matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
ffb98cdba6140b2e1a23fcde3182b7ea645a5561
mayan-edms/mayan/apps/acls/api_views.py
Roberto Rosario ffb98cdba6 Add ACL creation API endpoint.
2017-03-10 01:27:10 -04:00

221 lines
6.3 KiB
Python
Raw Blame History

from __future__ import absolute_import, unicode_literals
from django.contrib.contenttypes.models import ContentType
from django.core.exceptions import PermissionDenied
from django.shortcuts import get_object_or_404
from rest_framework import generics
from permissions import Permission
from .models import AccessControlList
from .permissions import permission_acl_edit, permission_acl_view
from .serializers import (
AccessControlListPermissionSerializer, AccessControlListSerializer,
WritableAccessControlListSerializer
)
class APIObjectACLListView(generics.ListCreateAPIView):
def get(self, *args, **kwargs):
"""
Returns a list of all the object's access control lists
"""
return super(APIObjectACLListView, self).get(*args, **kwargs)
def get_content_object(self):
content_type = get_object_or_404(
ContentType, app_label=self.kwargs['app_label'],
model=self.kwargs['model']
)
content_object = get_object_or_404(
content_type.model_class(), pk=self.kwargs['object_pk']
)
if self.request.method == 'GET':
permission_required = permission_acl_view
else:
permission_required = permission_acl_edit
try:
Permission.check_permissions(
self.request.user, permissions=(permission_required,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_required, self.request.user, content_object
)
return content_object
def get_queryset(self):
return self.get_content_object().acls.all()
def get_serializer_context(self):
"""
Extra context provided to the serializer class.
"""
return {
'content_object': self.get_content_object(),
'format': self.format_kwarg,
'request': self.request,
'view': self
}
def get_serializer_class(self):
if self.request.method == 'GET':
return AccessControlListSerializer
else:
return WritableAccessControlListSerializer
def post(self, *args, **kwargs):
"""
Create a new access control list for the selected object.
"""
return super(APIObjectACLListView, self).post(*args, **kwargs)
class APIObjectACLView(generics.RetrieveAPIView):
serializer_class = AccessControlListSerializer
def get(self, *args, **kwargs):
"""
Returns the details of the selected access control list.
"""
return super(APIObjectACLView, self).get(*args, **kwargs)
def get_content_object(self):
if self.request.method == 'GET':
permission_required = permission_acl_view
else:
permission_required = permission_acl_edit
content_type = get_object_or_404(
ContentType, app_label=self.kwargs['app_label'],
model=self.kwargs['model']
)
content_object = get_object_or_404(
content_type.model_class(), pk=self.kwargs['object_pk']
)
try:
Permission.check_permissions(
self.request.user, permissions=(permission_required,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_required, self.request.user, content_object
)
return content_object
def get_queryset(self):
return self.get_content_object().acls.all()
class APIObjectACLPermissionListView(generics.ListAPIView):
serializer_class = AccessControlListPermissionSerializer
def get(self, *args, **kwargs):
"""
Returns the access control list permission list.
"""
return super(
APIObjectACLPermissionListView, self
).get(*args, **kwargs)
def get_acl(self):
return get_object_or_404(
self.get_content_object().acls, pk=self.kwargs['pk']
)
def get_content_object(self):
content_type = get_object_or_404(
ContentType, app_label=self.kwargs['app_label'],
model=self.kwargs['model']
)
content_object = get_object_or_404(
content_type.model_class(), pk=self.kwargs['object_pk']
)
try:
Permission.check_permissions(
self.request.user, permissions=(permission_acl_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_acl_view, self.request.user, content_object
)
return content_object
def get_queryset(self):
return self.get_acl().permissions.all()
def get_serializer_context(self):
return {
'acl': self.get_acl(),
'format': self.format_kwarg,
'request': self.request,
'view': self
}
class APIObjectACLPermissionView(generics.RetrieveAPIView):
lookup_url_kwarg = 'permission_pk'
serializer_class = AccessControlListPermissionSerializer
def get(self, *args, **kwargs):
"""
Returns the details of the selected access control list permission.
"""
return super(
APIObjectACLPermissionView, self
).get(*args, **kwargs)
def get_acl(self):
return get_object_or_404(
self.get_content_object().acls, pk=self.kwargs['pk']
)
def get_content_object(self):
content_type = get_object_or_404(
ContentType, app_label=self.kwargs['app_label'],
model=self.kwargs['model']
)
content_object = get_object_or_404(
content_type.model_class(), pk=self.kwargs['object_pk']
)
try:
Permission.check_permissions(
self.request.user, permissions=(permission_acl_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_acl_view, self.request.user, content_object
)
return content_object
def get_queryset(self):
return self.get_acl().permissions.all()
def get_serializer_context(self):
return {
'acl': self.get_acl(),
'format': self.format_kwarg,
'request': self.request,
'view': self
}
Reference in New Issue View Git Blame Copy Permalink