mirror of
https://gitlab.crans.org/bde/nk20
synced 2024-11-30 04:13:01 +00:00
a6b479db19
- /apps/activity/api/serializers.py - /apps/activity/api/urls.py - /apps/activity/api/views.py - /apps/activity/tests/test_activities.py - /apps/activity/__init__.py - /apps/activity/admin.py - /apps/activity/apps.py - /apps/activity/forms.py - /apps/activity/tables.py - /apps/activity/urls.py - /apps/activity/views.py - /apps/api/__init__.py - /apps/api/apps.py - /apps/api/serializers.py - /apps/api/tests.py - /apps/api/urls.py - /apps/api/views.py - /apps/api/viewsets.py - /apps/logs/signals.py - /apps/logs/apps.py - /apps/logs/__init__.py - /apps/logs/api/serializers.py - /apps/logs/api/urls.py - /apps/logs/api/views.py - /apps/member/api/serializers.py - /apps/member/api/urls.py - /apps/member/api/views.py - /apps/member/templatetags/memberinfo.py - /apps/member/__init__.py - /apps/member/admin.py - /apps/member/apps.py - /apps/member/auth.py - /apps/member/forms.py - /apps/member/hashers.py - /apps/member/signals.py - /apps/member/tables.py - /apps/member/urls.py - /apps/member/views.py - /apps/note/api/serializers.py - /apps/note/api/urls.py - /apps/note/api/views.py - /apps/note/models/__init__.py - /apps/note/static/note/js/consos.js - /apps/note/templates/note/mails/negative_balance.txt - /apps/note/templatetags/getenv.py - /apps/note/templatetags/pretty_money.py - /apps/note/tests/test_transactions.py - /apps/note/__init__.py - /apps/note/admin.py - /apps/note/apps.py - /apps/note/forms.py - /apps/note/signals.py - /apps/note/tables.py - /apps/note/urls.py - /apps/note/views.py - /apps/permission/api/serializers.py - /apps/permission/api/urls.py - /apps/permission/api/views.py - /apps/permission/templatetags/perms.py - /apps/permission/tests/test_oauth2.py - /apps/permission/tests/test_permission_denied.py - /apps/permission/tests/test_permission_queries.py - /apps/permission/tests/test_rights_page.py - /apps/permission/__init__.py - /apps/permission/admin.py - /apps/permission/backends.py - /apps/permission/apps.py - /apps/permission/decorators.py - /apps/permission/permissions.py - /apps/permission/scopes.py - /apps/permission/signals.py - /apps/permission/tables.py - /apps/permission/urls.py - /apps/permission/views.py - /apps/registration/tests/test_registration.py - /apps/registration/__init__.py - /apps/registration/apps.py - /apps/registration/forms.py - /apps/registration/tables.py - /apps/registration/tokens.py - /apps/registration/urls.py - /apps/registration/views.py - /apps/treasury/api/serializers.py - /apps/treasury/api/urls.py - /apps/treasury/api/views.py - /apps/treasury/templatetags/escape_tex.py - /apps/treasury/tests/test_treasury.py - /apps/treasury/__init__.py - /apps/treasury/admin.py - /apps/treasury/apps.py - /apps/treasury/forms.py - /apps/treasury/signals.py - /apps/treasury/tables.py - /apps/treasury/urls.py - /apps/treasury/views.py - /apps/wei/api/serializers.py - /apps/wei/api/urls.py - /apps/wei/api/views.py - /apps/wei/forms/surveys/__init__.py - /apps/wei/forms/surveys/base.py - /apps/wei/forms/surveys/wei2021.py - /apps/wei/forms/surveys/wei2022.py - /apps/wei/forms/surveys/wei2023.py - /apps/wei/forms/__init__.py - /apps/wei/forms/registration.py - /apps/wei/management/commands/export_wei_registrations.py - /apps/wei/management/commands/import_scores.py - /apps/wei/management/commands/wei_algorithm.py - /apps/wei/templates/wei/weilist_sample.tex - /apps/wei/tests/test_wei_algorithm_2021.py - /apps/wei/tests/test_wei_algorithm_2022.py - /apps/wei/tests/test_wei_algorithm_2023.py - /apps/wei/tests/test_wei_registration.py - /apps/wei/__init__.py - /apps/wei/admin.py - /apps/wei/apps.py - /apps/wei/tables.py - /apps/wei/urls.py - /apps/wei/views.py - /note_kfet/settings/__init__.py - /note_kfet/settings/base.py - /note_kfet/settings/development.py - /note_kfet/settings/secrets_example.py - /note_kfet/static/js/base.js - /note_kfet/admin.py - /note_kfet/inputs.py - /note_kfet/middlewares.py - /note_kfet/urls.py - /note_kfet/views.py - /note_kfet/wsgi.py - /entrypoint.sh
250 lines
11 KiB
Python
250 lines
11 KiB
Python
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
import re
|
|
|
|
from django.conf import settings
|
|
from django.db.models import Q
|
|
from django.core.exceptions import ValidationError
|
|
from django_filters.rest_framework import DjangoFilterBackend
|
|
from rest_framework.filters import OrderingFilter, SearchFilter
|
|
from rest_framework import viewsets
|
|
from rest_framework.response import Response
|
|
from rest_framework import status
|
|
from api.viewsets import ReadProtectedModelViewSet, ReadOnlyProtectedModelViewSet
|
|
from permission.backends import PermissionBackend
|
|
|
|
from .serializers import NotePolymorphicSerializer, AliasSerializer, ConsumerSerializer,\
|
|
TemplateCategorySerializer, TransactionTemplateSerializer, TransactionPolymorphicSerializer, \
|
|
TrustSerializer
|
|
from ..models.notes import Note, Alias, NoteUser, NoteClub, NoteSpecial, Trust
|
|
from ..models.transactions import TransactionTemplate, Transaction, TemplateCategory
|
|
|
|
|
|
class NotePolymorphicViewSet(ReadProtectedModelViewSet):
|
|
"""
|
|
REST API View set.
|
|
The djangorestframework plugin will get all `Note` objects (with polymorhism),
|
|
serialize it to JSON with the given serializer,
|
|
then render it on /api/note/note/
|
|
"""
|
|
queryset = Note.objects.order_by('id')
|
|
serializer_class = NotePolymorphicSerializer
|
|
filter_backends = [DjangoFilterBackend, SearchFilter, OrderingFilter]
|
|
filterset_fields = ['alias__name', 'polymorphic_ctype', 'is_active', 'balance', 'last_negative', 'created_at', ]
|
|
search_fields = ['$alias__normalized_name', '$alias__name', '$polymorphic_ctype__model',
|
|
'$noteuser__user__last_name', '$noteuser__user__first_name', '$noteuser__user__email',
|
|
'$noteuser__user__email', '$noteclub__club__email', ]
|
|
ordering_fields = ['alias__name', 'alias__normalized_name', 'balance', 'created_at', ]
|
|
|
|
def get_queryset(self):
|
|
"""
|
|
Parse query and apply filters.
|
|
:return: The filtered set of requested notes
|
|
"""
|
|
queryset = self.queryset.filter(PermissionBackend.filter_queryset(self.request, Note, "view")
|
|
| PermissionBackend.filter_queryset(self.request, NoteUser, "view")
|
|
| PermissionBackend.filter_queryset(self.request, NoteClub, "view")
|
|
| PermissionBackend.filter_queryset(self.request, NoteSpecial, "view"))\
|
|
.distinct()
|
|
|
|
alias = self.request.query_params.get("alias", ".*")
|
|
queryset = queryset.filter(
|
|
Q(alias__name__iregex="^" + alias)
|
|
| Q(alias__normalized_name__iregex="^" + Alias.normalize(alias))
|
|
| Q(alias__normalized_name__iregex="^" + alias.lower())
|
|
)
|
|
|
|
return queryset.order_by("id")
|
|
|
|
|
|
class TrustViewSet(ReadProtectedModelViewSet):
|
|
"""
|
|
REST Trust View set.
|
|
The djangorestframework plugin will get all `Trust` objects, serialize it to JSON with the given serializer,
|
|
then render it on /api/note/trust/
|
|
"""
|
|
queryset = Trust.objects
|
|
serializer_class = TrustSerializer
|
|
filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
|
|
search_fields = ['$trusting__alias__name', '$trusting__alias__normalized_name',
|
|
'$trusted__alias__name', '$trusted__alias__normalized_name']
|
|
filterset_fields = ['trusting', 'trusting__noteuser__user', 'trusted', 'trusted__noteuser__user']
|
|
ordering_fields = ['trusting', 'trusted', ]
|
|
|
|
def get_serializer_class(self):
|
|
serializer_class = self.serializer_class
|
|
if self.request.method in ['PUT', 'PATCH']:
|
|
# trust relationship can't change people involved
|
|
serializer_class.Meta.read_only_fields = ('trusting', 'trusting',)
|
|
return serializer_class
|
|
|
|
def destroy(self, request, *args, **kwargs):
|
|
instance = self.get_object()
|
|
try:
|
|
self.perform_destroy(instance)
|
|
except ValidationError as e:
|
|
return Response({e.code: str(e)}, status.HTTP_400_BAD_REQUEST)
|
|
return Response(status=status.HTTP_204_NO_CONTENT)
|
|
|
|
|
|
class AliasViewSet(ReadProtectedModelViewSet):
|
|
"""
|
|
REST API View set.
|
|
The djangorestframework plugin will get all `Alias` objects, serialize it to JSON with the given serializer,
|
|
then render it on /api/note/aliases/
|
|
"""
|
|
queryset = Alias.objects
|
|
serializer_class = AliasSerializer
|
|
filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
|
|
search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
|
|
filterset_fields = ['name', 'normalized_name', 'note', 'note__noteuser__user',
|
|
'note__noteclub__club', 'note__polymorphic_ctype__model', ]
|
|
ordering_fields = ['name', 'normalized_name', ]
|
|
|
|
def get_serializer_class(self):
|
|
serializer_class = self.serializer_class
|
|
if self.request.method in ['PUT', 'PATCH']:
|
|
# alias owner cannot be change once establish
|
|
serializer_class.Meta.read_only_fields = ('note',)
|
|
return serializer_class
|
|
|
|
def destroy(self, request, *args, **kwargs):
|
|
instance = self.get_object()
|
|
try:
|
|
self.perform_destroy(instance)
|
|
except ValidationError as e:
|
|
return Response({e.code: str(e)}, status.HTTP_400_BAD_REQUEST)
|
|
return Response(status=status.HTTP_204_NO_CONTENT)
|
|
|
|
def get_queryset(self):
|
|
"""
|
|
Parse query and apply filters.
|
|
:return: The filtered set of requested aliases
|
|
"""
|
|
|
|
queryset = super().get_queryset().distinct()
|
|
|
|
alias = self.request.query_params.get("alias", None)
|
|
if alias:
|
|
queryset = queryset.filter(
|
|
name__iregex="^" + alias
|
|
).union(
|
|
queryset.filter(
|
|
Q(normalized_name__iregex="^" + Alias.normalize(alias))
|
|
& ~Q(name__iregex="^" + alias)
|
|
),
|
|
all=True).union(
|
|
queryset.filter(
|
|
Q(normalized_name__iregex="^" + alias.lower())
|
|
& ~Q(normalized_name__iregex="^" + Alias.normalize(alias))
|
|
& ~Q(name__iregex="^" + alias)
|
|
),
|
|
all=True)
|
|
|
|
return queryset.order_by("name")
|
|
|
|
|
|
class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
|
|
queryset = Alias.objects
|
|
serializer_class = ConsumerSerializer
|
|
filter_backends = [SearchFilter, OrderingFilter, DjangoFilterBackend]
|
|
search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
|
|
filterset_fields = ['name', 'normalized_name', 'note', 'note__noteuser__user',
|
|
'note__noteclub__club', 'note__polymorphic_ctype__model', ]
|
|
ordering_fields = ['name', 'normalized_name', ]
|
|
|
|
def get_queryset(self):
|
|
"""
|
|
Parse query and apply filters.
