CSOC TASK 2#3
Conversation
| @admin.register(Book) | ||
| class BookAdmin(admin.ModelAdmin): | ||
| list_display = ('title', 'author', 'genre') | ||
|
|
||
| # Register the Admin classes for BookInstance using the decorator | ||
| @admin.register(BookCopy) | ||
| class BookInstanceAdmin(admin.ModelAdmin): | ||
| list_filter = ('status', 'borrow_date') | ||
| list_display = ('book','status', 'borrow_date') | ||
|
|
||
| admin.site.register(BookRating) |
| class BookRating(models.Model): | ||
| user=models.ForeignKey(User, related_name='user', null=True, blank=True, on_delete=models.SET_NULL) | ||
| book = models.ForeignKey(Book, on_delete=models.CASCADE) | ||
| ratinguser = models.FloatField(default=0) |
There was a problem hiding this comment.
The rating shall be given as an integer - please read proper instructions.
The user should not be null here, and a better option would be to use on_delete=models.CASCADE
You could have also used unique_together META option here.
|
|
||
| def bookDetailView(request, bid): | ||
| template_name = 'store/book_detail.html' | ||
| book1=Book.objects.get(pk=bid) |
There was a problem hiding this comment.
This may fail with invalid book ID given in POST request, and would lead to server error. Expected behavior is to inform user with Not found (404) error.
| def bookRatingView(request): | ||
| template_name= template_name = 'store/book_detail.html' | ||
| book_id = request.POST.get("bid") | ||
| rating_value = request.POST.get("rating") |
There was a problem hiding this comment.
You've not put a backend validation on the rating, so the user can simply edit the JS code you've written in the template and easily put invalid values of rating.
| def returnBookView(request): | ||
| pass | ||
| book_id = request.POST.get("bid") | ||
| book=BookCopy.objects.get(id=book_id) | ||
| if(book): | ||
| message="success" | ||
| book.status=True | ||
| book.borrower=None | ||
| book.borrow_date=None | ||
| book.save() | ||
| else: | ||
| message="failure" | ||
| response_data = { | ||
| 'message': message, | ||
| } |
There was a problem hiding this comment.
There must be a validation in the backend when a user is returning the book, to make sure that he has only borrowed the book. Otherwise, a simple POST request will make the BookCopy to be returned, and would set its status as True.
|
Also, make sure not to commit the virtual environment created by you to git. |
|
Points updated! 🎉 |
2 participants
CSoC Task 2 Submission
I have completed the following tasks