Commit c25897791973b6fc7763e501bb62cfd2fbbfdaa3

Authored by Alexis Koralewski
1 parent 6b3644e7
Exists in dev

Adding API views for full sequence, album, plan. Improving checking what user ca…

…n see depending his role
CHANGELOG
1 1 18-02-2022 (AKo): v0.3.7.0
  2 + - Add API url to get a full sequence (i.e. with albums and plans)
  3 + - Add API urls for querying Plan and Album models
  4 + - API : Small improvements on checking who is querying (if Admin can see all, if not the view is restricted)
2 5 - Upgrade fontawesome version (from version 4 to version 6)
3 6 - Replace edit, delete, copy (i.e. global buttons) by icons with tooltips
4 7 - Upgrade Mysql version
... ...
src/core/pyros_django/api/serializers.py
1   -from common.models import PyrosUser, Sequence
  1 +from common.models import PyrosUser, Sequence, Plan, Album
2 2 from rest_framework import serializers
3 3  
4 4 class UserSerializer(serializers.ModelSerializer):
... ... @@ -13,4 +13,41 @@ class SequenceSerializer(serializers.ModelSerializer):
13 13 pyros_user = UserSerializer(read_only=True)
14 14 class Meta:
15 15 model = Sequence
16   - fields = "__all__"
17 16 \ No newline at end of file
  17 + fields = "__all__"
  18 +
  19 +
  20 +class AlbumSerializer(serializers.ModelSerializer):
  21 + sequence = SequenceSerializer(read_only=True)
  22 + class Meta:
  23 + model = Album
  24 + fields = "__all__"
  25 +
  26 +
  27 +class PlanSerializer(serializers.ModelSerializer):
  28 + album = AlbumSerializer(read_only=True)
  29 + class Meta:
  30 + model = Plan
  31 + fields = "__all__"
  32 +
  33 +class SimplePlanSerializer(serializers.ModelSerializer):
  34 +
  35 + class Meta:
  36 + model = Plan
  37 + exclude = ["album"]
  38 +
  39 +class SimpleAlbumSerializer(serializers.ModelSerializer):
  40 + plans = SimplePlanSerializer(read_only=True,many=True)
  41 + class Meta:
  42 + model = Album
  43 + fields = ["name","desc","plans"]
  44 +class FullSequenceSerializer(serializers.ModelSerializer):
  45 + pyros_user = UserSerializer(read_only=True)
  46 + # here albums is the relationmodel with many to many realtion so we have to set many to True
  47 + albums = SimpleAlbumSerializer(read_only=True,many=True)
  48 +
  49 + class Meta:
  50 + model = Sequence
  51 + fields = "__all__"
  52 + extra_fields = ["pyros_user","albums"]
  53 +
  54 +
... ...
src/core/pyros_django/api/urls.py
... ... @@ -6,6 +6,9 @@ from rest_framework import routers
6 6 router = routers.DefaultRouter()
7 7 router.register(r'users', views.UserViewSet)
8 8 router.register(r'sequences', views.SequenceViewSet)
  9 +router.register(r'albums', views.AlbumViewSet)
  10 +router.register(r'plans', views.PlanViewSet)
  11 +router.register(r'full_sequences', views.FullSequenceViewSet)
9 12 urlpatterns = [
10 13 path('', include(router.urls)),
11 14 path('hello/', views.Users.as_view(), name='hello'),
... ...
src/core/pyros_django/api/views.py
... ... @@ -6,9 +6,11 @@ from rest_framework.permissions import IsAuthenticated, AllowAny
6 6 from rest_framework.decorators import api_view, permission_classes
7 7 from django.core.validators import ValidationError
8 8 from src.core.pyros_django.user_manager import views as user_views
9   -from api.serializers import SequenceSerializer, UserSerializer
10   -from common.models import PyrosUser, Sequence
  9 +from api.serializers import AlbumSerializer, FullSequenceSerializer, PlanSerializer, SequenceSerializer, UserSerializer
  10 +from common.models import PyrosUser, Sequence, Album, Plan, UserLevel, SP_Period_User
11 11 from routine_manager.functions import check_sequence_file_validity
  12 +from rest_framework.request import Request
  13 +
12 14 # Create your views here.
13 15  
14 16  
... ... @@ -32,30 +34,121 @@ class Users(APIView):
32 34  
33 35 class UserViewSet(viewsets.ModelViewSet):
34 36 """
35   - API endpoint that allows users to be viewed or edited.
  37 + API endpoint that allows users to be viewed.
36 38 """
37 39 queryset = PyrosUser.objects.all().order_by('-date_joined')
38 40 serializer_class = UserSerializer
39 41 permission_classes = [IsAuthenticated]
40 42 http_method_names = ["get"]
41 43  
42   -
  44 + def list(self, request):
  45 + serializer_context = {
  46 + 'request': request,
  47 + }
  48 + queryset = None
  49 + current_user = self.request.user
  50 + user = self.request.user
  51 + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name)
  52 + if user_role in ("Unit-PI","Unit-board","Admin"):
  53 + queryset = PyrosUser.objects.all().order_by("-created")
  54 + else:
  55 + sp_of_current_user = user.get_scientific_program()
  56 + pyros_users_with_roles = []
  57 + for sp in sp_of_current_user:
  58 + for sp_period in sp.SP_Periods.all():
  59 + for user in SP_Period_User.objects.filter(SP_Period=sp_period).exclude(user=current_user).values_list("user",flat=True):
  60 + pyros_users_with_roles.append(PyrosUser.objects.get(id=user))
  61 + pyros_users_with_roles.append(sp_period.scientific_program.sp_pi)
  62 + admin_and_unit_users = PyrosUser.objects.filter(user_level__name__in=("Unit-PI","Unit-board","Admin")).distinct()
  63 + queryset = pyros_users_with_roles + list(admin_and_unit_users)
  64 + serializer = UserSerializer(queryset, context = serializer_context, many=True)
  65 + return Response(serializer.data)
43 66 class SequenceViewSet(viewsets.ModelViewSet):
44 67 """
45   - API endpoint that allows users to be viewed or edited.
  68 + API endpoint that allows users to view their sequences.
46 69 """
47   - queryset = Sequence.objects.all().order_by("-created")
  70 + queryset = Sequence.objects.all().order_by("-updated")
48 71 serializer_class = SequenceSerializer
49 72 permission_classes = [IsAuthenticated]
50 73 http_method_names = ["get"]
51 74 def get_queryset(self):
52 75 """
53   - This view should return a list of all the purchases
  76 + This view should return a list of all the sequences
  77 + for the currently authenticated user.
  78 + """
  79 + user = self.request.user
  80 + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name)
  81 + if user_role in ("Unit-PI","Unit-board","Admin"):
  82 + return Sequence.objects.all().order_by("-updated")
  83 + else:
  84 + return Sequence.objects.filter(pyros_user=user).order_by("-updated")
  85 +
  86 +
  87 +class FullSequenceViewSet(viewsets.ModelViewSet):
  88 + """
  89 + API endpoint that allows users to view their sequences.
  90 + """
  91 + queryset = Sequence.objects.all().order_by("-updated")
  92 + serializer_class = FullSequenceSerializer
  93 + permission_classes = [IsAuthenticated]
  94 + http_method_names = ["get"]
  95 + def get_queryset(self):
  96 + """
  97 + This view should return a list of all the sequences
54 98 for the currently authenticated user.
55 99 """
56 100 user = self.request.user
57   - return Sequence.objects.filter(pyros_user=user).order_by("-created")
  101 + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name)
  102 + if user_role in ("Unit-PI","Unit-board","Admin"):
  103 + return Sequence.objects.all().order_by("-updated")
  104 + else:
  105 + return Sequence.objects.filter(pyros_user=user).order_by("-updated")
58 106  
  107 +
  108 +class AlbumViewSet(viewsets.ModelViewSet):
  109 + """
  110 + API endpoint that allows users to view their sequences.
  111 + """
  112 + queryset = Album.objects.all().order_by("-updated")
  113 + serializer_class = AlbumSerializer
  114 + permission_classes = [IsAuthenticated]
  115 + http_method_names = ["get"]
  116 + def get_queryset(self):
  117 + """
  118 + This view should return a list of all the albums
  119 + for the currently authenticated user.
  120 + """
  121 + user = self.request.user
  122 + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name)
  123 + if user_role in ("Unit-PI","Unit-board","Admin"):
  124 + sequences = Sequence.objects.all().order_by("-updated")
  125 + else:
  126 + sequences = Sequence.objects.filter(pyros_user=user).order_by("-updated")
  127 + return Album.objects.filter(sequence__in=sequences).order_by("-updated")
  128 +
  129 +
  130 +class PlanViewSet(viewsets.ModelViewSet):
  131 + """
  132 + API endpoint that allows users to view their sequences.
  133 + """
  134 + queryset = Plan.objects.all().order_by("-updated")
  135 + serializer_class = PlanSerializer
  136 + permission_classes = [IsAuthenticated]
  137 + http_method_names = ["get"]
  138 + def get_queryset(self):
  139 + """
  140 + This view should return a list of all the plans
  141 + for the currently authenticated user.
  142 + """
  143 + user = self.request.user
  144 + user_role = str(UserLevel.objects.get(priority=user.get_priority()).name)
  145 + if user_role in ("Unit-PI","Unit-board","Admin"):
  146 + sequences = Sequence.objects.all().order_by("-updated")
  147 + else:
  148 + sequences = Sequence.objects.filter(pyros_user=user).order_by("-updated")
  149 + albums = Album.objects.filter(sequence__in=sequences).order_by("-updated")
  150 + return Plan.objects.filter(album__in=albums).order_by("-updated")
  151 +
59 152 @api_view(["PUT"])
60 153 def submit_sequence_with_json(request):
61 154 sequence_json = request.data
... ...