Initial commit to remove use of eval. gh-issue #151.
This commit is contained in:
Roberto Rosario
@@ -38,11 +38,15 @@ class APIMetadataTypeListView(generics.ListCreateAPIView):
|
||||
mayan_view_permissions = {'POST': [permission_metadata_type_create]}
|
||||
|
||||
def get(self, *args, **kwargs):
|
||||
"""Returns a list of all the metadata types."""
|
||||
"""
|
||||
Returns a list of all the metadata types.
|
||||
"""
|
||||
return super(APIMetadataTypeListView, self).get(*args, **kwargs)
|
||||
|
||||
def post(self, *args, **kwargs):
|
||||
"""Create a new metadata type."""
|
||||
"""
|
||||
Create a new metadata type.
|
||||
"""
|
||||
return super(APIMetadataTypeListView, self).post(*args, **kwargs)
|
||||
|
||||
|
||||
@@ -59,19 +63,27 @@ class APIMetadataTypeView(generics.RetrieveUpdateDestroyAPIView):
|
||||
}
|
||||
|
||||
def delete(self, *args, **kwargs):
|
||||
"""Delete the selected metadata type."""
|
||||
"""
|
||||
Delete the selected metadata type.
|
||||
"""
|
||||
return super(APIMetadataTypeView, self).delete(*args, **kwargs)
|
||||
|
||||
def get(self, *args, **kwargs):
|
||||
"""Return the details of the selected metadata type."""
|
||||
"""
|
||||
Return the details of the selected metadata type.
|
||||
"""
|
||||
return super(APIMetadataTypeView, self).get(*args, **kwargs)
|
||||
|
||||
def patch(self, *args, **kwargs):
|
||||
"""Edit the selected metadata type."""
|
||||
"""
|
||||
Edit the selected metadata type.
|
||||
"""
|
||||
return super(APIMetadataTypeView, self).patch(*args, **kwargs)
|
||||
|
||||
def put(self, *args, **kwargs):
|
||||
"""Edit the selected metadata type."""
|
||||
"""
|
||||
Edit the selected metadata type.
|
||||
"""
|
||||
return super(APIMetadataTypeView, self).put(*args, **kwargs)
|
||||
|
||||
|
||||
@@ -86,19 +98,31 @@ class APIDocumentMetadataListView(generics.ListCreateAPIView):
|
||||
document = self.get_document()
|
||||
|
||||
if self.request == 'GET':
|
||||
# Make sure the use has the permission to see the metadata for this document
|
||||
# Make sure the use has the permission to see the metadata for
|
||||
# this document
|
||||
try:
|
||||
Permission.check_permissions(self.request.user, [permission_metadata_document_view])
|
||||
Permission.check_permissions(
|
||||
self.request.user, [permission_metadata_document_view]
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_metadata_document_view, self.request.user, document)
|
||||
AccessControlList.objects.check_access(
|
||||
permission_metadata_document_view, self.request.user,
|
||||
document
|
||||
)
|
||||
else:
|
||||
return document.metadata.all()
|
||||
elif self.request == 'POST':
|
||||
# Make sure the use has the permission to add metadata to this document
|
||||
# Make sure the use has the permission to add metadata to this
|
||||
# document
|
||||
try:
|
||||
Permission.check_permissions(self.request.user, [permission_metadata_document_add])
|
||||
Permission.check_permissions(
|
||||
self.request.user, [permission_metadata_document_add]
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_metadata_document_add, self.request.user, document)
|
||||
AccessControlList.objects.check_access(
|
||||
permission_metadata_document_add, self.request.user,
|
||||
document
|
||||
)
|
||||
else:
|
||||
return document.metadata.all()
|
||||
|
||||
@@ -106,11 +130,15 @@ class APIDocumentMetadataListView(generics.ListCreateAPIView):
|
||||
serializer.document = self.get_document()
|
||||
|
||||
def get(self, *args, **kwargs):
|
||||
"""Returns a list of selected document's metadata types and values."""
|
||||
"""
|
||||
Returns a list of selected document's metadata types and values.
|
||||
"""
|
||||
return super(APIDocumentMetadataListView, self).get(*args, **kwargs)
|
||||
|
||||
def post(self, *args, **kwargs):
|
||||
"""Add an existing metadata type and value to the selected document."""
|
||||
"""
|
||||
Add an existing metadata type and value to the selected document.
|
||||
"""
|
||||
return super(APIDocumentMetadataListView, self).post(*args, **kwargs)
|
||||
|
||||
|
||||
@@ -127,29 +155,53 @@ class APIDocumentMetadataView(generics.RetrieveUpdateDestroyAPIView):
|
||||
}
|
||||
|
||||
def delete(self, *args, **kwargs):
|
||||
"""Delete the selected document metadata type and value."""
|
||||
"""
|
||||
Delete the selected document metadata type and value.
|
||||
"""
|
||||
try:
|
||||
return super(APIDocumentMetadataView, self).delete(*args, **kwargs)
|
||||
return super(
|
||||
APIDocumentMetadataView, self
|
||||
).delete(*args, **kwargs)
|
||||
except Exception as exception:
|
||||
return Response(status=status.HTTP_400_BAD_REQUEST, data={'non_fields_errors': unicode(exception)})
|
||||
return Response(
|
||||
status=status.HTTP_400_BAD_REQUEST, data={
|
||||
'non_fields_errors': unicode(exception)
|
||||
}
|
||||
)
|
||||
|
||||
def get(self, *args, **kwargs):
|
||||
"""Return the details of the selected document metadata type and value."""
|
||||
"""
|
||||
Return the details of the selected document metadata type and value.
|
||||
"""
|
||||
return super(APIDocumentMetadataView, self).get(*args, **kwargs)
|
||||
|
||||
def patch(self, *args, **kwargs):
|
||||
"""Edit the selected document metadata type and value."""
|
||||
"""
|
||||
Edit the selected document metadata type and value.
|
||||
"""
|
||||
try:
|
||||
return super(APIDocumentMetadataView, self).patch(*args, **kwargs)
|
||||
return super(
|
||||
APIDocumentMetadataView, self
|
||||
).patch(*args, **kwargs)
|
||||
except Exception as exception:
|
||||
return Response(status=status.HTTP_400_BAD_REQUEST, data={'non_fields_errors': unicode(exception)})
|
||||
return Response(
|
||||
status=status.HTTP_400_BAD_REQUEST, data={
|
||||
'non_fields_errors': unicode(exception)
|
||||
}
|
||||
)
|
||||
|
||||
def put(self, *args, **kwargs):
|
||||
"""Edit the selected document metadata type and value."""
|
||||
"""
|
||||
Edit the selected document metadata type and value.
|
||||
"""
|
||||
try:
|
||||
return super(APIDocumentMetadataView, self).put(*args, **kwargs)
|
||||
except Exception as exception:
|
||||
return Response(status=status.HTTP_400_BAD_REQUEST, data={'non_fields_errors': unicode(exception)})
|
||||
return Response(
|
||||
status=status.HTTP_400_BAD_REQUEST, data={
|
||||
'non_fields_errors': unicode(exception)
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView):
|
||||
@@ -160,17 +212,28 @@ class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView):
|
||||
required_metadata = False
|
||||
|
||||
def get_queryset(self):
|
||||
document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_pk'])
|
||||
document_type = get_object_or_404(
|
||||
DocumentType, pk=self.kwargs['document_type_pk']
|
||||
)
|
||||
try:
|
||||
Permission.check_permissions(self.request.user, [permission_document_type_view])
|
||||
Permission.check_permissions(
|
||||
self.request.user, [permission_document_type_view]
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_type_view, self.request.user, document_type)
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_type_view, self.request.user,
|
||||
document_type
|
||||
)
|
||||
|
||||
return document_type.metadata.filter(required=self.required_metadata)
|
||||
|
||||
def get(self, *args, **kwargs):
|
||||
"""Returns a list of selected document type's optional metadata types."""
|
||||
return super(APIDocumentTypeMetadataTypeOptionalListView, self).get(*args, **kwargs)
|
||||
"""
|
||||
Returns a list of selected document type's optional metadata types.
|
||||
"""
|
||||
return super(
|
||||
APIDocumentTypeMetadataTypeOptionalListView, self
|
||||
).get(*args, **kwargs)
|
||||
|
||||
def get_serializer_class(self):
|
||||
if self.request.method == 'GET':
|
||||
@@ -182,18 +245,29 @@ class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView):
|
||||
"""
|
||||
Add an optional metadata type to a document type.
|
||||
"""
|
||||
document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_pk'])
|
||||
document_type = get_object_or_404(
|
||||
DocumentType, pk=self.kwargs['document_type_pk']
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(self.request.user, [permission_document_type_edit])
|
||||
Permission.check_permissions(
|
||||
self.request.user, [permission_document_type_edit]
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_type_edit, self.request.user, document_type)
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_type_edit, self.request.user,
|
||||
document_type
|
||||
)
|
||||
|
||||
serializer = self.get_serializer(data=self.request.POST)
|
||||
|
||||
if serializer.is_valid():
|
||||
metadata_type = get_object_or_404(MetadataType, pk=serializer.data['metadata_type_pk'])
|
||||
document_type.metadata_type.add(metadata_type, required=self.required_metadata)
|
||||
metadata_type = get_object_or_404(
|
||||
MetadataType, pk=serializer.data['metadata_type_pk']
|
||||
)
|
||||
document_type.metadata_type.add(
|
||||
metadata_type, required=self.required_metadata
|
||||
)
|
||||
return Response(status=status.HTTP_201_CREATED)
|
||||
else:
|
||||
return Response(status=status.HTTP_400_BAD_REQUEST)
|
||||
@@ -203,14 +277,21 @@ class APIDocumentTypeMetadataTypeRequiredListView(APIDocumentTypeMetadataTypeOpt
|
||||
required_metadata = True
|
||||
|
||||
def get(self, *args, **kwargs):
|
||||
"""Returns a list of the selected document type's required metadata types."""
|
||||
return super(APIDocumentTypeMetadataTypeRequiredListView, self).get(*args, **kwargs)
|
||||
"""
|
||||
Returns a list of the selected document type's required metadata
|
||||
types.
|
||||
"""
|
||||
return super(
|
||||
APIDocumentTypeMetadataTypeRequiredListView, self
|
||||
).get(*args, **kwargs)
|
||||
|
||||
def post(self, request, *args, **kwargs):
|
||||
"""
|
||||
Add a required metadata type to a document type.
|
||||
"""
|
||||
return super(APIDocumentTypeMetadataTypeRequiredListView, self).get(*args, **kwargs)
|
||||
return super(
|
||||
APIDocumentTypeMetadataTypeRequiredListView, self
|
||||
).get(*args, **kwargs)
|
||||
|
||||
|
||||
class APIDocumentTypeMetadataTypeRequiredView(views.APIView):
|
||||
@@ -219,12 +300,21 @@ class APIDocumentTypeMetadataTypeRequiredView(views.APIView):
|
||||
Remove a metadata type from a document type.
|
||||
"""
|
||||
|
||||
document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_pk'])
|
||||
document_type = get_object_or_404(
|
||||
DocumentType, pk=self.kwargs['document_type_pk']
|
||||
)
|
||||
try:
|
||||
Permission.check_permissions(self.request.user, [permission_document_type_edit])
|
||||
Permission.check_permissions(
|
||||
self.request.user, [permission_document_type_edit]
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_type_edit, self.request.user, document_type)
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_type_edit, self.request.user,
|
||||
document_type
|
||||
)
|
||||
|
||||
metadata_type = get_object_or_404(MetadataType, pk=self.kwargs['metadata_type_pk'])
|
||||
metadata_type = get_object_or_404(
|
||||
MetadataType, pk=self.kwargs['metadata_type_pk']
|
||||
)
|
||||
document_type.metadata_type.remove(metadata_type)
|
||||
return Response(status=status.HTTP_204_NO_CONTENT)
|
||||
|
||||
Reference in New Issue
Block a user