matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
61ebda6e63e4da83f5cb7c033711c1980024bff0
mayan-edms/mayan/apps/rest_api/mixins.py
Roberto Rosario 61ebda6e63 REST API app updates 
- Add back support for API views but using the
api_urlpatterns list. Needed for the current user
API until a dynamic route router is implemented that
can allow a viewset action to specify its entire URL.

- Make sure the user is authenticated before
trying to the user permissions.

- Improve how external_object_list options are read from
the class.

- None authenticated users will get a blank queryset if the
view doesn't require a permission.

Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
2019-02-07 20:13:35 -04:00

71 lines
2.6 KiB
Python
Raw Blame History

from __future__ import absolute_import, unicode_literals
from django.core.exceptions import ImproperlyConfigured
from mayan.apps.acls.models import AccessControlList
class ExternalObjectListSerializerMixin(object):
"""
Mixin to allow serializers to get a restricted object list with minimal code.
This mixin adds the follow class Meta options to a serializer:
external_object_list_model
external_object_list_permission
external_object_list_queryset
external_object_list_pk_field
external_object_list_pk_list_field
The source queryset can also be provided overriding the
.get_external_object_list() method.
"""
def __init__(self, *args, **kwargs):
super(ExternalObjectListSerializerMixin, self).__init__(*args, **kwargs)
self.external_object_list_options = getattr(self, 'Meta', None)
def get_external_object_list(self):
queryset = self.get_external_object_list_queryset()
if self.Meta.external_object_list_permission:
queryset = AccessControlList.objects.restrict_queryset(
permission=self.Meta.external_object_list_permission,
queryset=queryset,
user=self.context['request'].user
)
pk_field = self.get_external_object_list_option('pk_field')
pk_list_field = self.get_external_object_list_option('pk_list_field')
if pk_field:
id_list = (self.validated_data.get(pk_field),)
elif pk_list_field:
id_list = self.validated_data.get(pk_list_field, '').split(',')
else:
raise ImproperlyConfigured(
'ExternalObjectListSerializerMixin requires a '
'external_object_list__pk_field a '
'external_object_list_pk_list_field.'
)
return queryset.filter(pk__in=id_list)
def get_external_object_list_option(self, option_name):
return getattr(
self.external_object_list_options, 'external_object_list_{}'.format(option_name), None
)
def get_external_object_list_queryset(self):
model = self.get_external_object_list_option('model')
queryset = self.get_external_object_list_option('queryset')
if model:
queryset = model._meta.default_manager.all()
elif queryset:
return queryset
else:
raise ImproperlyConfigured(
'ExternalObjectListSerializerMixin requires a '
'external_object_list_model or a external_object_list_queryset.'
)
return queryset
Reference in New Issue View Git Blame Copy Permalink