Copy over view logic

files/views.py

@@ -842,6 +842,71 @@ class VideoWithVoices(APIView):
     Combine a video `media` with some `voices`.
     """
 
+    permission_classes = (permissions.AllowAny,)
+    parser_classes = (JSONParser,)
+
+    def get_object(self, friendly_token):
+        try:
+            media = Media.objects.select_related("user").prefetch_related("encodings__profile").get(friendly_token=friendly_token)
+            if media.state == "private" and self.request.user != media.user:
+                return Response({"detail": "media is private"}, status=status.HTTP_400_BAD_REQUEST)
+            return media
+        except PermissionDenied:
+            return Response({"detail": "bad permissions"}, status=status.HTTP_400_BAD_REQUEST)
+        except BaseException:
+            return Response(
+                {"detail": "media file does not exist"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
+    @swagger_auto_schema(
+        manual_parameters=[],
+        tags=['Voice Actions'],
+        operation_summary='to_be_written',
+        operation_description='to_be_written',
+    )
+    def post(self, request, friendly_token, uid=None):
+        # perform like/dislike/report actions
+        #
+        # Test command:
+        # curl -X POST http://127.0.0.1:80/api/v1/media/dd9TrZxDe/voices/f07f84a8-cf0a-445f-8ae7-568b16ddce55/actions
+        # Response:
+        # {"detail":"action allowed on logged in users only"}
+
+        media = self.get_object(friendly_token)
+        if isinstance(media, Response):
+            return media
+
+        # Double-check voice existence.
+        try:
+            voice = Voice.objects.get(uid=uid)
+        except BaseException:
+            return Response({"detail": "voice does not exist"}, status=status.HTTP_400_BAD_REQUEST,)
+
+        action = request.data.get("type")
+        extra = request.data.get("extra_info")
+        if request.user.is_anonymous:
+            # there is a list of allowed actions for
+            # anonymous users, specified in settings
+            if action not in settings.ALLOW_ANONYMOUS_ACTIONS:
+                return Response(
+                    {"detail": "action allowed on logged in users only"},
+                    status=status.HTTP_400_BAD_REQUEST,
+                )
+        if action:
+            user_or_session = get_user_or_session(request)
+            save_voice_action.delay(
+                user_or_session,
+                friendly_token=media.friendly_token,
+                action=action,
+                extra_info=extra,
+                uid=voice.uid,
+            )
+
+            return Response({"detail": "action received"}, status=status.HTTP_201_CREATED)
+        else:
+            return Response({"detail": "no action specified"}, status=status.HTTP_400_BAD_REQUEST)
+
 class MediaSearch(APIView):
     """
     Retrieve results for searc