1
Fork 0
mirror of https://github.com/Steffo99/sophon.git synced 2024-12-23 07:14:21 +00:00

Complete permissions

This commit is contained in:
Steffo 2021-04-16 17:01:58 +02:00 committed by Stefano Pigozzi
parent 507e3e6d53
commit 4266a1f148
4 changed files with 58 additions and 47 deletions

View file

@ -356,6 +356,9 @@ class Project(models.Model):
blank=True, blank=True,
) )
def get_project(self):
return self
def get_contributors(self): def get_contributors(self):
""" """
:return: All the contributors (:attr:`.owner` + :attr:`.collaborators`) of the project. :return: All the contributors (:attr:`.owner` + :attr:`.collaborators`) of the project.

View file

@ -54,7 +54,7 @@ class DataFlowSerializer(serializers.ModelSerializer):
] ]
class ProjectListSerializer(serializers.ModelSerializer): class ProjectPrivateSerializer(serializers.ModelSerializer):
class Meta: class Meta:
model = models.Project model = models.Project
fields = [ fields = [
@ -71,7 +71,30 @@ class ProjectListSerializer(serializers.ModelSerializer):
] ]
class ProjectCollaboratorSerializer(serializers.ModelSerializer): class ProjectViewableSerializer(serializers.ModelSerializer):
class Meta:
model = models.Project
fields = [
"slug",
"name",
"description",
"visibility",
"owner",
"collaborators",
"flows",
]
read_only_fields = [
"slug",
"name",
"description",
"visibility",
"owner",
"collaborators",
"flows",
]
class ProjectEditableSerializer(serializers.ModelSerializer):
class Meta: class Meta:
model = models.Project model = models.Project
fields = [ fields = [
@ -91,7 +114,7 @@ class ProjectCollaboratorSerializer(serializers.ModelSerializer):
] ]
class ProjectOwnerSerializer(serializers.ModelSerializer): class ProjectAdministrableSerializer(serializers.ModelSerializer):
""" """
Serializer for :class:`.models.Project` when accessed as the project owner. Serializer for :class:`.models.Project` when accessed as the project owner.
""" """

View file

@ -6,14 +6,9 @@ from . import views
router = DefaultRouter() router = DefaultRouter()
router.register("datasources", views.DataSourceViewSet) router.register("datasources", views.DataSourceViewSet)
router.register("dataflows", views.DataFlowViewSet) router.register("dataflows", views.DataFlowViewSet)
router.register("projects", views.ProjectViewSet)
urlpatterns = [ urlpatterns = [
path("projects/", views.ProjectListView),
path("projects/", views.ProjectCreateView),
path("projects/", views.ProjectRetrieveView),
path("projects/", views.ProjectUpdateCollaboratorView),
path("projects/", views.ProjectUpdateOwnerView),
path("projects/", views.ProjectDestroyView),
path("", include(router.urls)), path("", include(router.urls)),
] ]

View file

@ -6,47 +6,37 @@ from logging import getLogger
log = getLogger(__name__) log = getLogger(__name__)
class ProjectViewSet(viewsets.GenericViewSet): class ProjectViewSet(viewsets.ModelViewSet):
queryset = models.Project.objects.all() queryset = models.Project.objects.all()
@property
def permission_classes(self):
return {
"list": [],
"create": [permissions.IsAuthenticated],
"retrieve": [custom_permissions.CanViewProject],
"update": [custom_permissions.CanEditProject],
"partial_update": [custom_permissions.CanEditProject],
"destroy": [custom_permissions.CanAdministrateProject],
None: [],
}[self.action]
def get_serializer_class(self): def get_serializer_class(self):
if self.action == "" if self.action == "list":
return serializers.ProjectPrivateSerializer
elif self.action == "create":
class ProjectListView(generics.ListAPIView): return serializers.ProjectAdministrableSerializer
queryset = models.Project.objects.all() else:
serializer_class = serializers.ProjectListSerializer project = self.get_object()
permission_classes = [] user = self.request.user
if project.can_be_administrated_by(user):
return serializers.ProjectAdministrableSerializer
class ProjectCreateView(generics.CreateAPIView): elif project.can_be_edited_by(user):
queryset = models.Project.objects.all() return serializers.ProjectEditableSerializer
serializer_class = serializers.ProjectOwnerSerializer elif project.can_be_viewed_by(user):
permission_classes = [permissions.IsAuthenticated] return serializers.ProjectViewableSerializer
else:
return serializers.ProjectPrivateSerializer
class ProjectRetrieveView(generics.RetrieveAPIView):
queryset = models.Project.objects.all()
serializer_class = serializers.ProjectCollaboratorSerializer
permission_classes = [custom_permissions.CanViewProject]
class ProjectUpdateCollaboratorView(generics.UpdateAPIView):
queryset = models.Project.objects.all()
serializer_class = serializers.ProjectCollaboratorSerializer
permission_classes = [custom_permissions.CanEditProject]
class ProjectUpdateOwnerView(generics.DestroyAPIView):
queryset = models.Project.objects.all()
serializer_class = serializers.ProjectOwnerSerializer
permission_classes = [custom_permissions.CanAdministrateProject]
class ProjectDestroyView(generics.DestroyAPIView):
queryset = models.Project.objects.all()
serializer_class = serializers.ProjectCollaboratorSerializer
permission_classes = [custom_permissions.CanAdministrateProject]
class DataFlowViewSet(viewsets.ModelViewSet): class DataFlowViewSet(viewsets.ModelViewSet):