7 users can register for updates on the holon development #13
Conversation
Door niet de hele modelviewset vanuit rest framework in te laden maar alleen de GenericViewSet en de CreateModelMixin kun je afvangen dat alleen een post mogelijk is zonder zelf permissions te moeten schrijven.
There was a problem hiding this comment.
@broekhuisg belangrijkste opmerking is het ontbreken van een api om alleen een emoticon als reactie te geven, verder heb ik een suggestie gedaan hoe je rest framework flexibeler kunt gebruiken.
backend/backend/urls.py
Outdated
| path('admin', admin.site.urls) | ||
| path("", include(router.urls)), | ||
| path("admin/", admin.site.urls), | ||
| re_path( |
There was a problem hiding this comment.
Het is beter om onderstaande url's alleen in development in te laden en niet in productie
| Model describing an User Registration | ||
| """ | ||
|
|
||
| RATING_CHOICES = ( |
There was a problem hiding this comment.
We hadden tijdens de refinement besproken dat het ook mogelijk moet zijn om alleen een emoticon als reactie te geven zonder details. Dit is in bovenstaande api niet mogelijk, je kan het opsplitsen in 2 endpoints of in 1 api afvangen. Je verliest dan wel de link tussen de rating en de contactgegevens @thesethtruth is dit een probleem?
There was a problem hiding this comment.
No Link between emoticons and registration
backend/holon/permissions.py
Outdated
| @@ -0,0 +1,11 @@ | |||
| # permissions.py | |||
There was a problem hiding this comment.
Dit bestand is dus waarschijnlijk overbodig
antw
force-pushed
the
7-users-can-register-for-updates-on-the-holon-development
branch
2 times, most recently
from
36cb4a1 to
f08ce87
Compare
|
@mattijsstam @broekhuisg I have pushed the front end. I haven't been able to test properly with the back end: the Cross-Origin Resource Sharing settings in the back end are too strict and requests are being denied with 403 Forbidden. I can't find any references to CORS or I've added the contact form which will submit a POST to {BACKEND}/update-registrations/. I looked at the Django app to figure out what was needed; it's configured to send the following JSON payload (please let me know if this is incorrect): interface RegistrationPayload {
name: string;
email: string;
company: string | undefined;
}The sentiment / ratings is configured to send a POST to {BACKEND}/update-ratings/ with JSON: interface SentimentPayload {
rating: "heart" | "thumbsup" | "neutral" | "thumbsdown"
}Again, please let me know if this is incorrect. If you wish to change the name of the endpoints, you may do so here: I'm relying on the browser validation for name and e-mail fields being required. If the Django app will also return validation or error messages, let me know and I'll update the components to display these. Feedback is very welcome! |
- Adds a feedback form allowing visitors to enter their name and e-mail, and optionally their company. Data will be submitted to an API (pending). - Adds a Sentiment component which allows visitors to select how they feed about the page. - Moves EmoticonButton into the Sentiment module since it's unlikely to be used elsewhere. Ideally, I think I'd like to lift the calls to `fetch` out to a parent component for both Sentiment and SubscriptionForm, but for now this feels like a nice and simple way of doing what we need.
- Uses yarn to run the app in development mode. - node_modules are stored in a volume.
antw
force-pushed
the
7-users-can-register-for-updates-on-the-holon-development
branch
from
f08ce87 to
ba9fa69
Compare
…nt' of github.com:ZEnMo/Holon-webapp into 7-users-can-register-for-updates-on-the-holon-development
There was a problem hiding this comment.
@antw please see the remark in the SubscriptionForm.js file
| body: JSON.stringify(payload), | ||
| }) | ||
| .then(() => dispatch({ type: "resolve" })) | ||
| .catch(() => dispatch({ type: "reject" })); |
There was a problem hiding this comment.
@antw The following does not work because fetch resolves if the api sends a 400 or 404 or because it is technically an ok response. Please see the following article for an example on how to catch server errors with fetch.
Also on reject the error that is send by the server is not shown to the user, for example this form can be submitted but does return an error which is not shown.
There was a problem hiding this comment.
@antw Within Witteveen+Bos we always use axios because it has a more user friendly api and prevents this sort of (to me) illogical things.
There was a problem hiding this comment.
I noted in my previous comment that the form wasn't handling any server-side validation errors yet; I didn't have Django responses working so it wasn't clear what the errors would look like. I'll revisit this ASAP to add support for this.
I appreciate the reminder about fetch and 4xx responses though. 🤦
There was a problem hiding this comment.
@broekhuisg I took care of it already in 61e2d83. Personally, I don't think it's worth adding a dependency just for nicer handling of 4xx errors; they'll be pretty uncommon given that browsers will catch most validation errors already.
There was a problem hiding this comment.
@antw I see that you already fixed this issue. Thanks. I would have suggest to use the package Axios, but this is good for now I think :)
|
A slight remark from my side: I noticed that the backend only uses a timestamp to store the sentiment/rating. I checked the frontend and a user is able to trigger multiple posts to the backend from there. Ideally, that would just update the given sentiment. But with the current implementation that just creates a new entry, right?. Would it be possible to use a session ID that is used to identify the current session? If it already exists, the entry is updated. |
@thesethtruth I think it's best to create a new issue with this change and try to work out some technical implications on this issue. This way we can merge this one. |
@thesethtruth @mattijsstam I will resolve this issue. I will set a localStorage item with the value the user has set. If these item exists, it will set in the frontend and will by change do a PUT request. Otherwise POST request. |
I fixed your question about the PUT/POST request. With the remark that it is now possible for people to edit ratings when they are guessing the ID of a rating. So this is a potential risk/leak. But since we are dealing with a prototype and we are not using any form of login, I think we can use this for now. @thesethtruth @mattijsstam |
Awesome, thanks good fix for now! How do we track technical debt, @mattijsstam? |
Fixes that the errors object would be set to a promise rather than the errors JSON.
There was a problem hiding this comment.
Looks good to me. I think this can be merged. 👍
I tested adding a couple of registrations and ratings, and everything worked as I expected.
@mattijsstam I cannot reproduce the styling issues seen on the Azure deployment. In fact, the HTML in the Azure version is different from this branch:
- the "Bevestig" button is missing class names from the HolonButton component (in 9c44bf1 I added the ability to pass extra class names to the component)
- there a wrapper div (with
max-width: 48rem) missing
My guess is that some of this was lost or overwritten when it was merged with your main branch, perhaps due to conflicts with other branches. I'm reasonably confident this won't be an issue, but if it is I will look into it again.
| body: JSON.stringify(payload), | ||
| }) | ||
| .then(() => dispatch({ type: "resolve" })) | ||
| .catch(() => dispatch({ type: "reject" })); |
There was a problem hiding this comment.
@antw Within Witteveen+Bos we always use axios because it has a more user friendly api and prevents this sort of (to me) illogical things.
@antw Let's merge it and solve issues when they appear in production, can you resolve the merge conflicts and merge it? |
…for-updates-on-the-holon-development
antw
deleted the
7-users-can-register-for-updates-on-the-holon-development
branch
Backend in Django.
localhost:8000 om te bereiken. /swagger/ om de API/Swagger te bekijken.
Endpoint update-register, kan je alleen naar POSTen als anonymous user. (om de registraties voor de updates in op te slaan)
Via /admin (waar je dan nog wel even een superuser voor moet aanmaken - zie readme - kan je alle registraties zien).