Commit eb7f687e authored by Flavio TARSETTI's avatar Flavio TARSETTI

[accounts] added api/serializers/permission for godfather list view (GET list)

parent ae95462c
Pipeline #10608 failed with stage
in 23 minutes and 48 seconds
#!/usr/bin/env python
# vim: set fileencoding=utf-8 :
###############################################################################
# #
# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/ #
# Contact: beat.support@idiap.ch #
# #
# This file is part of the beat.web module of the BEAT platform. #
# #
# Commercial License Usage #
# Licensees holding valid commercial BEAT licenses may use this file in #
# accordance with the terms contained in a written agreement between you #
# and Idiap. For further information contact tto@idiap.ch #
# #
# Alternatively, this file may be used under the terms of the GNU Affero #
# Public License version 3 as published by the Free Software and appearing #
# in the file LICENSE.AGPL included in the packaging of this file. #
# The BEAT platform is distributed in the hope that it will be useful, but #
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY #
# or FITNESS FOR A PARTICULAR PURPOSE. #
# #
# You should have received a copy of the GNU Affero Public License along #
# with the BEAT platform. If not, see http://www.gnu.org/licenses/. #
# #
###############################################################################
from django.conf import settings
from django.contrib.auth.models import User
from django.shortcuts import get_object_or_404
from django.http import Http404
from django.db import models
from django.db.models import Q
from django.core.urlresolvers import reverse
from rest_framework import generics
from rest_framework import views
from rest_framework import permissions
from rest_framework.response import Response
from rest_framework import status
from .serializers import FullSupervisionTrackSerializer
from ..common.utils import validate_restructuredtext
from ..ui.templatetags.markup import restructuredtext
from .responses import ReadOnlyResponse
from .models import SupervisionTrack, Profile
from ..common.models import Shareable
from ..common.exceptions import ShareError
from ..common.mixins import CommonContextMixin
from itertools import chain
from datetime import datetime, timedelta
from .permissions import IsGodfatherAndAuthor
from ..common.responses import BadRequestResponse, ForbiddenResponse
import re
import simplejson as json
#----------------------------------------------------------
class GodfatherListView(generics.ListAPIView):
model = SupervisionTrack
serializer_class = FullSupervisionTrackSerializer
def get_permissions(self):
permission_classes = [permissions.IsAuthenticated, IsGodfatherAndAuthor]
self.permission_classes = permission_classes
return super(GodfatherListView, self).get_permissions()
def get_serializer(self, *args, **kwargs):
return super(GodfatherListView, self).get_serializer(*args, **kwargs)
def list(self, request):
#A godfather can validate an account of:
#1) a new user requesting validation
#2) an existing validated user rejected by a previous supervisor
#On both cases check the current key in supervisee profile match the supervisiontrack key as this is the current supervision request/track from the supervisee
queryset = SupervisionTrack.objects.filter(godfather=request.user).filter(Q(supervisee__profile__status=Profile.WAITINGVALIDATION)|Q(supervisee__profile__status=Profile.REJECTED)).filter(Q(supervisee__profile__supervision_key=models.F('supervision_key')))
serializer = FullSupervisionTrackSerializer(queryset, many=True, context ={'request': request})
return Response(serializer.data)
#----------------------------------------------------------
#!/usr/bin/env python
# vim: set fileencoding=utf-8 :
###############################################################################
# #
# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/ #
# Contact: beat.support@idiap.ch #
# #
# This file is part of the beat.web module of the BEAT platform. #
# #
# Commercial License Usage #
# Licensees holding valid commercial BEAT licenses may use this file in #
# accordance with the terms contained in a written agreement between you #
# and Idiap. For further information contact tto@idiap.ch #
# #
# Alternatively, this file may be used under the terms of the GNU Affero #
# Public License version 3 as published by the Free Software and appearing #
# in the file LICENSE.AGPL included in the packaging of this file. #
# The BEAT platform is distributed in the hope that it will be useful, but #
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY #
# or FITNESS FOR A PARTICULAR PURPOSE. #
# #
# You should have received a copy of the GNU Affero Public License along #
# with the BEAT platform. If not, see http://www.gnu.org/licenses/. #
# #
###############################################################################
from django.conf.urls import *
from . import api
urlpatterns = [
url(
r'^$',
api.GodfatherListView.as_view(),
name='list_supervisee'
),
]
......@@ -45,6 +45,7 @@ class AccountSettings(models.Model):
database_notifications_enabled = models.BooleanField(default=True)
environment_notifications_enabled = models.BooleanField(default=True)
class SupervisionTrack(models.Model):
#_____ Fields __________
......
#!/usr/bin/env python
# vim: set fileencoding=utf-8 :
###############################################################################
# #
# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/ #
# Contact: beat.support@idiap.ch #
# #
# This file is part of the beat.web module of the BEAT platform. #
# #
# Commercial License Usage #
# Licensees holding valid commercial BEAT licenses may use this file in #
# accordance with the terms contained in a written agreement between you #
# and Idiap. For further information contact tto@idiap.ch #
# #
# Alternatively, this file may be used under the terms of the GNU Affero #
# Public License version 3 as published by the Free Software and appearing #
# in the file LICENSE.AGPL included in the packaging of this file. #
# The BEAT platform is distributed in the hope that it will be useful, but #
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY #
# or FITNESS FOR A PARTICULAR PURPOSE. #
# #
# You should have received a copy of the GNU Affero Public License along #
# with the BEAT platform. If not, see http://www.gnu.org/licenses/. #
# #
###############################################################################
from rest_framework import permissions
#----------------------------------------------------------
class IsGodfatherAndAuthor(permissions.BasePermission):
"""
The logged in user should also be the author
"""
message = 'Not a supervisor account'
def has_permission(self, request, view):
return request.user.profile.is_godfather
#!/usr/bin/env python
# vim: set fileencoding=utf-8 :
###############################################################################
# #
# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/ #
# Contact: beat.support@idiap.ch #
# #
# This file is part of the beat.web module of the BEAT platform. #
# #
# Commercial License Usage #
# Licensees holding valid commercial BEAT licenses may use this file in #
# accordance with the terms contained in a written agreement between you #
# and Idiap. For further information contact tto@idiap.ch #
# #
# Alternatively, this file may be used under the terms of the GNU Affero #
# Public License version 3 as published by the Free Software and appearing #
# in the file LICENSE.AGPL included in the packaging of this file. #
# The BEAT platform is distributed in the hope that it will be useful, but #
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY #
# or FITNESS FOR A PARTICULAR PURPOSE. #
# #
# You should have received a copy of the GNU Affero Public License along #
# with the BEAT platform. If not, see http://www.gnu.org/licenses/. #
# #
###############################################################################
from django.contrib.auth.models import User, AnonymousUser
from rest_framework import serializers
from .models import Profile, SupervisionTrack
from ..common.models import Contribution
from ..common.fields import JSONSerializerField
from ..ui.templatetags.markup import restructuredtext
from ..common.utils import validate_restructuredtext
import simplejson as json
#----------------------------------------------------------
class UserSerializer(serializers.ModelSerializer):
username = serializers.SerializerMethodField()
email = serializers.SerializerMethodField()
class Meta:
model = User
fields = ['username', 'email']
def get_username(self, obj):
return obj.username
def get_email(self, obj):
return obj.email
#----------------------------------------------------------
class BasicSupervisionTrackSerializer(serializers.ModelSerializer):
supervisee = UserSerializer()
godfather = UserSerializer()
is_valid = serializers.SerializerMethodField()
start_date = serializers.SerializerMethodField()
expiration_date = serializers.SerializerMethodField()
last_validation_date = serializers.SerializerMethodField()
supervision_key = serializers.SerializerMethodField()
class Meta:
model = SupervisionTrack
fields = ['status', 'is_valid']
#def get_supervisee(self, obj):
# return obj.supervisee
#def get_godfather(self, obj):
# return obj.godfather
def get_is_valid(self, obj):
return obj.is_valid
def get_start_date(self, obj):
return obj.expiration_date
def get_expiration_date(self, obj):
return obj.expiration_date
def get_last_validation_date(self, obj):
return obj.last_validation_date
def get_supervision_key(self, obj):
return obj.supervision_key
#----------------------------------------------------------
class FullSupervisionTrackSerializer(BasicSupervisionTrackSerializer):
class Meta(BasicSupervisionTrackSerializer.Meta):
fields = ['supervisee', 'godfather', 'is_valid', 'start_date', 'expiration_date','last_validation_date', 'supervision_key']
#----------------------------------------------------------
......@@ -164,6 +164,10 @@ unprefixed_patterns += [
include('beat.web.reports.api_urls', namespace='api_reports'),
),
url(r'^api/v1/accounts/',
include('beat.web.accounts.api_urls', namespace='api_accounts'),
),
]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment