# HG changeset patch # User rougeronj # Date 1429805830 -7200 # Node ID 2deead259283074e7e582c8ab7391c9120bf3940 # Parent 5c8d95d96c58fe7c442d1973df02cafe1d9ff68f add user filter to send bakc only the slides and books of the current user diff -r 5c8d95d96c58 -r 2deead259283 client/app/index.html --- a/client/app/index.html Wed Apr 08 17:24:35 2015 +0200 +++ b/client/app/index.html Thu Apr 23 18:17:10 2015 +0200 @@ -80,7 +80,7 @@ record: angular.fromJson('{"record": "record value"}'), urls: { base_static: "./", - ammicoUrl: "http://127.0.0.1:8080/ammico", + ammicoUrl: "http://127.0.0.1:8000/ammico", searchUrl: "http://ammico.labs.exalead.com/search-api" } }); diff -r 5c8d95d96c58 -r 2deead259283 server/ammico/views.py --- a/server/ammico/views.py Wed Apr 08 17:24:35 2015 +0200 +++ b/server/ammico/views.py Thu Apr 23 18:17:10 2015 +0200 @@ -77,7 +77,7 @@ """ Return a list of all Books. """ - books = Book.objects.all() + books = Book.objects.filter(user = request.user.id) serializer = BookSerializer(books, many=True) return Response(serializer.data) @@ -92,7 +92,7 @@ if ('idParent' in request.data): try: - book = Book.objects.get(id=request.data['idParent']) + book = Book.objects.get(user = request.user.id, id=request.data['idParent']) except Book.DoesNotExist: return HttpResponse(status=404) new_book = deepcopy(book) @@ -130,7 +130,7 @@ Get information from a book """ try: - book = Book.objects.get(id=idBook) + book = Book.objects.get(user = request.user.id, id=idBook) except Book.DoesNotExist: return HttpResponse(status=404) @@ -141,7 +141,7 @@ """ delete a book """ - book = Book.objects.get(id = idBook) + book = Book.objects.get(user = request.user.id, id = idBook) book.delete() return Response(status=status.HTTP_204_NO_CONTENT) @@ -154,7 +154,7 @@ def get(self, request, idBook): try: - book = Book.objects.get(id=idBook) + book = Book.objects.get(user = request.user.id, id=idBook) except Book.DoesNotExist: return HttpResponse(status=404) @@ -175,7 +175,7 @@ Get slides order """ try: - book = Book.objects.get(id=idBook) + book = Book.objects.get(user = request.user.id, id=idBook) except Book.DoesNotExist: return HttpResponse(status=404) response = {} @@ -187,7 +187,7 @@ Set Slides order """ try: - book = Book.objects.get(id=idBook) + book = Book.objects.get(user = request.user.id, id=idBook) except Book.DoesNotExist: return HttpResponse(status=404) @@ -206,7 +206,7 @@ """ Return a list of slide """ - slides = Slide.objects.filter() + slides = Slide.objects.filter(book__user = request.user.id) serializer = SlideSerializer(slides, many=True) return Response(serializer.data) @@ -233,7 +233,7 @@ Get information from a slide """ try: - slide = Slide.objects.get(id=idSlide) + slide = Slide.objects.get(book__user = request.user.id, id=idSlide) except Slide.DoesNotExist: return HttpResponse(status=404) @@ -245,7 +245,7 @@ Update slide information """ try: - slide = Slide.objects.get(id=idSlide) + slide = Slide.objects.get(book__user = request.user.id, id=idSlide) except Slide.DoesNotExist: return HttpResponse(status=404) serializer = SlideSerializer(slide, data=request.data) @@ -259,7 +259,7 @@ Delete a slide """ try: - slide = Slide.objects.get(id = idSlide) + slide = Slide.objects.get(book__user = request.user.id, id = idSlide) except Slide.DoesNotExist: return HttpResponse(status=404)