Browse Source

Viewsets, restapi: editovat mohou jen organizátoři, vidět mohou všichni

export_seznamu_prednasek
Aneta Pokorná 4 years ago
parent
commit
87f2ad7a84
  1. 1
      mamweb/settings_common.py
  2. 7
      seminar/permissions.py
  3. 26
      seminar/viewsets.py

1
mamweb/settings_common.py

@ -123,6 +123,7 @@ INSTALLED_APPS = (
'webpack_loader', 'webpack_loader',
'rest_framework', 'rest_framework',
'rest_framework.authtoken',
# MaMweb # MaMweb
'mamweb', 'mamweb',

7
seminar/permissions.py

@ -0,0 +1,7 @@
from rest_framework.permissions import BasePermission
class AllowWrite(BasePermission):
def has_permission(self, request, view):
return request.user.has_perm('auth.org')

26
seminar/viewsets.py

@ -1,7 +1,23 @@
from rest_framework import viewsets,filters from rest_framework import viewsets,filters
from rest_framework.permissions import BasePermission, AllowAny
from . import models as m from . import models as m
from . import views from . import views
from seminar.permissions import AllowWrite
class PermissionMixin(object):
""" Redefines get_permissions so that only organizers can make changes. """
def get_permissions(self):
permission_classes = []
print("get_permissions have been called.")
if self.action in ["create", "update", "partial_update", "destroy"]:
permission_classes = [AllowWrite] # speciální permission na zápis - orgové
else:
permission_classes = [AllowAny] # návštěvník nemusí být zalogován, aby si prohlížel obsah
return [permission() for permission in permission_classes]
class ReadWriteSerializerMixin(object): class ReadWriteSerializerMixin(object):
""" """
Overrides get_serializer_class to choose the read serializer Overrides get_serializer_class to choose the read serializer
@ -46,27 +62,27 @@ class ReadWriteSerializerMixin(object):
) )
return self.create_serializer_class return self.create_serializer_class
class UlohaVzorakNodeViewSet(viewsets.ModelViewSet): class UlohaVzorakNodeViewSet(PermissionMixin, viewsets.ModelViewSet):
queryset = m.UlohaVzorakNode.objects.all() queryset = m.UlohaVzorakNode.objects.all()
serializer_class = views.UlohaVzorakNodeSerializer serializer_class = views.UlohaVzorakNodeSerializer
class TextViewSet(viewsets.ModelViewSet): class TextViewSet(PermissionMixin, viewsets.ModelViewSet):
queryset = m.Text.objects.all() queryset = m.Text.objects.all()
serializer_class = views.TextSerializer serializer_class = views.TextSerializer
class TextNodeViewSet(ReadWriteSerializerMixin,viewsets.ModelViewSet): class TextNodeViewSet(PermissionMixin, ReadWriteSerializerMixin,viewsets.ModelViewSet):
queryset = m.TextNode.objects.all() queryset = m.TextNode.objects.all()
read_serializer_class = views.TextNodeSerializer read_serializer_class = views.TextNodeSerializer
write_serializer_class = views.TextNodeWriteSerializer write_serializer_class = views.TextNodeWriteSerializer
create_serializer_class = views.TextNodeCreateSerializer create_serializer_class = views.TextNodeCreateSerializer
class CastNodeViewSet(ReadWriteSerializerMixin,viewsets.ModelViewSet): class CastNodeViewSet(PermissionMixin, ReadWriteSerializerMixin,viewsets.ModelViewSet):
queryset = m.CastNode.objects.all() queryset = m.CastNode.objects.all()
read_serializer_class = views.CastNodeSerializer read_serializer_class = views.CastNodeSerializer
write_serializer_class = views.CastNodeSerializer write_serializer_class = views.CastNodeSerializer
create_serializer_class = views.CastNodeCreateSerializer create_serializer_class = views.CastNodeCreateSerializer
class UlohaVzorakNodeViewSet(viewsets.ModelViewSet): class UlohaVzorakNodeViewSet(PermissionMixin, viewsets.ModelViewSet):
serializer_class = views.UlohaVzorakNodeSerializer serializer_class = views.UlohaVzorakNodeSerializer
def get_queryset(self): def get_queryset(self):

Loading…
Cancel
Save