🔧 Conditionally display jupyter tokens in /notebooks/by-project/.../ (fixes #69)

backend/sophon/core/views.py

@@ -51,9 +51,11 @@ class ReadSophonViewSet(ReadOnlyModelViewSet, metaclass=abc.ABCMeta):
         return permissions.AllowAny,
 
     def get_serializer_class(self):
+        if self.action in ["list"]:
+            return self.get_queryset().model.get_view_serializer()
         if self.action in ["create", "metadata"]:
             return self.get_queryset().model.get_creation_serializer()
-        elif self.action in ["list", "retrieve", "update", "partial_update", "destroy"]:
+        elif self.action in ["retrieve", "update", "partial_update", "destroy"]:
             return self.get_object().get_access_serializer(self.request.user)
         else:
             return self.get_custom_serializer_classes()

backend/sophon/notebooks/models.py

@@ -11,10 +11,8 @@ import docker.models.networks
 import docker.models.volumes
 from django.contrib.auth.models import User
 from django.db import models
-from rest_framework.serializers import ModelSerializer
 
 from sophon.core.models import SophonGroupModel, ResearchGroup
-from sophon.core.serializers import dynamic_serializer
 from sophon.notebooks.apache import db as apache_db
 from sophon.notebooks.apache import get_ephemeral_port, base_domain, http_protocol
 from sophon.notebooks.docker import client as docker_client
@@ -162,17 +160,6 @@ class Notebook(SophonGroupModel):
             "container_image",
         }
 
-    def get_access_serializer(self, user: User) -> t.Type[ModelSerializer]:
-        access = super().get_access_serializer(user)
-        if self.can_edit(user):
-            # noinspection PyUnresolvedReferences
-            fields = tuple(set(access.Meta.fields).union(self.get_member_fields()))
-            # noinspection PyUnresolvedReferences
-            read_only_fields = tuple(set(access.Meta.read_only_fields).union(self.get_member_fields()))
-            return dynamic_serializer(_model=self.__class__, _fields=fields, _read_only_fields=read_only_fields)
-        else:
-            return access
-
     @property
     def container_name(self) -> str:
         """

backend/sophon/notebooks/views.py

@@ -8,6 +8,7 @@ from rest_framework.request import Request
 from rest_framework.response import Response
 
 from sophon.core.models import ResearchGroup
+from sophon.core.serializers import dynamic_serializer
 from sophon.core.views import SophonGroupViewSet
 from sophon.notebooks.models import Notebook
 from sophon.projects.models import ResearchProject
@@ -101,6 +102,25 @@ class NotebooksByProjectViewSet(NotebooksViewSet):
                 )
             )
 
+    def get_serializer_class(self):
+        # Get the base serializer
+        base = super().get_serializer_class()
+
+        # Get the specific project we are retrieving the notebooks of
+        project: ResearchProject = ResearchProject.objects.filter(pk=self.kwargs["project_slug"]).first()
+        # Check if we have edit access on the project
+        if project.can_edit(self.request.user):
+            # Add the member fields to the base serializer
+
+            # noinspection PyUnresolvedReferences
+            fields = tuple(set(base.Meta.fields).union(Notebook.get_member_fields()))
+            # noinspection PyUnresolvedReferences
+            read_only_fields = tuple(set(base.Meta.read_only_fields).union(Notebook.get_member_fields()))
+
+            return dynamic_serializer(_model=Notebook, _fields=fields, _read_only_fields=read_only_fields)
+        else:
+            return base
+
     def hook_create(self, serializer) -> dict[str, t.Any]:
         result = super().hook_create(serializer)
         project = ResearchProject.objects.filter(pk=self.kwargs["project_slug"]).get()