feat: allow students to be uploaded in bulk (#18)

Author: earthcomfy

Diff for: apps/common/management/commands/load_students.py

@@ -50,16 +50,16 @@ def handle(self, *args, **options):
 
         for entry in data:
             try:
-                with transaction.atomic():
-                    admission_date = self.parse_date(entry["admission_date"])
-                    graduation_date = self.parse_date(entry["graduation_date"])
+                admission_date = self.parse_date(entry["admission_date"])
+                graduation_date = self.parse_date(entry["graduation_date"])
 
-                    first_name = entry["first_name"]
-                    middle_name = entry["middle_name"]
-                    last_name = entry["last_name"]
+                first_name = entry["first_name"]
+                middle_name = entry["middle_name"]
+                last_name = entry["last_name"]
 
-                    password = generate_password(last_name)
+                password = generate_password(last_name)
 
+                with transaction.atomic():
                     user = User.objects.create_user(
                         first_name=first_name,
                         middle_name=middle_name,

Diff for: apps/entities/urls.py

@@ -1,7 +1,7 @@
 from django.urls import include, path
 from rest_framework.routers import DefaultRouter
 
-from .views.admin_views import EntityViewSet
+from .views.admin_views import EntityViewSet, UploadStudents
 from .views.faculty_view import FacultyViewSet
 
 router = DefaultRouter()
@@ -11,5 +11,6 @@
 app_name = "entities"
 
 urlpatterns = [
+    path("upload_students/", UploadStudents.as_view(), name="upload_students"),
     path("", include(router.urls)),
 ]

Diff for: apps/entities/views/admin_views.py

@@ -1,10 +1,20 @@
+from datetime import datetime
+
+import pandas as pd
 from django.contrib.auth import get_user_model
+from django.db import transaction
 from django_filters import rest_framework as django_filters
 from drf_spectacular.utils import OpenApiParameter, OpenApiTypes, extend_schema
-from rest_framework import filters, viewsets
+from rest_framework import filters, status, viewsets
 from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.views import APIView
 
+from apps.entities.models.faculty_models import Department, Faculty
+from apps.entities.models.student_models import Student
 from apps.entities.serializers.entity_serializers import EntitySerializer
+from apps.entities.utils import generate_password
+from apps.rbac.models.role_models import Role, UserRole
 from apps.rbac.permissions import IsUserSuperAdmin, IsUserSuperAdminOrFacultyAdmin
 
 User = get_user_model()
@@ -38,7 +48,11 @@ class EntityViewSet(viewsets.ModelViewSet):
 
     permission_classes = (IsAuthenticated,)
     serializer_class = EntitySerializer
-    filter_backends = (django_filters.DjangoFilterBackend, filters.SearchFilter, filters.OrderingFilter)
+    filter_backends = (
+        django_filters.DjangoFilterBackend,
+        filters.SearchFilter,
+        filters.OrderingFilter,
+    )
     filterset_fields = (
         "student__faculty",
         "student__department",
@@ -106,3 +120,126 @@ def get_serializer_context(self):
         entity_type = self.kwargs.get("entity_type")
         context.update({"entity_type": entity_type})
         return context
+
+
+class UploadStudents(APIView):
+    def parse_date(self, date_str):
+        try:
+            return datetime.strptime(date_str, "%d-%m-%Y").strftime("%Y-%m-%d")
+        except ValueError:
+            return None
+
+    def post(self, request, *args, **kwargs):
+        file_obj = request.FILES.get("file")
+
+        if not file_obj:
+            return Response({"error": "No file provided"}, status=status.HTTP_400_BAD_REQUEST)
+
+        file_extension = file_obj.name.split(".")[-1].lower()
+        if file_extension not in ["xlsx", "xls", "csv"]:
+            return Response(
+                {"error": "Unsupported file type. Only Excel and CSV files are accepted."},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
+        try:
+            if file_extension in ["xlsx", "xls"]:
+                df = pd.read_excel(file_obj)
+            elif file_extension == "csv":
+                df = pd.read_csv(file_obj)
+
+            required_columns = {
+                "username",
+                "first_name",
+                "middle_name",
+                "last_name",
+                "gender",
+                "faculty",
+                "department",
+                "year_in_school",
+                "admission_date",
+                "graduation_date",
+            }
+            if not required_columns.issubset(df.columns):
+                print(df.columns)
+                return Response(
+                    {"error": "All fields are required in the file."},
+                    status=status.HTTP_400_BAD_REQUEST,
+                )
+
+            errors = []
+            success_count = 0
+
+            # TODO This should be a background task (Use Celery)
+            for index, entry in df.iterrows():
+                error = {}
+                if not all([entry[col] for col in required_columns]):
+                    error["row"] = index + 1
+                    error["message"] = "Missing required fields"
+                    errors.append(error)
+                    continue
+
+                if User.objects.filter(username=entry["username"]).exists():
+                    error["row"] = index + 1
+                    error["message"] = "Username already exists"
+                    errors.append(error)
+                    continue
+
+                admission_date = self.parse_date(entry["admission_date"])
+                graduation_date = self.parse_date(entry["graduation_date"])
+
+                if not admission_date or not graduation_date:
+                    error["row"] = index + 1
+                    error["message"] = "Invalid date format"
+                    errors.append(error)
+                    continue
+
+                first_name = entry["first_name"]
+                middle_name = entry["middle_name"]
+                last_name = entry["last_name"]
+
+                password = generate_password(last_name)
+
+                with transaction.atomic():
+                    try:
+                        user = User.objects.create_user(
+                            first_name=first_name,
+                            middle_name=middle_name,
+                            last_name=last_name,
+                            gender=entry["gender"],
+                            username=entry["username"],
+                            password=password,
+                            is_first_time_login=True,
+                        )
+                        faculty = Faculty.objects.get(name=entry["faculty"])
+                        department = Department.objects.get(name=entry["department"])
+                        Student.objects.create(
+                            user=user,
+                            faculty=faculty,
+                            department=department,
+                            year_in_school=entry["year_in_school"],
+                            admission_date=admission_date,
+                            graduation_date=graduation_date,
+                        )
+                        role = Role.objects.get(name="Student")
+                        UserRole.objects.create(user=user, role=role)
+                        success_count += 1
+                    except Exception:
+                        error["row"] = index + 1
+                        error["message"] = "Something went wrong."
+                        errors.append(error)
+
+            # TODO Allow users to download error log
+
+            return Response(
+                {
+                    "message": f"{success_count} students created successfully. {len(errors)} entries failed.",
+                },
+                status=status.HTTP_201_CREATED,
+            )
+
+        except Exception:
+            return Response(
+                {"error": "Something went wrong. Please try again later."},
+                status=status.HTTP_400_BAD_REQUEST,
+            )

Diff for: requirements.txt

@@ -16,6 +16,8 @@ boto3==1.34.93
 pillow==10.3.0
 django-phonenumber-field==7.3.0
 phonenumberslite==8.13.36
+pandas==2.2.2
+openpyxl==3.1.5
 
 # Database
 # ------------------------------------------------------------------------------