mirror of
https://github.com/Steffo99/sophon.git
synced 2024-12-23 07:14:21 +00:00
parent
966a5d7b91
commit
af9d0cbcb6
7 changed files with 272 additions and 121 deletions
|
@ -9,15 +9,26 @@ class CoreAdmin(admin.ModelAdmin):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
|
||||||
@admin.register(models.Project)
|
@admin.register(models.ResearchGroup)
|
||||||
class ProjectAdmin(CoreAdmin):
|
class ResearchGroupAdmin(CoreAdmin):
|
||||||
"""
|
|
||||||
:class:`.CoreAdmin` class for :class:`.models.Project` .
|
|
||||||
"""
|
|
||||||
|
|
||||||
list_display = (
|
list_display = (
|
||||||
"slug",
|
"slug",
|
||||||
"name",
|
"name",
|
||||||
|
"access",
|
||||||
|
)
|
||||||
|
|
||||||
|
ordering = (
|
||||||
|
"slug",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@admin.register(models.ResearchProject)
|
||||||
|
class ResearchProjectAdmin(CoreAdmin):
|
||||||
|
list_display = (
|
||||||
|
"group",
|
||||||
|
"slug",
|
||||||
|
"name",
|
||||||
|
"visibility",
|
||||||
)
|
)
|
||||||
|
|
||||||
ordering = (
|
ordering = (
|
||||||
|
|
41
backend/sophon/core/migrations/0005_auto_20210806_1506.py
Normal file
41
backend/sophon/core/migrations/0005_auto_20210806_1506.py
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
# Generated by Django 3.2 on 2021-08-06 15:06
|
||||||
|
|
||||||
|
from django.conf import settings
|
||||||
|
from django.db import migrations, models
|
||||||
|
import django.db.models.deletion
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
|
||||||
|
('core', '0004_alter_dataflow_surrogate_id'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.CreateModel(
|
||||||
|
name='ResearchGroup',
|
||||||
|
fields=[
|
||||||
|
('slug', models.SlugField(help_text='Unique alphanumeric string which identifies the group.', max_length=64, primary_key=True, serialize=False, verbose_name='Slug')),
|
||||||
|
('name', models.CharField(help_text='The display name of the group.', max_length=512, verbose_name='Name')),
|
||||||
|
('description', models.TextField(blank=True, help_text='A brief description of what the group is about, to be displayed in the overview.', verbose_name='Description')),
|
||||||
|
('access', models.CharField(choices=[('MANUAL', '⛔️ Collaborators must be added manually'), ('OPEN', '❇️ Users can join the group freely')], default='MANUAL', help_text='A setting specifying how can users join this group.', max_length=16, verbose_name='Access')),
|
||||||
|
('members', models.ManyToManyField(blank=True, help_text='The users who belong to this group, including the owner.', related_name='is_a_member_of', to=settings.AUTH_USER_MODEL)),
|
||||||
|
('owner', models.ForeignKey(help_text='The user who created the group, and therefore can add other users to it.', on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
|
||||||
|
],
|
||||||
|
),
|
||||||
|
migrations.CreateModel(
|
||||||
|
name='ResearchProject',
|
||||||
|
fields=[
|
||||||
|
('slug', models.SlugField(help_text='Unique alphanumeric string which identifies the project.', max_length=64, primary_key=True, serialize=False, verbose_name='Slug')),
|
||||||
|
('name', models.CharField(help_text='The display name of the project.', max_length=512, verbose_name='Name')),
|
||||||
|
('description', models.TextField(blank=True, help_text='A brief description of the project, to be displayed in the overview.', verbose_name='Description')),
|
||||||
|
('visibility', models.CharField(choices=[('PUBLIC', '🌍 Public'), ('INTERNAL', '🏭 Internal'), ('PRIVATE', '🔒 Private')], default='INTERNAL', help_text='A setting specifying who can view the project contents.', max_length=16, verbose_name='Visibility')),
|
||||||
|
('flows', models.ManyToManyField(blank=True, help_text='The DataFlows used in this project.', related_name='used_in', to='core.DataFlow')),
|
||||||
|
('group', models.ForeignKey(help_text='The group this project belongs to.', on_delete=django.db.models.deletion.CASCADE, to='core.researchgroup')),
|
||||||
|
],
|
||||||
|
),
|
||||||
|
migrations.DeleteModel(
|
||||||
|
name='Project',
|
||||||
|
),
|
||||||
|
]
|
|
@ -332,9 +332,61 @@ class DataFlow(models.Model):
|
||||||
return f"[{self.datasource}] {self.sdmx_id}"
|
return f"[{self.datasource}] {self.sdmx_id}"
|
||||||
|
|
||||||
|
|
||||||
class Project(models.Model):
|
class ResearchGroup(models.Model):
|
||||||
"""
|
"""
|
||||||
A research :class:`.Project` is a work which may use zero or more :class:`.DataSource`\\ s to prove or disprove an
|
A :class:`.ResearchGroup` is a group of users which collectively own :class:`.ResearchProjects`.
|
||||||
|
"""
|
||||||
|
|
||||||
|
slug = models.SlugField(
|
||||||
|
"Slug",
|
||||||
|
help_text="Unique alphanumeric string which identifies the group.",
|
||||||
|
max_length=64,
|
||||||
|
primary_key=True,
|
||||||
|
)
|
||||||
|
|
||||||
|
name = models.CharField(
|
||||||
|
"Name",
|
||||||
|
help_text="The display name of the group.",
|
||||||
|
max_length=512,
|
||||||
|
)
|
||||||
|
|
||||||
|
description = models.TextField(
|
||||||
|
"Description",
|
||||||
|
help_text="A brief description of what the group is about, to be displayed in the overview.",
|
||||||
|
blank=True,
|
||||||
|
)
|
||||||
|
|
||||||
|
owner = models.ForeignKey(
|
||||||
|
User,
|
||||||
|
help_text="The user who created the group, and therefore can add other users to it.",
|
||||||
|
on_delete=models.CASCADE,
|
||||||
|
)
|
||||||
|
|
||||||
|
members = models.ManyToManyField(
|
||||||
|
User,
|
||||||
|
help_text="The users who belong to this group, including the owner.",
|
||||||
|
related_name="is_a_member_of",
|
||||||
|
blank=True,
|
||||||
|
)
|
||||||
|
|
||||||
|
access = models.CharField(
|
||||||
|
"Access",
|
||||||
|
help_text="A setting specifying how can users join this group.",
|
||||||
|
choices=[
|
||||||
|
("MANUAL", "⛔️ Collaborators must be added manually"),
|
||||||
|
("OPEN", "❇️ Users can join the group freely"),
|
||||||
|
],
|
||||||
|
default="MANUAL",
|
||||||
|
max_length=16,
|
||||||
|
)
|
||||||
|
|
||||||
|
def __str__(self):
|
||||||
|
return f"{self.slug}"
|
||||||
|
|
||||||
|
|
||||||
|
class ResearchProject(models.Model):
|
||||||
|
"""
|
||||||
|
A :class:`.ResearchProject` is a work which may use zero or more :class:`.DataSource`\\ s to prove or disprove an
|
||||||
hypothesis.
|
hypothesis.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
@ -359,7 +411,7 @@ class Project(models.Model):
|
||||||
|
|
||||||
visibility = models.CharField(
|
visibility = models.CharField(
|
||||||
"Visibility",
|
"Visibility",
|
||||||
help_text="A setting specifying who can view the project.",
|
help_text="A setting specifying who can view the project contents.",
|
||||||
choices=[
|
choices=[
|
||||||
("PUBLIC", "🌍 Public"),
|
("PUBLIC", "🌍 Public"),
|
||||||
("INTERNAL", "🏭 Internal"),
|
("INTERNAL", "🏭 Internal"),
|
||||||
|
@ -369,19 +421,12 @@ class Project(models.Model):
|
||||||
max_length=16,
|
max_length=16,
|
||||||
)
|
)
|
||||||
|
|
||||||
owner = models.ForeignKey(
|
group = models.ForeignKey(
|
||||||
User,
|
ResearchGroup,
|
||||||
help_text="The user who owns the project, and has full access to it.",
|
help_text="The group this project belongs to.",
|
||||||
on_delete=models.CASCADE,
|
on_delete=models.CASCADE,
|
||||||
)
|
)
|
||||||
|
|
||||||
collaborators = models.ManyToManyField(
|
|
||||||
User,
|
|
||||||
help_text="The users who can edit the project.",
|
|
||||||
related_name="collaborates_in",
|
|
||||||
blank=True,
|
|
||||||
)
|
|
||||||
|
|
||||||
flows = models.ManyToManyField(
|
flows = models.ManyToManyField(
|
||||||
DataFlow,
|
DataFlow,
|
||||||
help_text="The DataFlows used in this project.",
|
help_text="The DataFlows used in this project.",
|
||||||
|
@ -389,30 +434,24 @@ class Project(models.Model):
|
||||||
blank=True,
|
blank=True,
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_project(self):
|
|
||||||
return self
|
|
||||||
|
|
||||||
def get_contributors(self):
|
|
||||||
"""
|
|
||||||
:return: All the contributors (:attr:`.owner` + :attr:`.collaborators`) of the project.
|
|
||||||
"""
|
|
||||||
|
|
||||||
return {self.owner, *self.collaborators.values()}
|
|
||||||
|
|
||||||
def can_be_viewed_by(self, user) -> bool:
|
def can_be_viewed_by(self, user) -> bool:
|
||||||
"""
|
"""
|
||||||
Check whether an user should be allowed to **view** the project details.
|
Check whether an user should be allowed to **view** the project contents.
|
||||||
|
|
||||||
:param user: The user to check permissions for.
|
:param user: The user to check permissions for.
|
||||||
:return: :data:`True` if the user can view the details, or :data:`False` if they cannot.
|
:return: :data:`True` if the user can view the details, or :data:`False` if they cannot.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if self.visibility == "PUBLIC":
|
if user.is_superuser:
|
||||||
|
return True
|
||||||
|
|
||||||
|
elif self.visibility == "PUBLIC":
|
||||||
return True
|
return True
|
||||||
elif self.visibility == "INTERNAL":
|
elif self.visibility == "INTERNAL":
|
||||||
return not user.is_anonymous()
|
return not user.is_anonymous()
|
||||||
elif self.visibility == "PRIVATE":
|
elif self.visibility == "PRIVATE":
|
||||||
return user in self.get_contributors()
|
return user in self.group.members
|
||||||
|
|
||||||
else:
|
else:
|
||||||
raise ValueError(f"Unknown visibility value: {self.visibility}")
|
raise ValueError(f"Unknown visibility value: {self.visibility}")
|
||||||
|
|
||||||
|
@ -424,7 +463,13 @@ class Project(models.Model):
|
||||||
:return: :data:`True` if the user can edit the details, or :data:`False` if they cannot.
|
:return: :data:`True` if the user can edit the details, or :data:`False` if they cannot.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
return user in self.get_contributors()
|
if user.is_superuser:
|
||||||
|
return True
|
||||||
|
|
||||||
|
elif user in self.group.members:
|
||||||
|
return True
|
||||||
|
|
||||||
|
return False
|
||||||
|
|
||||||
def can_be_administrated_by(self, user) -> bool:
|
def can_be_administrated_by(self, user) -> bool:
|
||||||
"""
|
"""
|
||||||
|
@ -434,7 +479,13 @@ class Project(models.Model):
|
||||||
:return: :data:`True` if the user can administrate the project, or :data:`False` if they cannot.
|
:return: :data:`True` if the user can administrate the project, or :data:`False` if they cannot.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
return user == self.owner
|
if user.is_superuser:
|
||||||
|
return True
|
||||||
|
|
||||||
|
elif user in self.group.members:
|
||||||
|
return True
|
||||||
|
|
||||||
|
return False
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.slug
|
return f"{self.group.slug}/{self.slug}"
|
||||||
|
|
|
@ -7,17 +7,14 @@ log = logging.getLogger(__name__)
|
||||||
|
|
||||||
class CanAdministrateProject(permissions.BasePermission):
|
class CanAdministrateProject(permissions.BasePermission):
|
||||||
def has_object_permission(self, request, view, obj):
|
def has_object_permission(self, request, view, obj):
|
||||||
project = obj.get_project()
|
return obj.can_be_administrated_by(request.user)
|
||||||
return project.can_be_administrated_by(request.user)
|
|
||||||
|
|
||||||
|
|
||||||
class CanEditProject(permissions.BasePermission):
|
class CanEditProject(permissions.BasePermission):
|
||||||
def has_object_permission(self, request, view, obj):
|
def has_object_permission(self, request, view, obj):
|
||||||
project = obj.get_project()
|
return obj.can_be_edited_by(request.user)
|
||||||
return project.can_be_edited_by(request.user)
|
|
||||||
|
|
||||||
|
|
||||||
class CanViewProject(permissions.BasePermission):
|
class CanViewProject(permissions.BasePermission):
|
||||||
def has_object_permission(self, request, view, obj):
|
def has_object_permission(self, request, view, obj):
|
||||||
project = obj.get_project()
|
return obj.can_be_viewed_by(request.user)
|
||||||
return project.can_be_viewed_by(request.user)
|
|
||||||
|
|
|
@ -55,83 +55,133 @@ class DataFlowSerializer(serializers.ModelSerializer):
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
class ProjectPrivateSerializer(serializers.ModelSerializer):
|
class ResearchGroupPublicSerializer(serializers.ModelSerializer):
|
||||||
class Meta:
|
|
||||||
model = models.Project
|
|
||||||
fields = [
|
|
||||||
"slug",
|
|
||||||
"name",
|
|
||||||
"visibility",
|
|
||||||
"owner",
|
|
||||||
]
|
|
||||||
read_only_fields = [
|
|
||||||
"slug",
|
|
||||||
"name",
|
|
||||||
"visibility",
|
|
||||||
"owner",
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
class ProjectViewableSerializer(serializers.ModelSerializer):
|
|
||||||
class Meta:
|
|
||||||
model = models.Project
|
|
||||||
fields = [
|
|
||||||
"slug",
|
|
||||||
"name",
|
|
||||||
"description",
|
|
||||||
"visibility",
|
|
||||||
"owner",
|
|
||||||
"collaborators",
|
|
||||||
"flows",
|
|
||||||
]
|
|
||||||
read_only_fields = [
|
|
||||||
"slug",
|
|
||||||
"name",
|
|
||||||
"description",
|
|
||||||
"visibility",
|
|
||||||
"owner",
|
|
||||||
"collaborators",
|
|
||||||
"flows",
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
class ProjectEditableSerializer(serializers.ModelSerializer):
|
|
||||||
class Meta:
|
|
||||||
model = models.Project
|
|
||||||
fields = [
|
|
||||||
"slug",
|
|
||||||
"name",
|
|
||||||
"description",
|
|
||||||
"visibility",
|
|
||||||
"owner",
|
|
||||||
"collaborators",
|
|
||||||
"flows",
|
|
||||||
]
|
|
||||||
read_only_fields = [
|
|
||||||
"slug",
|
|
||||||
"visibility",
|
|
||||||
"owner",
|
|
||||||
"collaborators",
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
class ProjectAdministrableSerializer(serializers.ModelSerializer):
|
|
||||||
"""
|
"""
|
||||||
Serializer for :class:`.models.Project` when accessed as the project owner.
|
Serializer for users who are not administrators of a :class:`.models.ResearchGroup`.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
model = models.Project
|
model = models.ResearchGroup
|
||||||
fields = [
|
fields = (
|
||||||
|
"slug",
|
||||||
|
"name",
|
||||||
|
"description",
|
||||||
|
"owner",
|
||||||
|
"members",
|
||||||
|
"access",
|
||||||
|
)
|
||||||
|
read_only_fields = (
|
||||||
|
"slug",
|
||||||
|
"name",
|
||||||
|
"description",
|
||||||
|
"owner",
|
||||||
|
"members",
|
||||||
|
"access",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class ResearchGroupAdminSerializer(serializers.ModelSerializer):
|
||||||
|
"""
|
||||||
|
Serializer for users who are administrators of a :class:`.models.ResearchGroup`.
|
||||||
|
"""
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
model = models.ResearchGroup
|
||||||
|
fields = (
|
||||||
|
"slug",
|
||||||
|
"name",
|
||||||
|
"description",
|
||||||
|
"owner",
|
||||||
|
"members",
|
||||||
|
"access",
|
||||||
|
)
|
||||||
|
read_only_fields = (
|
||||||
|
"slug",
|
||||||
|
"owner",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class ResearchProjectPublicSerializer(serializers.ModelSerializer):
|
||||||
|
"""
|
||||||
|
Serializer for users who are not collaborators of a :class:`~.models.ResearchProject` and do not have permissions to view it.
|
||||||
|
"""
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
model = models.ResearchProject
|
||||||
|
fields = (
|
||||||
|
"slug",
|
||||||
|
"visibility",
|
||||||
|
"group",
|
||||||
|
)
|
||||||
|
read_only_fields = (
|
||||||
|
"slug",
|
||||||
|
"visibility",
|
||||||
|
"group",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class ResearchProjectViewerSerializer(serializers.ModelSerializer):
|
||||||
|
"""
|
||||||
|
Serializer for users who are not collaborators of a :class:`~.models.ResearchProject`, but have permissions to view it.
|
||||||
|
"""
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
model = models.ResearchProject
|
||||||
|
fields = (
|
||||||
"slug",
|
"slug",
|
||||||
"name",
|
"name",
|
||||||
"description",
|
"description",
|
||||||
"visibility",
|
"visibility",
|
||||||
"owner",
|
"group",
|
||||||
"collaborators",
|
|
||||||
"flows",
|
"flows",
|
||||||
]
|
)
|
||||||
read_only_fields = [
|
read_only_fields = (
|
||||||
"slug",
|
"slug",
|
||||||
"owner",
|
"name",
|
||||||
]
|
"description",
|
||||||
|
"visibility",
|
||||||
|
"group",
|
||||||
|
"flows",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class ResearchProjectCollaboratorSerializer(serializers.ModelSerializer):
|
||||||
|
"""
|
||||||
|
Serializer for users who are collaborators of a :class:`~.models.ResearchProject`, but not administrators.
