-
Notifications
You must be signed in to change notification settings - Fork 32
Add files via upload #9
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work on the assignment @arul-ashri ! Will update the points later!
class BookRating(models.Model): | ||
user=models.ForeignKey(User, related_name='user', null=True, blank=True, on_delete=models.SET_NULL) | ||
book = models.ForeignKey(Book, on_delete=models.CASCADE) | ||
ratinguser = models.FloatField(default=0) | ||
def __str__(self): | ||
return f'{self.book.title}' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The rating shall be given as an integer - please read proper instructions.
The user should not be null here, and a better option would be to use on_delete=models.CASCADE
You could have also used unique_together
META option here.
lastname=request.POST['lastname'] | ||
email=request.POST['email'] | ||
except: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As a good coding practice, whenever you use try-except block, capture only the exceptions which you want to catch (IndexError, IntegrityError, etc.)
@@ -12,11 +14,16 @@ def index(request): | |||
|
|||
def bookDetailView(request, bid): | |||
template_name = 'store/book_detail.html' | |||
book1=Book.objects.get(pk=bid) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This may fail with invalid book ID given in POST request, and would lead to server error. Expected behavior is to inform user with Not found (404) error.
book_id = request.POST.get("bid") | ||
book=BookCopy.objects.get(id=book_id) | ||
if(book): | ||
message="success" | ||
book.status=True | ||
book.borrower=None | ||
book.borrow_date=None | ||
book.save() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There must be a validation in the backend when a user is returning the book, to make sure that he has only borrowed the book. Otherwise, a simple POST request will make the BookCopy to be returned, and would set its status as True.
book_id = request.POST.get("bid") | ||
rating_value = request.POST.get("rating") | ||
book1=Book.objects.get(pk=book_id) | ||
value= BookRating.objects.filter(book__exact=book1,user__exact=request.user) | ||
if(value.count()>0): | ||
currentuserRating= BookRating.objects.filter(book__exact=book1,user__exact=request.user).get() | ||
currentuserRating.ratinguser=rating_value | ||
currentuserRating.save() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've not put a backend validation on the rating, so the user can easily put invalid values of rating by editing the JS code.
Points Updated! 🎉 |
About the originality points, your submission resembles a lot with PR #3. |
CSoC Task 2 Submission
I have completed the following tasks