Big Update : moderation and viewset permissions centralized

Makefile

@@ -5,7 +5,7 @@ install_backend:
 	pip install -r requirements.txt --quiet
 
 generate_backend:
-	python ./backend/generate/generate_all.py
+	export PYTHONPATH=$$PWD ; python ./backend/generate/generate_all.py
 
 generate_frontend:
 	python ./frontend/generate/generate_frontend_files.py

backend/generate/generate_all.py

 #####
 # This python file is used to generate js files for redux
 from django import template
-import yaml
 from os.path import join, realpath, dirname
+from general.api import get_api_config
 
 ############
 # Need to do this first so that Django template engine is working
@@ -44,7 +44,7 @@ saving_dir = realpath(current_dir + "/../")
 
 # API_BASE = "http://127.0.0.1:8000/api/"
 
-api_config = yaml.load(read_file(join(current_dir, 'api_config.yml')))
+api_config = get_api_config()
 
 # Render urls.py
 template_path = join(templates_dir, 'urls.tpl')

backend/generate/templates/urls.tpl

@@ -9,11 +9,18 @@ from django.conf.urls import url, include
 from django.conf import settings
 from rest_framework import routers
 
-{% spaceless %}
-{% for model in data %}{% if 'requires_testing' not in model or not model.requires_testing %}
+ALL_MODELS = []
+ALL_VIEWSETS = []
+{% for model in data %}
+    {% if not model.requires_testing %}
 from backend.models.{{model.import_location}} import {{model.viewset}}
-{% endif %}{% endfor %}
-{% endspaceless %}
+ALL_VIEWSETS.append({{model.viewset}})
+        {% if model.model is not None and not model.ignore_in_admin%}
+from backend.models.{{model.import_location}} import {{model.model}}
+ALL_MODELS.append({{model.model}})
+        {% endif %}
+    {% endif %}
+{% endfor %}
 
 from rest_framework.documentation import include_docs_urls
 
@@ -24,19 +31,35 @@ urlpatterns = [
 router = routers.DefaultRouter()
 
 if settings.TESTING:
-    {% for model in data %}{% if 'requires_testing' in model or model.requires_testing %}
+    {% for model in data %}{% if model.requires_testing %}
     from backend.models.{{model.import_location}} import {{model.viewset}}
+    ALL_VIEWSETS.append({{model.viewset}})
+    {% if model.model is not None %}
+    from backend.models.{{model.import_location}} import {{model.model}}
+    ALL_MODELS.append({{model.model}})
+    {% endif %}
     router.register(
         r'{{model.api_end_point}}{% if 'api_attr' in model %}/{{model.api_attr}}{% endif %}', 
         {{model.viewset}}{%if 'api_name' in model%},"{{model.api_name}}"{% endif %}
     ){% endif %}{% endfor %}
 
 
-{% for model in data %}{% if 'requires_testing' not in model or not model.requires_testing %}
+{% for model in data %}{% if not model.requires_testing %}
 router.register(
     r'{{model.api_end_point}}{% if 'api_attr' in model %}/{{model.api_attr}}{% endif %}', 
     {{model.viewset}}{%if 'api_name' in model%},"{{model.api_name}}"{% endif %}
 ){% endif %}{% endfor %}
 
 urlpatterns += [url(r'^api/', include(router.urls))]
+
+for model in ALL_MODELS:
+    if model.moderation_level is None:
+        raise Exception("You forgot to set the moderation_level variable in the model {}".format(str(model)))
+
+from backend.permissions import DEFAULT_VIEWSET_PERMISSIONS
+for viewset in ALL_VIEWSETS:
+    for p in DEFAULT_VIEWSET_PERMISSIONS:
+        v_p = viewset.permission_classes
+        if p not in v_p:
+            raise Exception("Permission_classes are not defined correctly in the viewset {}".format(str(viewset)))
 {% endautoescape %}

backend/models/location/city.py

@@ -2,9 +2,12 @@ from django.db import models
 from rest_framework import serializers
 from backend.models.location import Country
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelVersionnedViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class City(MyModel):
+    moderation_level = get_moderation_level("City")
+
     name = models.CharField(max_length=200)
     local_name = models.CharField(max_length=200, null=True, blank=True)
     # We add an area to distinguish similarly named cities
@@ -29,5 +32,6 @@ class CitySerializer(MyModelSerializer):
 
 
 class CityViewSet(MyModelVersionnedViewSet):
+    permission_classes = get_viewset_permissions("CityViewSet")
     queryset = City.objects.all()  # pylint: disable=E1101
     serializer_class = CitySerializer

backend/models/location/cityTaggedItem.py

 from django.db import models
 from backend.models.tag import TaggedItem, TaggedItemSerializer, TaggedItemViewSet
 from backend.models.location import City
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class CityTaggedItem(TaggedItem):
+    moderation_level = get_moderation_level("CityTaggedItem")
+
     city = models.OneToOneField(
         City, on_delete=models.PROTECT, related_name='city_items', primary_key=True)
 
@@ -22,6 +25,6 @@ class CityTaggedItemSerializer(TaggedItemSerializer):
 
 
 class CityTaggedItemViewSet(TaggedItemViewSet):
-
+    permission_classes = get_viewset_permissions("CityTaggedItemViewSet")
     queryset = CityTaggedItem.objects.all()  # pylint: disable=E1101
     serializer_class = CityTaggedItemSerializer

backend/models/location/country.py

 from django.db import models
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelVersionnedViewSet
-
+from backend.utils import get_moderation_level, get_viewset_permissions
 # Data model based on : https://unstats.un.org/unsd/methodology/m49/overview/
 
 
 class Country(MyModel):
+    moderation_level = get_moderation_level("Country")
+
     name = models.CharField(max_length=200)
     iso_alpha2_code = models.CharField(primary_key=True, max_length=2)
     iso_alpha3_code = models.CharField(
@@ -27,5 +29,6 @@ class CountrySerializer(MyModelSerializer):
 
 
 class CountryViewSet(MyModelVersionnedViewSet):
+    permission_classes = get_viewset_permissions("CountryViewSet")
     queryset = Country.objects.all()  # pylint: disable=E1101
     serializer_class = CountrySerializer

backend/models/location/countryDri.py

 from django.db import models
 from backend.models.location import Country
 from backend.models.module import DriRestrictedModule, DriRestrictedModuleSerializer, DriRestrictedModuleViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class CountryDri(DriRestrictedModule):
+    moderation_level = get_moderation_level("CountryDri")
     country = models.ManyToManyField(
         Country, related_name="country_dri")
 
@@ -20,5 +22,6 @@ class CountryDriSerializer(DriRestrictedModuleSerializer):
 
 
 class CountryDriViewSet(DriRestrictedModuleViewSet):
+    permission_classes = get_viewset_permissions("CountryDriViewSet")
     queryset = CountryDri.objects.all()  # pylint: disable=E1101
     serializer_class = CountryDriSerializer

backend/models/location/countryScholarship.py

 from django.db import models
 from backend.models.location import Country
 from backend.models.module import Scholarship, ScholarshipSerializer, ScholarshipViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class CountryScholarship(Scholarship):
+    moderation_level = get_moderation_level("CountryScholarship")
     country = models.ManyToManyField(
         Country, related_name="country_scholarhip")
 
@@ -20,5 +22,6 @@ class CountryScholarshipSerializer(ScholarshipSerializer):
 
 
 class CountryScholarshipViewSet(ScholarshipViewSet):
+    permission_classes = get_viewset_permissions("CountryScholarshipViewSet")
     queryset = CountryScholarship.objects.all()  # pylint: disable=E1101
     serializer_class = CountryScholarshipSerializer

backend/models/location/countryTaggedItem.py

 from django.db import models
 from backend.models.tag import TaggedItem, TaggedItemSerializer, TaggedItemViewSet
 from backend.models.location import Country
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class CountryTaggedItem(TaggedItem):
+    moderation_level = get_moderation_level("CountryTaggedItem")
     country = models.OneToOneField(
         Country, on_delete=models.PROTECT, related_name='country_items', primary_key=True)
 
@@ -22,6 +24,6 @@ class CountryTaggedItemSerializer(TaggedItemSerializer):
 
 
 class CountryTaggedItemViewSet(TaggedItemViewSet):
-
+    permission_classes = get_viewset_permissions("CountryTaggedItemViewSet")
     queryset = CountryTaggedItem.objects.all()  # pylint: disable=E1101
     serializer_class = CountryTaggedItemSerializer

backend/models/location/currency.py

 from django.db import models
-from rest_framework import permissions
 from django.core.validators import MinValueValidator
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class Currency(MyModel):
+    moderation_level = get_moderation_level("Currency")
+
     code = models.CharField(primary_key=True, max_length=3)
     name = models.CharField(max_length=100)
     symbol = models.CharField(null=True, blank=True, max_length=30)
@@ -22,6 +24,6 @@ class CurrencySerializer(MyModelSerializer):
 
 
 class CurrencyViewSet(MyModelViewSet):
-    permission_classes = (permissions.IsAdminUser,)  # TODO : change
+    permission_classes = get_viewset_permissions("CurrencyViewSet")
     queryset = Currency.objects.all()  # pylint: disable=E1101
     serializer_class = CurrencySerializer

backend/models/my_model/forTestingModeration.py

@@ -2,12 +2,14 @@ from .myModel import MyModel
 from .myModelSerializer import MyModelSerializer
 from .myModelViewSet import MyModelViewSet
 from django.db import models
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class ForTestingModeration(MyModel):
     """
         Simple model for testing purposes
     """
+    moderation_level = get_moderation_level("ForTestingModeration")
     aaa = models.CharField(max_length=100)
 
 
@@ -24,5 +26,6 @@ class ForTestingModerationViewSet(MyModelViewSet):
     """
         Same as above
     """
+    permission_classes = get_viewset_permissions("ForTestingModerationViewSet")
     serializer_class = ForTestingModerationSerializer
     queryset = ForTestingModeration.objects.all()

backend/models/my_model/forTestingVersioning.py

 from .myModelVersionned import MyModelVersionned, MyModelVersionnedSerializer, MyModelVersionnedViewSet
 from django.db import models
 import reversion
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 @reversion.register()
@@ -8,6 +9,7 @@ class ForTestingVersioning(MyModelVersionned):
     """
         Simple model for testing purposes
     """
+    moderation_level = get_moderation_level("ForTestingVersioning")
     bbb = models.CharField(max_length=100)
 
     @classmethod
@@ -28,5 +30,6 @@ class ForTestingVersioningViewSet(MyModelVersionnedViewSet):
     """
         Same as above
     """
+    permission_classes = get_viewset_permissions("ForTestingVersioningViewSet")
     serializer_class = ForTestingVersioningSerializer
     queryset = ForTestingVersioning.objects.all()

backend/models/my_model/myModel.py

@@ -23,3 +23,5 @@ class MyModel(models.Model):
 
     class Meta:
         abstract = True
+
+    moderation_level = None

backend/models/my_model/myModelVersionned.py

 from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
 from backend.signals import new_revision_saved
-from rest_framework import serializers, permissions, mixins, viewsets
+from rest_framework import serializers, mixins, viewsets
 import reversion
 from reversion.models import Version
 from django.contrib.contenttypes.models import ContentType
 from django.core.serializers.base import DeserializationError
 from django.core import serializers as djangoSerializers
+from backend.utils import get_viewset_permissions
 
 
 class MyModelVersionned(MyModel):
@@ -81,7 +82,7 @@ class VersionSerializer(serializers.ModelSerializer):
 
 class VersionViewSet(mixins.ListModelMixin,
                      viewsets.GenericViewSet):  # TODO better presentation
-    permission_classes = (permissions.IsAuthenticated,)
+    permission_classes = get_viewset_permissions("VersionViewSet")
     serializer_class = VersionSerializer
 
     def get_queryset(self):

backend/models/my_model/myModelViewSet.py

-from rest_framework import permissions
 from .myModelSerializer import MyModelSerializer
-from backend.models.tools import NoDeleteIfNotAdmin
+from backend.permissions import DEFAULT_VIEWSET_PERMISSIONS
 from backend.models.tools import DictModeViewSet
 
