Add some code to GET all objects as admin

webapp/tests/test_signup.py

@@ -66,15 +66,17 @@ class SignupTestCase(APITestCase):
         new = createSignupJSON(3001, ALL_QUESTION_TYPES_ANSWER)
         response = self.client.post(URL, new, format="json")
         self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
-        self.assertEqual(response.data["signupForm_id"][0].code, "does_not_exist")
         self.assertEqual(Signup.objects.count(), 2)
 
         new = createSignupJSON(self.hiddenForm.id, ALL_QUESTION_TYPES_ANSWER)
         response = self.client.post(URL, new, format="json")
-        print(response.data)
-        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
         self.assertEqual(Signup.objects.count(), 2)
 
+    @skip("NotImplemented")
+    def test_get_hidden_forms_admin(self):
+        pass
+
     @skip("NotImplemented")
     def test_create_malformed_answer(self):
         response = self.client.post(URL, createSignupJSON(self.signupForm.id, []), format="json")

webapp/views.py

@@ -5,7 +5,7 @@ from django.utils import timezone
 from dealer.git import git
 from django.conf import settings
 from django.contrib.auth import authenticate
-from django.http import HttpResponse
+from django.http import HttpResponseBadRequest
 from django.shortcuts import redirect, render
 from django.views.decorators.http import require_http_methods
 from django_filters import rest_framework as filters
@@ -45,9 +45,10 @@ class EventViewSet(viewsets.ModelViewSet):
 
     def get_queryset(self):
         since = self.request.query_params.get('since', None)
+        if self.request.user.is_authenticated:
+            return Event.objects.all()
         if since:
             return Event.objects.filter(visible=True, end_time__gt=since).order_by('start_time')
-
         return Event.objects.filter(visible=True, end_time__gt=timezone.now()).order_by('start_time')
 
 
@@ -61,6 +62,8 @@ class SignupFormViewSet(viewsets.ModelViewSet):
     # search_fields = '__all__'
 
     def get_queryset(self):
+        if self.request.user.is_authenticated:
+            return SignupForm.objects.all().order_by('start_time')
         return SignupForm.objects.filter(visible=True, end_time__gt=timezone.now()).order_by('start_time')
 
 
@@ -72,8 +75,18 @@ class SignupViewSet(viewsets.ModelViewSet):
     # filter_fields = '__all__'
     # search_fields = '__all__'
 
-    # def get_queryset(self):
-    #     return Signup.objects.filter(visible=True, end_time__gt=timezone.now()).order_by('start_time')
+    def create(self, request, *args, **kwargs):
+        try:
+            form = SignupForm.objects.get(id=request.data["signupForm_id"])
+            if (form.visible):
+                return super().create(request, *args, **kwargs)
+        except:
+            return HttpResponseBadRequest()
+        else:
+            return HttpResponseBadRequest()
+
+    def update(self, request, *args, **kwargs):
+        return super().update(request, *args, **kwargs)
 
 
 class SavedQuestionsViewSet(viewsets.ModelViewSet):
@@ -91,7 +104,10 @@ class FeedViewSet(viewsets.ModelViewSet):
     search_fields = '__all__'
 
     def get_queryset(self):
-        objs = Feed.objects.filter(visible=True).order_by('publish_time')
+        if self.request.user.is_authenticated:
+            objs = Feed.objects.all().order_by('publish_time')
+        else:
+            objs = Feed.objects.filter(visible=True).order_by('publish_time')
 
         result_ids = []
         for obj in objs: