Commit 54d661bb authored by Florent Chehab's avatar Florent Chehab

Fixes #46 and cleaning

parent b1f1f3e4
Pipeline #36179 passed with stages
in 4 minutes and 10 seconds
...@@ -9,6 +9,7 @@ from shared import OBJ_MODERATION_PERMISSIONS ...@@ -9,6 +9,7 @@ from shared import OBJ_MODERATION_PERMISSIONS
class AppModerationStatusViewSet(APIView): class AppModerationStatusViewSet(APIView):
""" """
Viewset to know what is the app moderation status
""" """
permission_classes = get_viewset_permissions("AppModerationStatusViewSet") permission_classes = get_viewset_permissions("AppModerationStatusViewSet")
......
from backend_app.utils import is_member from backend_app.utils import is_member
from django.contrib.auth.models import User
def does_user_have_moderation_rights(user): def does_user_have_moderation_rights(user: User) -> bool:
""" """
Function to know if a user is staff or member of DRI or member of the moderator group.
TODO unit test TODO unit test
""" """
return user.is_staff or is_member("DRI", user) or is_member("Moderators", user) return user.is_staff or is_member("DRI", user) or is_member("Moderators", user)
from shared import load_api_config from shared import get_api_objs
def find_api_end_point_for_viewset(viewset_name): def find_api_end_point_for_viewset(viewset_name: str) -> str:
"""
Gets the api endpoint associated with a viewset
"""
api_config = load_api_config() for obj in get_api_objs(has_model=None, make_imports=False):
for obj in api_config: if obj.viewset == viewset_name:
if obj["viewset"] == viewset_name: return obj.api_end_point
return obj["api_end_point"]
return None return None
from shared import load_api_config from shared import get_api_objs
def get_model_config(model): def get_model_config(model: str) -> dict:
api_config = load_api_config() """
Returns the configuraiton of the model
for obj in api_config: """
if "is_api_view" in obj and obj["is_api_view"]: for obj in get_api_objs(has_model=True, is_api_view=False, make_imports=False):
continue if obj.model == model:
if obj["model"] == model: out = {
tmp = { "moderation_level": obj.moderation_level,
"moderation_level": obj["moderation_level"],
"model": model, "model": model,
"read_only": obj["read_only"], "read_only": obj.read_only,
} }
key = "enforce_moderation_user_level" key = "enforce_moderation_user_level"
if key in obj.keys(): if key in obj.keys():
tmp[key] = obj[key] out[key] = obj[key]
return tmp return out
raise Exception("Model not found in API configuration, cannot process !") raise Exception(
"Model {} not found in API configuration, cannot process !".format(model)
)
from .__is_member import is_member from .__is_member import is_member
from django.contrib.auth.models import User
from shared import OBJ_MODERATION_PERMISSIONS from shared import OBJ_MODERATION_PERMISSIONS
def get_user_level(user) -> int: def get_user_level(user: User) -> int:
""" """
Returns the user level as int.
TODO unit test TODO unit test
""" """
if user.is_staff: if user.is_staff:
......
...@@ -8,14 +8,17 @@ from backend_app.permissions import ( ...@@ -8,14 +8,17 @@ from backend_app.permissions import (
) )
from rest_framework.permissions import IsAdminUser from rest_framework.permissions import IsAdminUser
from backend_app.permissions import DEFAULT_VIEWSET_PERMISSIONS from backend_app.permissions import DEFAULT_VIEWSET_PERMISSIONS
from shared import load_api_config from shared import get_api_objs
def get_viewset_permissions(viewset): def get_viewset_permissions(viewset: str) -> object:
api_config = load_api_config() """
for obj in api_config: Returns the permissions associated with the viewset as configured in the config file.
if obj["viewset"] == viewset: """
custom_permission = obj["viewset_permission"]
for obj in get_api_objs(has_model=None, make_imports=False, is_api_view=None):
if obj.viewset == viewset:
custom_permission = obj.viewset_permission
if custom_permission == "IsOwner": if custom_permission == "IsOwner":
permission = (IsOwner,) permission = (IsOwner,)
elif custom_permission == "IsStaffOrReadOnly": elif custom_permission == "IsStaffOrReadOnly":
...@@ -33,8 +36,10 @@ def get_viewset_permissions(viewset): ...@@ -33,8 +36,10 @@ def get_viewset_permissions(viewset):
else: else:
raise Exception("Permission not supported ! Dev what did you do ?") raise Exception("Permission not supported ! Dev what did you do ?")
if obj["read_only"]: if obj.read_only:
permission += (ReadOnly,) permission += (ReadOnly,)
return DEFAULT_VIEWSET_PERMISSIONS + permission return DEFAULT_VIEWSET_PERMISSIONS + permission
raise Exception("Viewset not found in API configuraiton, cannot process !") raise Exception(
"Viewset {} not found in API configuraiton, cannot proceed !".format(viewset)
)
def is_member(group_name, user): from django.contrib.auth.models import User
def is_member(group_name: str, user: User) -> bool:
""" """
Function to know if a user is part of a specific group. Function to know if a user is part of a specific group.
......
from .get_api_config import load_api_config, get_api_objs from .get_api_config import get_api_objs
from .obj_moderation_permission import ( from .obj_moderation_permission import (
DEFAULT_OBJ_MODERATION_LV, DEFAULT_OBJ_MODERATION_LV,
OBJ_MODERATION_PERMISSIONS, OBJ_MODERATION_PERMISSIONS,
) )
__all__ = [ __all__ = ["DEFAULT_OBJ_MODERATION_LV", "OBJ_MODERATION_PERMISSIONS", "get_api_objs"]
"load_api_config",
"DEFAULT_OBJ_MODERATION_LV",
"OBJ_MODERATION_PERMISSIONS",
"get_api_objs",
]
# THIS FILE IS DYNAMICALLY USED FOR THE BACKEND AND THE FRONTEND # THIS FILE IS DYNAMICALLY USED FOR THE BACKEND AND THE FRONTEND
# TAKE CARE WHEN MODYFING IT ;) # TAKE CARE WHEN MODYFING IT ;)
# model : the model name (may be null) Model can't be present more than once. # model : the model name (may be absent) Model can't be present more than once.
# viewset : the viewset name for the api # viewset : the viewset name for the api
# api_end_pont : the main part of the url for making request to the api # api_end_pont : the main part of the url for making request to the api
# This string will also be used for naming variables in JS !! # This string will also be used for naming variables in JS !!
...@@ -27,7 +27,7 @@ ...@@ -27,7 +27,7 @@
# #
# By default, every viewset will have : # By default, every viewset will have :
# - isAuthentificated : to use the API the client needs to be authentificated # - isAuthentificated : to use the API the client needs to be authentificated
# - noDeleteIsNotStaff : nothing can be deleted except if you are a staff member # - noDeleteIfNotStaff : nothing can be deleted except if you are a staff member
# #
# Some viewsets may have more presice permissions # Some viewsets may have more presice permissions
# - IsStaff # - IsStaff
...@@ -36,12 +36,20 @@ ...@@ -36,12 +36,20 @@
# - IsOwner : (or ) # - IsOwner : (or )
# #
#####################################################
## Custom Viewsets that doesn't have a model behind
#####################################################
- viewset: AppModerationStatusViewSet - viewset: AppModerationStatusViewSet
api_end_point: serverModerationStatus api_end_point: serverModerationStatus
import_location: other_viewsets import_location: other_viewsets
read_only: true read_only: true
is_api_view: true is_api_view: true
#####################
## Standard Viewsets
#####################
- model: Country - model: Country
viewset: CountryViewSet viewset: CountryViewSet
import_location: country import_location: country
......
...@@ -50,6 +50,7 @@ def get_api_objs( ...@@ -50,6 +50,7 @@ def get_api_objs(
requires_testing: Union[None, bool, "smart"] = None, requires_testing: Union[None, bool, "smart"] = None,
is_api_view: Optional[bool] = False, is_api_view: Optional[bool] = False,
ignore_models: List[str] = list(), ignore_models: List[str] = list(),
make_imports: bool = True,
) -> List[DotMap]: ) -> List[DotMap]:
""" """
Returns a list of DotMap objects corresponding the api config file Returns a list of DotMap objects corresponding the api config file
...@@ -59,6 +60,8 @@ def get_api_objs( ...@@ -59,6 +60,8 @@ def get_api_objs(
There is one exception for the parameter `requires_testing` if it is set to `smart` then There is one exception for the parameter `requires_testing` if it is set to `smart` then
the object is returned only if doesn't require testing or if testing is activated. the object is returned only if doesn't require testing or if testing is activated.
make_imports: do we perform the model and viewsets imports ?
""" """
out = list() out = list()
...@@ -102,19 +105,20 @@ def get_api_objs( ...@@ -102,19 +105,20 @@ def get_api_objs(
if not is_api_view and obj.is_api_view: if not is_api_view and obj.is_api_view:
continue continue
module = importlib.import_module( if make_imports:
"backend_app.models.{}".format(obj.import_location) module = importlib.import_module(
) "backend_app.models.{}".format(obj.import_location)
)
if obj.model is not None: if obj.model is not None:
if obj.model in ignore_models: if obj.model in ignore_models:
continue continue
Model = getattr(module, obj.model) Model = getattr(module, obj.model)
obj.Model = Model obj.Model = Model
if obj.viewset is not None: if obj.viewset is not None:
Viewset = getattr(module, obj.viewset) Viewset = getattr(module, obj.viewset)
obj.Viewset = Viewset obj.Viewset = Viewset
out.append(obj) out.append(obj)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment