I am trying to attach a file to an appointment through the REST API. The example in the documentation is for the Stock Item entity which I can do successfully using POSTMAN. However, following the same process for an appointment is failing with
Operation is not valid due to the current state of the object.
I am using the following URL for the PUT in POSTMAN.
{{baseUrl}}/Appointment/001234-1/files/image.png
I've also tried using the UUID of the appointment in place of the appointment number which gave the same error. This makes me suspect that the URL is incorrect. Here's a snip from Postman
I believe the issue is that Appointments need both identifies(PKs)
Example for invoices you need to use this:
{{BaseUrl}}/entity/Default/18.200.001/Invoice/invoice/INV-067375/files/NewBitmapImage.jpg
Just looking at appointments (DemoData) i am guessing it would be something like this:
{{baseUrl}}/Appointment/MRO/006301-1/files/image.png
Related
I've inherited a Django project that used v0.12.1 of django-tastypie to create an API, I have updated it to use v0.14.4, and am trying to get the new site to work the same as the previous.
The API Resources use DjangoAuthorization and while I can mostly* read list and details of them OK, if I try to read an api/<model>/schema/ URL I get a "401 Unauthorized" error. I should be able to view the schema whether I'm logged in or not, which was the case on the previous site.
I've noticed that the DjangoAuthorization.read_detail() view is called when I try to view a schema, and that the object_list property of the passed-in bundle is None. I'm not sure if this is the cause or, if so, how to get around it.
How can I continue to use DjangoAuthorization, allow anyone to view an endpoint's schema, and not change any other permissions?
* There seem to be several other issues/differences with just viewing objects' data through the API, but those are probably questions for another time.
Hello Django REST API Experts,
We are building University Course portals where app offers various user types like Professor, Students and Admins using DJANGO/REACT. We are using REST API to connect between backend and frontend.
So, far we are able to perform some basic operation and it really works great. However now I need help from this group to do following:
When students enrolled in course it generates an acknowledge document stating course description, and its prerequisite which needs to get signed by students to ensure student acknowledge they fulfill these requirements.
In order to do this we have following:
Model for each course which contains the Content, Description and Prerequisite for each course.
StudentCourseAck Model which has FK to Course, Signed Boolean field, Binary field to store signed doc.
User flow:
Student logins to portal,
Select the Course, which generate StudentCourseAck entry.
Let Student review document and signed the document (on client side using sign pad).
The Signature gets stored in PDF (as binary field).
So far so good…
Now we want to enhance the featureset which allows admin to email student the link of studentcouseack document incase its not signed before course start. Also this link should only be valid for 48 hours or else it will expire.
So we need some help to enhance these featuresets as follow:
Current the API is exposed to frontend like: mysite.com/courseack/studentid/documentid
However we want to encrypt this so the link look like this: mysite.com/uniqueid
Where uniquid is mapped to /studentid/documented
So I have following design question:
Question 1: Should we enhance StudentCourseAck which store the UUID for each document?
Question 2: If I store UUID for each document, how do I make it expire once its generated?
Question 3: When Student is finished signing, I need to update the document into database to ensure that right document is saved to right student profile, so how can I ensure this security requirement.
I would really appreciate some expert opinion or some guidance so we can proceed this feature implementation. Any other alternative which is simpler and easier to maintain.
Once again thank you for your time and consideration.
Thank You.
Any other alternative which is simpler and easier to maintain.
Keeping the above phrase in mind I propose this solution.
Firstly I will not consider this as a DRF problem but as a general problem and proceed to answer your Questions.
The simple solution lies in 4 steps
Create a UUID field inside StudentCourseACK so that you can map this uuid with your url mysite.com/uniqueid, catch the document id inside the StudentCourseACK record as a foreign key and also create a created_at inside the model (this will be required for expiry timer)
Make a view inside your views.py that takes this StudentCourseACK UUID as a url parameter where you will have to fetch courseack, studentid and documentid from this StudentCourseACK mapping table and redirects it to mysite.com/courseack/studentid/documentid. When you link this view with your url pattern make sure the listing is at the very bottom.
To make an expiry timer you can check the created_at date in your StudentCourseAck record for 48hours limit before redirecting inside Step 2
Finally when the student is redirected to the mysite.com/courseack/studentid/documentid endpoint you will have to follow a simple process of getting the StudentCourseAck data via .filter(studentid="some value", documentid="somevalue") and make changes to this data accordingly.
Another thing that I realise is that you can completely ditch the long mysite.com/courseack/studentid/documentid url and correspond it's logic inside the new view, but I assume that you want to keep it that way.
I'm creating an API in Django Rest Framework and i'm thinking about best approach to provide actions like adding a post to user reading list. Firstly i've done it by GET request, because it was looking most natural and url for example looks like /api/posts/{id}/add_to_reading_list/. Now i recognized that GET should be used only to retrieve data so i've changed it to POST method and now url is looking like /api/posts/add_to_reading_list/. The first thing is that i needed to create new serializer specially to handle this action which accepts only id field, because this endpoint should accept only already created posts. Is it how it should be done? I was thinking about sending whole post object in POST method, but doesn't it a waste of bandwidth when i need only id? It will prevent me of creating a new serializer for this specific case, but i don't think that it is a correct approach.
I'm trying to get only users list based on a query.
According to the Google API client documentation for python, it will look something like this:
https://google-api-client-libraries.appspot.com/documentation/admin/directory_v1/python/latest/admin_directory_v1.users.html#list
where query=some_string
I've tried getting users based on specific fields for example givenName
In that case, it would be query=givenName:some_name. This works!
However I would like to get a list of users based on the custom user attribute. According to the documentation, that would mean the field would be schemaName.fieldName
https://developers.google.com/admin-sdk/directory/v1/guides/search-users
However I've tried query=schemaName.fieldName?SSO.role but to no avail and I can't find specific examples for this field online.
How would the query look for this? My schemaName=SSO and fieldName=role
Thanks!
Answered by Morfinismo as a comment.
related to Open Graph api for feed returning inconsistent results
When I publish a post on a page's feed using my App, facebook returns some id in the form of <page_id>_<post_id>, but when the same App receives a Real time Update from the same page—say a like or a comment—the parent_id field of the like or comment contains only the <post_id> part!
Is this a bug or what?
Here is the response from facebook engineers -
This is by design. For a realtime update generated by a comment, the parent_id will just show and not include the page_id.
For specific examples, please refer to our documentation (https://developers.facebook.com/docs/reference/api/page/#realtime) and look under the sub-sections "Feed Example."