mam/mamweb
13
1
Fork 0
Code Issues Pull requests 12 Projects Wiki Activity Actions

Viewsets, restapi: editovat mohou jen organizátoři, vidět mohou všichni

Browse source
This commit is contained in:
Aneta Pokorná 2020-11-04 01:02:39 +01:00
parent 9726dca10a
commit 87f2ad7a84
3 changed files with 29 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
mamweb/settings_common.py
View file

@ -123,6 +123,7 @@ INSTALLED_APPS = (
'webpack_loader', 'webpack_loader',
'rest_framework', 'rest_framework',
'rest_framework.authtoken',
# MaMweb # MaMweb
'mamweb', 'mamweb',

7
seminar/permissions.py Normal file
View file

@ -0,0 +1,7 @@
from rest_framework.permissions import BasePermission
class AllowWrite(BasePermission):
def has_permission(self, request, view):
return request.user.has_perm('auth.org')

26
seminar/viewsets.py
View file

@ -1,7 +1,23 @@
from rest_framework import viewsets,filters from rest_framework import viewsets,filters
from rest_framework.permissions import BasePermission, AllowAny
from . import models as m from . import models as m
from . import views from . import views
from seminar.permissions import AllowWrite
class PermissionMixin(object):
""" Redefines get_permissions so that only organizers can make changes. """
def get_permissions(self):
permission_classes = []
print("get_permissions have been called.")
if self.action in ["create", "update", "partial_update", "destroy"]:
permission_classes = [AllowWrite] # speciální permission na zápis - orgové
else:
permission_classes = [AllowAny] # návštěvník nemusí být zalogován, aby si prohlížel obsah
return [permission() for permission in permission_classes]
class ReadWriteSerializerMixin(object): class ReadWriteSerializerMixin(object):
""" """
Overrides get_serializer_class to choose the read serializer Overrides get_serializer_class to choose the read serializer
@ -46,27 +62,27 @@ class ReadWriteSerializerMixin(object):
) )
return self.create_serializer_class return self.create_serializer_class
class UlohaVzorakNodeViewSet(viewsets.ModelViewSet): class UlohaVzorakNodeViewSet(PermissionMixin, viewsets.ModelViewSet):
queryset = m.UlohaVzorakNode.objects.all() queryset = m.UlohaVzorakNode.objects.all()
serializer_class = views.UlohaVzorakNodeSerializer serializer_class = views.UlohaVzorakNodeSerializer
class TextViewSet(viewsets.ModelViewSet): class TextViewSet(PermissionMixin, viewsets.ModelViewSet):
queryset = m.Text.objects.all() queryset = m.Text.objects.all()
serializer_class = views.TextSerializer serializer_class = views.TextSerializer
class TextNodeViewSet(ReadWriteSerializerMixin,viewsets.ModelViewSet): class TextNodeViewSet(PermissionMixin, ReadWriteSerializerMixin,viewsets.ModelViewSet):
queryset = m.TextNode.objects.all() queryset = m.TextNode.objects.all()
read_serializer_class = views.TextNodeSerializer read_serializer_class = views.TextNodeSerializer
write_serializer_class = views.TextNodeWriteSerializer write_serializer_class = views.TextNodeWriteSerializer
create_serializer_class = views.TextNodeCreateSerializer create_serializer_class = views.TextNodeCreateSerializer
class CastNodeViewSet(ReadWriteSerializerMixin,viewsets.ModelViewSet): class CastNodeViewSet(PermissionMixin, ReadWriteSerializerMixin,viewsets.ModelViewSet):
queryset = m.CastNode.objects.all() queryset = m.CastNode.objects.all()
read_serializer_class = views.CastNodeSerializer read_serializer_class = views.CastNodeSerializer
write_serializer_class = views.CastNodeSerializer write_serializer_class = views.CastNodeSerializer
create_serializer_class = views.CastNodeCreateSerializer create_serializer_class = views.CastNodeCreateSerializer
class UlohaVzorakNodeViewSet(viewsets.ModelViewSet): class UlohaVzorakNodeViewSet(PermissionMixin, viewsets.ModelViewSet):
serializer_class = views.UlohaVzorakNodeSerializer serializer_class = views.UlohaVzorakNodeSerializer
def get_queryset(self): def get_queryset(self):