Commit 2822d947 authored by Sli's avatar Sli
Browse files

Enhaced API : look for permissions, automaticly add /{pk}/id, added

users, groups and clubs
parent 1a6373e9
Pipeline #99 failed with stage
in 2 minutes and 3 seconds
...@@ -6,6 +6,9 @@ from rest_framework import routers ...@@ -6,6 +6,9 @@ from rest_framework import routers
# Router config # Router config
router = routers.DefaultRouter() router = routers.DefaultRouter()
router.register(r'counter', CounterViewSet, base_name='api_counter') router.register(r'counter', CounterViewSet, base_name='api_counter')
router.register(r'user', UserViewSet, base_name='api_user')
router.register(r'club', ClubViewSet, base_name='api_club')
router.register(r'group', GroupViewSet, base_name='api_group')
urlpatterns = [ urlpatterns = [
......
from rest_framework.response import Response
from rest_framework import viewsets
from django.core.exceptions import PermissionDenied
from rest_framework.decorators import detail_route
from core.views import can_view, can_edit
class RightManagedModelViewSet(viewsets.ModelViewSet):
@detail_route()
def id(self, request, pk=None):
"""
Get by id (api/v1/router/{pk}/id/)
"""
self.queryset = get_object_or_404(self.queryset.filter(id=pk))
serializer = self.get_serializer(self.queryset)
return Response(serializer.data)
def dispatch(self, request, *arg, **kwargs):
res = super(RightManagedModelViewSet,
self).dispatch(request, *arg, **kwargs)
obj = self.queryset
user = self.request.user
try:
if (request.method == 'GET' and can_view(obj, user)):
return res
elif (request.method == 'PUSH' and can_edit(obj, user)):
return res
except: pass # To prevent bug with Anonymous user
raise PermissionDenied
from .api import * from .api import *
from .serializers import * from .serializers import *
\ No newline at end of file
...@@ -7,8 +7,10 @@ from rest_framework.decorators import list_route ...@@ -7,8 +7,10 @@ from rest_framework.decorators import list_route
from core.templatetags.renderer import markdown from core.templatetags.renderer import markdown
from counter.models import Counter from counter.models import Counter
from core.models import User, Group
from club.models import Club
from api.views import serializers from api.views import serializers
from api.views import RightManagedModelViewSet
@api_view(['GET']) @api_view(['GET'])
def RenderMarkdown(request): def RenderMarkdown(request):
...@@ -19,28 +21,45 @@ def RenderMarkdown(request): ...@@ -19,28 +21,45 @@ def RenderMarkdown(request):
return Response(markdown(request.GET['text'])) return Response(markdown(request.GET['text']))
class CounterViewSet(viewsets.ModelViewSet): class CounterViewSet(RightManagedModelViewSet):
""" """
Manage Counters (api/v1/counter) Manage Counters (api/v1/counter/)
""" """
serializer_class = serializers.Counter serializer_class = serializers.CounterRead
queryset = Counter.objects.all() queryset = Counter.objects.all()
@list_route() @list_route()
def bar(self, request): def bar(self, request):
""" """
Return all bars (api/v1/counter/bar) Return all bars (api/v1/counter/bar/)
""" """
self.queryset = Counter.objects.filter(type="BAR") self.queryset = self.queryset.filter(type="BAR")
serializer = self.get_serializer(self.queryset, many=True) serializer = self.get_serializer(self.queryset, many=True)
return Response(serializer.data) return Response(serializer.data)
@detail_route()
def id(self, request, pk=None): class UserViewSet(RightManagedModelViewSet):
""" """
Get by id (api/v1/{nk}/id) Manage Users (api/v1/user/)
""" """
self.queryset = get_object_or_404(Counter.objects.filter(id=pk))
serializer = self.get_serializer(self.queryset) serializer_class = serializers.UserRead
return Response(serializer.data) queryset = User.objects.all()
class ClubViewSet(RightManagedModelViewSet):
"""
Manage Clubs (api/v1/club/)
"""
serializer_class = serializers.ClubRead
queryset = Club.objects.all()
class GroupViewSet(RightManagedModelViewSet):
"""
Manage Groups (api/v1/group/)
"""
serializer_class = serializers.GroupRead
queryset = Group.objects.all()
from rest_framework import serializers from rest_framework import serializers
from counter.models import Counter from counter.models import Counter
from core.models import User, Group
from club.models import Club
class Counter(serializers.ModelSerializer): class CounterRead(serializers.ModelSerializer):
is_open = serializers.BooleanField(read_only=True) is_open = serializers.BooleanField(read_only=True)
barman_list = serializers.ListField( barman_list = serializers.ListField(
child = serializers.IntegerField() child=serializers.IntegerField()
) )
class Meta: class Meta:
model = Counter model = Counter
fields = ('id', 'name', 'type', 'is_open', 'barman_list') fields = ('id', 'name', 'type', 'is_open', 'barman_list')
class UserRead(serializers.ModelSerializer):
class Meta:
model = User
class ClubRead(serializers.ModelSerializer):
class Meta:
model = Club
class GroupRead(serializers.ModelSerializer):
class Meta:
model = Group
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment