From c7304cb814631456ad83e207750bb4c9a3f6c7ab Mon Sep 17 00:00:00 2001
From: Gowtham Sai <66207607+gowtham3105@users.noreply.github.com>
Date: Mon, 5 Sep 2022 23:36:27 +0530
Subject: [PATCH] setting offerAccepted to only superAdmins

---
 CDC_Backend/APIs/adminViews.py | 13 ++++++++++---
 CDC_Backend/APIs/constants.py  |  3 ++-
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/CDC_Backend/APIs/adminViews.py b/CDC_Backend/APIs/adminViews.py
index 88261d1..889fdcf 100644
--- a/CDC_Backend/APIs/adminViews.py
+++ b/CDC_Backend/APIs/adminViews.py
@@ -104,22 +104,29 @@ def updateDeadline(request, id, email, user_type):
 
 
 @api_view(['POST'])
-@isAuthorized([ADMIN])
+@isAuthorized([SUPER_ADMIN])
 @precheck([OPENING_ID, OFFER_ACCEPTED])
 def updateOfferAccepted(request, id, email, user_type):
     try:
         data = request.data
+        offer_accepted = data[OFFER_ACCEPTED]
         opening = get_object_or_404(Placement, pk=data[OPENING_ID])
-        if not opening.offer_accepted:
-            opening.offer_accepted = True
+        if opening.offer_accepted is None:
+            opening.offer_accepted = offer_accepted == "true"
             opening.changed_by = get_object_or_404(User, id=id)
             opening.save()
             send_opening_notifications(opening.id)
+        else:
+            raise ValueError("Offer Status already updated")
+
         return Response({'action': "Update Offer Accepted", 'message': "Offer Accepted Updated"},
                         status=status.HTTP_200_OK)
     except Http404:
         return Response({'action': "Update Offer Accepted", 'message': 'Opening Not Found'},
                         status=status.HTTP_404_NOT_FOUND)
+    except ValueError as e:
+        return Response({'action': "Update Offer Accepted", 'message': str(e)},
+                        status=status.HTTP_400_BAD_REQUEST)
     except:
         logger.warning("Update Offer Accepted: " + str(sys.exc_info()))
         return Response({'action': "Update Offer Accepted", 'message': "Something went wrong"},
diff --git a/CDC_Backend/APIs/constants.py b/CDC_Backend/APIs/constants.py
index 60b59c5..91980f2 100644
--- a/CDC_Backend/APIs/constants.py
+++ b/CDC_Backend/APIs/constants.py
@@ -62,7 +62,8 @@ EMAIL = "email"
 
 STUDENT = 'student'
 ADMIN = 'admin'
-COMPANY = ''
+SUPER_ADMIN = 'super_admin'
+COMPANY = 'company'
 TIER = 'tier'
 # To be Configured Properly
 FOURTH_YEAR = '2019'