|
||||||
|
"""
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
model = models.ResearchProject
|
||||||
|
fields = (
|
||||||
|
"slug",
|
||||||
|
"name",
|
||||||
|
"description",
|
||||||
|
"visibility",
|
||||||
|
"group",
|
||||||
|
"flows",
|
||||||
|
)
|
||||||
|
read_only_fields = (
|
||||||
|
"slug",
|
||||||
|
"visibility",
|
||||||
|
"group",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class ResearchProjectAdminSerializer(serializers.ModelSerializer):
|
||||||
|
"""
|
||||||
|
Serializer for users who are administrators of a :class:`~.models.ResearchProject`.
|
||||||
|
"""
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
model = models.ResearchProject
|
||||||
|
fields = (
|
||||||
|
"slug",
|
||||||
|
"name",
|
||||||
|
"description",
|
||||||
|
"visibility",
|
||||||
|
"group",
|
||||||
|
"flows",
|
||||||
|
)
|
||||||
|
read_only_fields = (
|
||||||
|
"slug",
|
||||||
|
)
|
||||||
|
|
|
@ -6,7 +6,7 @@ from . import views
|
||||||
router = DefaultRouter()
|
router = DefaultRouter()
|
||||||
router.register("datasources", views.DataSourceViewSet)
|
router.register("datasources", views.DataSourceViewSet)
|
||||||
router.register("dataflows", views.DataFlowViewSet)
|
router.register("dataflows", views.DataFlowViewSet)
|
||||||
router.register("projects", views.ProjectViewSet)
|
router.register("projects", views.ResearchProjectViewSet)
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path("", include(router.urls)),
|
path("", include(router.urls)),
|
||||||
|
|
|
@ -7,8 +7,8 @@ from . import models, serializers, permissions as custom_permissions
|
||||||
log = getLogger(__name__)
|
log = getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
class ProjectViewSet(viewsets.ModelViewSet):
|
class ResearchProjectViewSet(viewsets.ModelViewSet):
|
||||||
queryset = models.Project.objects.all()
|
queryset = models.ResearchProject.objects.all()
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def permission_classes(self):
|
def permission_classes(self):
|
||||||
|
@ -19,25 +19,26 @@ class ProjectViewSet(viewsets.ModelViewSet):
|
||||||
"update": [custom_permissions.CanEditProject],
|
"update": [custom_permissions.CanEditProject],
|
||||||
"partial_update": [custom_permissions.CanEditProject],
|
"partial_update": [custom_permissions.CanEditProject],
|
||||||
"destroy": [custom_permissions.CanAdministrateProject],
|
"destroy": [custom_permissions.CanAdministrateProject],
|
||||||
|
"metadata": [],
|
||||||
None: [],
|
None: [],
|
||||||
}[self.action]
|
}[self.action]
|
||||||
|
|
||||||
def get_serializer_class(self):
|
def get_serializer_class(self):
|
||||||
if self.action == "list":
|
if self.action == "list":
|
||||||
return serializers.ProjectPrivateSerializer
|
return serializers.ResearchProjectPublicSerializer
|
||||||
elif self.action == "create":
|
elif self.action == "create":
|
||||||
return serializers.ProjectAdministrableSerializer
|
return serializers.ResearchProjectAdminSerializer
|
||||||
else:
|
else:
|
||||||
project = self.get_object()
|
project = self.get_object()
|
||||||
user = self.request.user
|
user = self.request.user
|
||||||
if project.can_be_administrated_by(user):
|
if project.can_be_administrated_by(user):
|
||||||
return serializers.ProjectAdministrableSerializer
|
return serializers.ResearchProjectAdminSerializer
|
||||||
elif project.can_be_edited_by(user):
|
elif project.can_be_edited_by(user):
|
||||||
return serializers.ProjectEditableSerializer
|
return serializers.ResearchProjectCollaboratorSerializer
|
||||||
elif project.can_be_viewed_by(user):
|
elif project.can_be_viewed_by(user):
|
||||||
return serializers.ProjectViewableSerializer
|
return serializers.ResearchProjectViewerSerializer
|
||||||
else:
|
else:
|
||||||
return serializers.ProjectPrivateSerializer
|
return serializers.ResearchProjectPublicSerializer
|
||||||
|
|
||||||
|
|
||||||
class DataFlowViewSet(viewsets.ModelViewSet):
|
class DataFlowViewSet(viewsets.ModelViewSet):
|
||||||
|
|
Loading…
Reference in a new issue