Commit 7cc17dfe authored by Florent Chehab's avatar Florent Chehab
Browse files

Big Update : moderation and viewset permissions centralized

parent e9e8ecbe
from django.db import models
from rest_framework import permissions
from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
from backend.models.tools import IsAdminOrReadOnly
from django.contrib.postgres.fields import JSONField
from backend.utils import get_viewset_permissions, get_moderation_level
class Tag(MyModel):
"""
TODO description
"""
moderation_level = get_moderation_level("Tag")
name = models.CharField(max_length=100, unique=True)
config = JSONField(blank=True, default=dict)
......@@ -20,9 +21,6 @@ class TagSerializer(MyModelSerializer):
class TagViewSet(MyModelViewSet):
permission_classes = (
permissions.IsAuthenticated,
IsAdminOrReadOnly
)
permission_classes = get_viewset_permissions("TagViewSet")
queryset = Tag.objects.all() # pylint: disable=E1101
serializer_class = TagSerializer
from .DictModeViewSet import DictModeViewSet # noqa: F401
from .noDeleteIfNotAdmin import NoDeleteIfNotAdmin # noqa: F401
from .isOwner import IsOwner # noqa: F401
from .noDelete import NoDelete # noqa: F401
from .isAdminOrReadOnly import IsAdminOrReadOnly # noqa: F401
......@@ -3,9 +3,11 @@ from backend.models.module import BasicModule, BasicModuleSerializer, BasicModul
from backend.models.location import City
from backend.models.university import University
from django.core.validators import MinValueValidator, MaxValueValidator
from backend.utils import get_moderation_level, get_viewset_permissions
class Campus(BasicModule):
moderation_level = get_moderation_level("Campus")
is_main_campus = models.BooleanField(null=False)
name = models.CharField(max_length=200, null=True)
......@@ -47,10 +49,12 @@ class CampusSerializer(BasicModuleSerializer):
class CampusViewSet(BasicModuleViewSet):
permission_classes = get_viewset_permissions("CampusViewSet")
queryset = Campus.objects.all() # pylint: disable=E1101
serializer_class = CampusSerializer
class MainCampusViewSet(BasicModuleViewSet):
permission_classes = get_viewset_permissions("MainCampusViewSet")
queryset = Campus.objects.filter(is_main_campus=True)
serializer_class = CampusSerializer
from django.db import models
from backend.models.university import Campus
from backend.models.tag import TaggedItem, TaggedItemSerializer, TaggedItemViewSet
from backend.utils import get_moderation_level, get_viewset_permissions
class CampusTaggedItem(TaggedItem):
moderation_level = get_moderation_level("CampusTaggedItem")
campus = models.OneToOneField(
Campus, on_delete=models.PROTECT, related_name='city_items', primary_key=True)
......@@ -22,6 +24,6 @@ class CampusTaggedItemSerializer(TaggedItemSerializer):
class CampusTaggedItemViewSet(TaggedItemViewSet):
permission_classes = get_viewset_permissions("CampusTaggedItemViewSet")
queryset = CampusTaggedItem.objects.all() # pylint: disable=E1101
serializer_class = CampusTaggedItemSerializer
from django.db import models
from backend.models.my_model import MyModel
from backend.utils.friendly_path import friendly_path
from backend.utils import get_moderation_level
path_and_rename = friendly_path("uploads/universities/logos/", 'name')
......@@ -9,6 +10,8 @@ class University(MyModel):
"""
Model storing information about universities
"""
moderation_level = get_moderation_level("University")
name = models.CharField(max_length=200)
acronym = models.CharField(max_length=20, null=True, blank=True)
logo = models.ImageField(upload_to=path_and_rename, max_length=250,
......
from backend.models.university import University
from rest_framework import permissions
from backend.models.tools import NoDeleteIfNotAdmin
from backend.models.my_model import MyModelSerializer, MyModelViewSet
from backend.utils import get_viewset_permissions
class UniversitySerializer(MyModelSerializer):
......@@ -12,10 +11,6 @@ class UniversitySerializer(MyModelSerializer):
class UniversityViewSet(MyModelViewSet):
permission_classes = get_viewset_permissions("UniversityViewSet")
serializer_class = UniversitySerializer
permission_classes = (
permissions.IsAuthenticated,
NoDeleteIfNotAdmin,
)
queryset = University.objects.all() # pylint: disable=E1101
from django.db import models
from backend.models.university import University
from backend.models.module import DriRestrictedModule, DriRestrictedModuleSerializer, DriRestrictedModuleViewSet
from backend.utils import get_moderation_level, get_viewset_permissions
class UniversityDri(DriRestrictedModule):
moderation_level = get_moderation_level("UniversityDri")
university = models.ManyToManyField(
University, related_name="university_dri")
......@@ -20,5 +22,6 @@ class UniversityDriSerializer(DriRestrictedModuleSerializer):
class UniversityDriViewSet(DriRestrictedModuleViewSet):
permission_classes = get_viewset_permissions("UniversityDriViewSet")
queryset = UniversityDri.objects.all() # pylint: disable=E1101
serializer_class = UniversityDriSerializer
......@@ -3,9 +3,11 @@ from backend.models.module import BasicModule, BasicModuleSerializer, BasicModul
from backend.models.university import University
from backend.models.location import Currency
from django.core.validators import MinValueValidator
from backend.utils import get_moderation_level, get_viewset_permissions
class UniversityInfo(BasicModule):
moderation_level = get_moderation_level("UniversityInfo")
university = models.OneToOneField(
University, on_delete=models.CASCADE, related_name='university_info', primary_key=True, null=False)
......@@ -39,5 +41,6 @@ class UniversityInfoSerializer(BasicModuleSerializer):
class UniversityInfoViewSet(BasicModuleViewSet):
permission_classes = get_viewset_permissions("UniversityInfoViewSet")
queryset = UniversityInfo.objects.all() # pylint: disable=E1101
serializer_class = UniversityInfoSerializer
......@@ -3,6 +3,7 @@ from backend.models.university.campus import CampusSerializer
from backend.models.university import UniversityDriSerializer
from backend.models.my_model import MyModelSerializer, MyModelViewSet
from backend.utils import get_viewset_permissions
class UniversityModulesSerializer(MyModelSerializer):
......@@ -15,7 +16,7 @@ class UniversityModulesSerializer(MyModelSerializer):
class UniversityModulesViewSet(MyModelViewSet):
permission_classes = get_viewset_permissions("UniversityModulesViewSet")
serializer_class = UniversityModulesSerializer
def get_queryset(self):
......
from django.db import models
from backend.models.university import University
from backend.models.module import Scholarship, ScholarshipSerializer, ScholarshipViewSet
from backend.utils import get_moderation_level, get_viewset_permissions
class UniversityScholarship(Scholarship):
moderation_level = get_moderation_level("UniversityScholarship")
university = models.ForeignKey(
University, on_delete=models.PROTECT, null=False, related_name="univScholarship")
......@@ -20,5 +22,7 @@ class UniversityScholarshipSerializer(ScholarshipSerializer):
class UniversityScholarshipViewSet(ScholarshipViewSet):
permission_classes = get_viewset_permissions(
"UniversityScholarshipViewSet")
queryset = UniversityScholarship.objects.all() # pylint: disable=E1101
serializer_class = UniversityScholarshipSerializer
......@@ -2,6 +2,7 @@ from django.db import models
from backend.models.module import BasicModule, BasicModuleSerializer, BasicModuleViewSet
from backend.models.university import University
from rest_framework import serializers
from backend.utils import get_moderation_level, get_viewset_permissions
def check_nones(val1, val2):
......@@ -15,6 +16,7 @@ def check_nones(val1, val2):
class UniversitySemestersDates(BasicModule):
moderation_level = get_moderation_level("UniversitySemestersDates")
university = models.OneToOneField(
University, on_delete=models.CASCADE, related_name='university_semesters_dates', primary_key=True, null=False)
......@@ -54,5 +56,7 @@ class UniversitySemestersDatesSerializer(BasicModuleSerializer):
class UniversitySemestersDatesViewSet(BasicModuleViewSet):
permission_classes = get_viewset_permissions(
"UniversitySemestersDatesViewSet")
queryset = UniversitySemestersDates.objects.all() # pylint: disable=E1101
serializer_class = UniversitySemestersDatesSerializer
from django.db import models
from backend.models.tag import TaggedItem, TaggedItemSerializer, TaggedItemViewSet
from backend.models.university import University
from backend.utils import get_moderation_level, get_viewset_permissions
class UniversityTaggedItem(TaggedItem):
moderation_level = get_moderation_level("UniversityTaggedItem")
university = models.OneToOneField(
University, on_delete=models.PROTECT, related_name='city_items', primary_key=True)
......@@ -22,6 +24,6 @@ class UniversityTaggedItemSerializer(TaggedItemSerializer):
class UniversityTaggedItemViewSet(TaggedItemViewSet):
permission_classes = get_viewset_permissions("UniversityTaggedItemViewSet")
queryset = UniversityTaggedItem.objects.all() # pylint: disable=E1101
serializer_class = UniversityTaggedItemSerializer
from django.db import models
from rest_framework import permissions
from backend.models.other_core.specialty import Specialty
from backend.models.other_core.semester import Semester
from backend.models.university import University
