--- a/server/python/django2/renkanmanager/api/views.py Thu Apr 21 16:18:08 2016 +0200
+++ b/server/python/django2/renkanmanager/api/views.py Mon Apr 11 16:28:05 2016 +0200
@@ -13,39 +13,33 @@
from django.http import Http404
from django.http.response import HttpResponse, HttpResponseBadRequest
from django.shortcuts import get_object_or_404, redirect
-from django.views.decorators.csrf import csrf_exempt
from django.views.generic import View
+from django.conf import settings
from renkanmanager.models import Renkan, Revision, Workspace
-from renkanmanager.permissions import CanEditRenkan, CanDeleteRenkan, CanCreateRenkan, \
- CanEditWorkspace, CanDeleteWorkspace, CanCreateWorkspace, \
- CanDeleteRevision
from renkanmanager.serializers import RenkanSerializer, RevisionSerializer, WorkspaceSerializer
from rest_framework import permissions, status
from rest_framework.response import Response
from rest_framework.views import APIView
-
logger = logging.getLogger(__name__)
-
+
class RenkanList(APIView):
"""
View for listing renkans or posting new renkan
"""
- permission_classes = (
- permissions.IsAuthenticatedOrReadOnly,
- CanCreateRenkan,
- )
-
+
+ queryset = Renkan.objects
+
def get(self, request, workspace_guid='', format=None):
if workspace_guid == '':
- renkans = Renkan.objects.all()
+ renkans = self.queryset.all()
else:
- renkans = Renkan.objects.filter(workspace_guid=workspace_guid)
+ renkans = self.queryset.filter(workspace_guid=workspace_guid)
serializer = RenkanSerializer(renkans, many=True)
- return Response(serializer.data, status=status.HTTP_200_OK, content_type='application/json')
-
+ return Response(serializer.data, status=status.HTTP_200_OK, content_type='application/json')
+
def post(self, request, workspace_guid='', format=None):
- create_data = request.data
+ create_data = {key:request.data[key] for key in request.data.keys()}
source_renkan_guid = request.GET.get("source_renkan_id", request.data.get("source_renkan_id", None))
source_revision_guid = request.GET.get("source_revision_id", request.data.get("source_revision_id", None))
if source_renkan_guid is not None:
@@ -68,38 +62,37 @@
except Workspace.DoesNotExist:
return Response({'detail': 'Workspace '+workspace_guid+' does not exist'}, status=status.HTTP_404_NOT_FOUND)
create_data["workspace_id"] = workspace_guid
-
+
serializer = RenkanSerializer(data=create_data)
if serializer.is_valid():
- serializer.save(creator=request.user)
+ serializer.save(creator=request.user)
return Response(serializer.data, status=status.HTTP_201_CREATED, content_type='application/json')
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
-
+
class RenkanDetail(APIView):
"""
View for retrieving, updating or deleting a single renkan
"""
lookup_field = "renkan_guid"
- permission_classes = (
- permissions.IsAuthenticatedOrReadOnly,
- CanEditRenkan,
- CanDeleteRenkan,
- )
-
- @csrf_exempt
+ queryset = Renkan.objects
+
+ def get_object(self, renkan_guid):
+ return self.queryset.get(renkan_guid=renkan_guid)
+
def dispatch(self, *args, **kwargs):
+ logger.debug("TEST 1 21 12 TEST")
return super(RenkanDetail, self).dispatch(*args, **kwargs)
-
- def get_object(self, renkan_guid):
- return Renkan.objects.get(renkan_guid=renkan_guid)
-
+
def get(self, request, renkan_guid, format=None):
try:
renkan = self.get_object(renkan_guid=renkan_guid)
except Renkan.DoesNotExist:
- return Response({'detail': 'Renkan project '+renkan_guid+' does not exist'}, status=status.HTTP_404_NOT_FOUND)
+ return Response({'detail': 'Renkan project %r does not exist'.format(renkan_guid)}, status=status.HTTP_404_NOT_FOUND)
+ logger.debug("RENKAN GET %r : CHECKING OBJECT PERMISSION", renkan_guid)
+ logger.debug("RENKAN GET: permission? %r", request.user.has_perm("view_renkan", renkan))
self.check_object_permissions(request, renkan)
+ logger.debug("RENKAN GET: PERMISSION GRANTED")
serializer = RenkanSerializer(renkan)
if {'true': True, 'false': False, "0": False, "1": True}.get(request.GET.get("content_only", "false").lower()):
return Response(json.loads(serializer.data["content"]), status=status.HTTP_200_OK, content_type='application/json')
@@ -109,8 +102,11 @@
try:
renkan = self.get_object(renkan_guid=renkan_guid)
except Renkan.DoesNotExist:
- return Response({'detail': 'Renkan project '+renkan_guid+' does not exist'}, status=status.HTTP_404_NOT_FOUND)
+ return Response({'detail': 'Renkan project %r does not exist'.format(renkan_guid)}, status=status.HTTP_404_NOT_FOUND)
+ logger.debug("RENKAN PUT %r : CHECKING OBJECT PERMISSION", renkan_guid)
+ logger.debug("RENKAN PUT: permission? %r", request.user.has_perm("change_renkan", renkan))
self.check_object_permissions(request, renkan)
+ logger.debug("RENKAN PUT: PERMISSION GRANTED")
if {'true': True, 'false': False, "0": False, "1": True}.get(request.GET.get("content_only", "false").lower()):
put_data = {}
put_data["content"] = json.dumps(request.data)
@@ -132,7 +128,7 @@
renkan_revisions = Revision.objects.filter(parent_renkan_guid = to_delete_renkan.renkan_guid)
for child_revision in renkan_revisions:
# Deleting reference to revision in renkans copied from this revision
- for related_renkan in Renkan.objects.filter(source_revision_guid=child_revision.revision_guid):
+ for related_renkan in self.queryset.filter(source_revision_guid=child_revision.revision_guid):
related_renkan.source_revision_guid = ''
related_renkan.save()
child_revision.delete()
@@ -143,13 +139,11 @@
"""
View for listing workspaces or creating new workspace
"""
- permission_classes = (
- permissions.IsAuthenticatedOrReadOnly,
- CanCreateWorkspace,
- )
-
+
+ queryset = Workspace.objects
+
def get(self, request, format=None):
- workspaces = Workspace.objects.all()
+ workspaces = self.queryset.all()
serializer = WorkspaceSerializer(workspaces, many=True)
return Response(serializer.data)
@@ -164,18 +158,16 @@
"""
View for retrieving, updating or deleting a single workspace
"""
- permission_classes = (
- permissions.IsAuthenticatedOrReadOnly,
- CanEditWorkspace,
- CanDeleteWorkspace,
- )
-
+
+ lookup_field = "workspace_guid"
+ queryset = Workspace.objects
+
def get_object(self, workspace_guid):
- return Workspace.objects.get(workspace_guid=workspace_guid)
-
+ return self.queryset.get(workspace_guid=workspace_guid)
+
def get(self, request, workspace_guid, format=None):
try:
- workspace = Workspace.objects.get(workspace_guid=workspace_guid)
+ workspace = self.get_object(workspace_guid=workspace_guid)
except Workspace.DoesNotExist:
return Response({'detail': 'Workspace '+workspace_guid+' does not exist.'}, status=status.HTTP_404_NOT_FOUND)
self.check_object_permissions(request, workspace)
@@ -184,7 +176,7 @@
def put(self, request, workspace_guid, format=None):
try:
- workspace = Workspace.objects.get(workspace_guid=workspace_guid)
+ workspace = self.get_object(workspace_guid=workspace_guid)
except Workspace.DoesNotExist:
return Response({'detail': 'Workspace '+workspace_guid+' does not exist.'}, status=status.HTTP_404_NOT_FOUND)
self.check_object_permissions(request, workspace)
@@ -209,11 +201,13 @@
"""
View for listing revisions from a given renkan
"""
- permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
-
- def get_queryset(self, renkan_guid):
- return Revision.objects.filter(parent_renkan_guid=renkan_guid)
-
+
+ def get_queryset(self, renkan_guid=""):
+ if renkan_guid:
+ return Revision.objects.filter(parent_renkan_guid=renkan_guid)
+ else:
+ return Revision.objects
+
def get(self, request, renkan_guid, format=None):
revisions = self.get_queryset(renkan_guid)
if not revisions:
@@ -225,14 +219,15 @@
"""
View for retrieving or deleting a single revision from a given renkan
"""
- permission_classes = (
- permissions.IsAuthenticatedOrReadOnly,
- CanDeleteRevision,
- )
-
- def get_queryset(self, renkan_guid):
- return Revision.objects.filter(parent_renkan_guid=renkan_guid)
-
+
+ lookup_field = "revision_guid"
+
+ def get_queryset(self, renkan_guid=""):
+ if renkan_guid:
+ return Revision.objects.filter(parent_renkan_guid=renkan_guid)
+ else:
+ return Revision.objects
+
def get(self, request, renkan_guid, revision_guid, format=None):
revisions = self.get_queryset(renkan_guid)
if not revisions: