1
Fork 0
mirror of https://github.com/Steffo99/sophon.git synced 2024-12-23 07:14:21 +00:00

Implement research groups

(closes #22) (closes #23)
This commit is contained in:
Steffo 2021-08-06 17:14:28 +02:00
parent 966a5d7b91
commit af9d0cbcb6
Signed by: steffo
GPG key ID: 6965406171929D01
7 changed files with 272 additions and 121 deletions

View file

@ -9,15 +9,26 @@ class CoreAdmin(admin.ModelAdmin):
""" """
@admin.register(models.Project) @admin.register(models.ResearchGroup)
class ProjectAdmin(CoreAdmin): class ResearchGroupAdmin(CoreAdmin):
"""
:class:`.CoreAdmin` class for :class:`.models.Project` .
"""
list_display = ( list_display = (
"slug", "slug",
"name", "name",
"access",
)
ordering = (
"slug",
)
@admin.register(models.ResearchProject)
class ResearchProjectAdmin(CoreAdmin):
list_display = (
"group",
"slug",
"name",
"visibility",
) )
ordering = ( ordering = (

View file

@ -0,0 +1,41 @@
# Generated by Django 3.2 on 2021-08-06 15:06
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('core', '0004_alter_dataflow_surrogate_id'),
]
operations = [
migrations.CreateModel(
name='ResearchGroup',
fields=[
('slug', models.SlugField(help_text='Unique alphanumeric string which identifies the group.', max_length=64, primary_key=True, serialize=False, verbose_name='Slug')),
('name', models.CharField(help_text='The display name of the group.', max_length=512, verbose_name='Name')),
('description', models.TextField(blank=True, help_text='A brief description of what the group is about, to be displayed in the overview.', verbose_name='Description')),
('access', models.CharField(choices=[('MANUAL', '⛔️ Collaborators must be added manually'), ('OPEN', '❇️ Users can join the group freely')], default='MANUAL', help_text='A setting specifying how can users join this group.', max_length=16, verbose_name='Access')),
('members', models.ManyToManyField(blank=True, help_text='The users who belong to this group, including the owner.', related_name='is_a_member_of', to=settings.AUTH_USER_MODEL)),
('owner', models.ForeignKey(help_text='The user who created the group, and therefore can add other users to it.', on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
],
),
migrations.CreateModel(
name='ResearchProject',
fields=[
('slug', models.SlugField(help_text='Unique alphanumeric string which identifies the project.', max_length=64, primary_key=True, serialize=False, verbose_name='Slug')),
('name', models.CharField(help_text='The display name of the project.', max_length=512, verbose_name='Name')),
('description', models.TextField(blank=True, help_text='A brief description of the project, to be displayed in the overview.', verbose_name='Description')),
('visibility', models.CharField(choices=[('PUBLIC', '🌍 Public'), ('INTERNAL', '🏭 Internal'), ('PRIVATE', '🔒 Private')], default='INTERNAL', help_text='A setting specifying who can view the project contents.', max_length=16, verbose_name='Visibility')),
('flows', models.ManyToManyField(blank=True, help_text='The DataFlows used in this project.', related_name='used_in', to='core.DataFlow')),
('group', models.ForeignKey(help_text='The group this project belongs to.', on_delete=django.db.models.deletion.CASCADE, to='core.researchgroup')),
],
),
migrations.DeleteModel(
name='Project',
),
]

View file

@ -332,9 +332,61 @@ class DataFlow(models.Model):
return f"[{self.datasource}] {self.sdmx_id}" return f"[{self.datasource}] {self.sdmx_id}"
class Project(models.Model): class ResearchGroup(models.Model):
""" """
A research :class:`.Project` is a work which may use zero or more :class:`.DataSource`\\ s to prove or disprove an A :class:`.ResearchGroup` is a group of users which collectively own :class:`.ResearchProjects`.
"""
slug = models.SlugField(
"Slug",
help_text="Unique alphanumeric string which identifies the group.",
max_length=64,
primary_key=True,
)
name = models.CharField(
"Name",
help_text="The display name of the group.",
max_length=512,
)
description = models.TextField(
"Description",
help_text="A brief description of what the group is about, to be displayed in the overview.",
blank=True,
)
owner = models.ForeignKey(
User,
help_text="The user who created the group, and therefore can add other users to it.",
on_delete=models.CASCADE,
)
members = models.ManyToManyField(
User,
help_text="The users who belong to this group, including the owner.",
related_name="is_a_member_of",
blank=True,
)
access = models.CharField(
"Access",
help_text="A setting specifying how can users join this group.",
choices=[
("MANUAL", "⛔️ Collaborators must be added manually"),
("OPEN", "❇️ Users can join the group freely"),
],
default="MANUAL",
max_length=16,
)
def __str__(self):
return f"{self.slug}"
class ResearchProject(models.Model):
"""
A :class:`.ResearchProject` is a work which may use zero or more :class:`.DataSource`\\ s to prove or disprove an
hypothesis. hypothesis.
""" """
@ -353,13 +405,13 @@ class Project(models.Model):
description = models.TextField( description = models.TextField(
"Description", "Description",
help_text="A brief description of the project, to be displayed inthe overview.", help_text="A brief description of the project, to be displayed in the overview.",
blank=True, blank=True,
) )
visibility = models.CharField( visibility = models.CharField(
"Visibility", "Visibility",
help_text="A setting specifying who can view the project.", help_text="A setting specifying who can view the project contents.",
choices=[ choices=[
("PUBLIC", "🌍 Public"), ("PUBLIC", "🌍 Public"),
("INTERNAL", "🏭 Internal"), ("INTERNAL", "🏭 Internal"),
@ -369,19 +421,12 @@ class Project(models.Model):
max_length=16, max_length=16,
) )
owner = models.ForeignKey( group = models.ForeignKey(
User, ResearchGroup,
help_text="The user who owns the project, and has full access to it.", help_text="The group this project belongs to.",
on_delete=models.CASCADE, on_delete=models.CASCADE,
) )
collaborators = models.ManyToManyField(
User,
help_text="The users who can edit the project.",
related_name="collaborates_in",
blank=True,
)
flows = models.ManyToManyField( flows = models.ManyToManyField(
DataFlow, DataFlow,
help_text="The DataFlows used in this project.", help_text="The DataFlows used in this project.",
@ -389,30 +434,24 @@ class Project(models.Model):
blank=True, blank=True,
) )
def get_project(self):
return self
def get_contributors(self):
"""
:return: All the contributors (:attr:`.owner` + :attr:`.collaborators`) of the project.
"""
return {self.owner, *self.collaborators.values()}
def can_be_viewed_by(self, user) -> bool: def can_be_viewed_by(self, user) -> bool:
""" """
Check whether an user should be allowed to **view** the project details. Check whether an user should be allowed to **view** the project contents.
:param user: The user to check permissions for. :param user: The user to check permissions for.
:return: :data:`True` if the user can view the details, or :data:`False` if they cannot. :return: :data:`True` if the user can view the details, or :data:`False` if they cannot.
""" """
if self.visibility == "PUBLIC": if user.is_superuser:
return True
elif self.visibility == "PUBLIC":
return True return True
elif self.visibility == "INTERNAL": elif self.visibility == "INTERNAL":
return not user.is_anonymous() return not user.is_anonymous()
elif self.visibility == "PRIVATE": elif self.visibility == "PRIVATE":
return user in self.get_contributors() return user in self.group.members
else: else:
raise ValueError(f"Unknown visibility value: {self.visibility}") raise ValueError(f"Unknown visibility value: {self.visibility}")
@ -424,7 +463,13 @@ class Project(models.Model):
:return: :data:`True` if the user can edit the details, or :data:`False` if they cannot. :return: :data:`True` if the user can edit the details, or :data:`False` if they cannot.
""" """
return user in self.get_contributors() if user.is_superuser:
return True
elif user in self.group.members:
return True
return False
def can_be_administrated_by(self, user) -> bool: def can_be_administrated_by(self, user) -> bool:
""" """
@ -434,7 +479,13 @@ class Project(models.Model):
:return: :data:`True` if the user can administrate the project, or :data:`False` if they cannot. :return: :data:`True` if the user can administrate the project, or :data:`False` if they cannot.
""" """
return user == self.owner if user.is_superuser:
return True
elif user in self.group.members:
return True
return False
def __str__(self): def __str__(self):
return self.slug return f"{self.group.slug}/{self.slug}"

View file

@ -7,17 +7,14 @@ log = logging.getLogger(__name__)
class CanAdministrateProject(permissions.BasePermission): class CanAdministrateProject(permissions.BasePermission):
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
project = obj.get_project() return obj.can_be_administrated_by(request.user)
return project.can_be_administrated_by(request.user)
class CanEditProject(permissions.BasePermission): class CanEditProject(permissions.BasePermission):
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
project = obj.get_project() return obj.can_be_edited_by(request.user)
return project.can_be_edited_by(request.user)
class CanViewProject(permissions.BasePermission): class CanViewProject(permissions.BasePermission):
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
project = obj.get_project() return obj.can_be_viewed_by(request.user)
return project.can_be_viewed_by(request.user)

View file

@ -55,83 +55,133 @@ class DataFlowSerializer(serializers.ModelSerializer):
] ]
class ProjectPrivateSerializer(serializers.ModelSerializer): class ResearchGroupPublicSerializer(serializers.ModelSerializer):
class Meta:
model = models.Project
fields = [
"slug",
"name",
"visibility",
"owner",
]
read_only_fields = [
"slug",
"name",
"visibility",
"owner",
]
class ProjectViewableSerializer(serializers.ModelSerializer):
class Meta:
model = models.Project
fields = [
"slug",
"name",
"description",
"visibility",
"owner",
"collaborators",
"flows",
]
read_only_fields = [
"slug",
"name",
"description",
"visibility",
"owner",
"collaborators",
"flows",
]
class ProjectEditableSerializer(serializers.ModelSerializer):
class Meta:
model = models.Project
fields = [
"slug",
"name",
"description",
"visibility",
"owner",
"collaborators",
"flows",
]
read_only_fields = [
"slug",
"visibility",
"owner",
"collaborators",
]
class ProjectAdministrableSerializer(serializers.ModelSerializer):
""" """
Serializer for :class:`.models.Project` when accessed as the project owner. Serializer for users who are not administrators of a :class:`.models.ResearchGroup`.
""" """
class Meta: class Meta:
model = models.Project model = models.ResearchGroup
fields = [ fields = (
"slug",
"name",
"description",
"owner",
"members",
"access",
)
read_only_fields = (
"slug",
"name",
"description",
"owner",
"members",
"access",
)
class ResearchGroupAdminSerializer(serializers.ModelSerializer):
"""
Serializer for users who are administrators of a :class:`.models.ResearchGroup`.
"""
class Meta:
model = models.ResearchGroup
fields = (
"slug",
"name",
"description",
"owner",
"members",
"access",
)
read_only_fields = (
"slug",
"owner",
)
class ResearchProjectPublicSerializer(serializers.ModelSerializer):
"""
Serializer for users who are not collaborators of a :class:`~.models.ResearchProject` and do not have permissions to view it.
"""
class Meta:
model = models.ResearchProject
fields = (
"slug",
"visibility",
"group",
)
read_only_fields = (
"slug",
"visibility",
"group",
)
class ResearchProjectViewerSerializer(serializers.ModelSerializer):
"""
Serializer for users who are not collaborators of a :class:`~.models.ResearchProject`, but have permissions to view it.
"""
class Meta:
model = models.ResearchProject
fields = (
"slug", "slug",
"name", "name",
"description", "description",
"visibility", "visibility",
"owner", "group",
"collaborators",
"flows", "flows",
] )
read_only_fields = [ read_only_fields = (
"slug", "slug",
"owner", "name",
] "description",
"visibility",
"group",
"flows",
)
class ResearchProjectCollaboratorSerializer(serializers.ModelSerializer):
"""
Serializer for users who are collaborators of a :class:`~.models.ResearchProject`, but not administrators.
"""
class Meta:
model = models.ResearchProject
fields = (
"slug",
"name",
"description",
"visibility",
"group",
"flows",
)
read_only_fields = (
"slug",
"visibility",
"group",
)
class ResearchProjectAdminSerializer(serializers.ModelSerializer):
"""
Serializer for users who are administrators of a :class:`~.models.ResearchProject`.
"""
class Meta:
model = models.ResearchProject
fields = (
"slug",
"name",
"description",
"visibility",
"group",
"flows",
)
read_only_fields = (
"slug",
)

View file

@ -6,7 +6,7 @@ from . import views
router = DefaultRouter() router = DefaultRouter()
router.register("datasources", views.DataSourceViewSet) router.register("datasources", views.DataSourceViewSet)
router.register("dataflows", views.DataFlowViewSet) router.register("dataflows", views.DataFlowViewSet)
router.register("projects", views.ProjectViewSet) router.register("projects", views.ResearchProjectViewSet)
urlpatterns = [ urlpatterns = [
path("", include(router.urls)), path("", include(router.urls)),

View file

@ -7,8 +7,8 @@ from . import models, serializers, permissions as custom_permissions
log = getLogger(__name__) log = getLogger(__name__)
class ProjectViewSet(viewsets.ModelViewSet): class ResearchProjectViewSet(viewsets.ModelViewSet):
queryset = models.Project.objects.all() queryset = models.ResearchProject.objects.all()
@property @property
def permission_classes(self): def permission_classes(self):
@ -19,25 +19,26 @@ class ProjectViewSet(viewsets.ModelViewSet):
"update": [custom_permissions.CanEditProject], "update": [custom_permissions.CanEditProject],
"partial_update": [custom_permissions.CanEditProject], "partial_update": [custom_permissions.CanEditProject],
"destroy": [custom_permissions.CanAdministrateProject], "destroy": [custom_permissions.CanAdministrateProject],
"metadata": [],
None: [], None: [],
}[self.action] }[self.action]
def get_serializer_class(self): def get_serializer_class(self):
if self.action == "list": if self.action == "list":
return serializers.ProjectPrivateSerializer return serializers.ResearchProjectPublicSerializer
elif self.action == "create": elif self.action == "create":
return serializers.ProjectAdministrableSerializer return serializers.ResearchProjectAdminSerializer
else: else:
project = self.get_object() project = self.get_object()
user = self.request.user user = self.request.user
if project.can_be_administrated_by(user): if project.can_be_administrated_by(user):
return serializers.ProjectAdministrableSerializer return serializers.ResearchProjectAdminSerializer
elif project.can_be_edited_by(user): elif project.can_be_edited_by(user):
return serializers.ProjectEditableSerializer return serializers.ResearchProjectCollaboratorSerializer
elif project.can_be_viewed_by(user): elif project.can_be_viewed_by(user):
return serializers.ProjectViewableSerializer return serializers.ResearchProjectViewerSerializer
else: else:
return serializers.ProjectPrivateSerializer return serializers.ResearchProjectPublicSerializer
class DataFlowViewSet(viewsets.ModelViewSet): class DataFlowViewSet(viewsets.ModelViewSet):