Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Rex Dri
Rex Dri
Commits
54d661bb
Commit
54d661bb
authored
Mar 10, 2019
by
Florent Chehab
Browse files
Fixes
#46
and cleaning
parent
b1f1f3e4
Pipeline
#36179
passed with stages
in 4 minutes and 10 seconds
Changes
10
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
backend/backend_app/models/other_viewsets.py
View file @
54d661bb
...
...
@@ -9,6 +9,7 @@ from shared import OBJ_MODERATION_PERMISSIONS
class
AppModerationStatusViewSet
(
APIView
):
"""
Viewset to know what is the app moderation status
"""
permission_classes
=
get_viewset_permissions
(
"AppModerationStatusViewSet"
)
...
...
backend/backend_app/utils/__does_user_have_moderation_rights.py
View file @
54d661bb
from
backend_app.utils
import
is_member
from
django.contrib.auth.models
import
User
def
does_user_have_moderation_rights
(
user
)
:
def
does_user_have_moderation_rights
(
user
:
User
)
->
bool
:
"""
Function to know if a user is staff or member of DRI or member of the moderator group.
TODO unit test
"""
return
user
.
is_staff
or
is_member
(
"DRI"
,
user
)
or
is_member
(
"Moderators"
,
user
)
backend/backend_app/utils/__find_api_end_point_for_viewset.py
View file @
54d661bb
from
shared
import
load
_api_
config
from
shared
import
get
_api_
objs
def
find_api_end_point_for_viewset
(
viewset_name
):
def
find_api_end_point_for_viewset
(
viewset_name
:
str
)
->
str
:
"""
Gets the api endpoint associated with a viewset
"""
api_config
=
load_api_config
()
for
obj
in
api_config
:
if
obj
[
"viewset"
]
==
viewset_name
:
return
obj
[
"api_end_point"
]
for
obj
in
get_api_objs
(
has_model
=
None
,
make_imports
=
False
):
if
obj
.
viewset
==
viewset_name
:
return
obj
.
api_end_point
return
None
backend/backend_app/utils/__get_model_config.py
View file @
54d661bb
from
shared
import
load
_api_
config
from
shared
import
get
_api_
objs
def
get_model_config
(
model
):
api_config
=
load_api_config
()
for
obj
in
api_config
:
if
"is_api_view"
in
obj
and
obj
[
"is_api_view"
]:
continue
if
obj
[
"model"
]
==
model
:
tmp
=
{
"moderation_level"
:
obj
[
"moderation_level"
],
def
get_model_config
(
model
:
str
)
->
dict
:
"""
Returns the configuraiton of the model
"""
for
obj
in
get_api_objs
(
has_model
=
True
,
is_api_view
=
False
,
make_imports
=
False
):
if
obj
.
model
==
model
:
out
=
{
"moderation_level"
:
obj
.
moderation_level
,
"model"
:
model
,
"read_only"
:
obj
[
"
read_only
"
]
,
"read_only"
:
obj
.
read_only
,
}
key
=
"enforce_moderation_user_level"
if
key
in
obj
.
keys
():
tmp
[
key
]
=
obj
[
key
]
return
tmp
out
[
key
]
=
obj
[
key
]
return
out
raise
Exception
(
"Model not found in API configuration, cannot process !"
)
raise
Exception
(
"Model {} not found in API configuration, cannot process !"
.
format
(
model
)
)
backend/backend_app/utils/__get_user_level.py
View file @
54d661bb
from
.__is_member
import
is_member
from
django.contrib.auth.models
import
User
from
shared
import
OBJ_MODERATION_PERMISSIONS
def
get_user_level
(
user
)
->
int
:
def
get_user_level
(
user
:
User
)
->
int
:
"""
Returns the user level as int.
TODO unit test
"""
if
user
.
is_staff
:
...
...
backend/backend_app/utils/__get_viewset_permissions.py
View file @
54d661bb
...
...
@@ -8,14 +8,17 @@ from backend_app.permissions import (
)
from
rest_framework.permissions
import
IsAdminUser
from
backend_app.permissions
import
DEFAULT_VIEWSET_PERMISSIONS
from
shared
import
load
_api_
config
from
shared
import
get
_api_
objs
def
get_viewset_permissions
(
viewset
):
api_config
=
load_api_config
()
for
obj
in
api_config
:
if
obj
[
"viewset"
]
==
viewset
:
custom_permission
=
obj
[
"viewset_permission"
]
def
get_viewset_permissions
(
viewset
:
str
)
->
object
:
"""
Returns the permissions associated with the viewset as configured in the config file.
"""
for
obj
in
get_api_objs
(
has_model
=
None
,
make_imports
=
False
,
is_api_view
=
None
):
if
obj
.
viewset
==
viewset
:
custom_permission
=
obj
.
viewset_permission
if
custom_permission
==
"IsOwner"
:
permission
=
(
IsOwner
,)
elif
custom_permission
==
"IsStaffOrReadOnly"
:
...
