Box CRUD API With Python

Akhil Bhalerao

Last update: Feb 17, 2022

Related tags

Miscellaneous boxes_inventory

Overview

Box CRUD API:

Consider a store which has an inventory of boxes which are all cuboid(which have length breadth and height). Each Cuboid has been added by a store employee who is associated as the creator of the box even if it is updated by any user later on.

Setup Project

Fork and clone this repository and navigate into the project folder by running the following commands in your terminal:
```
git clone [email protected]:
     
      /boxes_inventory.git
cd boxes_inventory

     
```
NOTE: This cloning is done via SSH.
Create a Python virtual environment in the project folder and activate it.
```
pip install virtualenv
virtualenv venv
source venv/bin/activate
```
NOTE: This commands can differ can based on operating systems.
Create a .env file in the project folder, and add your secret key in the SECRET_KEY variable in .env file.
```
SECRET_KEY=
     

     
```
SECRET_KEY is 128 bit long string containing alphnumeric chars and symbols.
Install the dependencies, by running the following command:
```
pip install -r requirements.txt
```
Make sure your virtual environment is activated.
Run the migrations.
```
python manage.py makemigrations
python manage.py migrate
```
As our default database is sqlite3, you will notice after the migrations a db file is created in project folder.
Create a superuser.
```
python manage.py createsuperuser
```
Run the server.
```
python manage.py runserver
```

POSTMAN Collection click here

Open this postman collection in Postman, to check all the API endpoints.

Authentication Details

I have implemented default token authetication available in the Django Rest Framework.

When the user logs in through http://127.0.0.1:8000/accounts/api/v1/login/, the token is generated and stored in the database.

So, Inorder to access the API, you need to send a valid token in the Authorization header as follows:

Authorization: Token

Task 0: Data Modelling

I have created a boxes model with one to many relationship with the users model, where user model is the parent and boxes model is the child.

Task 1: Add a Box

API Endpoint: POST http://127.0.0.1:8000/boxes/api/v1/create-box

Only the Staff user is able to create a box and following is the required payload for the request.

{
    "height": 4,
    "length": 3,
    "breadth": 4
}

Below is the example of the API:

If the request is invalid or provided with invalid body, the API will return error messages.

Conditions fulfilled:

The user should be a staff and logged in to create a box.
Average area of all added boxes should not exceed 100.
Average volume of all boxes added by the current user shall not exceed 1000.
Total Boxes added in a week cannot be more than 100.
Total Boxes added in a week by a user cannot be more than 50.

Task 2: Update API for a Box

API Endpoint: PUT/PATCH http://127.0.0.1:8000/boxes/api/v1/update-box/uuid

You need to add the UUID of the box at the end of the URL to update the box.

UUID is the unique identifier of the box

Below is the example of the Update API through PUT method:

Below is the example of the Update API through PATCH method:

Conditions fulfilled:

User should be logged in and should be a staff user to access the API.
Any staff user is able to update any box.
Editor cannot edit the creator, created_date or last_updated date of the box.

Task 3: List all Boxes

API Endpoint: GET http://127.0.0.1:8000/boxes/api/v1/list-all-boxes

This API returns all the boxes in the database but the response is divided into 2 types:

If User is staff, they can see the creator and last_updated date of each box.
But in case of the non staff user they cannot see the creator and last_updated date of each box.

In this API you can also apply below filters:

length_more_than or length_less_than
height_more_than or height_less_than
breadth_more_than or breadth_less_than
volume_more_than or volume_less_than
area_more_than or area_less_than
created_after or created_before
username

Conditions fulfilled:

User should be logged-in and authenticated to access this API.

Task 4: List my boxes

API Endpoint: GET http://127.0.0.1:8000/boxes/api/v1/list-my-boxes

This API returns all the boxes created by the logged-in staff user.

In this API you can also apply below filters:

length_more_than or length_less_than
height_more_than or height_less_than
breadth_more_than or breadth_less_than
volume_more_than or volume_less_than
area_more_than or area_less_than

Conditions fulfilled:

User should be staff, logged-in and authenticated to access this API.

Task 5: Delete a Box

API Endpoint: DELETE http://127.0.0.1:8000/boxes/api/v1/delete-box/uuid

You need to add the UUID of the box to be deleted at the end of the URL, and only the creator of the box can delete it.

Conditions fulfilled:

User should be staff, logged-in and authenticated to access the API.
The box to delete should be created by the logged-in staff user.

Scope of Improvement:

In utils/filters.py file, code resuability can be improved.
In place of Token Authentication, JWT Authentication can be used to authenticate the users.

Things I Learned:

How to apply filters in the API.
How to use and modify the serializer data according to the use case.
Write more clean code and add comments wherever necessary.
Read documentation more thoroughly.

Assumptions from the problem statement given:

At the time of updating the box, the avg_area and avg_volume condition is not checked because, the problem statement says added and not updated/edited word.
Adding user should be automatically associated with the box and shall not be overridden - This line was unclear in the problem statement, so I gathered that whenever a box is being created we have to connect it to the staff user who created it by default (one-to-many relationship).

Url-check-migration-python - A python script using Apica API's to migrate URL checks between environments

url-check-migration-python A python script using Apica API's to migrate URL chec

1 Feb 16, 2022

Driving lessons made simpler. Custom scheduling API built with Python.

NOTE This is a mirror of a GitLab repository. Dryvo Dryvo is a unique solution for the driving lessons industry. Our aim is to save the teacher’s time

595 Dec 5, 2022

Simple Python API for the Ergo Platform Explorer

Ergo is a "Resilient Platform for Contractual Money." It is designed to be a platform for applications with the main focus to provide an efficient, se

7 Jul 6, 2021

An unofficial python API for trading on the DeGiro platform, with the ability to get real time data and historical data.

DegiroAPI An unofficial API for the trading platform Degiro written in Python with the ability to get real time data and historical data for products.

5 Dec 16, 2022

OpenSea NFT API App using Python and Streamlit

opensea-nft-api-tutorial OpenSea NFT API App using Python and Streamlit Tutorial Video Walkthrough https://www.youtube.com/watch?v=49SupvcFC1M Instruc

64 Oct 28, 2022

Algorand Python API examples

Algorand-Py Algorand Python API examples This repo will hold example scripts to monitor activities on Algorand main net. You can: Monitor your assets

2 Jan 23, 2022

A Python wrapper for Matrix Synapse admin API

Synapse-admin-api-python A Python wrapper for Matrix Synapse admin API. Versioning This library now supports up to Synapse 1.45.0, any Admin API intro

9 Sep 28, 2022

A python API act as Control Center to control your Clevo Laptop via wmi on windows.

ClevoPyControlCenter A python API act as Control Center to control your Clevo Laptop via wmi on windows. Usage # pip3 install pymi from clevo_wmi impo

3 Sep 19, 2022

Simple and easy to use python API for the COVID registration booking system of the math department @ unipd (torre archimede)

Simple and easy to use python API for the COVID registration booking system of the math department @ unipd (torre archimede). This API creates an interface with the official browser, with more useful functionalities.