upload files

core/admin.py

@@ -2,10 +2,12 @@ from django.contrib import admin
 
 from core.models.customer import Customer
 from core.models.role import Role
+from core.models.image import Image
 # from .model import user
 from core.models.AssignedRule import AssignedRule
  
 
+admin.site.register(Image)
 admin.site.register(Role)
 admin.site.register(AssignedRule)
 admin.site.register(Customer)

core/migrations/0004_remove_customer_name_image.py

@@ -0,0 +1,31 @@
+# Generated by Django 5.0 on 2025-04-19 10:02
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0003_customer_name'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='customer',
+            name='name',
+        ),
+        migrations.CreateModel(
+            name='Image',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('url', models.URLField(blank=True, max_length=250)),
+                ('image', models.ImageField(blank=True, null=True, upload_to='user_images/')),
+                ('name', models.CharField(max_length=100)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+    ]

core/migrations/0005_glb_pdf_video.py

@@ -0,0 +1,49 @@
+# Generated by Django 5.0 on 2025-04-19 11:42
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0004_remove_customer_name_image'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Glb',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('url', models.URLField(blank=True, max_length=250)),
+                ('glb', models.ImageField(blank=True, null=True, upload_to='user_glbs/')),
+                ('name', models.CharField(max_length=100)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Pdf',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('url', models.URLField(blank=True, max_length=250)),
+                ('pdf', models.ImageField(blank=True, null=True, upload_to='user_pdfs/')),
+                ('name', models.CharField(max_length=100)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Video',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('url', models.URLField(blank=True, max_length=250)),
+                ('video', models.ImageField(blank=True, null=True, upload_to='user_videos/')),
+                ('name', models.CharField(max_length=100)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+    ]

core/models/glb.py

@@ -0,0 +1,12 @@
+from django.db import models
+from django.conf import settings
+
+class Glb(models.Model):
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
+    url = models.URLField(max_length=250, blank=True)  # For storing external URLs
+    glb = models.ImageField(upload_to='user_glbs/', blank=True, null=True)  # For file uploads
+    name = models.CharField(max_length=100)
+    created_at = models.DateTimeField(auto_now_add=True)
+    
+    def __str__(self):
+        return f"{self.name} - {self.user.username}"

core/models/image.py

@@ -0,0 +1,12 @@
+from django.db import models
+from django.conf import settings
+
+class Image(models.Model):
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
+    url = models.URLField(max_length=250, blank=True)  # For storing external URLs
+    image = models.ImageField(upload_to='user_images/', blank=True, null=True)  # For file uploads
+    name = models.CharField(max_length=100)
+    created_at = models.DateTimeField(auto_now_add=True)
+    
+    def __str__(self):
+        return f"{self.name} - {self.user.username}"

core/models/pdf.py

@@ -0,0 +1,12 @@
+from django.db import models
+from django.conf import settings
+
+class Pdf(models.Model):
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
+    url = models.URLField(max_length=250, blank=True)  # For storing external URLs
+    pdf = models.ImageField(upload_to='user_pdfs/', blank=True, null=True)  # For file uploads
+    name = models.CharField(max_length=100)
+    created_at = models.DateTimeField(auto_now_add=True)
+    
+    def __str__(self):
+        return f"{self.name} - {self.user.username}"

core/models/video.py

@@ -0,0 +1,12 @@
+from django.db import models
+from django.conf import settings
+
+class Video(models.Model):
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
+    url = models.URLField(max_length=250, blank=True)  # For storing external URLs
+    video = models.ImageField(upload_to='user_videos/', blank=True, null=True)  # For file uploads
+    name = models.CharField(max_length=100)
+    created_at = models.DateTimeField(auto_now_add=True)
+    
+    def __str__(self):
+        return f"{self.name} - {self.user.username}"

core/serializers/GlbSerializer.py

@@ -0,0 +1,33 @@
+from rest_framework import serializers
+from ..models.glb import Glb
+from ..models.customer import Customer
+
+from rest_framework.exceptions import ValidationError
+import os
+
+
+class GlbSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Glb
+        fields = ['id', 'url', 'glb', 'name', 'created_at']
+        read_only_fields = ['id', 'created_at', 'user']
+    
+    def validate(self, data):
+        # Safely get the request from context
+        request = self.context.get('request')
+        if not request:
+            raise serializers.ValidationError("Request context not provided")
+        
+        # Check file size if image is provided
+        if 'glb' in request.FILES:
+            glb = request.FILES['glb']
+            if glb.size > 50 * 1024 * 1024:  # 50MB limit
+                raise serializers.ValidationError("Glb file too large ( > 50MB )")
+            
+            # Check file extension
+            ext = os.path.splitext(Glb.name)[1].lower()
+            valid_extensions = ['.glb']
+            if ext not in valid_extensions:
+                raise serializers.ValidationError(f"Unsupported file extension. Supported: {', '.join(valid_extensions)}")
+        
+        return data

core/serializers/ImageSerializer.py

@@ -0,0 +1,33 @@
+from rest_framework import serializers
+from ..models.image import Image
+from ..models.customer import Customer
+
+from rest_framework.exceptions import ValidationError
+import os
+
+
+class ImageSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Image
+        fields = ['id', 'url', 'image', 'name', 'created_at']
+        read_only_fields = ['id', 'created_at', 'user']
+    
+    def validate(self, data):
+        # Safely get the request from context
+        request = self.context.get('request')
+        if not request:
+            raise serializers.ValidationError("Request context not provided")
+        
+        # Check file size if image is provided
+        if 'image' in request.FILES:
+            image = request.FILES['image']
+            if image.size > 5 * 1024 * 1024:  # 5MB limit
+                raise serializers.ValidationError("Image file too large ( > 5MB )")
+            
+            # Check file extension
+            ext = os.path.splitext(image.name)[1].lower()
+            valid_extensions = ['.jpg', '.jpeg', '.png', '.gif']
+            if ext not in valid_extensions:
+                raise serializers.ValidationError(f"Unsupported file extension. Supported: {', '.join(valid_extensions)}")
+        
+        return data

core/serializers/PdfSerializer.py

@@ -0,0 +1,33 @@
+from rest_framework import serializers
+from ..models.pdf import Pdf
+from ..models.customer import Customer
+
+from rest_framework.exceptions import ValidationError
+import os
+
+
+class PdfSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Pdf
+        fields = ['id', 'url', 'pdf', 'name', 'created_at']
+        read_only_fields = ['id', 'created_at', 'user']
+    
+    def validate(self, data):
+        # Safely get the request from context
+        request = self.context.get('request')
+        if not request:
+            raise serializers.ValidationError("Request context not provided")
+        
+        # Check file size if image is provided
+        if 'pdf' in request.FILES:
+            pdf = request.FILES['pdf']
+            if pdf.size > 50 * 1024 * 1024:  # 50MB limit
+                raise serializers.ValidationError("Pdf file too large ( > 50MB )")
+            
+            # Check file extension
+            ext = os.path.splitext(Pdf.name)[1].lower()
+            valid_extensions = ['.pdf']
+            if ext not in valid_extensions:
+                raise serializers.ValidationError(f"Unsupported file extension. Supported: {', '.join(valid_extensions)}")
+        
+        return data

core/serializers/VideoSerializer.py

@@ -0,0 +1,33 @@
+from rest_framework import serializers
+from ..models.video import Video
+from ..models.customer import Customer
+
+from rest_framework.exceptions import ValidationError
+import os
+
+
+class VideoSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Video
+        fields = ['id', 'url', 'video', 'name', 'created_at']
+        read_only_fields = ['id', 'created_at', 'user']
+    
+    def validate(self, data):
+        # Safely get the request from context
+        request = self.context.get('request')
+        if not request:
+            raise serializers.ValidationError("Request context not provided")
+        
+        # Check file size if image is provided
+        if 'video' in request.FILES:
+            video = request.FILES['video']
+            if video.size > 500 * 1024 * 1024:  # 500MB limit
+                raise serializers.ValidationError("Video file too large ( > 500MB )")
+            
+            # Check file extension
+            ext = os.path.splitext(Video.name)[1].lower()
+            valid_extensions = ['.mp4']
+            if ext not in valid_extensions:
+                raise serializers.ValidationError(f"Unsupported file extension. Supported: {', '.join(valid_extensions)}")
+        
+        return data

core/settings.py

@@ -159,3 +159,6 @@ EMAIL_HOST_USER = 'mail@clinet.club'
 EMAIL_HOST_PASSWORD = 'uzudzsd78786d7asd56gasdbsad'
 DEFAULT_FROM_EMAIL = 'mail@clinet.club'
 
+# Add these to your settings
+MEDIA_URL = '/media/'
+MEDIA_ROOT = os.path.join(BASE_DIR, 'media/')

core/urls.py

@@ -4,6 +4,9 @@ from django.urls import path
  
 from .views import userView 
 from django.urls import include, path
+from django.conf import settings
+from django.conf.urls.static import static
+
 
 urlpatterns = [
 
@@ -25,7 +28,15 @@ urlpatterns = [
     re_path('sendCodeAndNewPassword', userView.sendCodeAndNewPassword),
  
 
+    
 
+    re_path('uploadImage/', userView.upload_image , name='upload_image'),
+    re_path('uploadGlb/', userView.upload_glb , name='upload_glb'),
+    re_path('uploadVideo/', userView.upload_video , name='upload_video'),
+    re_path('uploadPdf/', userView.upload_pdf , name='upload_pdf'),
    
    
-]
+]+ static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
+
+
+ 

core/views/userView.py

@@ -16,9 +16,17 @@ from django.contrib.auth.models import User
 from core.models.customer import Customer
 from core.serializers.UserSerializer import  UserSerializer
 from core.serializers.CustomerSerializer import  CustomerSerializer
+from core.serializers.ImageSerializer import  ImageSerializer
+from core.serializers.GlbSerializer import  GlbSerializer
+from core.serializers.VideoSerializer import  VideoSerializer
+from core.serializers.PdfSerializer import  PdfSerializer
 
 # utils.py
 from core.models.AssignedRule import AssignedRule 
+from core.models.image import Image 
+from core.models.video import Video 
+from core.models.pdf import Pdf 
+from core.models.glb import Glb 
 
 
 from django.core.mail import EmailMultiAlternatives
@@ -28,9 +36,16 @@ from django.conf import settings
 from django.utils.dateparse import parse_date
  
 
+from datetime import datetime
+from django.core.files.storage import default_storage
+import os
 
 import requests
 import json
+import logging
+
+logger = logging.getLogger(__name__)
+
 
 def send_sms(to_number, code):
     username = "09399112092"
@@ -206,6 +221,7 @@ def sendSmsVerification(request):
 
   
 
+
 @api_view(['GET'])
 @authentication_classes([SessionAuthentication, TokenAuthentication])
 @permission_classes([IsAuthenticated])
@@ -218,11 +234,21 @@ def getInfo(request):
         # Retrieve the associated customer object
         customer = Customer.objects.get(user=user)
         
+        # Get all images uploaded by this user
+        user_images = Image.objects.filter(user=user).order_by('-created_at')
+        user_pdfs = Pdf.objects.filter(user=user).order_by('-created_at')
+        user_videos = Video.objects.filter(user=user).order_by('-created_at')
+        user_glb = Glb.objects.filter(user=user).order_by('-created_at')
+
+        image_serializer = ImageSerializer(user_images, many=True)
+        pdf_serializer = PdfSerializer(user_pdfs, many=True)
+        Video_serializer = VideoSerializer(user_videos, many=True)
+        glb_serializer = GlbSerializer(user_glb, many=True)
+        
         # Serialize the customer data
         customer_serializer = CustomerSerializer(customer)
         
-        
-         # Manually select user fields to return
+        # Manually select user fields to return
         user_data = {
             'id': user.id,
             'first_name': user.first_name,
@@ -232,15 +258,20 @@ def getInfo(request):
         
         return Response({
             'customer': customer_serializer.data,
-            'user': user_data
+            'user': user_data,
+            'images': image_serializer.data ,  # Add images to response
+            'pdfs': pdf_serializer.data , # Add images to response
+            'videos': Video_serializer.data  ,# Add images to response
+            'glbs': glb_serializer.data , # Add images to response
         })
     
-
     except Customer.DoesNotExist:
-        return Response({'error': 'No customer data found for this user'}, status=404)
-
         # If no customer object exists for the user, return an error response
-   
+        return Response({'error': 'No customer data found for this user'}, status=404)
+    
+
+
+
 
 
 
@@ -367,3 +398,185 @@ def test_token(request):
         return Response({'message': 'No access'}, status=status.HTTP_403_FORBIDDEN)
 
     return Response({'message': 'User has admin role'})
+
+
+
+
+
+@api_view(['POST'])
+@authentication_classes([SessionAuthentication, TokenAuthentication])
+@permission_classes([IsAuthenticated])
+def upload_image(request):
+    user = request.user
+    
+    try:
+        customer = Customer.objects.get(user=user)
+    except Customer.DoesNotExist:
+        return Response(
+            {'error': 'No customer profile found.'},
+            status=status.HTTP_403_FORBIDDEN
+        )
+    
+    if not request.FILES.get('image'):
+        return Response(
+            {'error': 'No image file provided.'},
+            status=status.HTTP_400_BAD_REQUEST
+        )
+    
+    uploaded_file = request.FILES['image']
+    
+    # Generate the new path: "2025/1/23/filename.jpg"
+    today = datetime.now()
+    year = str(today.year)
+    month = str(today.month)
+    day = str(today.day)
+    
+    # New path format: "2025/1/23/original_filename.jpg"
+    new_path = os.path.join(year, month, day, uploaded_file.name)
+    
+    # Save the file manually to the desired directory
+    saved_path = default_storage.save(new_path, uploaded_file)
+    
+    # Now create the Image record with the new path
+    image = Image.objects.create(
+        user=user,
+        image=saved_path,  # This will be "2025/1/23/filename.jpg"
+        name=request.data.get('name', uploaded_file.name),
+    )
+    
+    serializer = ImageSerializer(image)
+    return Response(serializer.data, status=status.HTTP_201_CREATED)
+
+
+
+
+@api_view(['POST'])
+@authentication_classes([SessionAuthentication, TokenAuthentication])
+@permission_classes([IsAuthenticated])
+def upload_glb(request):
+    user = request.user
+    
+    try:
+        customer = Customer.objects.get(user=user)
+    except Customer.DoesNotExist:
+        return Response(
+            {'error': 'No customer profile found.'},
+            status=status.HTTP_403_FORBIDDEN
+        )
+    
+    if not request.FILES.get('glb'):
+        return Response(
+            {'error': 'No glb file provided.'},
+            status=status.HTTP_400_BAD_REQUEST
+        )
+    
+    uploaded_file = request.FILES['glb']
+    
+    # Generate the new path: "2025/1/23/filename.jpg"
+    today = datetime.now()
+    year = str(today.year)
+    month = str(today.month)
+    day = str(today.day)
+    
+    # New path format: "2025/1/23/original_filename.jpg"
+    new_path = os.path.join(year, month, day, uploaded_file.name)
+    
+    # Save the file manually to the desired directory
+    saved_path = default_storage.save(new_path, uploaded_file)
+    
+    glb = Glb.objects.create(
+        user=user,
+        glb=saved_path,  # This will be "2025/1/23/filename.jpg"
+        name=request.data.get('name', uploaded_file.name),
+    )
+    
+    serializer = GlbSerializer(glb)
+    return Response(serializer.data, status=status.HTTP_201_CREATED)
+
+
+@api_view(['POST'])
+@authentication_classes([SessionAuthentication, TokenAuthentication])
+@permission_classes([IsAuthenticated])
+def upload_video(request):
+    user = request.user
+    
+    try:
+        customer = Customer.objects.get(user=user)
+    except Customer.DoesNotExist:
+        return Response(
+            {'error': 'No customer profile found.'},
+            status=status.HTTP_403_FORBIDDEN
+        )
+    
+    if not request.FILES.get('video'):
+        return Response(
+            {'error': 'No video file provided.'},
+            status=status.HTTP_400_BAD_REQUEST
+        )
+    
+    uploaded_file = request.FILES['video']
+    
+    # Generate the new path: "2025/1/23/filename.jpg"
+    today = datetime.now()
+    year = str(today.year)
+    month = str(today.month)
+    day = str(today.day)
+    
+    # New path format: "2025/1/23/original_filename.jpg"
+    new_path = os.path.join(year, month, day, uploaded_file.name)
+    
+    # Save the file manually to the desired directory
+    saved_path = default_storage.save(new_path, uploaded_file)
+    
+    video = Video.objects.create(
+        user=user,
+        video=saved_path,  # This will be "2025/1/23/filename.jpg"
+        name=request.data.get('name', uploaded_file.name),
+    )
+    
+    serializer = VideoSerializer(video)
+    return Response(serializer.data, status=status.HTTP_201_CREATED)
+
+
+@api_view(['POST'])
+@authentication_classes([SessionAuthentication, TokenAuthentication])
+@permission_classes([IsAuthenticated])
+def upload_pdf(request):
+    user = request.user
+    
+    try:
+        customer = Customer.objects.get(user=user)
+    except Customer.DoesNotExist:
+        return Response(
+            {'error': 'No customer profile found.'},
+            status=status.HTTP_403_FORBIDDEN
+        )
+    
+    if not request.FILES.get('pdf'):
+        return Response(
+            {'error': 'No pdf file provided.'},
+            status=status.HTTP_400_BAD_REQUEST
+        )
+    
+    uploaded_file = request.FILES['pdf']
+    
+    # Generate the new path: "2025/1/23/filename.jpg"
+    today = datetime.now()
+    year = str(today.year)
+    month = str(today.month)
+    day = str(today.day)
+    
+    # New path format: "2025/1/23/original_filename.jpg"
+    new_path = os.path.join(year, month, day, uploaded_file.name)
+    
+    # Save the file manually to the desired directory
+    saved_path = default_storage.save(new_path, uploaded_file)
+    
+    pdf = Pdf.objects.create(
+        user=user,
+        pdf=saved_path,  # This will be "2025/1/23/filename.jpg"
+        name=request.data.get('name', uploaded_file.name),
+    )
+    
+    serializer = GlbSerializer(pdf)
+    return Response(serializer.data, status=status.HTTP_201_CREATED)

test.rest

@@ -10,7 +10,7 @@ Content-Type: application/json
 POST http://127.0.0.1:8000/login 
 Content-Type: application/json
 
-{  "mobile_number":"09140086509", "password": "Pass1234!" }
+{  "mobile_number":"09140086509", "password": "123456" }
 
 ###