 
 class MyModelViewSet(DictModeViewSet):
     serializer_class = MyModelSerializer
-    permission_classes = (
-        permissions.IsAuthenticated,
-        NoDeleteIfNotAdmin,
-    )
+    permission_classes = DEFAULT_VIEWSET_PERMISSIONS
 
     def get_queryset(self):
         """

backend/models/my_model/pendingModeration.py

 from django.db import models
-from rest_framework import serializers, viewsets, permissions
+from rest_framework import serializers, viewsets
 from django.contrib.contenttypes.models import ContentType
 from django.contrib.contenttypes.fields import GenericForeignKey
 from django.contrib.postgres.fields import JSONField
 from django.contrib.auth.models import User
+from backend.utils import get_viewset_permissions, get_moderation_level
 
 
 class PendingModeration(models.Model):
+    moderation_level = get_moderation_level("PendingModeration")
+
     content_type = models.ForeignKey(ContentType, on_delete=models.CASCADE)
     object_id = models.CharField(max_length=100)  # 100 should be ok
     referenced_object = GenericForeignKey('content_type', 'object_id')
@@ -36,6 +39,6 @@ class PendingModerationSerializer(serializers.ModelSerializer):
 
 
 class PendingModerationViewSet(viewsets.ModelViewSet):
-    permission_classes = (permissions.IsAdminUser,)
+    permission_classes = get_viewset_permissions("PendingModerationViewSet")
     queryset = PendingModeration.objects.all()  # pylint: disable=E1101
     serializer_class = PendingModerationSerializer

backend/models/other_core/department.py

 from django.db import models
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
-from rest_framework import permissions
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class Department(MyModel):
+    moderation_level = get_moderation_level("Department")
+
     code = models.CharField(primary_key=True, max_length=6)
     name = models.CharField(max_length=100)
     active = models.BooleanField()
@@ -16,6 +18,6 @@ class DepartmentSerializer(MyModelSerializer):
 
 
 class DepartmentViewSet(MyModelViewSet):
-    permission_classes = (permissions.IsAdminUser,)
+    permission_classes = get_viewset_permissions("DepartmentViewSet")
     queryset = Department.objects.all()  # pylint: disable=E1101
     serializer_class = DepartmentSerializer

backend/models/other_core/offer.py

 from django.db import models
-from rest_framework import permissions
 from backend.models.university import University
 from backend.models.other_core import Semester, Specialty
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class Offer(MyModel):
+    moderation_level = get_moderation_level("Offer")
     semester = models.ForeignKey(Semester, on_delete=models.PROTECT)
     university = models.ForeignKey(University, on_delete=models.PROTECT)
 
@@ -28,6 +29,6 @@ class OfferSerializer(MyModelSerializer):
 
 
 class OfferViewSet(MyModelViewSet):
-    permission_classes = (permissions.IsAdminUser,)
+    permission_classes = get_viewset_permissions("OfferViewSet")
     queryset = Offer.objects.all()  # pylint: disable=E1101
     serializer_class = OfferSerializer

backend/models/other_core/semester.py

 from django.db import models
-from rest_framework import permissions
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class Semester(MyModel):
+    moderation_level = get_moderation_level("Semester")
     code = models.CharField(primary_key=True, max_length=6)
 
 
@@ -14,6 +15,6 @@ class SemesterSerializer(MyModelSerializer):
 
 
 class SemesterViewSet(MyModelViewSet):
-    permission_classes = (permissions.IsAdminUser,)
+    permission_classes = get_viewset_permissions("SemesterViewSet")
     queryset = Semester.objects.all()  # pylint: disable=E1101
     serializer_class = SemesterSerializer

backend/models/other_core/specialty.py

 from django.db import models
-from rest_framework import permissions
 from backend.models.other_core import Department
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class Specialty(MyModel):
+    moderation_level = get_moderation_level("Specialty")
     code = models.CharField(max_length=6)
     department = models.ForeignKey(Department, on_delete=models.PROTECT)
     name = models.CharField(max_length=100)
@@ -22,6 +23,6 @@ class SpecialtySerializer(MyModelSerializer):
 
