Skip to content
GitLab
Commit 54d661bb authored by Florent Chehab's avatar Florent Chehab
Browse files

Fixes #46 and cleaning

parent b1f1f3e4
Pipeline #36179 passed with stages
in 4 minutes and 10 seconds
Hide whitespace changes
Inline Side-by-side
backend/backend_app/models/other_viewsets.py
View file @ 54d661bb
......@@ -9,6 +9,7 @@ from shared import OBJ_MODERATION_PERMISSIONS
class AppModerationStatusViewSet(APIView):
"""
Viewset to know what is the app moderation status
"""
permission_classes = get_viewset_permissions("AppModerationStatusViewSet")
......
backend/backend_app/utils/__does_user_have_moderation_rights.py
View file @ 54d661bb
from backend_app.utils import is_member
from django.contrib.auth.models import User
def does_user_have_moderation_rights(user):
def does_user_have_moderation_rights(user: User) -> bool:
"""
Function to know if a user is staff or member of DRI or member of the moderator group.
TODO unit test
"""
return user.is_staff or is_member("DRI", user) or is_member("Moderators", user)
backend/backend_app/utils/__find_api_end_point_for_viewset.py
View file @ 54d661bb
from shared import load_api_config
from shared import get_api_objs
def find_api_end_point_for_viewset(viewset_name):
def find_api_end_point_for_viewset(viewset_name: str) -> str:
"""
Gets the api endpoint associated with a viewset
"""
api_config = load_api_config()
for obj in api_config:
if obj["viewset"] == viewset_name:
return obj["api_end_point"]
for obj in get_api_objs(has_model=None, make_imports=False):
if obj.viewset == viewset_name:
return obj.api_end_point
return None
backend/backend_app/utils/__get_model_config.py
View file @ 54d661bb
from shared import load_api_config
from shared import get_api_objs
def get_model_config(model):
api_config = load_api_config()
for obj in api_config:
if "is_api_view" in obj and obj["is_api_view"]:
continue
if obj["model"] == model:
tmp = {
"moderation_level": obj["moderation_level"],
def get_model_config(model: str) -> dict:
"""
Returns the configuraiton of the model
"""
for obj in get_api_objs(has_model=True, is_api_view=False, make_imports=False):
if obj.model == model:
out = {
"moderation_level": obj.moderation_level,
"model": model,
"read_only": obj["read_only"],
"read_only": obj.read_only,
}
key = "enforce_moderation_user_level"
if key in obj.keys():
tmp[key] = obj[key]
return tmp
out[key] = obj[key]
return out
raise Exception("Model not found in API configuration, cannot process !")
raise Exception(
"Model {} not found in API configuration, cannot process !".format(model)
)
backend/backend_app/utils/__get_user_level.py
View file @ 54d661bb
from .__is_member import is_member
from django.contrib.auth.models import User
from shared import OBJ_MODERATION_PERMISSIONS
def get_user_level(user) -> int:
def get_user_level(user: User) -> int:
"""
Returns the user level as int.
TODO unit test
"""
if user.is_staff:
......
backend/backend_app/utils/__get_viewset_permissions.py
View file @ 54d661bb
......@@ -8,14 +8,17 @@ from backend_app.permissions import (
)
from rest_framework.permissions import IsAdminUser
from backend_app.permissions import DEFAULT_VIEWSET_PERMISSIONS
from shared import load_api_config
from shared import get_api_objs
def get_viewset_permissions(viewset):
api_config = load_api_config()
for obj in api_config:
if obj["viewset"] == viewset:
custom_permission = obj["viewset_permission"]
def get_viewset_permissions(viewset: str) -> object:
"""
Returns the permissions associated with the viewset as configured in the config file.
"""
for obj in get_api_objs(has_model=None, make_imports=False, is_api_view=None):
if obj.viewset == viewset:
custom_permission = obj.viewset_permission
if custom_permission == "IsOwner":
permission = (IsOwner,)
elif custom_permission == "IsStaffOrReadOnly":
......@@ -33,8 +36,10 @@ def get_viewset_permissions(viewset):
else:
raise Exception("Permission not supported ! Dev what did you do ?")
if obj["read_only"]:
if obj.read_only:
permission += (ReadOnly,)
return DEFAULT_VIEWSET_PERMISSIONS + permission
raise Exception("Viewset not found in API configuraiton, cannot process !")
raise Exception(
"Viewset {} not found in API configuraiton, cannot proceed !".format(viewset)
)
backend/backend_app/utils/__is_member.py
View file @ 54d661bb
def is_member(group_name, user):
from django.contrib.auth.models import User
def is_member(group_name: str, user: User) -> bool:
"""
Function to know if a user is part of a specific group.
......
shared/__init__.py
View file @ 54d661bb
from .get_api_config import load_api_config, get_api_objs
from .get_api_config import get_api_objs
from .obj_moderation_permission import (
DEFAULT_OBJ_MODERATION_LV,
OBJ_MODERATION_PERMISSIONS,
)
__all__ = [
"load_api_config",
"DEFAULT_OBJ_MODERATION_LV",
"OBJ_MODERATION_PERMISSIONS",
"get_api_objs",
]
__all__ = ["DEFAULT_OBJ_MODERATION_LV", "OBJ_MODERATION_PERMISSIONS", "get_api_objs"]
shared/api_config.yml
View file @ 54d661bb
# THIS FILE IS DYNAMICALLY USED FOR THE BACKEND AND THE FRONTEND
# TAKE CARE WHEN MODYFING IT ;)
# model : the model name (may be null) Model can't be present more than once.
# model : the model name (may be absent) Model can't be present more than once.
# viewset : the viewset name for the api
# api_end_pont : the main part of the url for making request to the api
# This string will also be used for naming variables in JS !!
......@@ -27,7 +27,7 @@
#
# By default, every viewset will have :
# - isAuthentificated : to use the API the client needs to be authentificated
# - noDeleteIsNotStaff : nothing can be deleted except if you are a staff member
# - noDeleteIfNotStaff : nothing can be deleted except if you are a staff member
#
# Some viewsets may have more presice permissions
# - IsStaff
......@@ -36,12 +36,20 @@
# - IsOwner : (or )
#
#####################################################
## Custom Viewsets that doesn't have a model behind
#####################################################
- viewset: AppModerationStatusViewSet
api_end_point: serverModerationStatus
import_location: other_viewsets
read_only: true
is_api_view: true
#####################
## Standard Viewsets
#####################
- model: Country
viewset: CountryViewSet
import_location: country
......
shared/get_api_config.py
View file @ 54d661bb
......@@ -50,6 +50,7 @@ def get_api_objs(
requires_testing: Union[None, bool, "smart"] = None,
is_api_view: Optional[bool] = False,
ignore_models: List[str] = list(),
make_imports: bool = True,
) -> List[DotMap]:
"""
Returns a list of DotMap objects corresponding the api config file
......@@ -59,6 +60,8 @@ def get_api_objs(
There is one exception for the parameter `requires_testing` if it is set to `smart` then
the object is returned only if doesn't require testing or if testing is activated.
make_imports: do we perform the model and viewsets imports ?
"""
out = list()
......@@ -102,19 +105,20 @@ def get_api_objs(
if not is_api_view and obj.is_api_view:
continue
module = importlib.import_module(
"backend_app.models.{}".format(obj.import_location)
)
if make_imports:
module = importlib.import_module(
"backend_app.models.{}".format(obj.import_location)
)
if obj.model is not None:
if obj.model in ignore_models:
continue
Model = getattr(module, obj.model)
obj.Model = Model
if obj.model is not None:
if obj.model in ignore_models:
continue
Model = getattr(module, obj.model)
obj.Model = Model
if obj.viewset is not None:
Viewset = getattr(module, obj.viewset)
obj.Viewset = Viewset
if obj.viewset is not None:
Viewset = getattr(module, obj.viewset)
obj.Viewset = Viewset
out.append(obj)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment