from django.db import transaction
from rest_framework import permissions
from rest_framework import serializers, viewsets
from django.db.models import Q
from rest_framework import status, exceptions
from rest_framework.filters import OrderingFilter
from django_filters.rest_framework import DjangoFilterBackend
from rest_framework.response import Response

from app.models import Preset


class PresetSerializer(serializers.ModelSerializer):
    class Meta:
        model = Preset

        exclude = ('owner', )
        read_only_fields = ('owner', 'created_at', 'system', )


class PresetViewSet(viewsets.ModelViewSet):
    """
    Preset get/add/delete/update
    Presets represent a set of options that a user
    can save/customize for use in processing a task.
    """

    pagination_class = None
    serializer_class = PresetSerializer

    # We don't use object level permissions on presets
    permission_classes = (permissions.DjangoModelPermissions, )
    filter_backends = (DjangoFilterBackend, OrderingFilter, )

    def get_queryset(self):
        return Preset.objects.filter(Q(owner=self.request.user.id) | Q(system=True))

    def create(self, request):
        with transaction.atomic():
            preset = Preset.objects.create(owner=self.request.user)

            # Update other parameters
            serializer = PresetSerializer(preset, data=request.data, partial=True)
            serializer.is_valid(raise_exception=True)
            serializer.save()

            return Response(serializer.data, status=status.HTTP_201_CREATED)

    def destroy(self, request, pk=None):
        preset = Preset.objects.get(pk=pk)

        # Only owners can delete their own presets (except superusers)
        if preset.owner != request.user and not request.user.is_superuser:
            raise exceptions.NotFound()

        # Even superusers cannot delete global presets via the API (must use admin backend)
        if preset.system:
            raise exceptions.PermissionDenied()

        return super().destroy(request, pk)