Gitlab CSE Unil

Commit 72e0c3f6 authored by Julien Furrer's avatar Julien Furrer
Browse files

ajusté adim.view pour compatibilité avec restframework v3.3

parent 0dbce233
......@@ -25,6 +25,7 @@ class AccessibleAnObj(BasePermission):
RestFramework Object-level permission to allow access to objects related to an accessible AnObj
Assumes the model instance has an `annotable` attribute.
"""
def has_object_permission(self, request, view, obj):
try:
return has_anobj_access(request, obj.annotable)
......@@ -54,6 +55,7 @@ class IsOwnerOrReadOnly(BasePermission):
else:
return False
class WritableAnObjOrReadonly(BasePermission):
"""
RestFramework Object-level permission to only allow modification on objects
......@@ -90,6 +92,7 @@ class AnObjViewSet(viewsets.ModelViewSet):
"""
model = AnObj
serializer_class = AnObjSerializer
# lookup_field = 'uuid'
def get_serializer_class(self):
......@@ -122,7 +125,7 @@ class AnObjViewSet(viewsets.ModelViewSet):
if request.method != 'GET':
user_model = get_user_model()
members = []
for member_data in request.DATA.get('members', []):
for member_data in request.data.get('members', []):
try:
q = Q(pk=-1)
if member_data.get('id'):
......@@ -156,7 +159,7 @@ class AnObjViewSet(viewsets.ModelViewSet):
def set_publish_mode(self, request, pk=None):
user = request.user
anobj = AnObj.objects.get(pk=pk)
new_publish_mode = int(request.DATA.get('publish_mode', 0))
new_publish_mode = int(request.data.get('publish_mode', 0))
if new_publish_mode not in xrange(3):
raise ValueError("Invalid publish mode")
......@@ -172,8 +175,8 @@ class AnObjViewSet(viewsets.ModelViewSet):
raise Http404()
if new_publish_mode == 2 and not (
anobj.allow_public_publishing or anobj.is_owned(user.id)):
# anobj.allow_public_publishing or user in anobj.owners.all()):
anobj.allow_public_publishing or anobj.is_owned(user.id)):
# anobj.allow_public_publishing or user in anobj.owners.all()):
raise PermissionDenied
if membership.publish_mode != new_publish_mode:
......@@ -234,27 +237,27 @@ class SharedAnObjViewSet(AnObjViewSet):
else:
users = []
return Response({'users': users})
#
# @detail_route(methods=['patch'])
# def set_publish_mode(self, request, pk=None):
# user = request.user
# anobj = AnObj.objects.get(pk=pk)
# membership = get_object_or_404(AnObjMembership, anobj__id=pk, user=user)
#
# new_publish_mode = int(request.DATA.get('publish_mode', 0))
# if new_publish_mode not in xrange(3):
# raise ValueError("Invalid publish mode")
#
# if new_publish_mode == 2 and not (
# anobj.allow_public_publishing or user == anobj.owner):
# raise PermissionDenied
#
# if membership.publish_mode != new_publish_mode:
# membership.publish_mode = new_publish_mode
# membership.save()
#
# return Response({'publish_mode': membership.publish_mode})
#
#
# @detail_route(methods=['patch'])
# def set_publish_mode(self, request, pk=None):
# user = request.user
# anobj = AnObj.objects.get(pk=pk)
# membership = get_object_or_404(AnObjMembership, anobj__id=pk, user=user)
#
# new_publish_mode = int(request.DATA.get('publish_mode', 0))
# if new_publish_mode not in xrange(3):
# raise ValueError("Invalid publish mode")
#
# if new_publish_mode == 2 and not (
# anobj.allow_public_publishing or user == anobj.owner):
# raise PermissionDenied
#
# if membership.publish_mode != new_publish_mode:
# membership.publish_mode = new_publish_mode
# membership.save()
#
# return Response({'publish_mode': membership.publish_mode})
#
class UserViewSet(viewsets.ReadOnlyModelViewSet):
......@@ -301,43 +304,49 @@ class AnnotationViewSet(viewsets.ModelViewSet):
:param kwargs:
:return:
"""
request.data['owner'] = request.user.id
request.data['owner_id'] = request.user.id
owner_str_id = str(request.user.id)
if (
owner_str_id not in request.data['owner'] or
owner_str_id not in request.data['owner_id']
):
raise AttributeError("Wrong owner for annotation")
# request.data['owner'] = request.user.id
# request.data['owner_id'] = request.user.id
return super(AnnotationViewSet, self).create(request, *args, **kwargs)
# def list(self, request):
# return Response([])
#
# def pre_save(self, obj):
# """
# For new annotation, check annotable access permission
# and set the owner of the annotation
# :param obj:
# :return:
# """
# if obj.annotable.locked:
# raise Exception("Annotable locked")
#
# # ok
# if obj.id:
# if obj.owner != self.request.user:
# raise Exception("Annotable access forbidden")
#
# else:
# # user = self.request.user
# # anobj_q = Q(pk=obj.annotable_id) & (Q(owner=user) | Q(members=user))
# try:
# anobj = AnObj.objects.get(pk=obj.annotable_id)
# if not has_anobj_access(self.request, anobj):
# raise Exception("Annotable access forbidden")
#
# except AnObj.DoesNotExist:
# raise Exception("Annotable access forbidden")
# # if not AnObj.objects.filter(anobj_q).exists():
#
# obj.owner = self.request.user
#
# super(AnnotationViewSet, self).pre_save(obj)
# def list(self, request):
# return Response([])
#
# def pre_save(self, obj):
# """
# For new annotation, check annotable access permission
# and set the owner of the annotation
# :param obj:
# :return:
# """
# if obj.annotable.locked:
# raise Exception("Annotable locked")
#
# # ok
# if obj.id:
# if obj.owner != self.request.user:
# raise Exception("Annotable access forbidden")
#
# else:
# # user = self.request.user
# # anobj_q = Q(pk=obj.annotable_id) & (Q(owner=user) | Q(members=user))
# try:
# anobj = AnObj.objects.get(pk=obj.annotable_id)
# if not has_anobj_access(self.request, anobj):
# raise Exception("Annotable access forbidden")
#
# except AnObj.DoesNotExist:
# raise Exception("Annotable access forbidden")
# # if not AnObj.objects.filter(anobj_q).exists():
#
# obj.owner = self.request.user
#
# super(AnnotationViewSet, self).pre_save(obj)
class SharedAnnotationViewSet(viewsets.ReadOnlyModelViewSet):
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment