diff --git a/scheduleManagement/urls.py b/scheduleManagement/urls.py index 4701ed5..0dd6f50 100644 --- a/scheduleManagement/urls.py +++ b/scheduleManagement/urls.py @@ -9,6 +9,11 @@ views.UserUpdateRequestHandler.as_view(), name="edit_profile", ), + path( + "accounts/profile/delete/", + views.UserDeleteRequestHandler.as_view(), + name="delete_profile", + ), path( "list-courses/", views.CourseListRequestHandler.as_view(), name="list_courses" ), diff --git a/scheduleManagement/views/__init__.py b/scheduleManagement/views/__init__.py index 31d022d..e591fd7 100644 --- a/scheduleManagement/views/__init__.py +++ b/scheduleManagement/views/__init__.py @@ -27,6 +27,7 @@ ) from .delete import ( + UserDeleteRequestHandler, # noqa: F401 CourseDeleteRequestHandler, # noqa: F401 DisciplineDeleteRequestHandler, # noqa: F401 ScheduleDeleteRequestHandler, # noqa: F401 diff --git a/scheduleManagement/views/delete.py b/scheduleManagement/views/delete.py index 14323ae..e35b09d 100644 --- a/scheduleManagement/views/delete.py +++ b/scheduleManagement/views/delete.py @@ -1,10 +1,36 @@ -from django.urls import reverse_lazy +from django.contrib.auth.mixins import LoginRequiredMixin +from django.core.exceptions import PermissionDenied from django.views.generic.edit import DeleteView +from django.contrib.auth.models import User +from django.urls import reverse_lazy from ..models import Curso, Disciplina, Horario -class CourseDeleteRequestHandler(DeleteView): +class UserDeleteRequestHandler(LoginRequiredMixin, DeleteView): + model = User + template_name = "confirm-delete.html" + success_url = reverse_lazy("home") + + def get_object(self, queryset=None): # noqa: F821 + """ Only let the user delete their own account """ + + object_instance = super().get_object() + + if object_instance != self.request.user: + print(object_instance, self.request.user) + raise PermissionDenied() + + print(object_instance, self.request.user) + return object_instance + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + context["object_type"] = "user" + return context + + +class CourseDeleteRequestHandler(LoginRequiredMixin, DeleteView): model = Curso template_name = "confirm-delete.html" success_url = reverse_lazy("list_courses") @@ -15,7 +41,7 @@ def get_context_data(self, **kwargs): return context -class DisciplineDeleteRequestHandler(DeleteView): +class DisciplineDeleteRequestHandler(LoginRequiredMixin, DeleteView): model = Disciplina template_name = "confirm-delete.html" success_url = reverse_lazy("list_disciplines") @@ -26,7 +52,7 @@ def get_context_data(self, **kwargs): return context -class ScheduleDeleteRequestHandler(DeleteView): +class ScheduleDeleteRequestHandler(LoginRequiredMixin, DeleteView): model = Horario template_name = "confirm-delete.html" success_url = reverse_lazy("list_schedules") diff --git a/scheduleManagement/views/update.py b/scheduleManagement/views/update.py index 630bfca..29283a1 100644 --- a/scheduleManagement/views/update.py +++ b/scheduleManagement/views/update.py @@ -1,4 +1,4 @@ -from typing import Any +from django.contrib.auth.mixins import LoginRequiredMixin from django.views.generic.edit import UpdateView from django.contrib.auth.models import User from django.urls import reverse_lazy @@ -6,7 +6,7 @@ from ..models import Curso, Disciplina, Horario -class UserUpdateRequestHandler(UpdateView): +class UserUpdateRequestHandler(LoginRequiredMixin, UpdateView): model = User fields = ['username', 'email'] template_name = 'form.html' @@ -14,13 +14,13 @@ class UserUpdateRequestHandler(UpdateView): def get_success_url(self) -> str: return reverse_lazy('profile') - def get_context_data(self, **kwargs: Any) -> dict[str, Any]: + def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) context['object_type'] = 'user' return context -class CourseUpdateRequestHandler(UpdateView): +class CourseUpdateRequestHandler(LoginRequiredMixin, UpdateView): model = Curso fields = ["nome", "codigo", "disciplinas", "horario"] template_name = "form.html" @@ -34,7 +34,7 @@ def get_context_data(self, **kwargs): return context -class DisciplineUpdateRequestHandler(UpdateView): +class DisciplineUpdateRequestHandler(LoginRequiredMixin, UpdateView): model = Disciplina fields = ["nome", "codigo"] template_name = "form.html" @@ -48,7 +48,7 @@ def get_context_data(self, **kwargs): return context -class ScheduleUpdateRequestHandler(UpdateView): +class ScheduleUpdateRequestHandler(LoginRequiredMixin, UpdateView): model = Horario fields = ["dia", "hora_inicio", "hora_fim"] template_name = "form.html"