Change deps to be pairs of uid/stoken.

2020-05-19 11:20:02 +03:00 · 2020-05-19 11:20:02 +03:00 · 775f438e61
commit 775f438e61
parent 00a80740ca
2 changed files with 20 additions and 2 deletions
--- a/django_etesync/serializers.py
+++ b/django_etesync/serializers.py
@ -155,6 +155,23 @@ class CollectionItemSerializer(serializers.ModelSerializer):
        return instance


+class CollectionItemDepSerializer(serializers.ModelSerializer):
+    stoken = serializers.CharField()
+
+    class Meta:
+        model = models.CollectionItem
+        fields = ('uid', 'stoken')
+
+    def validate(self, data):
+        for item_data in data:
+            item = self.__class__.Meta.model.objects.get(uid=item_data['uid'])
+            stoken = item_data['stoken']
+            if item.stoken != stoken:
+                raise serializers.ValidationError('Wrong stoken. Expected {} got {}'.format(item.stoken, stoken))
+
+        return data
+
+
 class CollectionSerializer(serializers.ModelSerializer):
    encryptionKey = CollectionEncryptionKeyField()
    accessLevel = serializers.SerializerMethodField('get_access_level_from_context')
--- a/django_etesync/views.py
+++ b/django_etesync/views.py
@ -43,6 +43,7 @@ from .serializers import (
        AuthenticationLoginInnerSerializer,
        CollectionSerializer,
        CollectionItemSerializer,
+        CollectionItemDepSerializer,
        CollectionItemRevisionSerializer,
        CollectionItemChunkSerializer,
        UserSerializer,
@ -234,15 +235,15 @@ class CollectionItemViewSet(BaseViewSet):
        collection_object = get_object_or_404(self.get_collection_queryset(Collection.objects), uid=collection_uid)

        items = request.data.get('items')
-        # FIXME: deps should actually be just pairs of uid and stoken
        deps = request.data.get('deps', None)
        serializer = self.get_serializer_class()(data=items, context=self.get_serializer_context(), many=True)
-        deps_serializer = self.get_serializer_class()(data=deps, context=self.get_serializer_context(), many=True)
+        deps_serializer = CollectionItemDepSerializer(data=deps, context=self.get_serializer_context(), many=True)
        if serializer.is_valid() and (deps is None or deps_serializer.is_valid()):
            try:
                with transaction.atomic():
                    collections = serializer.save(collection=collection_object)
            except IntegrityError:
+                # FIXME: should return the items with a bad token (including deps) so we don't have to fetch them after
                content = {'code': 'integrity_error'}
                return Response(content, status=status.HTTP_400_BAD_REQUEST)