 
 class SpecialtyViewSet(MyModelViewSet):
-    permission_classes = (permissions.IsAdminUser,)
+    permission_classes = get_viewset_permissions("SpecialtyViewSet")
     queryset = Specialty.objects.all()  # pylint: disable=E1101
     serializer_class = SpecialtySerializer

backend/models/tag/tag.py

 from django.db import models
-from rest_framework import permissions
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
-from backend.models.tools import IsAdminOrReadOnly
 from django.contrib.postgres.fields import JSONField
+from backend.utils import get_viewset_permissions, get_moderation_level
 
 
 class Tag(MyModel):
     """
     TODO description
     """
+    moderation_level = get_moderation_level("Tag")
+
     name = models.CharField(max_length=100, unique=True)
     config = JSONField(blank=True, default=dict)
 
@@ -20,9 +21,6 @@ class TagSerializer(MyModelSerializer):
 
 
 class TagViewSet(MyModelViewSet):
-    permission_classes = (
-        permissions.IsAuthenticated,
-        IsAdminOrReadOnly
-    )
+    permission_classes = get_viewset_permissions("TagViewSet")
     queryset = Tag.objects.all()  # pylint: disable=E1101
     serializer_class = TagSerializer

backend/models/tools/__init__.py

 from .DictModeViewSet import DictModeViewSet  # noqa: F401
-from .noDeleteIfNotAdmin import NoDeleteIfNotAdmin  # noqa: F401
-from .isOwner import IsOwner  # noqa: F401
-from .noDelete import NoDelete  # noqa: F401
-from .isAdminOrReadOnly import IsAdminOrReadOnly  # noqa: F401

backend/models/university/campus.py

@@ -3,9 +3,11 @@ from backend.models.module import BasicModule, BasicModuleSerializer, BasicModul
 from backend.models.location import City
 from backend.models.university import University
 from django.core.validators import MinValueValidator, MaxValueValidator
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class Campus(BasicModule):
+    moderation_level = get_moderation_level("Campus")
 
     is_main_campus = models.BooleanField(null=False)
     name = models.CharField(max_length=200, null=True)
@@ -47,10 +49,12 @@ class CampusSerializer(BasicModuleSerializer):
 
 
 class CampusViewSet(BasicModuleViewSet):
+    permission_classes = get_viewset_permissions("CampusViewSet")
     queryset = Campus.objects.all()  # pylint: disable=E1101
     serializer_class = CampusSerializer
 
 
 class MainCampusViewSet(BasicModuleViewSet):
+    permission_classes = get_viewset_permissions("MainCampusViewSet")
     queryset = Campus.objects.filter(is_main_campus=True)
     serializer_class = CampusSerializer

backend/models/university/campusTaggedItem.py

 from django.db import models
 from backend.models.university import Campus
 from backend.models.tag import TaggedItem, TaggedItemSerializer, TaggedItemViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class CampusTaggedItem(TaggedItem):
+    moderation_level = get_moderation_level("CampusTaggedItem")
     campus = models.OneToOneField(
         Campus, on_delete=models.PROTECT, related_name='city_items', primary_key=True)
 
@@ -22,6 +24,6 @@ class CampusTaggedItemSerializer(TaggedItemSerializer):
 
 
 class CampusTaggedItemViewSet(TaggedItemViewSet):
-
+    permission_classes = get_viewset_permissions("CampusTaggedItemViewSet")
     queryset = CampusTaggedItem.objects.all()  # pylint: disable=E1101
     serializer_class = CampusTaggedItemSerializer

backend/models/university/university.py

 from django.db import models
 from backend.models.my_model import MyModel
 from backend.utils.friendly_path import friendly_path
+from backend.utils import get_moderation_level
 
 path_and_rename = friendly_path("uploads/universities/logos/", 'name')
 
@@ -9,6 +10,8 @@ class University(MyModel):
     """
     Model storing information about universities
     """
+    moderation_level = get_moderation_level("University")
+
     name = models.CharField(max_length=200)
     acronym = models.CharField(max_length=20, null=True, blank=True)
     logo = models.ImageField(upload_to=path_and_rename, max_length=250,

backend/models/university/universityAPI.py

 from backend.models.university import University
-from rest_framework import permissions
-from backend.models.tools import NoDeleteIfNotAdmin
 from backend.models.my_model import MyModelSerializer, MyModelViewSet
+from backend.utils import get_viewset_permissions
 
 
 class UniversitySerializer(MyModelSerializer):
@@ -12,10 +11,6 @@ class UniversitySerializer(MyModelSerializer):
 
 
 class UniversityViewSet(MyModelViewSet):
+    permission_classes = get_viewset_permissions("UniversityViewSet")
     serializer_class = UniversitySerializer
-
-    permission_classes = (
-        permissions.IsAuthenticated,
-        NoDeleteIfNotAdmin,
-    )
     queryset = University.objects.all()  # pylint: disable=E1101

backend/models/university/universityDri.py

 from django.db import models
 from backend.models.university import University
 from backend.models.module import DriRestrictedModule, DriRestrictedModuleSerializer, DriRestrictedModuleViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class UniversityDri(DriRestrictedModule):
+    moderation_level = get_moderation_level("UniversityDri")
     university = models.ManyToManyField(
         University, related_name="university_dri")
 
@@ -20,5 +22,6 @@ class UniversityDriSerializer(DriRestrictedModuleSerializer):
 
 
 class UniversityDriViewSet(DriRestrictedModuleViewSet):
+    permission_classes = get_viewset_permissions("UniversityDriViewSet")
     queryset = UniversityDri.objects.all()  # pylint: disable=E1101
     serializer_class = UniversityDriSerializer

backend/models/university/universityInfo.py

@@ -3,9 +3,11 @@ from backend.models.module import BasicModule, BasicModuleSerializer, BasicModul
 from backend.models.university import University
 from backend.models.location import Currency
 from django.core.validators import MinValueValidator
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class UniversityInfo(BasicModule):
+    moderation_level = get_moderation_level("UniversityInfo")
 
     university = models.OneToOneField(
         University, on_delete=models.CASCADE, related_name='university_info', primary_key=True, null=False)
@@ -39,5 +41,6 @@ class UniversityInfoSerializer(BasicModuleSerializer):
 
 
 class UniversityInfoViewSet(BasicModuleViewSet):
+    permission_classes = get_viewset_permissions("UniversityInfoViewSet")
     queryset = UniversityInfo.objects.all()  # pylint: disable=E1101
     serializer_class = UniversityInfoSerializer

backend/models/university/universityModulesAPI.py

@@ -3,6 +3,7 @@ from backend.models.university.campus import CampusSerializer
 
 from backend.models.university import UniversityDriSerializer
 from backend.models.my_model import MyModelSerializer, MyModelViewSet
+from backend.utils import get_viewset_permissions
 
 
 class UniversityModulesSerializer(MyModelSerializer):
@@ -15,7 +16,7 @@ class UniversityModulesSerializer(MyModelSerializer):
 
 
 class UniversityModulesViewSet(MyModelViewSet):
-
+    permission_classes = get_viewset_permissions("UniversityModulesViewSet")
     serializer_class = UniversityModulesSerializer
 
     def get_queryset(self):

backend/models/university/universityScholarship.py

 from django.db import models
 from backend.models.university import University
 from backend.models.module import Scholarship, ScholarshipSerializer, ScholarshipViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class UniversityScholarship(Scholarship):
+    moderation_level = get_moderation_level("UniversityScholarship")
     university = models.ForeignKey(
         University, on_delete=models.PROTECT, null=False, related_name="univScholarship")
 
@@ -20,5 +22,7 @@ class UniversityScholarshipSerializer(ScholarshipSerializer):
 
 
 class UniversityScholarshipViewSet(ScholarshipViewSet):
+    permission_classes = get_viewset_permissions(
+        "UniversityScholarshipViewSet")
     queryset = UniversityScholarship.objects.all()  # pylint: disable=E1101
     serializer_class = UniversityScholarshipSerializer

backend/models/university/universitySemestersDates.py

@@ -2,6 +2,7 @@ from django.db import models
 from backend.models.module import BasicModule, BasicModuleSerializer, BasicModuleViewSet
 from backend.models.university import University
 from rest_framework import serializers
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 def check_nones(val1, val2):
@@ -15,6 +16,7 @@ def check_nones(val1, val2):
 
 
 class UniversitySemestersDates(BasicModule):
+    moderation_level = get_moderation_level("UniversitySemestersDates")
 
     university = models.OneToOneField(
         University, on_delete=models.CASCADE, related_name='university_semesters_dates', primary_key=True, null=False)
@@ -54,5 +56,7 @@ class UniversitySemestersDatesSerializer(BasicModuleSerializer):
 
 
 class UniversitySemestersDatesViewSet(BasicModuleViewSet):
+    permission_classes = get_viewset_permissions(
+        "UniversitySemestersDatesViewSet")
     queryset = UniversitySemestersDates.objects.all()  # pylint: disable=E1101
     serializer_class = UniversitySemestersDatesSerializer

backend/models/university/universityTaggedItem.py

 from django.db import models
 from backend.models.tag import TaggedItem, TaggedItemSerializer, TaggedItemViewSet
 from backend.models.university import University
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class UniversityTaggedItem(TaggedItem):
+    moderation_level = get_moderation_level("UniversityTaggedItem")
     university = models.OneToOneField(
         University, on_delete=models.PROTECT, related_name='city_items', primary_key=True)
 
@@ -22,6 +24,6 @@ class UniversityTaggedItemSerializer(TaggedItemSerializer):
 
 
 class UniversityTaggedItemViewSet(TaggedItemViewSet):
-
+    permission_classes = get_viewset_permissions("UniversityTaggedItemViewSet")
     queryset = UniversityTaggedItem.objects.all()  # pylint: disable=E1101
     serializer_class = UniversityTaggedItemSerializer

backend/models/user/previousDeparture.py

 from django.db import models
-from rest_framework import permissions
 from backend.models.other_core.specialty import Specialty
 from backend.models.other_core.semester import Semester
 from backend.models.university import University
 from django.contrib.auth.models import User
 from django.contrib.postgres.fields import JSONField
 from backend.models.my_model import MyModel, MyModelSerializer, MyModelViewSet
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class PreviousDeparture(MyModel):
+    moderation_level = get_moderation_level("PreviousDeparture")
     # This model should be filled with data from the ENT
     semester = models.ForeignKey(Semester, on_delete=models.PROTECT)
     university = models.ForeignKey(University, on_delete=models.PROTECT)
@@ -31,7 +32,7 @@ class PreviousDepartureSerializer(MyModelSerializer):
 
 
 class PreviousDepartureViewSet(MyModelViewSet):
-    permission_classes = (permissions.IsAdminUser,)
+    permission_classes = get_viewset_permissions("PreviousDepartureViewSet")
     queryset = PreviousDeparture.objects.all()  # pylint: disable=E1101
     serializer_class = PreviousDepartureSerializer
     # todo if is_anonymous set user to null

backend/models/user/previousDepartureFeedback.py

@@ -4,9 +4,11 @@ from django.core.validators import MaxValueValidator
 from backend.models.user import UserRestrictedModule, UserRestrictedModuleSerializer, UserRestrictedModuleViewSet
 from backend.models.user import PreviousDeparture
 from django.contrib.postgres.fields import JSONField
+from backend.utils import get_moderation_level, get_viewset_permissions
 
 
 class PreviousDepartureFeedback(UserRestrictedModule):
+    moderation_level = get_moderation_level("Country")
     departure = models.OneToOneField(
         PreviousDeparture, on_delete=models.CASCADE)
 
@@ -28,5 +30,7 @@ class PreviousDepartureFeedbackSerializer(UserRestrictedModuleSerializer):
 
 
 class PreviousDepartureFeedbackViewSet(UserRestrictedModuleViewSet):
+    permission_classes = get_viewset_permissions(
+        "PreviousDepartureFeedbackViewSet")