from django.contrib.auth.models import User
from django.contrib.postgres.fields import JSONField
from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
from backend.utils import get_moderation_level, get_viewset_permissions
class PreviousDeparture(MyModel):
moderation_level = get_moderation_level("PreviousDeparture")
# This model should be filled with data from the ENT
semester = models.ForeignKey(Semester, on_delete=models.PROTECT)
university = models.ForeignKey(University, on_delete=models.PROTECT)
......@@ -31,7 +32,7 @@ class PreviousDepartureSerializer(MyModelSerializer):
class PreviousDepartureViewSet(MyModelViewSet):
permission_classes = (permissions.IsAdminUser,)
permission_classes = get_viewset_permissions("PreviousDepartureViewSet")
queryset = PreviousDeparture.objects.all() # pylint: disable=E1101
serializer_class = PreviousDepartureSerializer
# todo if is_anonymous set user to null
......@@ -4,9 +4,11 @@ from django.core.validators import MaxValueValidator
from backend.models.user import UserRestrictedModule, UserRestrictedModuleSerializer, UserRestrictedModuleViewSet
from backend.models.user import PreviousDeparture
from django.contrib.postgres.fields import JSONField
from backend.utils import get_moderation_level, get_viewset_permissions
class PreviousDepartureFeedback(UserRestrictedModule):
moderation_level = get_moderation_level("Country")
departure = models.OneToOneField(
PreviousDeparture, on_delete=models.CASCADE)
......@@ -28,5 +30,7 @@ class PreviousDepartureFeedbackSerializer(UserRestrictedModuleSerializer):
class PreviousDepartureFeedbackViewSet(UserRestrictedModuleViewSet):
permission_classes = get_viewset_permissions(
"PreviousDepartureFeedbackViewSet")
queryset = PreviousDepartureFeedback.objects.all() # pylint: disable=E1101
serializer_class = PreviousDepartureFeedbackSerializer
from django.db import models
from rest_framework import permissions
from django.core.validators import MaxValueValidator
from backend.models.university import University
......@@ -7,9 +6,11 @@ from backend.models.user import UserRestrictedModule, UserRestrictedModuleSerial
from backend.models.other_core import Specialty
from backend.models.user import RecommendationList
from backend.utils import get_moderation_level, get_viewset_permissions
class Recommendation(UserRestrictedModule):
moderation_level = get_moderation_level("Recommendation")
university = models.ForeignKey(University, on_delete=models.PROTECT)
parent_list = models.ForeignKey(
RecommendationList, on_delete=models.PROTECT, related_name='recommendations')
......@@ -31,7 +32,7 @@ class RecommendationSerializer(UserRestrictedModuleSerializer):
class RecommendationViewSet(UserRestrictedModuleViewSet):
permission_classes = (permissions.DjangoObjectPermissions,)
permission_classes = get_viewset_permissions("RecommendationViewSet")
queryset = Recommendation.objects.all() # pylint: disable=E1101
serializer_class = RecommendationSerializer
# TODO PERMISSIOIN
from django.db import models
from backend.models.user import UserRestrictedModule, UserRestrictedModuleSerializer, UserRestrictedModuleViewSet
from backend.utils import get_moderation_level, get_viewset_permissions
class RecommendationList(UserRestrictedModule):
moderation_level = get_moderation_level("RecommendationList")
public = models.BooleanField()
title = models.CharField(max_length=200)
......@@ -18,6 +20,6 @@ class RecommendationListSerializer(UserRestrictedModuleSerializer):
class RecommendationListViewSet(UserRestrictedModuleViewSet):
permission_classes = get_viewset_permissions("RecommendationListViewSet")
queryset = RecommendationList.objects.all() # pylint: disable=E1101
serializer_class = RecommendationListSerializer
# TODO add public support to check access rights
from django.db import models
from rest_framework import permissions, serializers
from rest_framework import serializers
from backend.models.university import University
from django.contrib.postgres.fields import JSONField
from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
from django.contrib.auth.models import User
from backend.models.tools import NoDelete, IsOwner
from backend.utils import get_viewset_permissions, get_moderation_level
class UserData(MyModel):
moderation_level = get_moderation_level("UserData")
owner = models.OneToOneField(User, on_delete=models.CASCADE)
contact_info = JSONField(default=dict)
contact_info_is_public = models.BooleanField(default=False)
......@@ -36,11 +38,7 @@ class UserDataSerializer(MyModelSerializer):
class UserDataViewSet(MyModelViewSet):
permission_classes = (
permissions.IsAuthenticated,
NoDelete,
IsOwner
)
permission_classes = get_viewset_permissions("UserDataViewSet")
serializer_class = UserDataSerializer
def get_queryset(self):
......
from .noDeleteIfNotStaff import NoDeleteIfNotStaff # noqa: F401
from .isOwner import IsOwner # noqa: F401
from .noDelete import NoDelete # noqa: F401
from .isStaffOrReadOnly import IsStaffOrReadOnly # noqa: F401
from .isDriOrReadOnly import IsDriOrReadOnly # noqa: F401
from .default_viewset_permissions import DEFAULT_VIEWSET_PERMISSIONS # noqa: F401
from backend.permissions import NoDeleteIfNotStaff
from rest_framework.permissions import IsAuthenticated
DEFAULT_VIEWSET_PERMISSIONS = (IsAuthenticated, NoDeleteIfNotStaff,)
from rest_framework import permissions
from backend.utils import is_member
class IsDriOrReadOnly(permissions.BasePermission):
"""
TODO
"""
def has_permission(self, request, view):
if request.method in permissions.SAFE_METHODS:
return True
else:
return is_member("DRI", request.user) or request.user.is_staff
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment