(user = request.user.id, id = idBook)
         book.delete()
         return Response(status=status.HTTP_204_NO_CONTENT)
     
@@ -154,7 +154,7 @@
 
     def get(self, request, idBook):
         try:
-            book = Book.objects.get(id=idBook)
+            book = Book.objects.get(user = request.user.id, id=idBook)
         except Book.DoesNotExist:
             return HttpResponse(status=404)
         
@@ -175,7 +175,7 @@
         Get slides order
         """
         try:
-            book = Book.objects.get(id=idBook)
+            book = Book.objects.get(user = request.user.id, id=idBook)
         except Book.DoesNotExist:
             return HttpResponse(status=404)
         response = {}
@@ -187,7 +187,7 @@
         Set Slides order
         """
         try:
-            book = Book.objects.get(id=idBook)
+            book = Book.objects.get(user = request.user.id, id=idBook)
         except Book.DoesNotExist:
             return HttpResponse(status=404)
         
@@ -206,7 +206,7 @@
         """
         Return a list of slide
         """               
-        slides = Slide.objects.filter()
+        slides = Slide.objects.filter(book__user = request.user.id)
         serializer = SlideSerializer(slides, many=True)
         return Response(serializer.data)
     
@@ -233,7 +233,7 @@
         Get information from a slide
         """
         try:
-            slide = Slide.objects.get(id=idSlide)
+            slide = Slide.objects.get(book__user = request.user.id, id=idSlide)
         except Slide.DoesNotExist:
             return HttpResponse(status=404)
         
@@ -245,7 +245,7 @@
         Update slide information
         """
         try:
-            slide = Slide.objects.get(id=idSlide)
+            slide = Slide.objects.get(book__user = request.user.id, id=idSlide)
         except Slide.DoesNotExist:
             return HttpResponse(status=404)
         serializer = SlideSerializer(slide, data=request.data)
@@ -259,7 +259,7 @@
         Delete a slide
         """
         try:
-            slide = Slide.objects.get(id = idSlide)
+            slide = Slide.objects.get(book__user = request.user.id, id = idSlide)
         except Slide.DoesNotExist:
             return HttpResponse(status=404)
ammico