|
|
:return: The filtered set of requested aliases
|
|
"""
|
|
|
|
queryset = super().get_queryset().distinct()
|
|
# Sqlite doesn't support ORDER BY in subqueries
|
|
queryset = queryset.order_by("name") \
|
|
if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' else queryset
|
|
|
|
alias = self.request.query_params.get("alias", None)
|
|
# Check if this is a valid regex. If not, we won't check regex
|
|
try:
|
|
re.compile(alias)
|
|
valid_regex = True
|
|
except (re.error, TypeError):
|
|
valid_regex = False
|
|
suffix = '__iregex' if valid_regex else '__istartswith'
|
|
alias_prefix = '^' if valid_regex else ''
|
|
queryset = queryset.prefetch_related('note')
|
|
|
|
if alias:
|
|
# We match first an alias if it is matched without normalization,
|
|
# then if the normalized pattern matches a normalized alias.
|
|
queryset = queryset.filter(
|
|
**{f'name{suffix}': alias_prefix + alias}
|
|
).union(
|
|
queryset.filter(
|
|
Q(**{f'normalized_name{suffix}': alias_prefix + Alias.normalize(alias)})
|
|
& ~Q(**{f'name{suffix}': alias_prefix + alias})
|
|
),
|
|
all=True).union(
|
|
queryset.filter(
|
|
Q(**{f'normalized_name{suffix}': alias_prefix + alias.lower()})
|
|
& ~Q(**{f'normalized_name{suffix}': alias_prefix + Alias.normalize(alias)})
|
|
& ~Q(**{f'name{suffix}': alias_prefix + alias})
|
|
),
|
|
all=True)
|
|
|
|
queryset = queryset if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' \
|
|
else queryset.order_by("name")
|
|
|
|
return queryset.distinct()
|
|
|
|
|
|
class TemplateCategoryViewSet(ReadProtectedModelViewSet):
|
|
"""
|
|
REST API View set.
|
|
The djangorestframework plugin will get all `TemplateCategory` objects, serialize it to JSON with the given serializer,
|
|
then render it on /api/note/transaction/category/
|
|
"""
|
|
queryset = TemplateCategory.objects.order_by('name')
|
|
serializer_class = TemplateCategorySerializer
|
|
filter_backends = [DjangoFilterBackend, SearchFilter]
|
|
filterset_fields = ['name', 'templates', 'templates__name']
|
|
search_fields = ['$name', '$templates__name', ]
|
|
|
|
|
|
class TransactionTemplateViewSet(viewsets.ModelViewSet):
|
|
"""
|
|
REST API View set.
|
|
The djangorestframework plugin will get all `TransactionTemplate` objects, serialize it to JSON with the given serializer,
|
|
then render it on /api/note/transaction/template/
|
|
"""
|
|
queryset = TransactionTemplate.objects.order_by('name')
|
|
serializer_class = TransactionTemplateSerializer
|
|
filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
|
|
filterset_fields = ['name', 'amount', 'display', 'category', 'category__name', ]
|
|
search_fields = ['$name', '$category__name', ]
|
|
ordering_fields = ['amount', ]
|
|
|
|
|
|
class TransactionViewSet(ReadProtectedModelViewSet):
|
|
"""
|
|
REST API View set.
|
|
The djangorestframework plugin will get all `Transaction` objects, serialize it to JSON with the given serializer,
|
|
then render it on /api/note/transaction/transaction/
|
|
"""
|
|
queryset = Transaction.objects.order_by('-created_at')
|
|
serializer_class = TransactionPolymorphicSerializer
|
|
filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
|
|
filterset_fields = ['source', 'source_alias', 'source__alias__name', 'source__alias__normalized_name',
|
|
'destination', 'destination_alias', 'destination__alias__name',
|
|
'destination__alias__normalized_name', 'quantity', 'polymorphic_ctype', 'amount',
|
|
'created_at', 'valid', 'invalidity_reason', ]
|
|
search_fields = ['$reason', '$source_alias', '$source__alias__name', '$source__alias__normalized_name',
|
|
'$destination_alias', '$destination__alias__name', '$destination__alias__normalized_name',
|
|
'$invalidity_reason', ]
|
|
ordering_fields = ['created_at', 'amount', ]
|
|
|
|
def get_queryset(self):
|
|
return self.model.objects.filter(PermissionBackend.filter_queryset(self.request, self.model, "view"))\
|
|
.order_by("created_at", "id")
|