Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Rex Dri
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
32
Issues
32
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Environments
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Rex Dri
Rex Dri
Commits
54d661bb
Commit
54d661bb
authored
Mar 10, 2019
by
Florent Chehab
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixes #46 and cleaning
parent
b1f1f3e4
Pipeline
#36179
passed with stages
in 4 minutes and 10 seconds
Changes
10
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
75 additions
and
51 deletions
+75
-51
backend/backend_app/models/other_viewsets.py
backend/backend_app/models/other_viewsets.py
+1
-0
backend/backend_app/utils/__does_user_have_moderation_rights.py
...d/backend_app/utils/__does_user_have_moderation_rights.py
+4
-1
backend/backend_app/utils/__find_api_end_point_for_viewset.py
...end/backend_app/utils/__find_api_end_point_for_viewset.py
+8
-6
backend/backend_app/utils/__get_model_config.py
backend/backend_app/utils/__get_model_config.py
+15
-14
backend/backend_app/utils/__get_user_level.py
backend/backend_app/utils/__get_user_level.py
+3
-1
backend/backend_app/utils/__get_viewset_permissions.py
backend/backend_app/utils/__get_viewset_permissions.py
+13
-8
backend/backend_app/utils/__is_member.py
backend/backend_app/utils/__is_member.py
+4
-1
shared/__init__.py
shared/__init__.py
+2
-7
shared/api_config.yml
shared/api_config.yml
+10
-2
shared/get_api_config.py
shared/get_api_config.py
+15
-11
No files found.
backend/backend_app/models/other_viewsets.py
View file @
54d661bb
...
...
@@ -9,6 +9,7 @@ from shared import OBJ_MODERATION_PERMISSIONS
class
AppModerationStatusViewSet
(
APIView
):
"""
Viewset to know what is the app moderation status
"""
permission_classes
=
get_viewset_permissions
(
"AppModerationStatusViewSet"
)
...
...
backend/backend_app/utils/__does_user_have_moderation_rights.py
View file @
54d661bb
from
backend_app.utils
import
is_member
from
django.contrib.auth.models
import
User
def
does_user_have_moderation_rights
(
user
)
:
def
does_user_have_moderation_rights
(
user
:
User
)
->
bool
:
"""
Function to know if a user is staff or member of DRI or member of the moderator group.
TODO unit test
"""
return
user
.
is_staff
or
is_member
(
"DRI"
,
user
)
or
is_member
(
"Moderators"
,
user
)
backend/backend_app/utils/__find_api_end_point_for_viewset.py
View file @
54d661bb
from
shared
import
load_api_config
from
shared
import
get_api_objs
def
find_api_end_point_for_viewset
(
viewset_name
):
def
find_api_end_point_for_viewset
(
viewset_name
:
str
)
->
str
:
"""
Gets the api endpoint associated with a viewset
"""
api_config
=
load_api_config
()
for
obj
in
api_config
:
if
obj
[
"viewset"
]
==
viewset_name
:
return
obj
[
"api_end_point"
]
for
obj
in
get_api_objs
(
has_model
=
None
,
make_imports
=
False
):
if
obj
.
viewset
==
viewset_name
:
return
obj
.
api_end_point
return
None
backend/backend_app/utils/__get_model_config.py
View file @
54d661bb
from
shared
import
load_api_config
from
shared
import
get_api_objs
def
get_model_config
(
model
):
api_config
=
load_api_config
()
for
obj
in
api_config
:
if
"is_api_view"
in
obj
and
obj
[
"is_api_view"
]:
continue
if
obj
[
"model"
]
==
model
:
tmp
=
{
"moderation_level"
:
obj
[
"moderation_level"
],
def
get_model_config
(
model
:
str
)
->
dict
:
"""
Returns the configuraiton of the model
"""
for
obj
in
get_api_objs
(
has_model
=
True
,
is_api_view
=
False
,
make_imports
=
False
):
if
obj
.
model
==
model
:
out
=
{
"moderation_level"
:
obj
.
moderation_level
,
"model"
:
model
,
"read_only"
:
obj
[
"read_only"
]
,
"read_only"
:
obj
.
read_only
,
}
key
=
"enforce_moderation_user_level"
if
key
in
obj
.
keys
():
tmp
[
key
]
=
obj
[
key
]
return
tmp
out
[
key
]
=
obj
[
key
]
return
out
raise
Exception
(
"Model not found in API configuration, cannot process !"
)
raise
Exception
(
"Model {} not found in API configuration, cannot process !"
.
format
(
model
)
)
backend/backend_app/utils/__get_user_level.py
View file @
54d661bb
from
.__is_member
import
is_member
from
django.contrib.auth.models
import
User
from
shared
import
OBJ_MODERATION_PERMISSIONS
def
get_user_level
(
user
)
->
int
:
def
get_user_level
(
user
:
User
)
->
int
:
"""
Returns the user level as int.
TODO unit test
"""
if
user
.
is_staff
:
...
...
backend/backend_app/utils/__get_viewset_permissions.py
View file @
54d661bb
...
...
@@ -8,14 +8,17 @@ from backend_app.permissions import (
)
from
rest_framework.permissions
import
IsAdminUser
from
backend_app.permissions
import
DEFAULT_VIEWSET_PERMISSIONS
from
shared
import
load_api_config
from
shared
import
get_api_objs
def
get_viewset_permissions
(
viewset
):
api_config
=
load_api_config
()
for
obj
in
api_config
:
if
obj
[
"viewset"
]
==
viewset
:
custom_permission
=
obj
[
"viewset_permission"
]
def
get_viewset_permissions
(
viewset
:
str
)
->
object
:
"""
Returns the permissions associated with the viewset as configured in the config file.
"""
for
obj
in
get_api_objs
(
has_model
=
None
,
make_imports
=
False
,
is_api_view
=
None
):
if
obj
.
viewset
==
viewset
:
custom_permission
=
obj
.
viewset_permission
if
custom_permission
==
"IsOwner"
:
permission
=
(
IsOwner
,)
elif
custom_permission
==
"IsStaffOrReadOnly"
:
...
...
@@ -33,8 +36,10 @@ def get_viewset_permissions(viewset):
else
:
raise
Exception
(
"Permission not supported ! Dev what did you do ?"
)
if
obj
[
"read_only"
]
:
if
obj
.
read_only
:
permission
+=
(
ReadOnly
,)
return
DEFAULT_VIEWSET_PERMISSIONS
+
permission
raise
Exception
(
"Viewset not found in API configuraiton, cannot process !"
)
raise
Exception
(
"Viewset {} not found in API configuraiton, cannot proceed !"
.
format
(
viewset
)
)
backend/backend_app/utils/__is_member.py
View file @
54d661bb
def
is_member
(
group_name
,
user
):
from
django.contrib.auth.models
import
User
def
is_member
(
group_name
:
str
,
user
:
User
)
->
bool
:
"""
Function to know if a user is part of a specific group.
...
...
shared/__init__.py
View file @
54d661bb
from
.get_api_config
import
load_api_config
,
get_api_objs
from
.get_api_config
import
get_api_objs
from
.obj_moderation_permission
import
(
DEFAULT_OBJ_MODERATION_LV
,
OBJ_MODERATION_PERMISSIONS
,
)
__all__
=
[
"load_api_config"
,
"DEFAULT_OBJ_MODERATION_LV"
,
"OBJ_MODERATION_PERMISSIONS"
,
"get_api_objs"
,
]
__all__
=
[
"DEFAULT_OBJ_MODERATION_LV"
,
"OBJ_MODERATION_PERMISSIONS"
,
"get_api_objs"
]
shared/api_config.yml
View file @
54d661bb
# THIS FILE IS DYNAMICALLY USED FOR THE BACKEND AND THE FRONTEND
# TAKE CARE WHEN MODYFING IT ;)
# model : the model name (may be
null
) Model can't be present more than once.
# model : the model name (may be
absent
) Model can't be present more than once.
# viewset : the viewset name for the api
# api_end_pont : the main part of the url for making request to the api
# This string will also be used for naming variables in JS !!
...
...
@@ -27,7 +27,7 @@
#
# By default, every viewset will have :
# - isAuthentificated : to use the API the client needs to be authentificated
# - noDeleteI
s
NotStaff : nothing can be deleted except if you are a staff member
# - noDeleteI
f
NotStaff : nothing can be deleted except if you are a staff member
#
# Some viewsets may have more presice permissions
# - IsStaff
...
...
@@ -36,12 +36,20 @@
# - IsOwner : (or )
#
#####################################################
## Custom Viewsets that doesn't have a model behind
#####################################################
-
viewset
:
AppModerationStatusViewSet
api_end_point
:
serverModerationStatus
import_location
:
other_viewsets
read_only
:
true
is_api_view
:
true
#####################
## Standard Viewsets
#####################
-
model
:
Country
viewset
:
CountryViewSet
import_location
:
country
...
...
shared/get_api_config.py
View file @
54d661bb
...
...
@@ -50,6 +50,7 @@ def get_api_objs(
requires_testing
:
Union
[
None
,
bool
,
"smart"
]
=
None
,
is_api_view
:
Optional
[
bool
]
=
False
,
ignore_models
:
List
[
str
]
=
list
(),
make_imports
:
bool
=
True
,
)
->
List
[
DotMap
]:
"""
Returns a list of DotMap objects corresponding the api config file
...
...
@@ -59,6 +60,8 @@ def get_api_objs(
There is one exception for the parameter `requires_testing` if it is set to `smart` then
the object is returned only if doesn't require testing or if testing is activated.
make_imports: do we perform the model and viewsets imports ?
"""
out
=
list
()
...
...
@@ -102,19 +105,20 @@ def get_api_objs(
if
not
is_api_view
and
obj
.
is_api_view
:
continue
module
=
importlib
.
import_module
(
"backend_app.models.{}"
.
format
(
obj
.
import_location
)
)
if
make_imports
:
module
=
importlib
.
import_module
(
"backend_app.models.{}"
.
format
(
obj
.
import_location
)
)
if
obj
.
model
is
not
None
:
if
obj
.
model
in
ignore_models
:
continue
Model
=
getattr
(
module
,
obj
.
model
)
obj
.
Model
=
Model
if
obj
.
model
is
not
None
:
if
obj
.
model
in
ignore_models
:
continue
Model
=
getattr
(
module
,
obj
.
model
)
obj
.
Model
=
Model
if
obj
.
viewset
is
not
None
:
Viewset
=
getattr
(
module
,
obj
.
viewset
)
obj
.
Viewset
=
Viewset
if
obj
.
viewset
is
not
None
:
Viewset
=
getattr
(
module
,
obj
.
viewset
)
obj
.
Viewset
=
Viewset
out
.
append
(
obj
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment