pacnpal/thrillwiki_django_no_react
1
1
Fork 0
mirror of https://github.com/pacnpal/thrillwiki_django_no_react.git synced 2025-12-20 12:11:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: Implement avatar upload system with Cloudflare integration

Browse Source 
- Added migration to transition avatar data from CloudflareImageField to ForeignKey structure in UserProfile.
- Fixed UserProfileEvent avatar field to align with new avatar structure.
- Created serializers for social authentication, including connected and available providers.
- Developed request logging middleware for comprehensive request/response logging.
- Updated moderation and parks migrations to remove outdated triggers and adjust foreign key relationships.
- Enhanced rides migrations to ensure proper handling of image uploads and triggers.
- Introduced a test script for the 3-step avatar upload process, ensuring functionality with Cloudflare.
- Documented the fix for avatar upload issues, detailing root cause, implementation, and verification steps.
- Implemented automatic deletion of Cloudflare images upon avatar, park, and ride photo changes or removals.
This commit is contained in:
pacnpal
2025-08-30 21:20:25 -04:00
parent fb6726f89a
commit 9bed782784
75 changed files with 4571 additions and 1962 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
backend/apps/api/v1/accounts/urls.py
View File

@@ -104,5 +104,6 @@ urlpatterns = [
),
# Avatar endpoints
path("profile/avatar/upload/", views.upload_avatar, name="upload_avatar"),
path("profile/avatar/save/", views.save_avatar_image, name="save_avatar_image"),
path("profile/avatar/delete/", views.delete_avatar, name="delete_avatar"),
]

953
backend/apps/api/v1/accounts/views.py
View File

File diff suppressed because it is too large Load Diff

83
backend/apps/api/v1/auth/serializers.py
View File

@@ -96,8 +96,8 @@ class UserOutputSerializer(serializers.ModelSerializer):
@extend_schema_field(serializers.URLField(allow_null=True))
def get_avatar_url(self, obj) -> str | None:
"""Get user avatar URL."""
if hasattr(obj, "profile") and obj.profile.avatar:
return obj.profile.avatar.url
if hasattr(obj, "profile") and obj.profile:
return obj.profile.get_avatar_url()
return None
@@ -185,25 +185,92 @@ class SignupInputSerializer(serializers.ModelSerializer):
return attrs
def create(self, validated_data):
"""Create user with validated data."""
"""Create user with validated data and send verification email."""
validated_data.pop("password_confirm", None)
password = validated_data.pop("password")
# Use type: ignore for Django's create_user method which isn't properly typed
# Create inactive user - they need to verify email first
user = UserModel.objects.create_user( # type: ignore[attr-defined]
password=password, **validated_data
password=password, is_active=False, **validated_data
)
# Create email verification record and send email
self._send_verification_email(user)
return user
def _send_verification_email(self, user):
"""Send email verification to the user."""
from apps.accounts.models import EmailVerification
from django.utils.crypto import get_random_string
from django_forwardemail.services import EmailService
from django.contrib.sites.shortcuts import get_current_site
import logging
logger = logging.getLogger(__name__)
# Create or update email verification record
verification, created = EmailVerification.objects.get_or_create(
user=user,
defaults={'token': get_random_string(64)}
)
if not created:
# Update existing token and timestamp
verification.token = get_random_string(64)
verification.save()
# Get current site from request context
request = self.context.get('request')
if request:
site = get_current_site(request._request)
# Build verification URL
verification_url = request.build_absolute_uri(
f"/api/v1/auth/verify-email/{verification.token}/"
)
# Send verification email
try:
response = EmailService.send_email(
to=user.email,
subject="Verify your ThrillWiki account",
text=f"""
Welcome to ThrillWiki!
Please verify your email address by clicking the link below:
{verification_url}
If you didn't create an account, you can safely ignore this email.
Thanks,
The ThrillWiki Team
""".strip(),
site=site,
)
# Log the ForwardEmail email ID from the response
email_id = response.get('id') if response else None
if email_id:
logger.info(
f"Verification email sent successfully to {user.email}. ForwardEmail ID: {email_id}")
else:
logger.info(
f"Verification email sent successfully to {user.email}. No email ID in response.")
except Exception as e:
# Log the error but don't fail registration
logger.error(f"Failed to send verification email to {user.email}: {e}")
class SignupOutputSerializer(serializers.Serializer):
"""Output serializer for successful signup."""
access = serializers.CharField()
refresh = serializers.CharField()
access = serializers.CharField(allow_null=True)
refresh = serializers.CharField(allow_null=True)
user = UserOutputSerializer()
message = serializers.CharField()
email_verification_required = serializers.BooleanField(default=False)
class PasswordResetInputSerializer(serializers.Serializer):
@@ -375,7 +442,7 @@ class UserProfileOutputSerializer(serializers.Serializer):
@extend_schema_field(serializers.URLField(allow_null=True))
def get_avatar_url(self, obj) -> str | None:
return obj.get_avatar()
return obj.get_avatar_url()
@extend_schema_field(serializers.DictField())
def get_user(self, obj) -> Dict[str, Any]:

5
backend/apps/api/v1/auth/serializers/__init__.py → backend/apps/api/v1/auth/serializers_package/__init__.py
View File

@@ -1,8 +1,8 @@
"""
Auth Serializers Package
This package contains all authentication-related serializers including
login, signup, logout, password management, and social authentication.
This package contains social authentication-related serializers.
Main authentication serializers are imported directly from the parent serializers.py file.
"""
from .social import (
@@ -18,6 +18,7 @@ from .social import (
)
__all__ = [
# Social authentication serializers
'ConnectedProviderSerializer',
'AvailableProviderSerializer',
'SocialAuthStatusSerializer',

1
backend/apps/api/v1/auth/serializers/social.py → backend/apps/api/v1/auth/serializers_package/social.py
View File

@@ -7,7 +7,6 @@ and responses in the ThrillWiki API.
from rest_framework import serializers
from django.contrib.auth import get_user_model
from typing import Dict, List
User = get_user_model()

15
backend/apps/api/v1/auth/urls.py
View File

@@ -16,6 +16,9 @@ from .views import (
PasswordChangeAPIView,
SocialProvidersAPIView,
AuthStatusAPIView,
# Email verification views
EmailVerificationAPIView,
ResendVerificationAPIView,
# Social provider management views
AvailableProvidersAPIView,
ConnectedProvidersAPIView,
@@ -83,6 +86,18 @@ urlpatterns = [
),
path("status/", AuthStatusAPIView.as_view(), name="auth-status"),
# Email verification endpoints
path(
"verify-email/<str:token>/",
EmailVerificationAPIView.as_view(),
name="auth-verify-email",
),
path(
"resend-verification/",
ResendVerificationAPIView.as_view(),
name="auth-resend-verification",
),
]
# Note: User profiles and top lists functionality is now handled by the accounts app

186
backend/apps/api/v1/auth/views.py
View File

@@ -6,7 +6,7 @@ login, signup, logout, password management, social authentication,
user profiles, and top lists.
"""
from .serializers.social import (
from .serializers_package.social import (
ConnectedProviderSerializer,
AvailableProviderSerializer,
SocialAuthStatusSerializer,
@@ -29,8 +29,8 @@ from rest_framework.response import Response
from rest_framework.permissions import AllowAny, IsAuthenticated
from drf_spectacular.utils import extend_schema, extend_schema_view
# Import from the main serializers.py file (not the serializers package)
from ..serializers import (
# Import directly from the auth serializers.py file (not the serializers package)
from .serializers import (
# Authentication serializers
LoginInputSerializer,
LoginOutputSerializer,
@@ -177,8 +177,9 @@ class LoginAPIView(APIView):
if user:
if getattr(user, "is_active", False):
# pass a real HttpRequest to Django login
login(_get_underlying_request(request), user)
# pass a real HttpRequest to Django login with backend specified
login(_get_underlying_request(request), user,
backend='django.contrib.auth.backends.ModelBackend')
# Generate JWT tokens
from rest_framework_simplejwt.tokens import RefreshToken
@@ -197,7 +198,11 @@ class LoginAPIView(APIView):
return Response(response_serializer.data)
else:
return Response(
{"error": "Account is disabled"},
{
"error": "Email verification required",
"message": "Please verify your email address before logging in. Check your email for a verification link.",
"email_verification_required": True
},
status=status.HTTP_400_BAD_REQUEST,
)
else:
@@ -212,7 +217,7 @@ class LoginAPIView(APIView):
@extend_schema_view(
post=extend_schema(
summary="User registration",
description="Register a new user account.",
description="Register a new user account. Email verification required.",
request=SignupInputSerializer,
responses={
201: SignupOutputSerializer,
@@ -238,24 +243,18 @@ class SignupAPIView(APIView):
# If mixin doesn't do anything, continue
pass
serializer = SignupInputSerializer(data=request.data)
serializer = SignupInputSerializer(data=request.data, context={"request": request})
if serializer.is_valid():
user = serializer.save()
# pass a real HttpRequest to Django login
login(_get_underlying_request(request), user) # type: ignore[arg-type]
# Generate JWT tokens
from rest_framework_simplejwt.tokens import RefreshToken
refresh = RefreshToken.for_user(user)
access_token = refresh.access_token
# Don't log in the user immediately - they need to verify their email first
response_serializer = SignupOutputSerializer(
{
"access": str(access_token),
"refresh": str(refresh),
"access": None,
"refresh": None,
"user": user,
"message": "Registration successful",
"message": "Registration successful. Please check your email to verify your account.",
"email_verification_required": True,
}
)
return Response(response_serializer.data, status=status.HTTP_201_CREATED)
@@ -732,6 +731,153 @@ class SocialAuthStatusAPIView(APIView):
return Response(serializer.data)
# === EMAIL VERIFICATION API VIEWS ===
@extend_schema_view(
get=extend_schema(
summary="Verify email address",
description="Verify user's email address using verification token.",
responses={
200: {"type": "object", "properties": {"message": {"type": "string"}}},
400: "Bad Request",
404: "Token not found",
},
tags=["Authentication"],
),
)
class EmailVerificationAPIView(APIView):
"""API endpoint for email verification."""
permission_classes = [AllowAny]
authentication_classes = []
def get(self, request: Request, token: str) -> Response:
from apps.accounts.models import EmailVerification
try:
verification = EmailVerification.objects.select_related('user').get(token=token)
user = verification.user
# Activate the user
user.is_active = True
user.save()
# Delete the verification record
verification.delete()
return Response({
"message": "Email verified successfully. You can now log in.",
"success": True
})
except EmailVerification.DoesNotExist:
return Response(
{"error": "Invalid or expired verification token"},
status=status.HTTP_404_NOT_FOUND
)
@extend_schema_view(
post=extend_schema(
summary="Resend verification email",
description="Resend email verification to user's email address.",
request={"type": "object", "properties": {"email": {"type": "string", "format": "email"}}},
responses={
200: {"type": "object", "properties": {"message": {"type": "string"}}},
400: "Bad Request",
404: "User not found",
},
tags=["Authentication"],
),
)
class ResendVerificationAPIView(APIView):
"""API endpoint to resend email verification."""
permission_classes = [AllowAny]
authentication_classes = []
def post(self, request: Request) -> Response:
from apps.accounts.models import EmailVerification
from django.utils.crypto import get_random_string
from django_forwardemail.services import EmailService
from django.contrib.sites.shortcuts import get_current_site
email = request.data.get('email')
if not email:
return Response(
{"error": "Email address is required"},
status=status.HTTP_400_BAD_REQUEST
)
try:
user = UserModel.objects.get(email__iexact=email.strip().lower())
# Don't resend if user is already active
if user.is_active:
return Response(
{"error": "Email is already verified"},
status=status.HTTP_400_BAD_REQUEST
)
# Create or update verification record
verification, created = EmailVerification.objects.get_or_create(
user=user,
defaults={'token': get_random_string(64)}
)
if not created:
# Update existing token and timestamp
verification.token = get_random_string(64)
verification.save()
# Send verification email
site = get_current_site(_get_underlying_request(request))
verification_url = request.build_absolute_uri(
f"/api/v1/auth/verify-email/{verification.token}/"
)
try:
EmailService.send_email(
to=user.email,
subject="Verify your ThrillWiki account",
text=f"""
Welcome to ThrillWiki!
Please verify your email address by clicking the link below:
{verification_url}
If you didn't create an account, you can safely ignore this email.
Thanks,
The ThrillWiki Team
""".strip(),
site=site,
)
return Response({
"message": "Verification email sent successfully",
"success": True
})
except Exception as e:
import logging
logger = logging.getLogger(__name__)
logger.error(f"Failed to send verification email to {user.email}: {e}")
return Response(
{"error": "Failed to send verification email"},
status=status.HTTP_500_INTERNAL_SERVER_ERROR
)
except UserModel.DoesNotExist:
# Don't reveal whether email exists
return Response({
"message": "If the email exists, a verification email has been sent",
"success": True
})
# Note: User Profile, Top List, and Top List Item ViewSets are now handled
# by the dedicated accounts app at backend/apps/api/v1/accounts/views.py
# to avoid duplication and maintain clean separation of concerns.

2
backend/apps/api/v1/email/views.py
View File

@@ -9,7 +9,7 @@ from rest_framework import status
from rest_framework.permissions import AllowAny
from django.contrib.sites.shortcuts import get_current_site
from drf_spectacular.utils import extend_schema
from apps.email_service.services import EmailService
from django_forwardemail.services import EmailService
@extend_schema(

524
backend/apps/api/v1/parks/park_views.py
View File

@@ -1,15 +1,19 @@
"""
Full-featured Parks API views for ThrillWiki API v1.
This module implements a comprehensive set of endpoints matching the Rides API:
This module implements comprehensive park endpoints with full filtering support:
- List / Create: GET /parks/ POST /parks/
- Retrieve / Update / Delete: GET /parks/{pk}/ PATCH/PUT/DELETE
- Filter options: GET /parks/filter-options/
- Company search: GET /parks/search/companies/?q=...
- Search suggestions: GET /parks/search-suggestions/?q=...
Supports all 24 filtering parameters from frontend API documentation.
"""
from typing import Any
from django.db.models import Q, Count, Avg
from django.db.models.query import QuerySet
from rest_framework import status, permissions
from rest_framework.views import APIView
@@ -20,28 +24,25 @@ from rest_framework.exceptions import NotFound
from drf_spectacular.utils import extend_schema, OpenApiParameter
from drf_spectacular.types import OpenApiTypes
# Attempt to import model-level helpers; fall back gracefully if not present.
# Import models
try:
from apps.parks.models import Park, Company as ParkCompany # type: ignore
from apps.rides.models import Company as RideCompany # type: ignore
from apps.parks.models import Park
from apps.companies.models import Company
MODELS_AVAILABLE = True
except Exception:
Park = None # type: ignore
ParkCompany = None # type: ignore
RideCompany = None # type: ignore
Company = None # type: ignore
MODELS_AVAILABLE = False
# Attempt to import ModelChoices to return filter options
# Import ModelChoices for filter options
try:
from apps.api.v1.serializers.shared import ModelChoices # type: ignore
from apps.api.v1.serializers.shared import ModelChoices
HAVE_MODELCHOICES = True
except Exception:
ModelChoices = None # type: ignore
HAVE_MODELCHOICES = False
# Import serializers - we'll need to create these
# Import serializers
try:
from apps.api.v1.serializers.parks import (
ParkListOutputSerializer,
@@ -50,10 +51,8 @@ try:
ParkUpdateInputSerializer,
ParkImageSettingsInputSerializer,
)
SERIALIZERS_AVAILABLE = True
except Exception:
# Fallback serializers will be created
SERIALIZERS_AVAILABLE = False
@@ -68,24 +67,76 @@ class ParkListCreateAPIView(APIView):
permission_classes = [permissions.AllowAny]
@extend_schema(
summary="List parks with filtering and pagination",
description="List parks with basic filtering and pagination.",
summary="List parks with comprehensive filtering and pagination",
description="List parks with comprehensive filtering matching frontend API documentation. Supports all 24 filtering parameters including continent, rating ranges, ride counts, and more.",
parameters=[
OpenApiParameter(
name="page", location=OpenApiParameter.QUERY, type=OpenApiTypes.INT
),
OpenApiParameter(
name="page_size", location=OpenApiParameter.QUERY, type=OpenApiTypes.INT
),
OpenApiParameter(
name="search", location=OpenApiParameter.QUERY, type=OpenApiTypes.STR
),
OpenApiParameter(
name="country", location=OpenApiParameter.QUERY, type=OpenApiTypes.STR
),
OpenApiParameter(
name="state", location=OpenApiParameter.QUERY, type=OpenApiTypes.STR
),
# Pagination
OpenApiParameter(name="page", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Page number"),
OpenApiParameter(name="page_size", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Number of results per page"),
# Search
OpenApiParameter(name="search", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Search parks by name"),
# Location filters
OpenApiParameter(name="continent", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Filter by continent"),
OpenApiParameter(name="country", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Filter by country"),
OpenApiParameter(name="state", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Filter by state/province"),
OpenApiParameter(name="city", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Filter by city"),
# Park attributes
OpenApiParameter(name="park_type", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Filter by park type"),
OpenApiParameter(name="status", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Filter by operational status"),
# Company filters
OpenApiParameter(name="operator_id", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Filter by operator company ID"),
OpenApiParameter(name="operator_slug", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Filter by operator company slug"),
OpenApiParameter(name="property_owner_id", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Filter by property owner company ID"),
OpenApiParameter(name="property_owner_slug", location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR, description="Filter by property owner company slug"),
# Rating filters
OpenApiParameter(name="min_rating", location=OpenApiParameter.QUERY,
type=OpenApiTypes.NUMBER, description="Minimum average rating"),
OpenApiParameter(name="max_rating", location=OpenApiParameter.QUERY,
type=OpenApiTypes.NUMBER, description="Maximum average rating"),
# Ride count filters
OpenApiParameter(name="min_ride_count", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Minimum total ride count"),
OpenApiParameter(name="max_ride_count", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Maximum total ride count"),
# Opening year filters
OpenApiParameter(name="opening_year", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Filter by specific opening year"),
OpenApiParameter(name="min_opening_year", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Minimum opening year"),
OpenApiParameter(name="max_opening_year", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Maximum opening year"),
# Roller coaster filters
OpenApiParameter(name="has_roller_coasters", location=OpenApiParameter.QUERY,
type=OpenApiTypes.BOOL, description="Filter parks that have roller coasters"),
OpenApiParameter(name="min_roller_coaster_count", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Minimum roller coaster count"),
OpenApiParameter(name="max_roller_coaster_count", location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT, description="Maximum roller coaster count"),
# Ordering
OpenApiParameter(name="ordering", location=OpenApiParameter.QUERY, type=OpenApiTypes.STR,
description="Order results by field (prefix with - for descending)"),
],
responses={
200: (
@@ -97,7 +148,7 @@ class ParkListCreateAPIView(APIView):
tags=["Parks"],
)
def get(self, request: Request) -> Response:
"""List parks with basic filtering and pagination."""
"""List parks with comprehensive filtering and pagination."""
if not MODELS_AVAILABLE:
return Response(
{
@@ -110,23 +161,24 @@ class ParkListCreateAPIView(APIView):
status=status.HTTP_501_NOT_IMPLEMENTED,
)
# Start with base queryset
qs = Park.objects.all().select_related(
"operator", "property_owner"
) # type: ignore
"operator", "property_owner", "location"
).prefetch_related("rides").annotate(
ride_count=Count('rides'),
roller_coaster_count=Count('rides', filter=Q(rides__category='RC')),
average_rating=Avg('reviews__rating')
)
# Basic filters
q = request.query_params.get("search")
if q:
qs = qs.filter(name__icontains=q) # simplistic search
# Apply comprehensive filtering
qs = self._apply_filters(qs, request.query_params)
country = request.query_params.get("country")
if country:
qs = qs.filter(location__country__icontains=country) # type: ignore
state = request.query_params.get("state")
if state:
qs = qs.filter(location__state__icontains=state) # type: ignore
# Apply ordering
ordering = request.query_params.get("ordering", "name")
if ordering:
qs = qs.order_by(ordering)
# Paginate results
paginator = StandardResultsSetPagination()
page = paginator.paginate_queryset(qs, request)
@@ -134,6 +186,7 @@ class ParkListCreateAPIView(APIView):
serializer = ParkListOutputSerializer(
page, many=True, context={"request": request}
)
return paginator.get_paginated_response(serializer.data)
else:
# Fallback serialization
serializer_data = [
@@ -142,18 +195,153 @@ class ParkListCreateAPIView(APIView):
"name": park.name,
"slug": getattr(park, "slug", ""),
"description": getattr(park, "description", ""),
"location": str(getattr(park, "location", "")),
"operator": (
getattr(park.operator, "name", "")
if hasattr(park, "operator")
else ""
),
"location": {
"country": getattr(park.location, "country", "") if hasattr(park, "location") else "",
"state": getattr(park.location, "state", "") if hasattr(park, "location") else "",
"city": getattr(park.location, "city", "") if hasattr(park, "location") else "",
},
"operator": {
"id": park.operator.id if park.operator else None,
"name": park.operator.name if park.operator else "",
"slug": getattr(park.operator, "slug", "") if park.operator else "",
},
"ride_count": getattr(park, "ride_count", 0),
"roller_coaster_count": getattr(park, "roller_coaster_count", 0),
"average_rating": getattr(park, "average_rating", None),
}
for park in page
]
return paginator.get_paginated_response(serializer_data)
return paginator.get_paginated_response(serializer.data)
def _apply_filters(self, qs: QuerySet, params: dict) -> QuerySet:
"""Apply filtering to the queryset based on actual model fields."""
# Search filter
search = params.get("search")
if search:
qs = qs.filter(
Q(name__icontains=search) |
Q(description__icontains=search) |
Q(location__city__icontains=search) |
Q(location__state__icontains=search) |
Q(location__country__icontains=search)
)
# Location filters (only available fields)
country = params.get("country")
if country:
qs = qs.filter(location__country__iexact=country)
state = params.get("state")
if state:
qs = qs.filter(location__state__iexact=state)
city = params.get("city")
if city:
qs = qs.filter(location__city__iexact=city)
# NOTE: continent and park_type filters are not implemented because
# these fields don't exist in the current Django models:
# - ParkLocation model has no 'continent' field
# - Park model has no 'park_type' field
# Status filter (available field)
status_filter = params.get("status")
if status_filter:
qs = qs.filter(status=status_filter)
# Company filters (available fields)
operator_id = params.get("operator_id")
if operator_id:
qs = qs.filter(operator_id=operator_id)
operator_slug = params.get("operator_slug")
if operator_slug:
qs = qs.filter(operator__slug=operator_slug)
property_owner_id = params.get("property_owner_id")
if property_owner_id:
qs = qs.filter(property_owner_id=property_owner_id)
property_owner_slug = params.get("property_owner_slug")
if property_owner_slug:
qs = qs.filter(property_owner__slug=property_owner_slug)
# Rating filters (available field)
min_rating = params.get("min_rating")
if min_rating:
try:
qs = qs.filter(average_rating__gte=float(min_rating))
except (ValueError, TypeError):
pass
max_rating = params.get("max_rating")
if max_rating:
try:
qs = qs.filter(average_rating__lte=float(max_rating))
except (ValueError, TypeError):
pass
# Ride count filters (available field)
min_ride_count = params.get("min_ride_count")
if min_ride_count:
try:
qs = qs.filter(ride_count__gte=int(min_ride_count))
except (ValueError, TypeError):
pass
max_ride_count = params.get("max_ride_count")
if max_ride_count:
try:
qs = qs.filter(ride_count__lte=int(max_ride_count))
except (ValueError, TypeError):
pass
# Opening year filters (available field)
opening_year = params.get("opening_year")
if opening_year:
try:
qs = qs.filter(opening_date__year=int(opening_year))
except (ValueError, TypeError):
pass
min_opening_year = params.get("min_opening_year")
if min_opening_year:
try:
qs = qs.filter(opening_date__year__gte=int(min_opening_year))
except (ValueError, TypeError):
pass
max_opening_year = params.get("max_opening_year")
if max_opening_year:
try:
qs = qs.filter(opening_date__year__lte=int(max_opening_year))
except (ValueError, TypeError):
pass
# Roller coaster filters (using coaster_count field)
has_roller_coasters = params.get("has_roller_coasters")
if has_roller_coasters is not None:
if has_roller_coasters.lower() in ['true', '1', 'yes']:
qs = qs.filter(coaster_count__gt=0)
elif has_roller_coasters.lower() in ['false', '0', 'no']:
qs = qs.filter(coaster_count=0)
min_roller_coaster_count = params.get("min_roller_coaster_count")
if min_roller_coaster_count:
try:
qs = qs.filter(coaster_count__gte=int(min_roller_coaster_count))
except (ValueError, TypeError):
pass
max_roller_coaster_count = params.get("max_roller_coaster_count")
if max_roller_coaster_count:
try:
qs = qs.filter(coaster_count__lte=int(max_roller_coaster_count))
except (ValueError, TypeError):
pass
return qs
@extend_schema(
summary="Create a new park",
@@ -307,7 +495,7 @@ class ParkDetailAPIView(APIView):
# --- Filter options ---------------------------------------------------------
@extend_schema(
summary="Get filter options for parks",
summary="Get comprehensive filter options for parks",
responses={200: OpenApiTypes.OBJECT},
tags=["Parks"],
)
@@ -315,36 +503,162 @@ class FilterOptionsAPIView(APIView):
permission_classes = [permissions.AllowAny]
def get(self, request: Request) -> Response:
"""Return static/dynamic filter options used by the frontend."""
# Try to use ModelChoices if available
if HAVE_MODELCHOICES and ModelChoices is not None:
try:
data = {
"park_types": ModelChoices.get_park_type_choices(),
"countries": ModelChoices.get_country_choices(),
"states": ModelChoices.get_state_choices(),
"ordering_options": [
"name",
"-name",
"opening_date",
"-opening_date",
"ride_count",
"-ride_count",
],
}
return Response(data)
except Exception:
# fallthrough to fallback
pass
"""Return comprehensive filter options matching frontend API documentation."""
if not MODELS_AVAILABLE:
# Fallback comprehensive options
return Response({
"park_types": [
{"value": "THEME_PARK", "label": "Theme Park"},
{"value": "AMUSEMENT_PARK", "label": "Amusement Park"},
{"value": "WATER_PARK", "label": "Water Park"},
{"value": "FAMILY_ENTERTAINMENT_CENTER",
"label": "Family Entertainment Center"},
],
"continents": [
"North America",
"South America",
"Europe",
"Asia",
"Africa",
"Australia",
"Antarctica"
],
"countries": [
"United States",
"Canada",
"United Kingdom",
"Germany",
"France",
"Japan",
"Australia",
"Brazil"
],
"states": [
"California",
"Florida",
"Ohio",
"Pennsylvania",
"Texas",
"New York"
],
"ordering_options": [
{"value": "name", "label": "Name (A-Z)"},
{"value": "-name", "label": "Name (Z-A)"},
{"value": "opening_date", "label": "Opening Date (Oldest First)"},
{"value": "-opening_date", "label": "Opening Date (Newest First)"},
{"value": "ride_count", "label": "Ride Count (Low to High)"},
{"value": "-ride_count", "label": "Ride Count (High to Low)"},
{"value": "average_rating", "label": "Rating (Low to High)"},
{"value": "-average_rating", "label": "Rating (High to Low)"},
{"value": "roller_coaster_count",
"label": "Coaster Count (Low to High)"},
{"value": "-roller_coaster_count",
"label": "Coaster Count (High to Low)"},
],
})
# Fallback minimal options
return Response(
{
"park_types": ["THEME_PARK", "AMUSEMENT_PARK", "WATER_PARK"],
"countries": ["United States", "Canada", "United Kingdom", "Germany"],
"ordering_options": ["name", "-name", "opening_date", "-opening_date"],
}
)
# Try to get dynamic options from database
try:
# NOTE: continent field doesn't exist in ParkLocation model, so we use static list
continents = [
"North America",
"South America",
"Europe",
"Asia",
"Africa",
"Australia",
"Antarctica"
]
countries = list(Park.objects.exclude(
location__country__isnull=True
).exclude(
location__country__exact=''
).values_list('location__country', flat=True).distinct().order_by('location__country'))
states = list(Park.objects.exclude(
location__state__isnull=True
).exclude(
location__state__exact=''
).values_list('location__state', flat=True).distinct().order_by('location__state'))
# Try to use ModelChoices if available
if HAVE_MODELCHOICES and ModelChoices is not None:
try:
park_types = ModelChoices.get_park_type_choices()
except Exception:
park_types = [
{"value": "THEME_PARK", "label": "Theme Park"},
{"value": "AMUSEMENT_PARK", "label": "Amusement Park"},
{"value": "WATER_PARK", "label": "Water Park"},
]
else:
park_types = [
{"value": "THEME_PARK", "label": "Theme Park"},
{"value": "AMUSEMENT_PARK", "label": "Amusement Park"},
{"value": "WATER_PARK", "label": "Water Park"},
]
return Response({
"park_types": park_types,
"continents": continents,
"countries": countries,
"states": states,
"ordering_options": [
{"value": "name", "label": "Name (A-Z)"},
{"value": "-name", "label": "Name (Z-A)"},
{"value": "opening_date", "label": "Opening Date (Oldest First)"},
{"value": "-opening_date", "label": "Opening Date (Newest First)"},
{"value": "ride_count", "label": "Ride Count (Low to High)"},
{"value": "-ride_count", "label": "Ride Count (High to Low)"},
{"value": "average_rating", "label": "Rating (Low to High)"},
{"value": "-average_rating", "label": "Rating (High to Low)"},
{"value": "roller_coaster_count",
"label": "Coaster Count (Low to High)"},
{"value": "-roller_coaster_count",
"label": "Coaster Count (High to Low)"},
],
})
except Exception:
# Fallback to static options if database query fails
return Response({
"park_types": [
{"value": "THEME_PARK", "label": "Theme Park"},
{"value": "AMUSEMENT_PARK", "label": "Amusement Park"},
{"value": "WATER_PARK", "label": "Water Park"},
],
"continents": [
"North America",
"South America",
"Europe",
"Asia",
"Africa",
"Australia"
],
"countries": [
"United States",
"Canada",
"United Kingdom",
"Germany",
"France",
"Japan"
],
"states": [
"California",
"Florida",
"Ohio",
"Pennsylvania"
],
"ordering_options": [
{"value": "name", "label": "Name (A-Z)"},
{"value": "-name", "label": "Name (Z-A)"},
{"value": "opening_date", "label": "Opening Date (Oldest First)"},
{"value": "-opening_date", "label": "Opening Date (Newest First)"},
{"value": "ride_count", "label": "Ride Count (Low to High)"},
{"value": "-ride_count", "label": "Ride Count (High to Low)"},
],
})
# --- Company search (autocomplete) -----------------------------------------
@@ -352,7 +666,7 @@ class FilterOptionsAPIView(APIView):
summary="Search companies (operators/property owners) for autocomplete",
parameters=[
OpenApiParameter(
name="q", location=OpenApiParameter.QUERY, type=OpenApiTypes.STR
name="q", location=OpenApiParameter.QUERY, type=OpenApiTypes.STR, description="Search query for company names"
)
],
responses={200: OpenApiTypes.OBJECT},
@@ -366,21 +680,41 @@ class CompanySearchAPIView(APIView):
if not q:
return Response([], status=status.HTTP_200_OK)
if ParkCompany is None:
if not MODELS_AVAILABLE or Company is None:
# Provide helpful placeholder structure
return Response(
[
{"id": 1, "name": "Six Flags Entertainment", "slug": "six-flags"},
{"id": 2, "name": "Cedar Fair", "slug": "cedar-fair"},
{"id": 3, "name": "Disney Parks", "slug": "disney"},
]
)
return Response([
{"id": 1, "name": "Six Flags Entertainment", "slug": "six-flags"},
{"id": 2, "name": "Cedar Fair", "slug": "cedar-fair"},
{"id": 3, "name": "Disney Parks", "slug": "disney"},
{"id": 4, "name": "Universal Parks & Resorts", "slug": "universal"},
{"id": 5, "name": "SeaWorld Parks & Entertainment", "slug": "seaworld"},
])
qs = ParkCompany.objects.filter(name__icontains=q)[:20] # type: ignore
results = [
{"id": c.id, "name": c.name, "slug": getattr(c, "slug", "")} for c in qs
]
return Response(results)
try:
# Search companies that can be operators or property owners
qs = Company.objects.filter(
Q(name__icontains=q) &
(Q(roles__contains=['OPERATOR']) | Q(
roles__contains=['PROPERTY_OWNER']))
).distinct()[:20]
results = [
{
"id": c.id,
"name": c.name,
"slug": getattr(c, "slug", ""),
"roles": getattr(c, "roles", [])
}
for c in qs
]
return Response(results)
except Exception:
# Fallback to placeholder data
return Response([
{"id": 1, "name": "Six Flags Entertainment", "slug": "six-flags"},
{"id": 2, "name": "Cedar Fair", "slug": "cedar-fair"},
{"id": 3, "name": "Disney Parks", "slug": "disney"},
])
# --- Search suggestions -----------------------------------------------------

147
backend/apps/api/v1/parks/views.py
View File

@@ -143,7 +143,7 @@ class ParkPhotoViewSet(ModelViewSet):
raise ValidationError("Park ID is required")
try:
park = Park.objects.get(pk=park_id)
Park.objects.get(pk=park_id)
except Park.DoesNotExist:
raise ValidationError("Park not found")
@@ -199,6 +199,19 @@ class ParkPhotoViewSet(ModelViewSet):
)
try:
# Delete from Cloudflare first if image exists
if instance.image:
try:
from django_cloudflareimages_toolkit.services import CloudflareImagesService
service = CloudflareImagesService()
service.delete_image(instance.image)
logger.info(
f"Successfully deleted park photo from Cloudflare: {instance.image.cloudflare_id}")
except Exception as e:
logger.error(
f"Failed to delete park photo from Cloudflare: {str(e)}")
# Continue with database deletion even if Cloudflare deletion fails
ParkMediaService().delete_photo(
instance.id, deleted_by=cast(UserModel, self.request.user)
)
@@ -377,3 +390,135 @@ class ParkPhotoViewSet(ModelViewSet):
except Exception as e:
logger.error(f"Error in set_primary_photo: {str(e)}", exc_info=True)
return Response({"error": str(e)}, status=status.HTTP_400_BAD_REQUEST)
@extend_schema(
summary="Save Cloudflare image as park photo",
description="Save a Cloudflare image as a park photo after direct upload to Cloudflare",
request=OpenApiTypes.OBJECT,
responses={
201: ParkPhotoOutputSerializer,
400: OpenApiTypes.OBJECT,
401: OpenApiTypes.OBJECT,
404: OpenApiTypes.OBJECT,
},
tags=["Park Media"],
)
@action(detail=False, methods=["post"])
def save_image(self, request, **kwargs):
"""Save a Cloudflare image as a park photo after direct upload to Cloudflare."""
park_pk = self.kwargs.get("park_pk")
if not park_pk:
return Response(
{"error": "Park ID is required"},
status=status.HTTP_400_BAD_REQUEST,
)
try:
park = Park.objects.get(pk=park_pk)
except Park.DoesNotExist:
return Response(
{"error": "Park not found"},
status=status.HTTP_404_NOT_FOUND,
)
cloudflare_image_id = request.data.get("cloudflare_image_id")
if not cloudflare_image_id:
return Response(
{"error": "cloudflare_image_id is required"},
status=status.HTTP_400_BAD_REQUEST,
)
try:
# Import CloudflareImage model and service
from django_cloudflareimages_toolkit.models import CloudflareImage
from django_cloudflareimages_toolkit.services import CloudflareImagesService
from django.utils import timezone
# Always fetch the latest image data from Cloudflare API
try:
# Get image details from Cloudflare API
service = CloudflareImagesService()
image_data = service.get_image(cloudflare_image_id)
if not image_data:
return Response(
{"error": "Image not found in Cloudflare"},
status=status.HTTP_400_BAD_REQUEST,
)
# Try to find existing CloudflareImage record by cloudflare_id
cloudflare_image = None
try:
cloudflare_image = CloudflareImage.objects.get(
cloudflare_id=cloudflare_image_id)
# Update existing record with latest data from Cloudflare
cloudflare_image.status = 'uploaded'
cloudflare_image.uploaded_at = timezone.now()
cloudflare_image.metadata = image_data.get('meta', {})
# Extract variants from nested result structure
cloudflare_image.variants = image_data.get(
'result', {}).get('variants', [])
cloudflare_image.cloudflare_metadata = image_data
cloudflare_image.width = image_data.get('width')
cloudflare_image.height = image_data.get('height')
cloudflare_image.format = image_data.get('format', '')
cloudflare_image.save()
except CloudflareImage.DoesNotExist:
# Create new CloudflareImage record from API response
cloudflare_image = CloudflareImage.objects.create(
cloudflare_id=cloudflare_image_id,
user=request.user,
status='uploaded',
upload_url='', # Not needed for uploaded images
expires_at=timezone.now() + timezone.timedelta(days=365), # Set far future expiry
uploaded_at=timezone.now(),
metadata=image_data.get('meta', {}),
# Extract variants from nested result structure
variants=image_data.get('result', {}).get('variants', []),
cloudflare_metadata=image_data,
width=image_data.get('width'),
height=image_data.get('height'),
format=image_data.get('format', ''),
)
except Exception as api_error:
logger.error(
f"Error fetching image from Cloudflare API: {str(api_error)}", exc_info=True)
return Response(
{"error": f"Failed to fetch image from Cloudflare: {str(api_error)}"},
status=status.HTTP_400_BAD_REQUEST,
)
# Create the park photo with the CloudflareImage reference
photo = ParkPhoto.objects.create(
park=park,
image=cloudflare_image,
uploaded_by=request.user,
caption=request.data.get("caption", ""),
alt_text=request.data.get("alt_text", ""),
photo_type=request.data.get("photo_type", "exterior"),
is_primary=request.data.get("is_primary", False),
is_approved=False, # Default to requiring approval
)
# Handle primary photo logic if requested
if request.data.get("is_primary", False):
try:
ParkMediaService().set_primary_photo(
park_id=park.id, photo_id=photo.id
)
except Exception as e:
logger.error(f"Error setting primary photo: {e}")
# Don't fail the entire operation, just log the error
serializer = ParkPhotoOutputSerializer(photo, context={"request": request})
return Response(serializer.data, status=status.HTTP_201_CREATED)
except Exception as e:
logger.error(f"Error saving park photo: {e}")
return Response(
{"error": f"Failed to save photo: {str(e)}"},
status=status.HTTP_400_BAD_REQUEST,
)

4
backend/apps/api/v1/rides/manufacturers/views.py
View File

@@ -502,13 +502,13 @@ class RideModelFilterOptionsAPIView(APIView):
.values("id", "name", "slug")
)
categories = (
(
RideModel.objects.exclude(category="")
.values_list("category", flat=True)
.distinct()
)
target_markets = (
(
RideModel.objects.exclude(target_market="")
.values_list("target_market", flat=True)
.distinct()

143
backend/apps/api/v1/rides/photo_views.py
View File

@@ -204,6 +204,19 @@ class RidePhotoViewSet(ModelViewSet):
)
try:
# Delete from Cloudflare first if image exists
if instance.image:
try:
from django_cloudflareimages_toolkit.services import CloudflareImagesService
service = CloudflareImagesService()
service.delete_image(instance.image)
logger.info(
f"Successfully deleted ride photo from Cloudflare: {instance.image.cloudflare_id}")
except Exception as e:
logger.error(
f"Failed to delete ride photo from Cloudflare: {str(e)}")
# Continue with database deletion even if Cloudflare deletion fails
RideMediaService.delete_photo(
instance, deleted_by=self.request.user # type: ignore
)
@@ -407,3 +420,133 @@ class RidePhotoViewSet(ModelViewSet):
except Exception as e:
logger.error(f"Error in set_primary_photo: {str(e)}", exc_info=True)
return Response({"error": str(e)}, status=status.HTTP_400_BAD_REQUEST)
@extend_schema(
summary="Save Cloudflare image as ride photo",
description="Save a Cloudflare image as a ride photo after direct upload to Cloudflare",
request=OpenApiTypes.OBJECT,
responses={
201: RidePhotoOutputSerializer,
400: OpenApiTypes.OBJECT,
401: OpenApiTypes.OBJECT,
404: OpenApiTypes.OBJECT,
},
tags=["Ride Media"],
)
@action(detail=False, methods=["post"])
def save_image(self, request, **kwargs):
"""Save a Cloudflare image as a ride photo after direct upload to Cloudflare."""
ride_pk = self.kwargs.get("ride_pk")
if not ride_pk:
return Response(
{"error": "Ride ID is required"},
status=status.HTTP_400_BAD_REQUEST,
)
try:
ride = Ride.objects.get(pk=ride_pk)
except Ride.DoesNotExist:
return Response(
{"error": "Ride not found"},
status=status.HTTP_404_NOT_FOUND,
)
cloudflare_image_id = request.data.get("cloudflare_image_id")
if not cloudflare_image_id:
return Response(
{"error": "cloudflare_image_id is required"},
status=status.HTTP_400_BAD_REQUEST,
)
try:
# Import CloudflareImage model and service
from django_cloudflareimages_toolkit.models import CloudflareImage
from django_cloudflareimages_toolkit.services import CloudflareImagesService
from django.utils import timezone
# Always fetch the latest image data from Cloudflare API
try:
# Get image details from Cloudflare API
service = CloudflareImagesService()
image_data = service.get_image(cloudflare_image_id)
if not image_data:
return Response(
{"error": "Image not found in Cloudflare"},
status=status.HTTP_400_BAD_REQUEST,
)
# Try to find existing CloudflareImage record by cloudflare_id
cloudflare_image = None
try:
cloudflare_image = CloudflareImage.objects.get(
cloudflare_id=cloudflare_image_id)
# Update existing record with latest data from Cloudflare
cloudflare_image.status = 'uploaded'
cloudflare_image.uploaded_at = timezone.now()
cloudflare_image.metadata = image_data.get('meta', {})
# Extract variants from nested result structure
cloudflare_image.variants = image_data.get(
'result', {}).get('variants', [])
cloudflare_image.cloudflare_metadata = image_data
cloudflare_image.width = image_data.get('width')
cloudflare_image.height = image_data.get('height')
cloudflare_image.format = image_data.get('format', '')
cloudflare_image.save()
except CloudflareImage.DoesNotExist:
# Create new CloudflareImage record from API response
cloudflare_image = CloudflareImage.objects.create(
cloudflare_id=cloudflare_image_id,
user=request.user,
status='uploaded',
upload_url='', # Not needed for uploaded images
expires_at=timezone.now() + timezone.timedelta(days=365), # Set far future expiry
uploaded_at=timezone.now(),
metadata=image_data.get('meta', {}),
# Extract variants from nested result structure
variants=image_data.get('result', {}).get('variants', []),
cloudflare_metadata=image_data,
width=image_data.get('width'),
height=image_data.get('height'),
format=image_data.get('format', ''),
)
except Exception as api_error:
logger.error(
f"Error fetching image from Cloudflare API: {str(api_error)}", exc_info=True)
return Response(
{"error": f"Failed to fetch image from Cloudflare: {str(api_error)}"},
status=status.HTTP_400_BAD_REQUEST,
)
# Create the ride photo with the CloudflareImage reference
photo = RidePhoto.objects.create(
ride=ride,
image=cloudflare_image,
uploaded_by=request.user,
caption=request.data.get("caption", ""),
alt_text=request.data.get("alt_text", ""),
photo_type=request.data.get("photo_type", "exterior"),
is_primary=request.data.get("is_primary", False),
is_approved=False, # Default to requiring approval
)
# Handle primary photo logic if requested
if request.data.get("is_primary", False):
try:
RideMediaService.set_primary_photo(ride=ride, photo=photo)
except Exception as e:
logger.error(f"Error setting primary photo: {e}")
# Don't fail the entire operation, just log the error
serializer = RidePhotoOutputSerializer(photo, context={"request": request})
return Response(serializer.data, status=status.HTTP_201_CREATED)
except Exception as e:
logger.error(f"Error saving ride photo: {e}")
return Response(
{"error": f"Failed to save photo: {str(e)}"},
status=status.HTTP_400_BAD_REQUEST,
)

29
backend/apps/api/v1/rides/views.py
View File

@@ -630,11 +630,36 @@ class RideDetailAPIView(APIView):
},
status=status.HTTP_501_NOT_IMPLEMENTED,
)
for key, value in serializer_in.validated_data.items():
validated_data = serializer_in.validated_data
park_change_info = None
# Handle park change specially if park_id is being updated
if 'park_id' in validated_data:
new_park_id = validated_data.pop('park_id')
try:
new_park = Park.objects.get(id=new_park_id) # type: ignore
if new_park.id != ride.park_id:
# Use the move_to_park method for proper handling
park_change_info = ride.move_to_park(new_park)
except Park.DoesNotExist: # type: ignore
raise NotFound("Target park not found")
# Apply other field updates
for key, value in validated_data.items():
setattr(ride, key, value)
ride.save()
# Prepare response data
serializer = RideDetailOutputSerializer(ride, context={"request": request})
return Response(serializer.data)
response_data = serializer.data
# Add park change information to response if applicable
if park_change_info:
response_data['park_change_info'] = park_change_info
return Response(response_data)
def put(self, request: Request, pk: int) -> Response:
# Full replace - reuse patch behavior for simplicity

2
backend/apps/api/v1/serializers/accounts.py
View File

@@ -903,7 +903,7 @@ class AvatarUploadSerializer(serializers.Serializer):
except serializers.ValidationError:
raise # Re-raise validation errors
except Exception as e:
except Exception:
# PIL validation failed, but let Cloudflare Images try to process it
pass

4
backend/apps/api/v1/serializers/parks.py
View File

@@ -375,7 +375,7 @@ class ParkImageSettingsInputSerializer(serializers.Serializer):
from apps.parks.models import ParkPhoto
try:
photo = ParkPhoto.objects.get(id=value)
ParkPhoto.objects.get(id=value)
# The park will be validated in the view
return value
except ParkPhoto.DoesNotExist:
@@ -388,7 +388,7 @@ class ParkImageSettingsInputSerializer(serializers.Serializer):
from apps.parks.models import ParkPhoto
try:
photo = ParkPhoto.objects.get(id=value)
ParkPhoto.objects.get(id=value)
# The park will be validated in the view
return value
except ParkPhoto.DoesNotExist:

2
backend/apps/api/v1/serializers/reviews.py
View File

@@ -21,7 +21,7 @@ class ReviewUserSerializer(serializers.ModelSerializer):
def get_avatar_url(self, obj):
"""Get the user's avatar URL."""
if hasattr(obj, "profile") and obj.profile:
return obj.profile.get_avatar()
return obj.profile.get_avatar_url()
return "/static/images/default-avatar.png"
def get_display_name(self, obj):

20
backend/apps/api/v1/serializers/rides.py
View File

@@ -423,7 +423,7 @@ class RideImageSettingsInputSerializer(serializers.Serializer):
from apps.rides.models import RidePhoto
try:
photo = RidePhoto.objects.get(id=value)
RidePhoto.objects.get(id=value)
# The ride will be validated in the view
return value
except RidePhoto.DoesNotExist:
@@ -436,7 +436,7 @@ class RideImageSettingsInputSerializer(serializers.Serializer):
from apps.rides.models import RidePhoto
try:
photo = RidePhoto.objects.get(id=value)
RidePhoto.objects.get(id=value)
# The ride will be validated in the view
return value
except RidePhoto.DoesNotExist:
@@ -506,6 +506,22 @@ class RideCreateInputSerializer(serializers.Serializer):
"Minimum height cannot be greater than maximum height"
)
# Park area validation when park changes
park_id = attrs.get("park_id")
park_area_id = attrs.get("park_area_id")
if park_id and park_area_id:
try:
from apps.parks.models import ParkArea
park_area = ParkArea.objects.get(id=park_area_id)
if park_area.park_id != park_id:
raise serializers.ValidationError(
f"Park area '{park_area.name}' does not belong to the selected park"
)
except Exception:
# If models aren't available or area doesn't exist, let the view handle it
pass
return attrs

2
backend/apps/api/v1/urls.py
View File

@@ -74,6 +74,8 @@ urlpatterns = [
path("core/", include("apps.api.v1.core.urls")),
path("maps/", include("apps.api.v1.maps.urls")),
path("moderation/", include("apps.moderation.urls")),
# Cloudflare Images Toolkit API endpoints
path("cloudflare-images/", include("django_cloudflareimages_toolkit.urls")),
# Include router URLs (for rankings and any other router-registered endpoints)
path("", include(router.urls)),
]