Commit c25897791973b6fc7763e501bb62cfd2fbbfdaa3
1 parent
6b3644e7
Exists in
dev
Adding API views for full sequence, album, plan. Improving checking what user ca…
…n see depending his role
Showing
4 changed files
with
146 additions
and
10 deletions
Show diff stats
CHANGELOG
1 | 1 | 18-02-2022 (AKo): v0.3.7.0 |
2 | + - Add API url to get a full sequence (i.e. with albums and plans) | |
3 | + - Add API urls for querying Plan and Album models | |
4 | + - API : Small improvements on checking who is querying (if Admin can see all, if not the view is restricted) | |
2 | 5 | - Upgrade fontawesome version (from version 4 to version 6) |
3 | 6 | - Replace edit, delete, copy (i.e. global buttons) by icons with tooltips |
4 | 7 | - Upgrade Mysql version | ... | ... |
src/core/pyros_django/api/serializers.py
1 | -from common.models import PyrosUser, Sequence | |
1 | +from common.models import PyrosUser, Sequence, Plan, Album | |
2 | 2 | from rest_framework import serializers |
3 | 3 | |
4 | 4 | class UserSerializer(serializers.ModelSerializer): |
... | ... | @@ -13,4 +13,41 @@ class SequenceSerializer(serializers.ModelSerializer): |
13 | 13 | pyros_user = UserSerializer(read_only=True) |
14 | 14 | class Meta: |
15 | 15 | model = Sequence |
16 | - fields = "__all__" | |
17 | 16 | \ No newline at end of file |
17 | + fields = "__all__" | |
18 | + | |
19 | + | |
20 | +class AlbumSerializer(serializers.ModelSerializer): | |
21 | + sequence = SequenceSerializer(read_only=True) | |
22 | + class Meta: | |
23 | + model = Album | |
24 | + fields = "__all__" | |
25 | + | |
26 | + | |
27 | +class PlanSerializer(serializers.ModelSerializer): | |
28 | + album = AlbumSerializer(read_only=True) | |
29 | + class Meta: | |
30 | + model = Plan | |
31 | + fields = "__all__" | |
32 | + | |
33 | +class SimplePlanSerializer(serializers.ModelSerializer): | |
34 | + | |
35 | + class Meta: | |
36 | + model = Plan | |
37 | + exclude = ["album"] | |
38 | + | |
39 | +class SimpleAlbumSerializer(serializers.ModelSerializer): | |
40 | + plans = SimplePlanSerializer(read_only=True,many=True) | |
41 | + class Meta: | |
42 | + model = Album | |
43 | + fields = ["name","desc","plans"] | |
44 | +class FullSequenceSerializer(serializers.ModelSerializer): | |
45 | + pyros_user = UserSerializer(read_only=True) | |
46 | + # here albums is the relationmodel with many to many realtion so we have to set many to True | |
47 | + albums = SimpleAlbumSerializer(read_only=True,many=True) | |
48 | + | |
49 | + class Meta: | |
50 | + model = Sequence | |
51 | + fields = "__all__" | |
52 | + extra_fields = ["pyros_user","albums"] | |
53 | + | |
54 | + | ... | ... |
src/core/pyros_django/api/urls.py
... | ... | @@ -6,6 +6,9 @@ from rest_framework import routers |
6 | 6 | router = routers.DefaultRouter() |
7 | 7 | router.register(r'users', views.UserViewSet) |
8 | 8 | router.register(r'sequences', views.SequenceViewSet) |
9 | +router.register(r'albums', views.AlbumViewSet) | |
10 | +router.register(r'plans', views.PlanViewSet) | |
11 | +router.register(r'full_sequences', views.FullSequenceViewSet) | |
9 | 12 | urlpatterns = [ |
10 | 13 | path('', include(router.urls)), |
11 | 14 | path('hello/', views.Users.as_view(), name='hello'), | ... | ... |
src/core/pyros_django/api/views.py
... | ... | @@ -6,9 +6,11 @@ from rest_framework.permissions import IsAuthenticated, AllowAny |
6 | 6 | from rest_framework.decorators import api_view, permission_classes |
7 | 7 | from django.core.validators import ValidationError |
8 | 8 | from src.core.pyros_django.user_manager import views as user_views |
9 | -from api.serializers import SequenceSerializer, UserSerializer | |
10 | -from common.models import PyrosUser, Sequence | |
9 | +from api.serializers import AlbumSerializer, FullSequenceSerializer, PlanSerializer, SequenceSerializer, UserSerializer | |
10 | +from common.models import PyrosUser, Sequence, Album, Plan, UserLevel, SP_Period_User | |
11 | 11 | from routine_manager.functions import check_sequence_file_validity |
12 | +from rest_framework.request import Request | |
13 | + | |
12 | 14 | # Create your views here. |
13 | 15 | |
14 | 16 | |
... | ... | @@ -32,30 +34,121 @@ class Users(APIView): |
32 | 34 | |
33 | 35 | class UserViewSet(viewsets.ModelViewSet): |
34 | 36 | """ |
35 | - API endpoint that allows users to be viewed or edited. | |
37 | + API endpoint that allows users to be viewed. | |
36 | 38 | """ |
37 | 39 | queryset = PyrosUser.objects.all().order_by('-date_joined') |
38 | 40 | serializer_class = UserSerializer |
39 | 41 | permission_classes = [IsAuthenticated] |
40 | 42 | http_method_names = ["get"] |
41 | 43 | |
42 | - | |
44 | + def list(self, request): | |
45 | + serializer_context = { | |
46 | + 'request': request, | |
47 | + } | |
48 | + queryset = None | |
49 | + current_user = self.request.user | |
50 | + user = self.request.user | |
51 | + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name) | |
52 | + if user_role in ("Unit-PI","Unit-board","Admin"): | |
53 | + queryset = PyrosUser.objects.all().order_by("-created") | |
54 | + else: | |
55 | + sp_of_current_user = user.get_scientific_program() | |
56 | + pyros_users_with_roles = [] | |
57 | + for sp in sp_of_current_user: | |
58 | + for sp_period in sp.SP_Periods.all(): | |
59 | + for user in SP_Period_User.objects.filter(SP_Period=sp_period).exclude(user=current_user).values_list("user",flat=True): | |
60 | + pyros_users_with_roles.append(PyrosUser.objects.get(id=user)) | |
61 | + pyros_users_with_roles.append(sp_period.scientific_program.sp_pi) | |
62 | + admin_and_unit_users = PyrosUser.objects.filter(user_level__name__in=("Unit-PI","Unit-board","Admin")).distinct() | |
63 | + queryset = pyros_users_with_roles + list(admin_and_unit_users) | |
64 | + serializer = UserSerializer(queryset, context = serializer_context, many=True) | |
65 | + return Response(serializer.data) | |
43 | 66 | class SequenceViewSet(viewsets.ModelViewSet): |
44 | 67 | """ |
45 | - API endpoint that allows users to be viewed or edited. | |
68 | + API endpoint that allows users to view their sequences. | |
46 | 69 | """ |
47 | - queryset = Sequence.objects.all().order_by("-created") | |
70 | + queryset = Sequence.objects.all().order_by("-updated") | |
48 | 71 | serializer_class = SequenceSerializer |
49 | 72 | permission_classes = [IsAuthenticated] |
50 | 73 | http_method_names = ["get"] |
51 | 74 | def get_queryset(self): |
52 | 75 | """ |
53 | - This view should return a list of all the purchases | |
76 | + This view should return a list of all the sequences | |
77 | + for the currently authenticated user. | |
78 | + """ | |
79 | + user = self.request.user | |
80 | + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name) | |
81 | + if user_role in ("Unit-PI","Unit-board","Admin"): | |
82 | + return Sequence.objects.all().order_by("-updated") | |
83 | + else: | |
84 | + return Sequence.objects.filter(pyros_user=user).order_by("-updated") | |
85 | + | |
86 | + | |
87 | +class FullSequenceViewSet(viewsets.ModelViewSet): | |
88 | + """ | |
89 | + API endpoint that allows users to view their sequences. | |
90 | + """ | |
91 | + queryset = Sequence.objects.all().order_by("-updated") | |
92 | + serializer_class = FullSequenceSerializer | |
93 | + permission_classes = [IsAuthenticated] | |
94 | + http_method_names = ["get"] | |
95 | + def get_queryset(self): | |
96 | + """ | |
97 | + This view should return a list of all the sequences | |
54 | 98 | for the currently authenticated user. |
55 | 99 | """ |
56 | 100 | user = self.request.user |
57 | - return Sequence.objects.filter(pyros_user=user).order_by("-created") | |
101 | + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name) | |
102 | + if user_role in ("Unit-PI","Unit-board","Admin"): | |
103 | + return Sequence.objects.all().order_by("-updated") | |
104 | + else: | |
105 | + return Sequence.objects.filter(pyros_user=user).order_by("-updated") | |
58 | 106 | |
107 | + | |
108 | +class AlbumViewSet(viewsets.ModelViewSet): | |
109 | + """ | |
110 | + API endpoint that allows users to view their sequences. | |
111 | + """ | |
112 | + queryset = Album.objects.all().order_by("-updated") | |
113 | + serializer_class = AlbumSerializer | |
114 | + permission_classes = [IsAuthenticated] | |
115 | + http_method_names = ["get"] | |
116 | + def get_queryset(self): | |
117 | + """ | |
118 | + This view should return a list of all the albums | |
119 | + for the currently authenticated user. | |
120 | + """ | |
121 | + user = self.request.user | |
122 | + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name) | |
123 | + if user_role in ("Unit-PI","Unit-board","Admin"): | |
124 | + sequences = Sequence.objects.all().order_by("-updated") | |
125 | + else: | |
126 | + sequences = Sequence.objects.filter(pyros_user=user).order_by("-updated") | |
127 | + return Album.objects.filter(sequence__in=sequences).order_by("-updated") | |
128 | + | |
129 | + | |
130 | +class PlanViewSet(viewsets.ModelViewSet): | |
131 | + """ | |
132 | + API endpoint that allows users to view their sequences. | |
133 | + """ | |
134 | + queryset = Plan.objects.all().order_by("-updated") | |
135 | + serializer_class = PlanSerializer | |
136 | + permission_classes = [IsAuthenticated] | |
137 | + http_method_names = ["get"] | |
138 | + def get_queryset(self): | |
139 | + """ | |
140 | + This view should return a list of all the plans | |
141 | + for the currently authenticated user. | |
142 | + """ | |
143 | + user = self.request.user | |
144 | + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name) | |
145 | + if user_role in ("Unit-PI","Unit-board","Admin"): | |
146 | + sequences = Sequence.objects.all().order_by("-updated") | |
147 | + else: | |
148 | + sequences = Sequence.objects.filter(pyros_user=user).order_by("-updated") | |
149 | + albums = Album.objects.filter(sequence__in=sequences).order_by("-updated") | |
150 | + return Plan.objects.filter(album__in=albums).order_by("-updated") | |
151 | + | |
59 | 152 | @api_view(["PUT"]) |
60 | 153 | def submit_sequence_with_json(request): |
61 | 154 | sequence_json = request.data | ... | ... |