etesync-server/django_etesync/views.py

213 lines
8.6 KiB
Python
Raw Normal View History

2020-02-19 18:53:43 +00:00
# Copyright © 2017 Tom Hacohen
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, version 3.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
2020-02-19 12:55:56 +00:00
2020-02-26 12:21:14 +00:00
from django.contrib.auth import get_user_model
2020-02-19 18:53:43 +00:00
from django.db import IntegrityError, transaction
2020-02-26 12:21:14 +00:00
from django.http import Http404
2020-02-19 18:53:43 +00:00
from django.shortcuts import get_object_or_404
from rest_framework import status
from rest_framework import viewsets
2020-02-20 11:56:16 +00:00
from rest_framework import parsers
from rest_framework.decorators import action as action_decorator
2020-02-19 18:53:43 +00:00
from rest_framework.response import Response
from . import app_settings, paginators
from .models import Collection, CollectionItem, CollectionMember
2020-02-19 18:53:43 +00:00
from .serializers import (
CollectionSerializer,
CollectionItemSerializer,
CollectionItemInlineSerializer,
2020-02-20 20:41:39 +00:00
CollectionItemRevisionSerializer,
2020-02-19 18:53:43 +00:00
CollectionItemChunkSerializer
)
User = get_user_model()
class BaseViewSet(viewsets.ModelViewSet):
authentication_classes = tuple(app_settings.API_AUTHENTICATORS)
permission_classes = tuple(app_settings.API_PERMISSIONS)
def get_serializer_class(self):
serializer_class = self.serializer_class
if self.request.method == 'PUT':
serializer_class = getattr(self, 'serializer_update_class', serializer_class)
return serializer_class
def get_collection_queryset(self, queryset=Collection.objects):
return queryset.all()
class CollectionViewSet(BaseViewSet):
allowed_methods = ['GET', 'POST', 'DELETE']
permission_classes = BaseViewSet.permission_classes
queryset = Collection.objects.all()
serializer_class = CollectionSerializer
lookup_field = 'uid'
def get_queryset(self):
queryset = type(self).queryset
return self.get_collection_queryset(queryset)
def destroy(self, request, uid=None):
# FIXME: implement
return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)
def create(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
try:
with transaction.atomic():
col = serializer.save(owner=self.request.user)
CollectionMember(collection=col,
user=self.request.user,
accessLevel=CollectionMember.AccessLevels.ADMIN,
encryptionKey=serializer.validated_data['encryptionKey']
).save()
2020-02-19 18:53:43 +00:00
except IntegrityError:
content = {'code': 'integrity_error'}
return Response(content, status=status.HTTP_400_BAD_REQUEST)
return Response({}, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def list(self, request):
queryset = self.get_queryset()
serializer = self.serializer_class(queryset, context={'request': request}, many=True)
return Response(serializer.data)
class CollectionItemViewSet(BaseViewSet):
allowed_methods = ['GET', 'POST', 'PUT']
2020-02-19 18:53:43 +00:00
permission_classes = BaseViewSet.permission_classes
queryset = CollectionItem.objects.all()
serializer_class = CollectionItemSerializer
pagination_class = paginators.LinkHeaderPagination
lookup_field = 'uid'
def get_serializer_class(self):
if self.request.method == 'GET' and self.request.query_params.get('prefer_inline'):
return CollectionItemInlineSerializer
return super().get_serializer_class()
2020-02-19 18:53:43 +00:00
def get_queryset(self):
collection_uid = self.kwargs['collection_uid']
try:
collection = self.get_collection_queryset(Collection.objects).get(uid=collection_uid)
except Collection.DoesNotExist:
raise Http404("Collection does not exist")
2020-02-20 20:41:39 +00:00
# XXX Potentially add this for performance: .prefetch_related('revisions__chunks')
queryset = type(self).queryset.filter(collection__pk=collection.pk,
revisions__current=True,
revisions__deleted=False)
2020-02-19 18:53:43 +00:00
return queryset
def create(self, request, collection_uid=None):
collection_object = get_object_or_404(self.get_collection_queryset(Collection.objects), uid=collection_uid)
2020-02-19 18:53:43 +00:00
# FIXME: change this to also support bulk update, or have another endpoint for that.
# See https://www.django-rest-framework.org/api-guide/serializers/#customizing-multiple-update
2020-02-19 18:53:43 +00:00
many = isinstance(request.data, list)
serializer = self.serializer_class(data=request.data, many=many)
2020-02-20 11:56:16 +00:00
if serializer.is_valid():
try:
serializer.save(collection=collection_object)
except IntegrityError:
content = {'code': 'integrity_error'}
return Response(content, status=status.HTTP_400_BAD_REQUEST)
return Response({}, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def destroy(self, request, collection_uid=None, uid=None):
# We can't have destroy because we need to get data from the user (in the body) such as hmac.
2020-02-20 11:56:16 +00:00
return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)
def partial_update(self, request, collection_uid=None, uid=None):
# FIXME: implement, or should it be implemented elsewhere?
return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)
2020-02-20 14:35:20 +00:00
@action_decorator(detail=True, methods=['GET'])
2020-02-20 20:41:39 +00:00
def revision(self, request, collection_uid=None, uid=None):
2020-02-20 14:35:20 +00:00
col = get_object_or_404(Collection.objects, uid=collection_uid)
col_it = get_object_or_404(col.items, uid=uid)
2020-02-20 20:41:39 +00:00
serializer = CollectionItemRevisionSerializer(col_it.revisions.order_by('-id'), many=True)
2020-02-20 14:35:20 +00:00
return Response(serializer.data)
@action_decorator(detail=False, methods=['POST'])
def bulk_get(self, request, collection_uid=None):
queryset = self.get_queryset()
if isinstance(request.data, list):
queryset = queryset.filter(uid__in=request.data)
serializer = self.get_serializer_class()(queryset, many=True)
return Response(serializer.data, status=status.HTTP_200_OK)
2020-02-20 11:56:16 +00:00
class CollectionItemChunkViewSet(viewsets.ViewSet):
allowed_methods = ['GET', 'POST']
parser_classes = (parsers.MultiPartParser, )
2020-02-20 11:56:16 +00:00
authentication_classes = BaseViewSet.authentication_classes
permission_classes = BaseViewSet.permission_classes
serializer_class = CollectionItemChunkSerializer
2020-02-20 11:56:16 +00:00
lookup_field = 'uid'
def get_collection_queryset(self, queryset=Collection.objects):
return queryset.all()
def create(self, request, collection_uid=None, collection_item_uid=None):
col = get_object_or_404(self.get_collection_queryset(), uid=collection_uid)
col_it = get_object_or_404(col.items, uid=collection_item_uid)
2020-02-20 11:56:16 +00:00
serializer = self.serializer_class(data=request.data)
2020-02-19 18:53:43 +00:00
if serializer.is_valid():
try:
2020-02-26 12:21:14 +00:00
# FIXME: actually generate the correct order value. Or alternatively have it null at first and only
# set it when ommitting to a snapshot
serializer.save(item=col_it, order='abc')
2020-02-19 18:53:43 +00:00
except IntegrityError:
content = {'code': 'integrity_error'}
return Response(content, status=status.HTTP_400_BAD_REQUEST)
return Response({}, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
@action_decorator(detail=True, methods=['GET'])
def download(self, request, collection_uid=None, collection_item_uid=None, uid=None):
import os
from django.views.static import serve
col = get_object_or_404(self.get_collection_queryset(), uid=collection_uid)
col_it = get_object_or_404(col.items, uid=collection_item_uid)
chunk = get_object_or_404(col_it.chunks, uid=uid)
filename = chunk.chunkFile.path
dirname = os.path.dirname(filename)
basename = os.path.basename(filename)
# FIXME: DO NOT USE! Use django-send file or etc instead.
return serve(request, basename, dirname)