django2/pyapp/pyapp_api/views.py

from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework import status, permissions, viewsets
from rest_framework import permissions
from pyapp.models import ShoppingItem, Product
from .serializers import ShoppingItemSerializer, ProductSerializer

class ShoppingItemList(viewsets.ModelViewSet):
    """
    API endpoint that allows users to be viewed or edited.
    """
    queryset = ShoppingItem.objects.all().order_by('name')
    serializer_class = ShoppingItemSerializer
    permission_classes = [permissions.AllowAny]


class ProductList(viewsets.ModelViewSet):
    """
    API endpoint that allows groups to be viewed or edited.
    """
    queryset = Product.objects.all().order_by('title')
    serializer_class = ProductSerializer
    permission_classes = [permissions.IsAuthenticated]

class ShoppingListApi(APIView):
    # add permission to check if user is authenticated
    permission_classes = [permissions.IsAuthenticated]

    # 1. List all
    def get(self, request, *args, **kwargs):
        '''
        List all the todo items for given requested user
        '''
        ShoppingItemList = ShoppingItem.objects.filter(user = request.user.id)
        serializer = ShoppingItemSerializer(ShoppingItemList, many=True)
        return Response(serializer.data, status=status.HTTP_200_OK)

    # 2. Create
    def post(self, request, *args, **kwargs):
        '''
        Create the ShoppingItem with given todo data
        '''
        data = {
            'name': request.data.get('name'), 
            'price': request.data.get('price'), 
            'quantity': request.data.get('quantity'), 
            'done': False
        }
        serializer = ShoppingItemSerializer(data=data)
        if serializer.is_valid():
            serializer.save()
            return Response(serializer.data, status=status.HTTP_201_CREATED)

        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)