Commit d7c8e75e authored by alexandre's avatar alexandre

Added a permissions field to the api

parent a81e0215
......@@ -25,6 +25,7 @@ from playground import views
router = routers.DefaultRouter()
router.register(r'attachments', views.AttachmentViewSet)
router.register(r'scores', views.ScoreViewSet)
router.register(r'users', views.UserViewSet)
urlpatterns = [
......
from django.contrib.auth.models import User
from .models import Attachment, Score
from rest_framework import serializers
from rest_framework_recursive.fields import RecursiveField
from taggit_serializer.serializers import (TagListSerializerField,
TaggitSerializer)
from guardian.shortcuts import assign_perm, get_users_with_perms
from django.contrib.auth.models import User
class UserSerializer(serializers.HyperlinkedModelSerializer):
id = serializers.ReadOnlyField()
class Meta:
model = User
fields = ['username', 'id']
class AttachmentSerializer(serializers.HyperlinkedModelSerializer):
......@@ -14,14 +25,41 @@ class AttachmentSerializer(serializers.HyperlinkedModelSerializer):
# read_only_fields = ('attachment',)
class PermissionsField(serializers.Serializer):
def to_representation(self, obj):
perms = get_users_with_perms(obj, attach_perms=True)
return {k.username: v for k, v in perms.items()}
def to_internal_value(self, data):
return data
# I don't understand why I can't just return data
# print(data)
# return {"permissions": data}
class ScoreSerializer(TaggitSerializer, serializers.HyperlinkedModelSerializer):
id = serializers.ReadOnlyField()
tags = TagListSerializerField()
permissions = PermissionsField(source="*")
class Meta:
model = Score
fields = '__all__'
def create(self, request, *args, **kwargs):
instance = super().create(request, *args, **kwargs)
assign_perm("view_score", request.user, instance)
return instance
def update(self, instance, validated_data):
instance = super(ScoreSerializer, self).update(instance, validated_data)
permissions = validated_data["permissions"]
for username, perms in permissions.items():
user = User.objects.get(username=username)
for perm in perms:
assign_perm(perm, user, instance)
return instance
class ScoreLightSerializer(serializers.HyperlinkedModelSerializer):
"""A serializer exposing just a subsets of field when we don't need the full
......
......@@ -6,6 +6,12 @@ window.W = window.W || {};
(function(undefined) {
'use strict';
W.PluginCollection = Backbone.Collection.extend({
url: '/api/users/',
model: W.Plugin
});
W.ScoreCollection = Backbone.PageableCollection.extend({
url: '/api/scores/',
......
......@@ -6,6 +6,21 @@ window.W = window.W || {};
(function (undefined) {
'use strict';
W.Plugin = Backbone.Model.extend({
urlRoot: '/api/users/',
label: function () {
return this.get("username");
},
url: function () {
var original_url = Backbone.Model.prototype.url.call(this);
var parsed_url = original_url + (original_url.charAt(original_url.length - 1) == '/' ? '' : '/');
return parsed_url;
},
});
W.UserModel = Backbone.Model.extend({
urlRoot: '/rest-auth/user/',
......
......@@ -1034,6 +1034,8 @@ window.W = window.W || {};
},
regions: {
// plugin: '#foo',
mainline: 'ol',
form: {
......@@ -1205,6 +1207,19 @@ window.W = window.W || {};
onRender: function () {
document.title = this.model.get('title');
var plugins = new W.PluginCollection();
plugins.fetch({success: function() {
new AutoCompleteView({
input: $("#plugin"), // your input field
model: plugins, // your collection
queryParameter: 'search',
onSelect: function (model) {
console.log();
// $("#selected").show().find("p").html(model.label());
}
}).render();
}});
var mainlineView = new W.TreeNode({ model: this.model.get('mainline') });
this.showChildView('mainline', mainlineView);
......
......@@ -10,7 +10,7 @@
<link rel="stylesheet" href="{% static 'playground/vendors/reset.css' %}">
<link rel="stylesheet" href="{% static 'playground/vendors/backgrid.css' %}">
<link rel="stylesheet" href="{% static 'playground/vendors/backgrid-paginator.min.css' %}">
<link rel="stylesheet" href="{% static 'playground/css/styles.css' %}">
<link rel="stylesheet" href="{% static 'playground/vendors/backbone.autocomplete.css' %}">
<link rel="stylesheet" type="text/css" href="{% static 'playground/css/styles.css' %}">
{% compress css %}
{% endcompress %}
......@@ -123,6 +123,7 @@
<script src="{% static 'playground/vendors/backbone.paginator.min.js' %}"></script>
<script src="{% static 'playground/vendors/backgrid.js' %}"></script>
<script src="{% static 'playground/vendors/backgrid-paginator.min.js' %}"></script>
<script src="{% static 'playground/vendors/backbone.autocomplete.js' %}"></script>
<script src="{% static 'playground/vendors/moment-with-locales.min.js' %}"></script>
<script src="{% static 'playground/vendors/jquery-ui.min.js' %}"></script>
<script src="{% static 'playground/vendors/jquery.mjs.nestedSortable.js' %}"></script>
......
<div>
<header id="sidebar" data-expanded="<%- metaExpanded %>">
<input type="text" placeholder="Select a plugin (type backbone)" id="plugin" />
<div class="score-actions">
<button class="save" data-label-progress="Saving..." data-label="Enregistrer" <% if (!hasChanges) { %>disabled<% } %>><%- t('Enregistrer') %></button>
<button class="duplicate"><%- t('Dupliquer') %></button>
......
......@@ -7,11 +7,19 @@ from django_filters import BooleanFilter
from django_filters.rest_framework import DjangoFilterBackend, FilterSet
# from django_filters.rest_framework import DjangoFilterBackend
from .models import Attachment, Score, FeaturedScore
from .serializers import AttachmentSerializer, ScoreSerializer, ScoreLightSerializer
from .serializers import AttachmentSerializer, ScoreSerializer, ScoreLightSerializer, UserSerializer
from guardian.shortcuts import get_anonymous_user
from django.contrib.auth.models import User
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
filter_backends = (SearchFilter,)
search_fields = ('username',)
class AttachmentViewSet(viewsets.ModelViewSet):
queryset = Attachment.objects.all()
serializer_class = AttachmentSerializer
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment