- asgiref
- Django
- drf_spectacular
- Pillow
- pre-commit
- pycryptodomex
- pyparsing
- pytest
- python-magic
- pytz
- urllib3

This adds extensive API documentation based on the official API
documentation [1] and conflict resolution [2] documents.

Where possible field documentation was added to models or serializers,
so that other code like auto-generated forms can also profit from these
changes (hence the migration part of this commit).

The changes introduce two new API endpoints.

`/api/v1/schema/` exposes the API schema as an OpenAPI 3.0.3 document.
The standard format is yaml but can be switched to JSON by appending the
`?format=json` query parameter.

`/api/v1/schema/swagger-ui/` renders a visual representation of the
OpenAPI 3 specification with support for testing the individual API
endpoints including authentication.

[1]
https://gitlab.servus.at/aura/meta/-/blob/ec3c753d34ccb0269969808ac7dc28fff2ff1648/docs/development/api-definition.md
[2]
https://gitlab.servus.at/aura/meta/-/blob/ec3c753d34ccb0269969808ac7dc28fff2ff1648/docs/development/conflict-resolution.md

This adds extensive API documentation based on the official API
documentation [1] and conflict resolution [2] documents.

Where possible field documentation was added to models or serializers,
so that other code like auto-generated forms can also profit from these
changes (hence the migration part of this commit).

The changes introduce two new API endpoints.

`/api/v1/schema/` exposes the API schema as an OpenAPI 3.0.3 document.
The standard format is yaml but can be switched to JSON by appending the
`?format=json` query parameter.

`/api/v1/schema/swagger-ui/` renders a visual representation of the
OpenAPI 3 specification with support for testing the individual API
endpoints including authentication.

[1]
https://gitlab.servus.at/aura/meta/-/blob/ec3c753d34ccb0269969808ac7dc28fff2ff1648/docs/development/api-definition.md
[2]
https://gitlab.servus.at/aura/meta/-/blob/ec3c753d34ccb0269969808ac7dc28fff2ff1648/docs/development/conflict-resolution.md

django_filters will help us implement better filters for collections
with automatic integration for API documentation.

- asgireg
- attrs
- charset-normalizer
- Django
- django-cors-headers
- django-versatileimagefield
- Pillow
- psycopg2-binary
- requests
- urllib

- Django==1.11.29
- django-cors-headers==3.2.1
- django-oidc-provider==0.7.0
- django-tinymce==2.8.0
- django-versatileimagefield==1.11
- djangorestframework==3.11.0
- drf-nested-routers==0.91
- Pillow==4.3.0
- python-dateutil==2.8.1
- PyYAML==3.13

Later, upgrade
- Django up to 2.2.11, the current LTS version
- django-versatileimagefield up to 2.0, the current stable version
- Pillow up to 7.0.0, the current stable version
- PyYAML up to 5.3.1, the current stable version

Added requirements and installation instructions for using PostgreSQL and apparently there were another migration necessary.

and:
* Set correct login redirect url for oidc
* Added django-cors-headers for cross-domain api requests

See #21 #22

See #22

* Users can see and change all notes and hosts of shows they own - even if they were created by another show owner
* A host can be assigned to a note (if host is editable)
* Added django-oidc-provider app
* Added limit/offset pagination to endpoints /shows, /timeslots and /notes
* Common users may not change the show's name anymore via API
* Playout API can be called with start (date) and end (date) parameters
* Added filters to endpoints:

/shows/?host=1  Retrieves shows of a given host
/shows/?owner=1 Retrieves shows of a given owner (= user ID)
/notes/?host=1  Retrieves notes assigned to a host
/notes/?owner=1 Retrieves notes a user has created (= user ID)

Had to set settings const USE_TZ (= reflect timezone in mysql datetimes) to True for OIDC to work with mysql.

Don't know yet if that's a problem.

See #22 #23

/api/v1/shows/
/api/v1/shows/?active=true
/api/v1/shows/1/
/api/v1/shows/1/schedules
/api/v1/shows/1/schedules/1
/api/v1/shows/1/schedules/1/timeslots
/api/v1/shows/1/schedules/1/timeslots/1/
/api/v1/shows/1/schedules/1/timeslots/1/notes
/api/v1/shows/1/schedules/1/timeslots/1/notes/1
/api/v1/shows/1/notes
/api/v1/shows/1/notes/1
/api/v1/shows/1/timeslots
/api/v1/shows/1/timeslots/1
/api/v1/shows/1/timeslots/1/notes
/api/v1/shows/1/timeslots/1/notes/1

On every /timeslot endpoint, filter variables ?start=2017-01-01&end=2017-12-31 are available.

Properly create, update and delete:

* Users
  - only superusers may create
  - common users can only retrieve/update themselves
  - update is constrained to certain non-crucial fields for non-superusers

* Shows
  - only superusers may create
  - update is constrained to certain fields for non-superusers

* Notes
  - creating/updating is constrained to shows and timeslots the non-superuser owns

* Schedules
  - only superusers may add/update/delete
  - collision detection still needed

* Timeslots
  - direct creation is prohibited for everyone (only by adding/updating schedules)
  - update is constrained to certain fields
  - only superusers may delete


Available GET endpoints for (only superusers may add/update/delete)

* Hosts
* Types
* Topics
* Categories
* RTRCategories
* Languages


See #22 #23

Updating is constrained to defined fields.
See #22

Implemented django-oauth-toolkit for authentication.

Working on prototype for playout API (momentarily still called week_schedule())

Added permission restrictions for common users in APIs
See #23

Added playlist_id to TimeSlot datamodel
See #21

Made some minor changes in calendar.

* Extended datamodel of user profile by introducing "profile"-subapp
* Implemented thumbnail generation for shows, notes and user profile using django-versatileimagefield (see requirements.txt)

See #21

upgraded requirement to Django 1.11.2, Pillow 4.1.1, PyYAML 3.12, django-tinymce 2.6.0 and python-dateutil 2.6.0