...
@@ -33,8 +36,10 @@ def get_viewset_permissions(viewset):
else
:
raise
Exception
(
"Permission not supported ! Dev what did you do ?"
)
if
obj
[
"
read_only
"
]
:
if
obj
.
read_only
:
permission
+=
(
ReadOnly
,)
return
DEFAULT_VIEWSET_PERMISSIONS
+
permission
raise
Exception
(
"Viewset not found in API configuraiton, cannot process !"
)
raise
Exception
(
"Viewset {} not found in API configuraiton, cannot proceed !"
.
format
(
viewset
)
)
backend/backend_app/utils/__is_member.py
View file @
54d661bb
def
is_member
(
group_name
,
user
):
from
django.contrib.auth.models
import
User
def
is_member
(
group_name
:
str
,
user
:
User
)
->
bool
:
"""
Function to know if a user is part of a specific group.
...
...
shared/__init__.py
View file @
54d661bb
from
.get_api_config
import
load_api_config
,
get_api_objs
from
.get_api_config
import
get_api_objs
from
.obj_moderation_permission
import
(
DEFAULT_OBJ_MODERATION_LV
,
OBJ_MODERATION_PERMISSIONS
,
)
__all__
=
[
"load_api_config"
,
"DEFAULT_OBJ_MODERATION_LV"
,
"OBJ_MODERATION_PERMISSIONS"
,
"get_api_objs"
,
]
__all__
=
[
"DEFAULT_OBJ_MODERATION_LV"
,
"OBJ_MODERATION_PERMISSIONS"
,
"get_api_objs"
]
shared/api_config.yml
View file @
54d661bb
# THIS FILE IS DYNAMICALLY USED FOR THE BACKEND AND THE FRONTEND
# TAKE CARE WHEN MODYFING IT ;)
# model : the model name (may be
null
) Model can't be present more than once.
# model : the model name (may be
absent
) Model can't be present more than once.
# viewset : the viewset name for the api
# api_end_pont : the main part of the url for making request to the api
# This string will also be used for naming variables in JS !!
...
...
@@ -27,7 +27,7 @@
#
# By default, every viewset will have :
# - isAuthentificated : to use the API the client needs to be authentificated
# - noDeleteI
s
NotStaff : nothing can be deleted except if you are a staff member
# - noDeleteI
f
NotStaff : nothing can be deleted except if you are a staff member
#
# Some viewsets may have more presice permissions
# - IsStaff
...
...
@@ -36,12 +36,20 @@
# - IsOwner : (or )
#
#####################################################
## Custom Viewsets that doesn't have a model behind
#####################################################
-
viewset
:
AppModerationStatusViewSet
api_end_point
:
serverModerationStatus
import_location
:
other_viewsets
read_only
:
true
is_api_view
:
true
#####################
## Standard Viewsets
#####################
-
model
:
Country
viewset
:
CountryViewSet
import_location
:
country
...
...
shared/get_api_config.py
View file @
54d661bb
...
...
@@ -50,6 +50,7 @@ def get_api_objs(
requires_testing
:
Union
[
None
,
bool
,
"smart"
]
=
None
,
is_api_view
:
Optional
[
bool
]
=
False
,
ignore_models
:
List
[
str
]
=
list
(),
make_imports
:
bool
=
True
,
)
->
List
[
DotMap
]:
"""
Returns a list of DotMap objects corresponding the api config file
...
...
@@ -59,6 +60,8 @@ def get_api_objs(
There is one exception for the parameter `requires_testing` if it is set to `smart` then
the object is returned only if doesn't require testing or if testing is activated.
make_imports: do we perform the model and viewsets imports ?
"""
out
=
list
()
...
...
@@ -102,19 +105,20 @@ def get_api_objs(
if
not
is_api_view
and
obj
.
is_api_view
:
continue
module
=
importlib
.
import_module
(
"backend_app.models.{}"
.
format
(
obj
.
import_location
)
)
if
make_imports
:
module
=
importlib
.
import_module
(
"backend_app.models.{}"
.
format
(
obj
.
import_location
)
)
if
obj
.
model
is
not
None
:
if
obj
.
model
in
ignore_models
:
continue
Model
=
getattr
(
module
,
obj
.
model
)
obj
.
Model
=
Model
if
obj
.
model
is
not
None
:
if
obj
.
model
in
ignore_models
:
continue
Model
=
getattr
(
module
,
obj
.
model
)
obj
.
Model
=
Model
if
obj
.
viewset
is
not
None
:
Viewset
=
getattr
(
module
,
obj
.
viewset
)
obj
.
Viewset
=
Viewset
if
obj
.
viewset
is
not
None
:
Viewset
=
getattr
(
module
,
obj
.
viewset
)
obj
.
Viewset
=
Viewset
out
.
append
(
obj
)
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment