Fix view_flight api requests

Django_Frontend/monprojet/monapp/views.py

@@ -112,35 +112,46 @@ def logout(request):
 
 def view_flights(request):
     api_url = get_api_url()
+
+    token = request.session.get('auth_token')
+
+    headers = {
+            'Authorization': f'Token {token}',
+        }
+
+
     flights_url = f'{api_url}flights/'
     airports_url = f'{api_url}airports/'
     planes_url = f'{api_url}planes/'
     tracks_url = f'{api_url}tracks/'
 
+
+
+
     try:
         # Make API calls
-        flights_response = requests.get(flights_url).json()
+        flights_response = requests.get(flights_url, headers=headers).json()
         flight_details = []
 
         for flight in flights_response:
             plane = flight['plane']
-            plane_response = requests.get(f"{planes_url}{plane}").json()
+            plane_response = requests.get(f"{planes_url}{plane}", headers=headers).json()
 
             first_class_capacity = plane_response['first_class_capacity']
             second_class_capacity = plane_response['second_class_capacity']
 
             # Get track origin details
             track_origin = flight['track_origin']
-            track_origin_response = requests.get(f"{tracks_url}{track_origin}").json()
+            track_origin_response = requests.get(f"{tracks_url}{track_origin}", headers=headers).json()
             airport_origin_id = track_origin_response['airport']
-            airport_origin_response = requests.get(f"{airports_url}{airport_origin_id}").json()
+            airport_origin_response = requests.get(f"{airports_url}{airport_origin_id}", headers=headers).json()
             origin = airport_origin_response['location']
 
             # Get track destination details
             track_destination = flight['track_destination']
-            track_destination_response = requests.get(f"{tracks_url}{track_destination}").json()
+            track_destination_response = requests.get(f"{tracks_url}{track_destination}", headers=headers).json()
             airport_destination_id = track_destination_response['airport']
-            airport_destination_response = requests.get(f"{airports_url}{airport_destination_id}").json()
+            airport_destination_response = requests.get(f"{airports_url}{airport_destination_id}", headers=headers).json()
             destination = airport_destination_response['location']
 
             # Format departure and arrival times
@@ -164,8 +175,10 @@ def view_flights(request):
 
     except requests.exceptions.RequestException as e:
         logging.error(f"Request error: {e}")
+        return HttpResponse("An error occurred while fetching flight data.", status=500)
     except ValueError as e:
         logging.error(f"Value error: {e}")
+        return HttpResponse("An error occurred while processing flight data.", status=500)
 
 def book_flight(request, flight_id):
     if not request.user.is_authenticated:

Django_api/airline/api_common/views.py

@@ -12,7 +12,7 @@
 from .serializers import *
 
 class ObtainAuthToken(APIView):
-    permission_classes = [AllowAny]
+    permission_classes = (AllowAny,)
 
     def post(self, request, *args, **kwargs):
         username = request.data.get('username')
@@ -51,7 +51,7 @@ class BookingListView(generics.ListCreateAPIView):
 
     def get_queryset(self):
         user = self.request.user
-        return Booking.objects.filter(client=self.request.user)
+        return Booking.objects.filter(client=user)
 
     def create(self, request):
         data = request.data
@@ -63,6 +63,7 @@ def create(self, request):
             client=request.user,
             booking_type=booking_type,
             flight=flight,
+            # Add other necessary fields from 'data' as needed
         )
         booking.save()
         return Response(BookingSerializer(booking).data, status=status.HTTP_201_CREATED)
@@ -73,52 +74,103 @@ class BookingDetailView(generics.RetrieveUpdateDestroyAPIView):
     permission_classes = [IsAuthenticated]
 
     def get_queryset(self):
+        if getattr(self, 'swagger_fake_view', False):
+            return Booking.objects.none()
         user = self.request.user
-        if not user.is_authenticated:
-            raise NotAuthenticated("You must be logged in to view this page.")
         return Booking.objects.filter(client=user, pk=self.kwargs.get('pk'))
 
+    #new-2
+    def destroy(self, request, *args, **kwargs):
+        instance = self.get_object()
+        if instance.status == 'confirmed':
+            instance.status = 'canceled'
+            instance.save()
+            flight = instance.flight
+            if instance.booking_type.type == 'second':
+                flight.available_second_class_seats += 1
+            elif instance.booking_type.type == 'first':
+                flight.available_first_class_seats += 1
+            flight.save()
+            return Response(status=status.HTTP_204_NO_CONTENT)
+        else:
+            raise ValidationError("Only confirmed bookings can be canceled.")
+
 class AirportListView(generics.ListCreateAPIView):
     queryset = Airport.objects.all()
     serializer_class = AirportSerializer
-    permission_classes = [IsAdminUser]
+    permission_classes = [IsAuthenticated]
 
 class AirportDetailView(generics.RetrieveUpdateDestroyAPIView):
     queryset = Airport.objects.all()
     serializer_class = AirportSerializer
-    permission_classes = [IsAdminUser]
+    permission_classes = [IsAuthenticated]
 
 class PlaneListView(generics.ListCreateAPIView):
     queryset = Plane.objects.all()
     serializer_class = PlaneSerializer
-    permission_classes = [IsAdminUser]
+    permission_classes = [IsAuthenticated]
 
 class PlaneDetailView(generics.RetrieveUpdateDestroyAPIView):
     queryset = Plane.objects.all()
     serializer_class = PlaneSerializer
-    permission_classes = [IsAdminUser]
+    permission_classes = [IsAuthenticated]
 
 class AllBookingsListView(generics.ListAPIView):
     queryset = Booking.objects.all()
     serializer_class = BookingSerializer
-    permission_classes = [IsAdminUser]
+    permission_classes = [IsAuthenticated]
 
-# 以下是新增视图的权限更新
+#new-2
 class AddFlightView(generics.CreateAPIView):
     queryset = Flight.objects.all()
     serializer_class = FlightSerializer
     permission_classes = [IsAdminUser]
 
+    def create(self, request, *args, **kwargs):
+        data = request.data
+        plane = Plane.objects.get(id=data['plane'])
+        track_origin = Track.objects.get(id=data['track_origin'])
+        track_destination = Track.objects.get(id=data['track_destination'])
+
+        flight = Flight.objects.create(
+            flight_number=data['flight_number'],
+            departure=data['departure'],
+            arrival=data['arrival'],
+            plane=plane,
+            track_origin=track_origin,
+            track_destination=track_destination,
+            available_second_class_seats=plane.second_class_capacity,
+            available_first_class_seats=plane.first_class_capacity
+        )
+        flight.save()
+        return Response(FlightSerializer(flight).data, status=status.HTTP_201_CREATED)
+
+#new-2
 class UpdateFlightView(generics.UpdateAPIView):
     queryset = Flight.objects.all()
     serializer_class = FlightSerializer
     permission_classes = [IsAdminUser]
 
+    def update(self, request, *args, **kwargs):
+        partial = kwargs.pop('partial', False)
+        instance = self.get_object()
+        serializer = self.get_serializer(instance, data=request.data, partial=partial)
+        serializer.is_valid(raise_exception=True)
+        self.perform_update(serializer)
+        return Response(serializer.data)
+
+#new-2
 class DeleteFlightView(generics.DestroyAPIView):
     queryset = Flight.objects.all()
     serializer_class = FlightSerializer
     permission_classes = [IsAdminUser]
 
+    def destroy(self, request, *args, **kwargs):
+        instance = self.get_object()
+        self.perform_destroy(instance)
+        return Response(status=status.HTTP_204_NO_CONTENT)
+
+# new-2
 class ConfirmBookingView(APIView):
     permission_classes = [IsAdminUser]
 
@@ -165,13 +217,11 @@ class DeletePlaneView(generics.DestroyAPIView):
     serializer_class = PlaneSerializer
     permission_classes = [IsAdminUser]
 
-# 根据需要继续添加或更新其他视图的权限设置
-
 # new-2
 class TransactionListView(generics.ListCreateAPIView):
     queryset = Transaction.objects.all()
     serializer_class = TransactionSerializer
-    #permission_classes = [IsAuthenticated]
+    permission_classes = [IsAuthenticated]
 
     def get_queryset(self):
         user = self.request.user
@@ -181,7 +231,7 @@ def get_queryset(self):
 class TransactionDetailView(generics.RetrieveUpdateDestroyAPIView):
     queryset = Transaction.objects.all()
     serializer_class = TransactionSerializer
-    #permission_classes = [IsAuthenticated]
+    permission_classes = [IsAuthenticated]
 
     def get_queryset(self):
         if getattr(self, 'swagger_fake_view', False):
@@ -193,7 +243,7 @@ def get_queryset(self):
 class CancellationRequestListView(generics.ListCreateAPIView):
     queryset = CancellationRequest.objects.all()
     serializer_class = CancellationRequestSerializer
-    #permission_classes = [IsAuthenticated]
+    permission_classes = [IsAuthenticated]
 
     def get_queryset(self):
         user = self.request.user
@@ -203,7 +253,7 @@ def get_queryset(self):
 class CancellationRequestDetailView(generics.RetrieveUpdateDestroyAPIView):
     queryset = CancellationRequest.objects.all()
     serializer_class = CancellationRequestSerializer
-    #permission_classes = [IsAuthenticated]
+    permission_classes = [IsAuthenticated]
 
     def get_queryset(self):
         if getattr(self, 'swagger_fake_view', False):
@@ -215,7 +265,7 @@ def get_queryset(self):
 class PaymentGatewayListView(generics.ListCreateAPIView):
     queryset = PaymentGateway.objects.all()
     serializer_class = PaymentGatewaySerializer
-    #permission_classes = [IsAuthenticated]
+    permission_classes = [IsAuthenticated]
 
     def get_queryset(self):
         user = self.request.user
@@ -225,7 +275,7 @@ def get_queryset(self):
 class PaymentGatewayDetailView(generics.RetrieveUpdateDestroyAPIView):
     queryset = PaymentGateway.objects.all()
     serializer_class = PaymentGatewaySerializer
-    #permission_classes = [IsAuthenticated]
+    permission_classes = [IsAuthenticated]
 
     def get_queryset(self):
         if getattr(self, 'swagger_fake_view', False):
@@ -236,19 +286,24 @@ def get_queryset(self):
 class TrackCreateView(generics.CreateAPIView):
     queryset = Track.objects.all()
     serializer_class = TrackSerializer
+    permission_classes = [IsAdminUser]
 
 class TrackListView(generics.ListAPIView):
     queryset = Track.objects.all()
     serializer_class = TrackSerializer
+    permission_classes = [IsAuthenticated]
 
 class TrackDetailView(generics.RetrieveUpdateDestroyAPIView):
     queryset = Track.objects.all()
     serializer_class = TrackSerializer
+    permission_classes = [IsAuthenticated]
 
 class TrackUpdateView(generics.UpdateAPIView):
     queryset = Track.objects.all()
     serializer_class = TrackSerializer
+    permission_classes = [IsAdminUser]
 
 class TrackDeleteView(generics.DestroyAPIView):
     queryset = Track.objects.all()
     serializer_class = TrackSerializer
+    permission_classes = [IsAdminUser]