diff --git a/mayan/apps/checkouts/api_views.py b/mayan/apps/checkouts/api_views.py index a820b0708a..f9fc5152c6 100644 --- a/mayan/apps/checkouts/api_views.py +++ b/mayan/apps/checkouts/api_views.py @@ -1,21 +1,14 @@ from __future__ import absolute_import, unicode_literals -import pytz - -from django.shortcuts import get_object_or_404 -from django.utils.encoding import force_text - -from rest_framework import generics, status -from rest_framework.response import Response +from rest_framework import generics from acls.models import AccessControlList -from documents.models import Document from documents.permissions import permission_document_view from .models import DocumentCheckout from .permissions import ( permission_document_checkin, permission_document_checkin_override, - permission_document_checkout, permission_document_checkout_detail_view + permission_document_checkout_detail_view ) from .serializers import ( DocumentCheckoutSerializer, NewDocumentCheckoutSerializer @@ -56,38 +49,9 @@ class APICheckedoutDocumentListView(generics.ListCreateAPIView): """ Checkout a document. """ - - serializer = self.get_serializer(data=request.DATA, files=request.FILES) - - if serializer.is_valid(): - document = get_object_or_404( - Document, pk=serializer.data['document'] - ) - AccessControlList.objects.check_access( - permissions=permission_document_checkout, user=request.user, - obj=document - ) - - timezone = pytz.utc - - try: - DocumentCheckout.objects.create( - document=document, - expiration_datetime=timezone.localize( - serializer.data['expiration_datetime'] - ), - user=request.user, - block_new_version=serializer.data['block_new_version'] - ) - except Exception as exception: - return Response( - data={'exception': force_text(exception)}, - status=status.HTTP_400_BAD_REQUEST - ) - - return Response(status=status.HTTP_201_CREATED) - - return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) + return super( + APICheckedoutDocumentListView, self + ).post(request, *args, **kwargs) class APICheckedoutDocumentView(generics.RetrieveDestroyAPIView): diff --git a/mayan/apps/checkouts/serializers.py b/mayan/apps/checkouts/serializers.py index 4d674cffbf..0c6564cb45 100644 --- a/mayan/apps/checkouts/serializers.py +++ b/mayan/apps/checkouts/serializers.py @@ -1,10 +1,15 @@ from __future__ import unicode_literals +from django.utils.translation import ugettext_lazy as _ + from rest_framework import serializers +from acls.models import AccessControlList +from documents.models import Document from documents.serializers import DocumentSerializer from .models import DocumentCheckout +from .permissions import permission_document_checkout class DocumentCheckoutSerializer(serializers.ModelSerializer): @@ -15,7 +20,34 @@ class DocumentCheckoutSerializer(serializers.ModelSerializer): model = DocumentCheckout -class NewDocumentCheckoutSerializer(serializers.Serializer): - document = serializers.IntegerField() - expiration_datetime = serializers.DateTimeField() +class NewDocumentCheckoutSerializer(serializers.ModelSerializer): block_new_version = serializers.BooleanField() + document_pk = serializers.IntegerField( + help_text=_('Primary key of the document to be checked out.'), + write_only=True + ) + + expiration_datetime = serializers.DateTimeField() + + class Meta: + fields = ( + 'block_new_version', 'document', 'document_pk', + 'expiration_datetime', 'id' + ) + model = DocumentCheckout + read_only_fields = ('document',) + write_only_fields = ('document_pk',) + + def create(self, validated_data): + document = Document.objects.get(pk=validated_data.pop('document_pk')) + + AccessControlList.objects.check_access( + permissions=permission_document_checkout, + user=self.context['request'].user, obj=document + ) + + validated_data['document'] = document + validated_data['user'] = self.context['request'].user + return super(NewDocumentCheckoutSerializer, self).create( + validated_data + )