nk20/apps/note/api/views.py

245 lines
11 KiB
Python
Raw Normal View History

Update 131 files - /apps/activity/api/serializers.py - /apps/activity/api/urls.py - /apps/activity/api/views.py - /apps/activity/tests/test_activities.py - /apps/activity/__init__.py - /apps/activity/admin.py - /apps/activity/apps.py - /apps/activity/forms.py - /apps/activity/tables.py - /apps/activity/urls.py - /apps/activity/views.py - /apps/api/__init__.py - /apps/api/apps.py - /apps/api/serializers.py - /apps/api/tests.py - /apps/api/urls.py - /apps/api/views.py - /apps/api/viewsets.py - /apps/logs/signals.py - /apps/logs/apps.py - /apps/logs/__init__.py - /apps/logs/api/serializers.py - /apps/logs/api/urls.py - /apps/logs/api/views.py - /apps/member/api/serializers.py - /apps/member/api/urls.py - /apps/member/api/views.py - /apps/member/templatetags/memberinfo.py - /apps/member/__init__.py - /apps/member/admin.py - /apps/member/apps.py - /apps/member/auth.py - /apps/member/forms.py - /apps/member/hashers.py - /apps/member/signals.py - /apps/member/tables.py - /apps/member/urls.py - /apps/member/views.py - /apps/note/api/serializers.py - /apps/note/api/urls.py - /apps/note/api/views.py - /apps/note/models/__init__.py - /apps/note/static/note/js/consos.js - /apps/note/templates/note/mails/negative_balance.txt - /apps/note/templatetags/getenv.py - /apps/note/templatetags/pretty_money.py - /apps/note/tests/test_transactions.py - /apps/note/__init__.py - /apps/note/admin.py - /apps/note/apps.py - /apps/note/forms.py - /apps/note/signals.py - /apps/note/tables.py - /apps/note/urls.py - /apps/note/views.py - /apps/permission/api/serializers.py - /apps/permission/api/urls.py - /apps/permission/api/views.py - /apps/permission/templatetags/perms.py - /apps/permission/tests/test_oauth2.py - /apps/permission/tests/test_permission_denied.py - /apps/permission/tests/test_permission_queries.py - /apps/permission/tests/test_rights_page.py - /apps/permission/__init__.py - /apps/permission/admin.py - /apps/permission/backends.py - /apps/permission/apps.py - /apps/permission/decorators.py - /apps/permission/permissions.py - /apps/permission/scopes.py - /apps/permission/signals.py - /apps/permission/tables.py - /apps/permission/urls.py - /apps/permission/views.py - /apps/registration/tests/test_registration.py - /apps/registration/__init__.py - /apps/registration/apps.py - /apps/registration/forms.py - /apps/registration/tables.py - /apps/registration/tokens.py - /apps/registration/urls.py - /apps/registration/views.py - /apps/treasury/api/serializers.py - /apps/treasury/api/urls.py - /apps/treasury/api/views.py - /apps/treasury/templatetags/escape_tex.py - /apps/treasury/tests/test_treasury.py - /apps/treasury/__init__.py - /apps/treasury/admin.py - /apps/treasury/apps.py - /apps/treasury/forms.py - /apps/treasury/signals.py - /apps/treasury/tables.py - /apps/treasury/urls.py - /apps/treasury/views.py - /apps/wei/api/serializers.py - /apps/wei/api/urls.py - /apps/wei/api/views.py - /apps/wei/forms/surveys/__init__.py - /apps/wei/forms/surveys/base.py - /apps/wei/forms/surveys/wei2021.py - /apps/wei/forms/surveys/wei2022.py - /apps/wei/forms/surveys/wei2023.py - /apps/wei/forms/__init__.py - /apps/wei/forms/registration.py - /apps/wei/management/commands/export_wei_registrations.py - /apps/wei/management/commands/import_scores.py - /apps/wei/management/commands/wei_algorithm.py - /apps/wei/templates/wei/weilist_sample.tex - /apps/wei/tests/test_wei_algorithm_2021.py - /apps/wei/tests/test_wei_algorithm_2022.py - /apps/wei/tests/test_wei_algorithm_2023.py - /apps/wei/tests/test_wei_registration.py - /apps/wei/__init__.py - /apps/wei/admin.py - /apps/wei/apps.py - /apps/wei/tables.py - /apps/wei/urls.py - /apps/wei/views.py - /note_kfet/settings/__init__.py - /note_kfet/settings/base.py - /note_kfet/settings/development.py - /note_kfet/settings/secrets_example.py - /note_kfet/static/js/base.js - /note_kfet/admin.py - /note_kfet/inputs.py - /note_kfet/middlewares.py - /note_kfet/urls.py - /note_kfet/views.py - /note_kfet/wsgi.py - /entrypoint.sh
2024-02-07 01:26:49 +00:00
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
2020-02-07 16:02:07 +00:00
# SPDX-License-Identifier: GPL-3.0-or-later
2020-09-10 12:37:11 +00:00
from django.conf import settings
from django.db.models import Q
2020-03-26 22:05:37 +00:00
from django.core.exceptions import ValidationError
2020-03-11 10:15:03 +00:00
from django_filters.rest_framework import DjangoFilterBackend
from rest_framework.filters import OrderingFilter
2024-07-18 11:51:56 +00:00
from rest_framework import status, viewsets
2020-03-26 22:05:37 +00:00
from rest_framework.response import Response
from api.filters import RegexSafeSearchFilter
2024-07-18 11:51:56 +00:00
from api.viewsets import ReadProtectedModelViewSet, ReadOnlyProtectedModelViewSet, \
is_regex
2020-08-03 14:11:05 +00:00
from permission.backends import PermissionBackend
2020-03-20 01:14:43 +00:00
2024-02-07 17:02:56 +00:00
from .serializers import NotePolymorphicSerializer, AliasSerializer, ConsumerSerializer, \
TemplateCategorySerializer, TransactionTemplateSerializer, TransactionPolymorphicSerializer, \
TrustSerializer
from ..models.notes import Note, Alias, NoteUser, NoteClub, NoteSpecial, Trust
2020-03-11 10:15:03 +00:00
from ..models.transactions import TransactionTemplate, Transaction, TemplateCategory
2020-02-07 16:02:07 +00:00
2020-08-31 18:15:48 +00:00
class NotePolymorphicViewSet(ReadProtectedModelViewSet):
2020-02-07 19:47:49 +00:00
"""
REST API View set.
2020-12-22 11:37:21 +00:00
The djangorestframework plugin will get all `Note` objects (with polymorhism),
serialize it to JSON with the given serializer,
then render it on /api/note/note/
2020-02-07 19:47:49 +00:00
"""
queryset = Note.objects.order_by('id')
2020-02-07 19:47:49 +00:00
serializer_class = NotePolymorphicSerializer
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter, OrderingFilter]
2020-12-22 11:37:21 +00:00
filterset_fields = ['alias__name', 'polymorphic_ctype', 'is_active', 'balance', 'last_negative', 'created_at', ]
search_fields = ['$alias__normalized_name', '$alias__name', '$polymorphic_ctype__model',
'$noteuser__user__last_name', '$noteuser__user__first_name', '$noteuser__user__email',
'$noteuser__user__email', '$noteclub__club__email', ]
ordering_fields = ['alias__name', 'alias__normalized_name', 'balance', 'created_at', ]
2020-02-07 19:47:49 +00:00
def get_queryset(self):
"""
Parse query and apply filters.
:return: The filtered set of requested notes
"""
queryset = self.queryset.filter(PermissionBackend.filter_queryset(self.request, Note, "view")
| PermissionBackend.filter_queryset(self.request, NoteUser, "view")
| PermissionBackend.filter_queryset(self.request, NoteClub, "view")
| PermissionBackend.filter_queryset(self.request, NoteSpecial, "view"))\
.distinct()
alias = self.request.query_params.get("alias", ".*")
2024-07-18 11:51:56 +00:00
# Check if this is a valid regex. If not, we won't check regex
valid_regex = is_regex(alias)
suffix = '__iregex' if valid_regex else '__istartswith'
alias_prefix = '^' if valid_regex else ''
2020-02-18 11:31:15 +00:00
queryset = queryset.filter(
2024-07-18 11:51:56 +00:00
Q(**{f"alias__name{suffix}": alias_prefix + alias})
| Q(**{f"alias__normalized_name{suffix}": alias_prefix + Alias.normalize(alias)})
| Q(**{f"alias__normalized_name{suffix}": alias_prefix + alias.lower()})
2020-08-31 18:15:48 +00:00
)
2020-09-01 13:54:56 +00:00
return queryset.order_by("id")
2020-02-07 19:47:49 +00:00
class TrustViewSet(ReadProtectedModelViewSet):
"""
REST Trust View set.
The djangorestframework plugin will get all `Trust` objects, serialize it to JSON with the given serializer,
then render it on /api/note/trust/
"""
queryset = Trust.objects
serializer_class = TrustSerializer
2024-07-18 11:51:56 +00:00
filter_backends = [RegexSafeSearchFilter, DjangoFilterBackend, OrderingFilter]
search_fields = ['$trusting__alias__name', '$trusting__alias__normalized_name',
2021-10-04 18:45:05 +00:00
'$trusted__alias__name', '$trusted__alias__normalized_name']
filterset_fields = ['trusting', 'trusting__noteuser__user', 'trusted', 'trusted__noteuser__user']
ordering_fields = ['trusting', 'trusted', ]
def get_serializer_class(self):
serializer_class = self.serializer_class
if self.request.method in ['PUT', 'PATCH']:
# trust relationship can't change people involved
serializer_class.Meta.read_only_fields = ('trusting', 'trusting',)
return serializer_class
def destroy(self, request, *args, **kwargs):
instance = self.get_object()
try:
self.perform_destroy(instance)
except ValidationError as e:
return Response({e.code: str(e)}, status.HTTP_400_BAD_REQUEST)
return Response(status=status.HTTP_204_NO_CONTENT)
class AliasViewSet(ReadProtectedModelViewSet):
2020-02-08 14:08:55 +00:00
"""
REST API View set.
The djangorestframework plugin will get all `Alias` objects, serialize it to JSON with the given serializer,
2024-07-18 11:51:56 +00:00
then render it on /api/note/alias/
2020-02-08 14:08:55 +00:00
"""
queryset = Alias.objects
2020-02-08 14:08:55 +00:00
serializer_class = AliasSerializer
filter_backends = [RegexSafeSearchFilter, DjangoFilterBackend, OrderingFilter]
2020-03-12 00:10:52 +00:00
search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
filterset_fields = ['name', 'normalized_name', 'note', 'note__noteuser__user',
'note__noteclub__club', 'note__polymorphic_ctype__model', ]
2020-12-22 11:37:21 +00:00
ordering_fields = ['name', 'normalized_name', ]
2020-02-08 14:08:55 +00:00
2020-03-26 16:45:24 +00:00
def get_serializer_class(self):
serializer_class = self.serializer_class
if self.request.method in ['PUT', 'PATCH']:
2020-03-27 13:19:55 +00:00
# alias owner cannot be change once establish
serializer_class.Meta.read_only_fields = ('note',)
2020-03-26 16:45:24 +00:00
return serializer_class
2020-03-27 13:19:55 +00:00
2020-03-26 22:05:37 +00:00
def destroy(self, request, *args, **kwargs):
instance = self.get_object()
try:
self.perform_destroy(instance)
except ValidationError as e:
return Response({e.code: str(e)}, status.HTTP_400_BAD_REQUEST)
2020-03-26 22:05:37 +00:00
return Response(status=status.HTTP_204_NO_CONTENT)
2020-03-27 13:19:55 +00:00
def get_queryset(self):
"""
Parse query and apply filters.
:return: The filtered set of requested aliases
"""
2020-08-31 19:32:45 +00:00
queryset = super().get_queryset().distinct()
2020-08-31 19:32:45 +00:00
alias = self.request.query_params.get("alias", None)
if alias:
2024-07-18 11:51:56 +00:00
# Check if this is a valid regex. If not, we won't check regex
valid_regex = is_regex(alias)
suffix = '__iregex' if valid_regex else '__istartswith'
alias_prefix = '^' if valid_regex else ''
2020-08-31 19:32:45 +00:00
queryset = queryset.filter(
2024-07-18 11:51:56 +00:00
**{f"name{suffix}": alias_prefix + alias}
2020-08-31 19:32:45 +00:00
).union(
queryset.filter(
2024-07-18 11:51:56 +00:00
Q(**{f"normalized_name{suffix}": alias_prefix + Alias.normalize(alias)})
& ~Q(**{f"name{suffix}": alias_prefix + alias})
2020-08-31 19:32:45 +00:00
),
all=True).union(
queryset.filter(
2024-07-18 11:51:56 +00:00
Q(**{f"normalized_name{suffix}": "^" + alias.lower()})
& ~Q(**{f"normalized_name{suffix}": "^" + Alias.normalize(alias)})
& ~Q(**{f"name{suffix}": "^" + alias})
2020-08-31 19:32:45 +00:00
),
all=True)
2020-09-01 13:54:56 +00:00
return queryset.order_by("name")
2020-03-28 16:42:29 +00:00
class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
queryset = Alias.objects
2020-03-28 16:42:29 +00:00
serializer_class = ConsumerSerializer
filter_backends = [RegexSafeSearchFilter, OrderingFilter, DjangoFilterBackend]
2020-03-28 16:42:29 +00:00
search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
filterset_fields = ['name', 'normalized_name', 'note', 'note__noteuser__user',
'note__noteclub__club', 'note__polymorphic_ctype__model', ]
2020-12-22 11:37:21 +00:00
ordering_fields = ['name', 'normalized_name', ]
2020-03-28 16:42:29 +00:00
def get_queryset(self):
"""
Parse query and apply filters.
:return: The filtered set of requested aliases
"""
2020-09-10 12:42:52 +00:00
queryset = super().get_queryset().distinct()
# Sqlite doesn't support ORDER BY in subqueries
2020-09-02 20:54:01 +00:00
queryset = queryset.order_by("name") \
if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' else queryset
2020-03-28 16:42:29 +00:00
2020-09-10 12:41:09 +00:00
alias = self.request.query_params.get("alias", None)
# Check if this is a valid regex. If not, we won't check regex
2024-07-18 11:51:56 +00:00
valid_regex = is_regex(alias)
suffix = '__iregex' if valid_regex else '__istartswith'
alias_prefix = '^' if valid_regex else ''
2020-09-01 13:54:56 +00:00
queryset = queryset.prefetch_related('note')
2020-09-10 12:41:09 +00:00
if alias:
# We match first an alias if it is matched without normalization,
# then if the normalized pattern matches a normalized alias.
queryset = queryset.filter(
2024-07-13 10:41:59 +00:00
Q(**{f'name{suffix}': alias_prefix + alias})
| Q(**{f'normalized_name{suffix}': alias_prefix + Alias.normalize(alias)})
| Q(**{f'normalized_name{suffix}': alias_prefix + alias.lower()})
)
2020-03-28 16:42:29 +00:00
2020-09-02 20:54:01 +00:00
queryset = queryset if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' \
else queryset.order_by("name")
return queryset.distinct()
2020-02-08 14:08:55 +00:00
class TemplateCategoryViewSet(ReadProtectedModelViewSet):
2020-03-11 00:03:15 +00:00
"""
REST API View set.
The djangorestframework plugin will get all `TemplateCategory` objects, serialize it to JSON with the given serializer,
then render it on /api/note/transaction/category/
"""
queryset = TemplateCategory.objects.order_by('name')
2020-03-11 00:03:15 +00:00
serializer_class = TemplateCategorySerializer
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
2020-12-22 11:37:21 +00:00
filterset_fields = ['name', 'templates', 'templates__name']
search_fields = ['$name', '$templates__name', ]
2020-03-11 00:03:15 +00:00
2020-03-24 21:12:44 +00:00
class TransactionTemplateViewSet(viewsets.ModelViewSet):
2020-02-07 16:02:07 +00:00
"""
REST API View set.
The djangorestframework plugin will get all `TransactionTemplate` objects, serialize it to JSON with the given serializer,
then render it on /api/note/transaction/template/
"""
queryset = TransactionTemplate.objects.order_by('name')
2020-02-07 16:02:07 +00:00
serializer_class = TransactionTemplateSerializer
filter_backends = [RegexSafeSearchFilter, DjangoFilterBackend, OrderingFilter]
2020-12-22 11:37:21 +00:00
filterset_fields = ['name', 'amount', 'display', 'category', 'category__name', ]
search_fields = ['$name', '$category__name', ]
ordering_fields = ['amount', ]
2020-02-07 16:02:07 +00:00
class TransactionViewSet(ReadProtectedModelViewSet):
2020-02-07 16:02:07 +00:00
"""
REST API View set.
The djangorestframework plugin will get all `Transaction` objects, serialize it to JSON with the given serializer,
then render it on /api/note/transaction/transaction/
"""
queryset = Transaction.objects.order_by('-created_at')
2020-03-11 10:15:03 +00:00
serializer_class = TransactionPolymorphicSerializer
filter_backends = [RegexSafeSearchFilter, DjangoFilterBackend, OrderingFilter]
2020-12-22 12:28:43 +00:00
filterset_fields = ['source', 'source_alias', 'source__alias__name', 'source__alias__normalized_name',
2020-12-22 11:37:21 +00:00
'destination', 'destination_alias', 'destination__alias__name',
'destination__alias__normalized_name', 'quantity', 'polymorphic_ctype', 'amount',
'created_at', 'valid', 'invalidity_reason', ]
search_fields = ['$reason', '$source_alias', '$source__alias__name', '$source__alias__normalized_name',
'$destination_alias', '$destination__alias__name', '$destination__alias__normalized_name',
'$invalidity_reason', ]
ordering_fields = ['created_at', 'amount', ]
2020-08-03 14:11:05 +00:00
def get_queryset(self):
return self.model.objects.filter(PermissionBackend.filter_queryset(self.request, self.model, "view"))\
.order_by("created_at", "id")