Add files via upload#9
Conversation
krashish8
left a comment
krashish8
left a comment
There was a problem hiding this comment.
Great work on the assignment @arul-ashri ! Will update the points later!
| class BookRating(models.Model): | ||
| user=models.ForeignKey(User, related_name='user', null=True, blank=True, on_delete=models.SET_NULL) | ||
| book = models.ForeignKey(Book, on_delete=models.CASCADE) | ||
| ratinguser = models.FloatField(default=0) | ||
| def __str__(self): | ||
| return f'{self.book.title}' |
There was a problem hiding this comment.
The rating shall be given as an integer - please read proper instructions.
The user should not be null here, and a better option would be to use on_delete=models.CASCADE
You could have also used unique_together META option here.
| firstname=request.POST['firstname'] | ||
| lastname=request.POST['lastname'] | ||
| email=request.POST['email'] | ||
| except: |
There was a problem hiding this comment.
As a good coding practice, whenever you use try-except block, capture only the exceptions which you want to catch (IndexError, IntegrityError, etc.)
|
|
||
| def bookDetailView(request, bid): | ||
| template_name = 'store/book_detail.html' | ||
| book1=Book.objects.get(pk=bid) |
There was a problem hiding this comment.
This may fail with invalid book ID given in POST request, and would lead to server error. Expected behavior is to inform user with Not found (404) error.
| book_id = request.POST.get("bid") | ||
| book=BookCopy.objects.get(id=book_id) | ||
| if(book): | ||
| message="success" | ||
| book.status=True | ||
| book.borrower=None | ||
| book.borrow_date=None | ||
| book.save() |
There was a problem hiding this comment.
There must be a validation in the backend when a user is returning the book, to make sure that he has only borrowed the book. Otherwise, a simple POST request will make the BookCopy to be returned, and would set its status as True.
| book_id = request.POST.get("bid") | ||
| rating_value = request.POST.get("rating") | ||
| book1=Book.objects.get(pk=book_id) | ||
| value= BookRating.objects.filter(book__exact=book1,user__exact=request.user) | ||
| if(value.count()>0): | ||
| currentuserRating= BookRating.objects.filter(book__exact=book1,user__exact=request.user).get() | ||
| currentuserRating.ratinguser=rating_value | ||
| currentuserRating.save() |
There was a problem hiding this comment.
You've not put a backend validation on the rating, so the user can easily put invalid values of rating by editing the JS code.
|
Points Updated! 🎉 |
|
About the originality points, your submission resembles a lot with PR #3. |
3 participants
CSoC Task 2 Submission
I have completed the following tasks