klmp200/Sith
1
0
Fork 0
mirror of https://github.com/ae-utbm/sith.git synced 2024-11-22 14:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enhaced API : look for permissions, automaticly add /{pk}/id, added

Browse Source 
users, groups and clubs
This commit is contained in:
Antoine Bartuccio 2016-08-07 20:32:12 +02:00
parent 1a6373e9ce
commit 2822d947d9
4 changed files with 89 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/urls.py
View File

@ -6,6 +6,9 @@ from rest_framework import routers
# Router config # Router config
router = routers.DefaultRouter() router = routers.DefaultRouter()
router.register(r'counter', CounterViewSet, base_name='api_counter') router.register(r'counter', CounterViewSet, base_name='api_counter')
router.register(r'user', UserViewSet, base_name='api_user')
router.register(r'club', ClubViewSet, base_name='api_club')
router.register(r'group', GroupViewSet, base_name='api_group')
urlpatterns = [ urlpatterns = [

32
api/views/__init__.py
View File

@ -1,2 +1,34 @@
from rest_framework.response import Response
from rest_framework import viewsets
from django.core.exceptions import PermissionDenied
from rest_framework.decorators import detail_route
from core.views import can_view, can_edit
class RightManagedModelViewSet(viewsets.ModelViewSet):
@detail_route()
def id(self, request, pk=None):
"""
Get by id (api/v1/router/{pk}/id/)
"""
self.queryset = get_object_or_404(self.queryset.filter(id=pk))
serializer = self.get_serializer(self.queryset)
return Response(serializer.data)
def dispatch(self, request, *arg, **kwargs):
res = super(RightManagedModelViewSet,
self).dispatch(request, *arg, **kwargs)
obj = self.queryset
user = self.request.user
try:
if (request.method == 'GET' and can_view(obj, user)):
return res
elif (request.method == 'PUSH' and can_edit(obj, user)):
return res
except: pass # To prevent bug with Anonymous user
raise PermissionDenied
from .api import * from .api import *
from .serializers import * from .serializers import *

43
api/views/api.py
View File

@ -7,8 +7,10 @@ from rest_framework.decorators import list_route
from core.templatetags.renderer import markdown from core.templatetags.renderer import markdown
from counter.models import Counter from counter.models import Counter
from core.models import User, Group
from club.models import Club
from api.views import serializers from api.views import serializers
from api.views import RightManagedModelViewSet
@api_view(['GET']) @api_view(['GET'])
def RenderMarkdown(request): def RenderMarkdown(request):
@ -19,28 +21,45 @@ def RenderMarkdown(request):
return Response(markdown(request.GET['text'])) return Response(markdown(request.GET['text']))
class CounterViewSet(viewsets.ModelViewSet): class CounterViewSet(RightManagedModelViewSet):
""" """
Manage Counters (api/v1/counter) Manage Counters (api/v1/counter/)
""" """
serializer_class = serializers.Counter serializer_class = serializers.CounterRead
queryset = Counter.objects.all() queryset = Counter.objects.all()
@list_route() @list_route()
def bar(self, request): def bar(self, request):
""" """
Return all bars (api/v1/counter/bar) Return all bars (api/v1/counter/bar/)
""" """
self.queryset = Counter.objects.filter(type="BAR") self.queryset = self.queryset.filter(type="BAR")
serializer = self.get_serializer(self.queryset, many=True) serializer = self.get_serializer(self.queryset, many=True)
return Response(serializer.data) return Response(serializer.data)
@detail_route()
def id(self, request, pk=None): class UserViewSet(RightManagedModelViewSet):
""" """
Get by id (api/v1/{nk}/id) Manage Users (api/v1/user/)
""" """
self.queryset = get_object_or_404(Counter.objects.filter(id=pk))
serializer = self.get_serializer(self.queryset) serializer_class = serializers.UserRead
return Response(serializer.data) queryset = User.objects.all()
class ClubViewSet(RightManagedModelViewSet):
"""
Manage Clubs (api/v1/club/)
"""
serializer_class = serializers.ClubRead
queryset = Club.objects.all()
class GroupViewSet(RightManagedModelViewSet):
"""
Manage Groups (api/v1/group/)
"""
serializer_class = serializers.GroupRead
queryset = Group.objects.all()

21
api/views/serializers.py
View File

@ -1,8 +1,10 @@
from rest_framework import serializers from rest_framework import serializers
from counter.models import Counter from counter.models import Counter
from core.models import User, Group
from club.models import Club
class Counter(serializers.ModelSerializer): class CounterRead(serializers.ModelSerializer):
is_open = serializers.BooleanField(read_only=True) is_open = serializers.BooleanField(read_only=True)
barman_list = serializers.ListField( barman_list = serializers.ListField(
@ -13,3 +15,20 @@ class Counter(serializers.ModelSerializer):
model = Counter model = Counter
fields = ('id', 'name', 'type', 'is_open', 'barman_list') fields = ('id', 'name', 'type', 'is_open', 'barman_list')
class UserRead(serializers.ModelSerializer):
class Meta:
model = User
class ClubRead(serializers.ModelSerializer):
class Meta:
model = Club
class GroupRead(serializers.ModelSerializer):
class Meta:
model = Group