[accounts] added api/serializers/permission for godfather list view (GET list)

beat/web/accounts/api.py

+#!/usr/bin/env python
+# vim: set fileencoding=utf-8 :
+
+###############################################################################
+#                                                                             #
+# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/           #
+# Contact: beat.support@idiap.ch                                              #
+#                                                                             #
+# This file is part of the beat.web module of the BEAT platform.              #
+#                                                                             #
+# Commercial License Usage                                                    #
+# Licensees holding valid commercial BEAT licenses may use this file in       #
+# accordance with the terms contained in a written agreement between you      #
+# and Idiap. For further information contact tto@idiap.ch                     #
+#                                                                             #
+# Alternatively, this file may be used under the terms of the GNU Affero      #
+# Public License version 3 as published by the Free Software and appearing    #
+# in the file LICENSE.AGPL included in the packaging of this file.            #
+# The BEAT platform is distributed in the hope that it will be useful, but    #
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY  #
+# or FITNESS FOR A PARTICULAR PURPOSE.                                        #
+#                                                                             #
+# You should have received a copy of the GNU Affero Public License along      #
+# with the BEAT platform. If not, see http://www.gnu.org/licenses/.           #
+#                                                                             #
+###############################################################################
+
+from django.conf import settings
+from django.contrib.auth.models import User
+from django.shortcuts import get_object_or_404
+from django.http import Http404
+from django.db import models
+from django.db.models import Q
+from django.core.urlresolvers import reverse
+
+from rest_framework import generics
+from rest_framework import views
+from rest_framework import permissions
+from rest_framework.response import Response
+from rest_framework import status
+
+from .serializers import FullSupervisionTrackSerializer
+
+from ..common.utils import validate_restructuredtext
+from ..ui.templatetags.markup import restructuredtext
+
+from .responses import ReadOnlyResponse
+
+from .models import SupervisionTrack, Profile
+from ..common.models import Shareable
+from ..common.exceptions import ShareError
+from ..common.mixins import CommonContextMixin
+
+from itertools import chain
+from datetime import datetime, timedelta
+
+
+from .permissions import IsGodfatherAndAuthor
+
+from ..common.responses import BadRequestResponse, ForbiddenResponse
+
+import re
+
+import simplejson as json
+
+
+#----------------------------------------------------------
+
+
+class GodfatherListView(generics.ListAPIView):
+    model = SupervisionTrack
+    serializer_class = FullSupervisionTrackSerializer
+
+    def get_permissions(self):
+        permission_classes = [permissions.IsAuthenticated, IsGodfatherAndAuthor]
+
+        self.permission_classes = permission_classes
+
+        return super(GodfatherListView, self).get_permissions()
+
+
+    def get_serializer(self, *args, **kwargs):
+
+        return super(GodfatherListView, self).get_serializer(*args, **kwargs)
+
+
+    def list(self, request):
+        #A godfather can validate an account of:
+        #1) a new user requesting validation
+        #2) an existing validated user rejected by a previous supervisor
+        #On both cases check the current key in supervisee profile match the supervisiontrack key as this is the current supervision request/track from the supervisee
+        queryset    = SupervisionTrack.objects.filter(godfather=request.user).filter(Q(supervisee__profile__status=Profile.WAITINGVALIDATION)|Q(supervisee__profile__status=Profile.REJECTED)).filter(Q(supervisee__profile__supervision_key=models.F('supervision_key')))
+        serializer  = FullSupervisionTrackSerializer(queryset, many=True, context ={'request': request})
+        
+        return Response(serializer.data)
+
+
+#----------------------------------------------------------

beat/web/accounts/api_urls.py

+#!/usr/bin/env python
+# vim: set fileencoding=utf-8 :
+
+###############################################################################
+#                                                                             #
+# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/           #
+# Contact: beat.support@idiap.ch                                              #
+#                                                                             #
+# This file is part of the beat.web module of the BEAT platform.              #
+#                                                                             #
+# Commercial License Usage                                                    #
+# Licensees holding valid commercial BEAT licenses may use this file in       #
+# accordance with the terms contained in a written agreement between you      #
+# and Idiap. For further information contact tto@idiap.ch                     #
+#                                                                             #
+# Alternatively, this file may be used under the terms of the GNU Affero      #
+# Public License version 3 as published by the Free Software and appearing    #
+# in the file LICENSE.AGPL included in the packaging of this file.            #
+# The BEAT platform is distributed in the hope that it will be useful, but    #
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY  #
+# or FITNESS FOR A PARTICULAR PURPOSE.                                        #
+#                                                                             #
+# You should have received a copy of the GNU Affero Public License along      #
+# with the BEAT platform. If not, see http://www.gnu.org/licenses/.           #
+#                                                                             #
+###############################################################################
+
+from django.conf.urls import *
+from . import api
+
+urlpatterns = [
+    url(
+        r'^$',
+        api.GodfatherListView.as_view(),
+        name='list_supervisee'
+    ),
+]

beat/web/accounts/models.py

@@ -45,6 +45,7 @@ class AccountSettings(models.Model):
     database_notifications_enabled = models.BooleanField(default=True)
     environment_notifications_enabled = models.BooleanField(default=True)
 
+
 class SupervisionTrack(models.Model):
 
     #_____ Fields __________

beat/web/accounts/permissions.py

+#!/usr/bin/env python
+# vim: set fileencoding=utf-8 :
+
+###############################################################################
+#                                                                             #
+# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/           #
+# Contact: beat.support@idiap.ch                                              #
+#                                                                             #
+# This file is part of the beat.web module of the BEAT platform.              #
+#                                                                             #
+# Commercial License Usage                                                    #
+# Licensees holding valid commercial BEAT licenses may use this file in       #
+# accordance with the terms contained in a written agreement between you      #
+# and Idiap. For further information contact tto@idiap.ch                     #
+#                                                                             #
+# Alternatively, this file may be used under the terms of the GNU Affero      #
+# Public License version 3 as published by the Free Software and appearing    #
+# in the file LICENSE.AGPL included in the packaging of this file.            #
+# The BEAT platform is distributed in the hope that it will be useful, but    #
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY  #
+# or FITNESS FOR A PARTICULAR PURPOSE.                                        #
+#                                                                             #
+# You should have received a copy of the GNU Affero Public License along      #
+# with the BEAT platform. If not, see http://www.gnu.org/licenses/.           #
+#                                                                             #
+###############################################################################
+
+from rest_framework import permissions
+
+
+#----------------------------------------------------------
+
+
+class IsGodfatherAndAuthor(permissions.BasePermission):
+    """
+    The logged in user should also be the author
+    """
+    message = 'Not a supervisor account'
+
+    def has_permission(self, request, view):
+        return request.user.profile.is_godfather

beat/web/accounts/serializers.py

+#!/usr/bin/env python
+# vim: set fileencoding=utf-8 :
+
+###############################################################################
+#                                                                             #
+# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/           #
+# Contact: beat.support@idiap.ch                                              #
+#                                                                             #
+# This file is part of the beat.web module of the BEAT platform.              #
+#                                                                             #
+# Commercial License Usage                                                    #
+# Licensees holding valid commercial BEAT licenses may use this file in       #
+# accordance with the terms contained in a written agreement between you      #
+# and Idiap. For further information contact tto@idiap.ch                     #
+#                                                                             #
+# Alternatively, this file may be used under the terms of the GNU Affero      #
+# Public License version 3 as published by the Free Software and appearing    #
+# in the file LICENSE.AGPL included in the packaging of this file.            #
+# The BEAT platform is distributed in the hope that it will be useful, but    #
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY  #
+# or FITNESS FOR A PARTICULAR PURPOSE.                                        #
+#                                                                             #
+# You should have received a copy of the GNU Affero Public License along      #
+# with the BEAT platform. If not, see http://www.gnu.org/licenses/.           #
+#                                                                             #
+###############################################################################
+
+from django.contrib.auth.models import User, AnonymousUser
+
+from rest_framework import serializers
+
+from .models import Profile, SupervisionTrack
+from ..common.models import Contribution
+from ..common.fields import JSONSerializerField
+from ..ui.templatetags.markup import restructuredtext
+from ..common.utils import validate_restructuredtext
+
+import simplejson as json
+
+
+#----------------------------------------------------------
+
+
+class UserSerializer(serializers.ModelSerializer):
+    username = serializers.SerializerMethodField()
+    email = serializers.SerializerMethodField()
+
+    class Meta:
+        model = User
+        fields = ['username', 'email']
+
+    def get_username(self, obj):
+        return obj.username
+
+    def get_email(self, obj):
+        return obj.email
+
+
+#----------------------------------------------------------
+
+
+class BasicSupervisionTrackSerializer(serializers.ModelSerializer):
+    supervisee = UserSerializer()
+    godfather = UserSerializer()
+    is_valid = serializers.SerializerMethodField()
+    start_date = serializers.SerializerMethodField()
+    expiration_date = serializers.SerializerMethodField()
+    last_validation_date = serializers.SerializerMethodField()
+    supervision_key = serializers.SerializerMethodField()
+
+    class Meta:
+        model = SupervisionTrack
+        fields = ['status', 'is_valid']
+
+    #def get_supervisee(self, obj):
+    #    return obj.supervisee
+
+    #def get_godfather(self, obj):
+    #    return obj.godfather
+
+    def get_is_valid(self, obj):
+        return obj.is_valid
+
+    def get_start_date(self, obj):
+        return obj.expiration_date
+
+    def get_expiration_date(self, obj):
+        return obj.expiration_date
+
+    def get_last_validation_date(self, obj):
+        return obj.last_validation_date
+
+    def get_supervision_key(self, obj):
+        return obj.supervision_key
+
+
+#----------------------------------------------------------
+
+
+class FullSupervisionTrackSerializer(BasicSupervisionTrackSerializer):
+
+    class Meta(BasicSupervisionTrackSerializer.Meta):
+        fields = ['supervisee', 'godfather', 'is_valid', 'start_date', 'expiration_date','last_validation_date', 'supervision_key']
+
+
+#----------------------------------------------------------

beat/web/urls.py

@@ -164,6 +164,10 @@ unprefixed_patterns += [
         include('beat.web.reports.api_urls', namespace='api_reports'),
         ),
 
+    url(r'^api/v1/accounts/',
+        include('beat.web.accounts.api_urls', namespace='api_accounts'),
+        ),
+
     ]