class TaxonomySerializer(JSONAPISerializer):
filterable_fields = frozenset(['text', 'parents', 'id'])
id = ser.CharField(source='_id', required=True)
text = ser.CharField(max_length=200)
parents = JSONAPIListField(child=TaxonomyField())
child_count = ser.IntegerField()
links = LinksField({
'parents': 'get_parent_urls',
'self': 'get_absolute_url',
})
def get_parent_urls(self, obj):
return [p.get_absolute_url() for p in obj.parents.all()]
def get_absolute_url(self, obj):
return obj.get_absolute_url()
class Meta:
type_ = 'taxonomies'
class NodeSerializer(JSONAPISerializer):
# TODO: If we have to redo this implementation in any of the other serializers, subclass ChoiceField and make it
# handle blank choices properly. Currently DRF ChoiceFields ignore blank options, which is incorrect in this
# instance
filterable_fields = frozenset([
'title',
'description',
'public',
'tags',
'category',
'date_created',
'date_modified',
'registration'
])
id = IDField(source='_id', read_only=True)
type = TypeField()
category_choices = Node.CATEGORY_MAP.keys()
category_choices_string = ', '.join(["'{}'".format(choice) for choice in category_choices])
title = ser.CharField(required=True)
description = ser.CharField(required=False, allow_blank=True, allow_null=True)
category = ser.ChoiceField(choices=category_choices, help_text="Choices: " + category_choices_string)
date_created = ser.DateTimeField(read_only=True)
date_modified = ser.DateTimeField(read_only=True)
registration = ser.BooleanField(read_only=True, source='is_registration')
fork = ser.BooleanField(read_only=True, source='is_fork')
collection = DevOnly(ser.BooleanField(read_only=True, source='is_folder'))
dashboard = ser.BooleanField(read_only=True, source='is_dashboard')
tags = JSONAPIListField(child=NodeTagField(), required=False)
# Public is only write-able by admins--see update method
public = ser.BooleanField(source='is_public', required=False,
help_text='Nodes that are made public will give read-only access '
'to everyone. Private nodes require explicit read '
'permission. Write and admin access are the same for '
'public and private nodes. Administrators on a parent '
'node have implicit read permissions for all child nodes')
links = LinksField({'html': 'get_absolute_url'})
# TODO: When we have osf_permissions.ADMIN permissions, make this writable for admins
children = RelationshipField(
related_view='nodes:node-children',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_node_count'},
)
comments = RelationshipField(
related_view='nodes:node-comments',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'unread': 'get_unread_comments_count'})
contributors = RelationshipField(
related_view='nodes:node-contributors',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_contrib_count'},
)
files = RelationshipField(
related_view='nodes:node-providers',
related_view_kwargs={'node_id': '<pk>'}
)
forked_from = RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<forked_from_id>'}
)
node_links = DevOnly(RelationshipField(
related_view='nodes:node-pointers',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_pointers_count'},
))
parent = RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<parent_id>'}
)
registrations = DevOnly(HideIfRegistration(RelationshipField(
related_view='nodes:node-registrations',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_registration_count'}
)))
logs = RelationshipField(
related_view='nodes:node-logs',
related_view_kwargs={'node_id': '<pk>'},
)
class Meta:
type_ = 'nodes'
def get_absolute_url(self, obj):
return obj.absolute_url
# TODO: See if we can get the count filters into the filter rather than the serializer.
def get_user_auth(self, request):
user = request.user
if user.is_anonymous():
auth = Auth(None)
else:
auth = Auth(user)
return auth
def get_node_count(self, obj):
auth = self.get_user_auth(self.context['request'])
nodes = [node for node in obj.nodes if node.can_view(auth) and node.primary and not node.is_deleted]
return len(nodes)
def get_contrib_count(self, obj):
return len(obj.contributors)
def get_registration_count(self, obj):
auth = self.get_user_auth(self.context['request'])
registrations = [node for node in obj.node__registrations if node.can_view(auth)]
return len(registrations)
def get_pointers_count(self, obj):
return len(obj.nodes_pointer)
def get_unread_comments_count(self, obj):
auth = self.get_user_auth(self.context['request'])
user = auth.user
return Comment.find_unread(user=user, node=obj)
def create(self, validated_data):
node = Node(**validated_data)
try:
node.save()
except ValidationValueError as e:
raise InvalidModelValueError(detail=e.message)
return node
def update(self, node, validated_data):
"""Update instance with the validated data. Requires
the request to be in the serializer context.
"""
assert isinstance(node, Node), 'node must be a Node'
auth = self.get_user_auth(self.context['request'])
old_tags = set([tag._id for tag in node.tags])
if 'tags' in validated_data:
current_tags = set(validated_data.get('tags'))
del validated_data['tags']
elif self.partial:
current_tags = set(old_tags)
else:
current_tags = set()
for new_tag in (current_tags - old_tags):
node.add_tag(new_tag, auth=auth)
for deleted_tag in (old_tags - current_tags):
node.remove_tag(deleted_tag, auth=auth)
if validated_data:
try:
node.update(validated_data, auth=auth)
except ValidationValueError as e:
raise InvalidModelValueError(detail=e.message)
except PermissionsError:
raise exceptions.PermissionDenied
return node
class UserSerializer(JSONAPISerializer):
filterable_fields = frozenset([
'full_name',
'given_name',
'middle_names',
'family_name',
'id',
])
writeable_method_fields = frozenset([
'accepted_terms_of_service',
])
non_anonymized_fields = ['type']
id = IDField(source='_id', read_only=True)
type = TypeField()
full_name = ser.CharField(
source='fullname',
required=True,
label='Full name',
help_text='Display name used in the general user interface',
max_length=186)
given_name = ser.CharField(required=False,
allow_blank=True,
help_text='For bibliographic citations')
middle_names = ser.CharField(required=False,
allow_blank=True,
help_text='For bibliographic citations')
family_name = ser.CharField(required=False,
allow_blank=True,
help_text='For bibliographic citations')
suffix = HideIfDisabled(
ser.CharField(required=False,
allow_blank=True,
help_text='For bibliographic citations'))
date_registered = HideIfDisabled(VersionedDateTimeField(read_only=True))
active = HideIfDisabled(
ser.BooleanField(read_only=True, source='is_active'))
timezone = HideIfDisabled(
ser.CharField(required=False,
help_text="User's timezone, e.g. 'Etc/UTC"))
locale = HideIfDisabled(
ser.CharField(required=False,
help_text="User's locale, e.g. 'en_US'"))
social = SocialField(required=False, min_version='2.10')
employment = JSONAPIListField(required=False, source='jobs')
education = JSONAPIListField(required=False, source='schools')
can_view_reviews = ShowIfCurrentUser(
ser.SerializerMethodField(
help_text=
'Whether the current user has the `view_submissions` permission to ANY reviews provider.'
))
accepted_terms_of_service = ShowIfCurrentUser(ser.SerializerMethodField())
links = HideIfDisabled(
LinksField(
{
'html': 'absolute_url',
'profile_image': 'profile_image_url',
}, ))
nodes = HideIfDisabled(
RelationshipField(
related_view='users:user-nodes',
related_view_kwargs={'user_id': '<_id>'},
related_meta={
'projects_in_common': 'get_projects_in_common',
'count': 'get_node_count',
},
))
quickfiles = HideIfDisabled(
QuickFilesRelationshipField(
related_view='users:user-quickfiles',
related_view_kwargs={'user_id': '<_id>'},
related_meta={'count': 'get_quickfiles_count'},
))
registrations = HideIfDisabled(
RelationshipField(
related_view='users:user-registrations',
related_view_kwargs={'user_id': '<_id>'},
related_meta={'count': 'get_registration_count'},
))
institutions = HideIfDisabled(
RelationshipField(
related_view='users:user-institutions',
related_view_kwargs={'user_id': '<_id>'},
self_view='users:user-institutions-relationship',
self_view_kwargs={'user_id': '<_id>'},
related_meta={'count': 'get_institutions_count'},
))
preprints = HideIfDisabled(
RelationshipField(
related_view='users:user-preprints',
related_view_kwargs={'user_id': '<_id>'},
related_meta={'count': 'get_preprint_count'},
))
emails = ShowIfCurrentUser(
RelationshipField(
related_view='users:user-emails',
related_view_kwargs={'user_id': '<_id>'},
))
default_region = ShowIfCurrentUser(
RegionRelationshipField(
related_view='regions:region-detail',
related_view_kwargs={'region_id': 'get_default_region_id'},
read_only=False,
))
settings = ShowIfCurrentUser(
RelationshipField(
related_view='users:user_settings',
related_view_kwargs={'user_id': '<_id>'},
read_only=True,
))
class Meta:
type_ = 'users'
def get_projects_in_common(self, obj):
user = get_user_auth(self.context['request']).user
if obj == user:
return user.contributor_to.count()
return obj.n_projects_in_common(user)
def absolute_url(self, obj):
if obj is not None:
return obj.absolute_url
return None
def get_absolute_url(self, obj):
return absolute_reverse(
'users:user-detail',
kwargs={
'user_id':
obj._id,
'version':
self.context['request'].parser_context['kwargs']['version'],
},
)
def get_node_count(self, obj):
auth = get_user_auth(self.context['request'])
if obj != auth.user:
return default_node_list_permission_queryset(
user=auth.user,
model_cls=Node).filter(contributor__user__id=obj.id).count()
return default_node_list_queryset(model_cls=Node).filter(
contributor__user__id=obj.id).count()
def get_quickfiles_count(self, obj):
return QuickFilesNode.objects.get(
contributor__user__id=obj.id).files.filter(
type='osf.osfstoragefile').count()
def get_registration_count(self, obj):
auth = get_user_auth(self.context['request'])
user_registration = default_node_list_queryset(
model_cls=Registration).filter(contributor__user__id=obj.id)
return user_registration.can_view(
user=auth.user, private_link=auth.private_link).count()
def get_preprint_count(self, obj):
auth_user = get_user_auth(self.context['request']).user
user_preprints_query = Preprint.objects.filter(
_contributors__guids___id=obj._id).exclude(machine_state='initial')
return Preprint.objects.can_view(user_preprints_query,
auth_user,
allow_contribs=False).count()
def get_institutions_count(self, obj):
return obj.affiliated_institutions.count()
def get_can_view_reviews(self, obj):
group_qs = AbstractProviderGroupObjectPermission.objects.filter(
group__user=obj, permission__codename='view_submissions')
return group_qs.exists(
) or obj.abstractprovideruserobjectpermission_set.filter(
permission__codename='view_submissions')
def get_default_region_id(self, obj):
try:
# use the annotated value if possible
region_id = obj.default_region
except AttributeError:
# use computed property if region annotation does not exist
region_id = obj.osfstorage_region._id
return region_id
def get_accepted_terms_of_service(self, obj):
return bool(obj.accepted_terms_of_service)
def profile_image_url(self, user):
size = self.context['request'].query_params.get('profile_image_size')
return user.profile_image_url(size=size)
def validate_employment(self, value):
validate_user_json(value, 'employment-schema.json')
return value
def validate_education(self, value):
validate_user_json(value, 'education-schema.json')
return value
def validate_social(self, value):
schema = from_json('social-schema.json')
try:
jsonschema.validate(value, schema)
except jsonschema.ValidationError as e:
raise InvalidModelValueError(e)
return value
def update(self, instance, validated_data):
assert isinstance(instance, OSFUser), 'instance must be a User'
for attr, value in validated_data.items():
if 'social' == attr:
for key, val in value.items():
instance.social[key] = val
elif 'accepted_terms_of_service' == attr:
if value and not instance.accepted_terms_of_service:
instance.accepted_terms_of_service = timezone.now()
elif 'region_id' == attr:
region_id = validated_data.get('region_id')
user_settings = instance._settings_model(
'osfstorage').objects.get(owner=instance)
user_settings.default_region_id = region_id
user_settings.save()
instance.default_region = self.context['request'].data[
'default_region']
else:
setattr(instance, attr, value)
try:
instance.save()
except ValidationValueError as e:
raise InvalidModelValueError(detail=e.message)
except ValidationError as e:
raise InvalidModelValueError(e)
return instance
class NodeSerializer(JSONAPISerializer):
# TODO: If we have to redo this implementation in any of the other serializers, subclass ChoiceField and make it
# handle blank choices properly. Currently DRF ChoiceFields ignore blank options, which is incorrect in this
# instance
filterable_fields = frozenset([
'id', 'title', 'description', 'public', 'tags', 'category',
'date_created', 'date_modified', 'root', 'parent', 'contributors',
'preprint'
])
non_anonymized_fields = [
'id', 'title', 'description', 'category', 'date_created',
'date_modified', 'registration', 'tags', 'public', 'license', 'links',
'children', 'comments', 'contributors', 'files', 'node_links',
'parent', 'root', 'logs', 'wikis'
]
id = IDField(source='_id', read_only=True)
type = TypeField()
category_choices = settings.NODE_CATEGORY_MAP.items()
category_choices_string = ', '.join(
["'{}'".format(choice[0]) for choice in category_choices])
title = ser.CharField(required=True)
description = ser.CharField(required=False,
allow_blank=True,
allow_null=True)
category = ser.ChoiceField(choices=category_choices,
help_text='Choices: ' + category_choices_string)
date_created = ser.DateTimeField(read_only=True)
date_modified = ser.DateTimeField(read_only=True)
registration = ser.BooleanField(read_only=True, source='is_registration')
preprint = ser.BooleanField(read_only=True, source='is_preprint')
fork = ser.BooleanField(read_only=True, source='is_fork')
collection = ser.BooleanField(read_only=True, source='is_collection')
tags = JSONAPIListField(child=NodeTagField(), required=False)
node_license = NodeLicenseSerializer(read_only=True, required=False)
template_from = ser.CharField(
required=False,
allow_blank=False,
allow_null=False,
help_text=
'Specify a node id for a node you would like to use as a template for the '
'new node. Templating is like forking, except that you do not copy the '
'files, only the project structure. Some information is changed on the top '
'level project by submitting the appropriate fields in the request body, '
'and some information will not change. By default, the description will '
'be cleared and the project will be made private.')
current_user_can_comment = ser.SerializerMethodField(
help_text='Whether the current user is allowed to post comments')
current_user_permissions = ser.SerializerMethodField(
help_text='List of strings representing the permissions '
'for the current user on this node.')
# Public is only write-able by admins--see update method
public = ser.BooleanField(
source='is_public',
required=False,
help_text='Nodes that are made public will give read-only access '
'to everyone. Private nodes require explicit read '
'permission. Write and admin access are the same for '
'public and private nodes. Administrators on a parent '
'node have implicit read permissions for all child nodes')
links = LinksField({'html': 'get_absolute_html_url'})
# TODO: When we have osf_permissions.ADMIN permissions, make this writable for admins
license = RelationshipField(
related_view='licenses:license-detail',
related_view_kwargs={'license_id': '<node_license.node_license._id>'},
)
children = RelationshipField(
related_view='nodes:node-children',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_node_count'},
)
comments = RelationshipField(
related_view='nodes:node-comments',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'unread': 'get_unread_comments_count'},
filter={'target': '<pk>'})
contributors = RelationshipField(
related_view='nodes:node-contributors',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_contrib_count'},
)
files = RelationshipField(related_view='nodes:node-providers',
related_view_kwargs={'node_id': '<pk>'})
wikis = RelationshipField(related_view='nodes:node-wikis',
related_view_kwargs={'node_id': '<pk>'})
forked_from = RelationshipField(
related_view=lambda n: 'registrations:registration-detail'
if getattr(n, 'is_registration', False) else 'nodes:node-detail',
related_view_kwargs={'node_id': '<forked_from_id>'})
template_node = RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<template_node._id>'})
forks = RelationshipField(related_view='nodes:node-forks',
related_view_kwargs={'node_id': '<pk>'})
node_links = RelationshipField(
related_view='nodes:node-pointers',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_pointers_count'},
)
parent = RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<parent_node._id>'},
filter_key='parent_node')
draft_registrations = HideIfRegistration(
RelationshipField(related_view='nodes:node-draft-registrations',
related_view_kwargs={'node_id': '<pk>'}))
registrations = HideIfRegistration(
RelationshipField(related_view='nodes:node-registrations',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_registration_count'}))
affiliated_institutions = RelationshipField(
related_view='nodes:node-institutions',
related_view_kwargs={'node_id': '<pk>'},
self_view='nodes:node-relationships-institutions',
self_view_kwargs={'node_id': '<pk>'})
root = RelationshipField(related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<root._id>'})
logs = RelationshipField(related_view='nodes:node-logs',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_logs_count'})
linked_nodes = RelationshipField(
related_view='nodes:linked-nodes',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_node_links_count'},
self_view='nodes:node-pointer-relationship',
self_view_kwargs={'node_id': '<pk>'},
self_meta={'count': 'get_node_links_count'})
view_only_links = RelationshipField(
related_view='nodes:node-view-only-links',
related_view_kwargs={'node_id': '<pk>'},
)
def get_current_user_permissions(self, obj):
user = self.context['request'].user
if user.is_anonymous():
return ['read']
permissions = obj.get_permissions(user=user)
if not permissions:
permissions = ['read']
return permissions
def get_current_user_can_comment(self, obj):
user = self.context['request'].user
auth = Auth(user if not user.is_anonymous() else None)
return obj.can_comment(auth)
class Meta:
type_ = 'nodes'
def get_absolute_url(self, obj):
return obj.get_absolute_url()
# TODO: See if we can get the count filters into the filter rather than the serializer.
def get_logs_count(self, obj):
return len(obj.logs)
def get_node_count(self, obj):
auth = get_user_auth(self.context['request'])
nodes = [
node for node in obj.nodes
if node.can_view(auth) and node.primary and not node.is_deleted
]
return len(nodes)
def get_contrib_count(self, obj):
return len(obj.contributors)
def get_registration_count(self, obj):
auth = get_user_auth(self.context['request'])
registrations = [
node for node in obj.registrations_all if node.can_view(auth)
]
return len(registrations)
def get_pointers_count(self, obj):
return len(obj.nodes_pointer)
def get_node_links_count(self, obj):
count = 0
auth = get_user_auth(self.context['request'])
for pointer in obj.nodes_pointer:
if not pointer.node.is_deleted and not pointer.node.is_collection and pointer.node.can_view(
auth):
count += 1
return count
def get_unread_comments_count(self, obj):
user = get_user_auth(self.context['request']).user
node_comments = Comment.find_n_unread(user=user, node=obj, page='node')
return {'node': node_comments}
def create(self, validated_data):
request = self.context['request']
user = request.user
if 'template_from' in validated_data:
template_from = validated_data.pop('template_from')
template_node = Node.load(key=template_from)
if template_node is None:
raise exceptions.NotFound
if not template_node.has_permission(
user, 'read', check_parent=False):
raise exceptions.PermissionDenied
validated_data.pop('creator')
changed_data = {template_from: validated_data}
node = template_node.use_as_template(auth=get_user_auth(request),
changes=changed_data)
else:
node = Node(**validated_data)
try:
node.save()
except ValidationValueError as e:
raise InvalidModelValueError(detail=e.message)
if is_truthy(request.GET.get('inherit_contributors')
) and validated_data['parent'].has_permission(
user, 'write'):
auth = get_user_auth(request)
parent = validated_data['parent']
contributors = []
for contributor in parent.contributors:
if contributor is not user:
contributors.append({
'user':
contributor,
'permissions':
parent.get_permissions(contributor),
'visible':
parent.get_visible(contributor)
})
node.add_contributors(contributors, auth=auth, log=True, save=True)
return node
def update(self, node, validated_data):
"""Update instance with the validated data. Requires
the request to be in the serializer context.
"""
assert isinstance(node, Node), 'node must be a Node'
auth = get_user_auth(self.context['request'])
old_tags = set([tag._id for tag in node.tags])
if 'tags' in validated_data:
current_tags = set(validated_data.pop('tags', []))
elif self.partial:
current_tags = set(old_tags)
else:
current_tags = set()
for new_tag in (current_tags - old_tags):
node.add_tag(new_tag, auth=auth)
for deleted_tag in (old_tags - current_tags):
node.remove_tag(deleted_tag, auth=auth)
if validated_data:
try:
node.update(validated_data, auth=auth)
except ValidationValueError as e:
raise InvalidModelValueError(detail=e.message)
except PermissionsError:
raise exceptions.PermissionDenied
except NodeUpdateError as e:
raise exceptions.ValidationError(detail=e.reason)
except NodeStateError as e:
raise InvalidModelValueError(detail=e.message)
return node
class BaseFileSerializer(JSONAPISerializer):
filterable_fields = frozenset([
'id',
'name',
'kind',
'path',
'materialized_path',
'size',
'provider',
'last_touched',
'tags',
])
id = IDField(source='_id', read_only=True)
type = TypeField()
guid = ser.SerializerMethodField(
read_only=True,
method_name='get_file_guid',
help_text='OSF GUID for this file (if one has been assigned)',
)
checkout = CheckoutField()
name = ser.CharField(
read_only=True,
help_text='Display name used in the general user interface')
kind = ser.CharField(read_only=True, help_text='Either folder or file')
path = ser.CharField(
read_only=True,
help_text='The unique path used to reference this object')
size = ser.SerializerMethodField(
read_only=True, help_text='The size of this file at this version')
provider = ser.CharField(
read_only=True,
help_text='The Add-on service this file originates from')
materialized_path = ser.CharField(
read_only=True,
help_text=
'The Unix-style path of this object relative to the provider root',
)
last_touched = VersionedDateTimeField(
read_only=True,
help_text=
'The last time this file had information fetched about it via the OSF')
date_modified = ser.SerializerMethodField(
read_only=True, help_text='Timestamp when the file was last modified')
date_created = ser.SerializerMethodField(
read_only=True, help_text='Timestamp when the file was created')
extra = ser.SerializerMethodField(
read_only=True, help_text='Additional metadata about this file')
tags = JSONAPIListField(child=FileTagField(), required=False)
current_user_can_comment = ser.SerializerMethodField(
help_text='Whether the current user is allowed to post comments')
current_version = ser.IntegerField(help_text='Latest file version',
read_only=True,
source='current_version_number')
delete_allowed = ser.BooleanField(read_only=True, required=False)
parent_folder = RelationshipField(
related_view='files:file-detail',
related_view_kwargs={'file_id': '<parent._id>'},
help_text='The folder in which this file exists',
)
files = NodeFileHyperLinkField(
related_view=lambda node: disambiguate_files_related_view(node),
view_lambda_argument='target',
related_view_kwargs=lambda filenode:
disambiguate_files_related_view_kwargs(filenode),
kind='folder',
)
versions = NodeFileHyperLinkField(
related_view='files:file-versions',
related_view_kwargs={'file_id': '<_id>'},
kind='file',
)
comments = HideIfPreprint(
FileRelationshipField(
related_view='nodes:node-comments',
related_view_kwargs={'node_id': '<target._id>'},
related_meta={'unread': 'get_unread_comments_count'},
filter={'target': 'get_file_guid'},
))
metadata_records = FileRelationshipField(
related_view='files:metadata-records',
related_view_kwargs={'file_id': '<_id>'},
)
links = LinksField({
'info':
Link('files:file-detail', kwargs={'file_id': '<_id>'}),
'move':
WaterbutlerLink(),
'upload':
WaterbutlerLink(),
'delete':
WaterbutlerLink(),
'download':
'get_download_link',
'render':
'get_render_link',
'html':
'absolute_url',
'new_folder':
WaterbutlerLink(must_be_folder=True, kind='folder'),
})
def absolute_url(self, obj):
if obj.is_file:
return furl.furl(settings.DOMAIN).set(
path=(obj.target._id, 'files', obj.provider,
obj.path.lstrip('/')), ).url
def get_download_link(self, obj):
if obj.is_file:
return get_file_download_link(
obj,
view_only=self.context['request'].query_params.get(
'view_only'))
def get_render_link(self, obj):
if obj.is_file:
mfr_url = get_mfr_url(obj.target, obj.provider)
download_url = self.get_download_link(obj)
return get_file_render_link(mfr_url, download_url)
class Meta:
type_ = 'files'
def get_size(self, obj):
if obj.versions.exists():
self.size = obj.versions.first().size
return self.size
return None
def get_date_modified(self, obj):
mod_dt = None
if obj.provider == 'osfstorage' and obj.versions.exists():
# Each time an osfstorage file is added or uploaded, a new version object is created with its
# date_created equal to the time of the update. The external_modified is the modified date
# from the backend the file is stored on. This field refers to the modified date on osfstorage,
# so prefer to use the created of the latest version.
mod_dt = obj.versions.first().created
elif obj.provider != 'osfstorage' and obj.history:
mod_dt = obj.history[-1].get('modified', None)
if self.context['request'].version >= '2.2' and obj.is_file and mod_dt:
return datetime.strftime(mod_dt, '%Y-%m-%dT%H:%M:%S.%fZ')
return mod_dt and mod_dt.replace(tzinfo=pytz.utc)
def get_date_created(self, obj):
creat_dt = None
if obj.provider == 'osfstorage' and obj.versions.exists():
creat_dt = obj.versions.last().created
elif obj.provider != 'osfstorage' and obj.history:
# Non-osfstorage files don't store a created date, so instead get the modified date of the
# earliest entry in the file history.
creat_dt = obj.history[0].get('modified', None)
if self.context[
'request'].version >= '2.2' and obj.is_file and creat_dt:
return datetime.strftime(creat_dt, '%Y-%m-%dT%H:%M:%S.%fZ')
return creat_dt and creat_dt.replace(tzinfo=pytz.utc)
def get_extra(self, obj):
metadata = {}
if obj.provider == 'osfstorage' and obj.versions.exists():
metadata = obj.versions.first().metadata
elif obj.provider != 'osfstorage' and obj.history:
metadata = obj.history[-1].get('extra', {})
extras = {}
extras['hashes'] = { # mimic waterbutler response
'md5': metadata.get('md5', None),
'sha256': metadata.get('sha256', None),
}
if obj.provider == 'osfstorage' and obj.is_file:
extras['downloads'] = obj.get_download_count()
return extras
def get_current_user_can_comment(self, obj):
user = self.context['request'].user
auth = Auth(user if not user.is_anonymous else None)
if isinstance(obj.target, AbstractNode):
return obj.target.can_comment(auth)
return False
def get_unread_comments_count(self, obj):
user = self.context['request'].user
if user.is_anonymous:
return 0
return Comment.find_n_unread(user=user,
node=obj.target,
page='files',
root_id=obj.get_guid()._id)
def user_id(self, obj):
# NOTE: obj is the user here, the meta field for
# Hyperlinks is weird
if obj:
return obj._id
return None
def update(self, instance, validated_data):
assert isinstance(instance,
BaseFileNode), 'Instance must be a BaseFileNode'
if instance.provider != 'osfstorage' and 'tags' in validated_data:
raise Conflict(
'File service provider {} does not support tags on the OSF.'.
format(instance.provider))
auth = get_user_auth(self.context['request'])
old_tags = set(instance.tags.values_list('name', flat=True))
if 'tags' in validated_data:
current_tags = set(validated_data.pop('tags', []))
else:
current_tags = set(old_tags)
for new_tag in (current_tags - old_tags):
instance.add_tag(new_tag, auth=auth)
for deleted_tag in (old_tags - current_tags):
instance.remove_tag(deleted_tag, auth=auth)
for attr, value in validated_data.items():
if attr == 'checkout':
user = self.context['request'].user
instance.check_in_or_out(user, value)
else:
setattr(instance, attr, value)
instance.save()
return instance
def is_valid(self, **kwargs):
return super(BaseFileSerializer, self).is_valid(clean_html=False,
**kwargs)
def get_file_guid(self, obj):
if obj:
guid = obj.get_guid()
if guid:
return guid._id
return None
def get_absolute_url(self, obj):
return api_v2_url('files/{}/'.format(obj._id))
class PreprintSerializer(JSONAPISerializer):
filterable_fields = frozenset([
'id',
'date_created',
'date_modified',
'date_published',
'provider',
'is_published',
])
id = IDField(source='_id', read_only=True)
subjects = JSONAPIListField(child=JSONAPIListField(child=TaxonomyField()),
allow_null=True,
required=False)
date_created = DateByVersion(read_only=True)
date_modified = DateByVersion(read_only=True)
date_published = DateByVersion(read_only=True)
doi = ser.CharField(source='article_doi', required=False, allow_null=True)
is_published = ser.BooleanField(required=False)
is_preprint_orphan = ser.BooleanField(read_only=True)
license_record = NodeLicenseSerializer(required=False, source='license')
node = NodeRelationshipField(related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<node._id>'},
read_only=False)
license = PreprintLicenseRelationshipField(
related_view='licenses:license-detail',
related_view_kwargs={'license_id': '<license.node_license._id>'},
read_only=False)
provider = PreprintProviderRelationshipField(
related_view='preprint_providers:preprint_provider-detail',
related_view_kwargs={'provider_id': '<provider._id>'},
read_only=False)
primary_file = PrimaryFileRelationshipField(
related_view='files:file-detail',
related_view_kwargs={'file_id': '<primary_file._id>'},
lookup_url_kwarg='file_id',
read_only=False)
links = LinksField({
'self': 'get_preprint_url',
'html': 'get_absolute_html_url',
'doi': 'get_doi_url'
})
class Meta:
type_ = 'preprints'
def get_preprint_url(self, obj):
return absolute_reverse(
'preprints:preprint-detail',
kwargs={
'preprint_id':
obj._id,
'version':
self.context['request'].parser_context['kwargs']['version']
})
def get_absolute_url(self, obj):
return self.get_preprint_url(obj)
def get_doi_url(self, obj):
return 'https://dx.doi.org/{}'.format(
obj.article_doi) if obj.article_doi else None
def update(self, preprint, validated_data):
assert isinstance(
preprint,
PreprintService), 'You must specify a valid preprint to be updated'
assert isinstance(
preprint.node, Node
), 'You must specify a preprint with a valid node to be updated.'
auth = get_user_auth(self.context['request'])
if not preprint.node.has_permission(auth.user, 'admin'):
raise exceptions.PermissionDenied(
detail='User must be an admin to update a preprint.')
save_node = False
save_preprint = False
recently_published = False
primary_file = validated_data.pop('primary_file', None)
if primary_file:
self.set_field(preprint.set_primary_file, primary_file, auth)
save_node = True
if 'subjects' in validated_data:
subjects = validated_data.pop('subjects', None)
self.set_field(preprint.set_subjects, subjects, auth)
save_preprint = True
if 'article_doi' in validated_data:
preprint.node.preprint_article_doi = validated_data['article_doi']
save_node = True
published = validated_data.pop('is_published', None)
if published is not None:
self.set_field(preprint.set_published, published, auth)
save_preprint = True
recently_published = published
if 'license_type' in validated_data or 'license' in validated_data:
license_details = get_license_details(preprint, validated_data)
self.set_field(preprint.set_preprint_license, license_details,
auth)
save_preprint = True
if save_node:
try:
preprint.node.save()
except ValidationValueError as e:
# Raised from invalid DOI
raise exceptions.ValidationError(detail=e.message)
if save_preprint:
preprint.save()
# Send preprint confirmation email signal to new authors on preprint! -- only when published
# TODO: Some more thought might be required on this; preprints made from existing
# nodes will send emails making it seem like a new node.
if recently_published:
for author in preprint.node.contributors:
if author != auth.user:
project_signals.contributor_added.send(
preprint.node,
contributor=author,
auth=auth,
email_template='preprint')
return preprint
def set_field(self, func, val, auth, save=False):
try:
func(val, auth, save=save)
except PermissionsError as e:
raise exceptions.PermissionDenied(detail=e.message)
except ValueError as e:
raise exceptions.ValidationError(detail=e.message)
except NodeStateError as e:
raise exceptions.ValidationError(detail=e.message)
class NodeSerializer(JSONAPISerializer):
# TODO: If we have to redo this implementation in any of the other serializers, subclass ChoiceField and make it
# handle blank choices properly. Currently DRF ChoiceFields ignore blank options, which is incorrect in this
# instance
filterable_fields = frozenset([
'id', 'title', 'description', 'public', 'tags', 'category',
'date_created', 'date_modified', 'root', 'parent', 'contributors',
'preprint'
])
non_anonymized_fields = [
'id', 'title', 'description', 'category', 'date_created',
'date_modified', 'registration', 'tags', 'public', 'license', 'links',
'children', 'comments', 'contributors', 'files', 'node_links',
'parent', 'root', 'logs', 'wikis'
]
id = IDField(source='_id', read_only=True)
type = TypeField()
category_choices = settings.NODE_CATEGORY_MAP.items()
category_choices_string = ', '.join(
["'{}'".format(choice[0]) for choice in category_choices])
title = ser.CharField(required=True)
description = ser.CharField(required=False,
allow_blank=True,
allow_null=True)
category = ser.ChoiceField(choices=category_choices,
help_text='Choices: ' + category_choices_string)
date_created = DateByVersion(source='created', read_only=True)
date_modified = DateByVersion(source='last_logged', read_only=True)
registration = ser.BooleanField(read_only=True, source='is_registration')
preprint = ser.BooleanField(read_only=True, source='is_preprint')
fork = ser.BooleanField(read_only=True, source='is_fork')
collection = ser.BooleanField(read_only=True, source='is_collection')
tags = JSONAPIListField(child=NodeTagField(), required=False)
node_license = NodeLicenseSerializer(required=False, source='license')
template_from = ser.CharField(
required=False,
allow_blank=False,
allow_null=False,
help_text=
'Specify a node id for a node you would like to use as a template for the '
'new node. Templating is like forking, except that you do not copy the '
'files, only the project structure. Some information is changed on the top '
'level project by submitting the appropriate fields in the request body, '
'and some information will not change. By default, the description will '
'be cleared and the project will be made private.')
current_user_can_comment = ser.SerializerMethodField(
help_text='Whether the current user is allowed to post comments')
current_user_permissions = ser.SerializerMethodField(
help_text='List of strings representing the permissions '
'for the current user on this node.')
# Public is only write-able by admins--see update method
public = ser.BooleanField(
source='is_public',
required=False,
help_text='Nodes that are made public will give read-only access '
'to everyone. Private nodes require explicit read '
'permission. Write and admin access are the same for '
'public and private nodes. Administrators on a parent '
'node have implicit read permissions for all child nodes')
links = LinksField({'html': 'get_absolute_html_url'})
# TODO: When we have osf_permissions.ADMIN permissions, make this writable for admins
license = NodeLicenseRelationshipField(
related_view='licenses:license-detail',
related_view_kwargs={'license_id': '<license.node_license._id>'},
read_only=False)
children = RelationshipField(
related_view='nodes:node-children',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_node_count'},
)
comments = RelationshipField(
related_view='nodes:node-comments',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'unread': 'get_unread_comments_count'},
filter={'target': '<_id>'})
contributors = RelationshipField(
related_view='nodes:node-contributors',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_contrib_count'},
)
files = RelationshipField(related_view='nodes:node-providers',
related_view_kwargs={'node_id': '<_id>'})
wikis = RelationshipField(related_view='nodes:node-wikis',
related_view_kwargs={'node_id': '<_id>'})
forked_from = RelationshipField(
related_view=lambda n: 'registrations:registration-detail'
if getattr(n, 'is_registration', False) else 'nodes:node-detail',
related_view_kwargs={'node_id': '<forked_from_guid>'})
template_node = RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<template_node._id>'})
forks = RelationshipField(related_view='nodes:node-forks',
related_view_kwargs={'node_id': '<_id>'})
node_links = ShowIfVersion(RelationshipField(
related_view='nodes:node-pointers',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_pointers_count'},
help_text=
'This feature is deprecated as of version 2.1. Use linked_nodes instead.'
),
min_version='2.0',
max_version='2.0')
parent = RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<parent_node._id>'},
filter_key='parent_node')
identifiers = RelationshipField(related_view='nodes:identifier-list',
related_view_kwargs={'node_id': '<_id>'})
draft_registrations = HideIfRegistration(
RelationshipField(related_view='nodes:node-draft-registrations',
related_view_kwargs={'node_id': '<_id>'}))
registrations = HideIfRegistration(
RelationshipField(related_view='nodes:node-registrations',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_registration_count'}))
affiliated_institutions = RelationshipField(
related_view='nodes:node-institutions',
related_view_kwargs={'node_id': '<_id>'},
self_view='nodes:node-relationships-institutions',
self_view_kwargs={'node_id': '<_id>'})
root = RelationshipField(related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<root._id>'})
logs = RelationshipField(related_view='nodes:node-logs',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_logs_count'})
linked_nodes = RelationshipField(
related_view='nodes:linked-nodes',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_node_links_count'},
self_view='nodes:node-pointer-relationship',
self_view_kwargs={'node_id': '<_id>'},
self_meta={'count': 'get_node_links_count'})
linked_registrations = RelationshipField(
related_view='nodes:linked-registrations',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_registration_links_count'},
self_view='nodes:node-registration-pointer-relationship',
self_view_kwargs={'node_id': '<_id>'},
self_meta={'count': 'get_node_links_count'})
view_only_links = RelationshipField(
related_view='nodes:node-view-only-links',
related_view_kwargs={'node_id': '<_id>'},
)
citation = RelationshipField(related_view='nodes:node-citation',
related_view_kwargs={'node_id': '<_id>'})
preprints = HideIfRegistration(
RelationshipField(related_view='nodes:node-preprints',
related_view_kwargs={'node_id': '<_id>'}))
def get_current_user_permissions(self, obj):
user = self.context['request'].user
if user.is_anonymous:
return ['read']
permissions = obj.get_permissions(user=user)
if not permissions:
permissions = ['read']
return permissions
def get_current_user_can_comment(self, obj):
user = self.context['request'].user
auth = Auth(user if not user.is_anonymous else None)
return obj.can_comment(auth)
class Meta:
type_ = 'nodes'
def get_absolute_url(self, obj):
return obj.get_absolute_url()
# TODO: See if we can get the count filters into the filter rather than the serializer.
def get_logs_count(self, obj):
return obj.logs.count()
def get_node_count(self, obj):
auth = get_user_auth(self.context['request'])
user_id = getattr(auth.user, 'id', None)
with connection.cursor() as cursor:
cursor.execute(
'''
WITH RECURSIVE parents AS (
SELECT parent_id, child_id
FROM osf_noderelation
WHERE child_id = %s AND is_node_link IS FALSE
UNION ALL
SELECT osf_noderelation.parent_id, parents.parent_id AS child_id
FROM parents JOIN osf_noderelation ON parents.PARENT_ID = osf_noderelation.child_id
WHERE osf_noderelation.is_node_link IS FALSE
), has_admin AS (SELECT * FROM osf_contributor WHERE (node_id IN (SELECT parent_id FROM parents) OR node_id = %s) AND user_id = %s AND admin IS TRUE LIMIT 1)
SELECT DISTINCT
COUNT(child_id)
FROM
osf_noderelation
JOIN osf_abstractnode ON osf_noderelation.child_id = osf_abstractnode.id
JOIN osf_contributor ON osf_abstractnode.id = osf_contributor.node_id
LEFT JOIN osf_privatelink_nodes ON osf_abstractnode.id = osf_privatelink_nodes.abstractnode_id
LEFT JOIN osf_privatelink ON osf_privatelink_nodes.privatelink_id = osf_privatelink.id
WHERE parent_id = %s AND is_node_link IS FALSE
AND osf_abstractnode.is_deleted IS FALSE
AND (
osf_abstractnode.is_public
OR (TRUE IN (SELECT TRUE FROM has_admin))
OR (osf_contributor.user_id = %s AND osf_contributor.read IS TRUE)
OR (osf_privatelink.key = %s AND osf_privatelink.is_deleted = FALSE)
);
''', [obj.id, obj.id, user_id, obj.id, user_id, auth.private_key])
return int(cursor.fetchone()[0])
def get_contrib_count(self, obj):
return len(obj.contributors)
def get_registration_count(self, obj):
auth = get_user_auth(self.context['request'])
registrations = [
node for node in obj.registrations_all if node.can_view(auth)
]
return len(registrations)
def get_pointers_count(self, obj):
return obj.linked_nodes.count()
def get_node_links_count(self, obj):
count = 0
auth = get_user_auth(self.context['request'])
for pointer in obj.linked_nodes.filter(is_deleted=False).exclude(
type='osf.collection').exclude(type='osf.registration'):
if pointer.can_view(auth):
count += 1
return count
def get_registration_links_count(self, obj):
count = 0
auth = get_user_auth(self.context['request'])
for pointer in obj.linked_nodes.filter(
is_deleted=False,
type='osf.registration').exclude(type='osf.collection'):
if pointer.can_view(auth):
count += 1
return count
def get_unread_comments_count(self, obj):
user = get_user_auth(self.context['request']).user
node_comments = Comment.find_n_unread(user=user, node=obj, page='node')
return {'node': node_comments}
def create(self, validated_data):
request = self.context['request']
user = request.user
Node = apps.get_model('osf.Node')
tag_instances = []
if 'tags' in validated_data:
tags = validated_data.pop('tags')
for tag in tags:
tag_instance, created = Tag.objects.get_or_create(
name=tag, defaults=dict(system=False))
tag_instances.append(tag_instance)
if 'template_from' in validated_data:
template_from = validated_data.pop('template_from')
template_node = Node.load(template_from)
if template_node is None:
raise exceptions.NotFound
if not template_node.has_permission(
user, 'read', check_parent=False):
raise exceptions.PermissionDenied
validated_data.pop('creator')
changed_data = {template_from: validated_data}
node = template_node.use_as_template(auth=get_user_auth(request),
changes=changed_data)
else:
node = Node(**validated_data)
try:
node.save()
except ValidationError as e:
raise InvalidModelValueError(detail=e.messages[0])
if len(tag_instances):
for tag in tag_instances:
node.tags.add(tag)
if is_truthy(request.GET.get('inherit_contributors')
) and validated_data['parent'].has_permission(
user, 'write'):
auth = get_user_auth(request)
parent = validated_data['parent']
contributors = []
for contributor in parent.contributor_set.exclude(user=user):
contributors.append({
'user':
contributor.user,
'permissions':
parent.get_permissions(contributor.user),
'visible':
contributor.visible
})
if not contributor.user.is_registered:
node.add_unregistered_contributor(
fullname=contributor.user.fullname,
email=contributor.user.email,
auth=auth,
permissions=parent.get_permissions(contributor.user),
existing_user=contributor.user)
node.add_contributors(contributors, auth=auth, log=True, save=True)
return node
def update(self, node, validated_data):
"""Update instance with the validated data. Requires
the request to be in the serializer context.
"""
assert isinstance(node, AbstractNode), 'node must be a Node'
auth = get_user_auth(self.context['request'])
# Update tags
if 'tags' in validated_data:
new_tags = set(validated_data.pop('tags', []))
node.update_tags(new_tags, auth=auth)
if validated_data:
if 'license_type' in validated_data or 'license' in validated_data:
license_details = get_license_details(node, validated_data)
validated_data['node_license'] = license_details
try:
node.update(validated_data, auth=auth)
except ValidationError as e:
raise InvalidModelValueError(detail=e.message)
except PermissionsError:
raise exceptions.PermissionDenied
except NodeUpdateError as e:
raise exceptions.ValidationError(detail=e.reason)
except NodeStateError as e:
raise InvalidModelValueError(detail=e.message)
return node
class BaseRegistrationSerializer(NodeSerializer):
title = ser.CharField(read_only=True)
description = ser.CharField(read_only=True)
category_choices = NodeSerializer.category_choices
category_choices_string = NodeSerializer.category_choices_string
category = HideIfWithdrawal(
ser.ChoiceField(read_only=True,
choices=category_choices,
help_text='Choices: ' + category_choices_string))
date_modified = VersionedDateTimeField(source='last_logged',
read_only=True)
fork = HideIfWithdrawal(ser.BooleanField(read_only=True, source='is_fork'))
collection = HideIfWithdrawal(
ser.BooleanField(read_only=True, source='is_collection'))
access_requests_enabled = HideIfWithdrawal(
ser.BooleanField(read_only=True))
node_license = HideIfWithdrawal(NodeLicenseSerializer(read_only=True))
tags = HideIfWithdrawal(
JSONAPIListField(child=NodeTagField(), required=False))
public = HideIfWithdrawal(
ser.BooleanField(
source='is_public',
required=False,
help_text='Nodes that are made public will give read-only access '
'to everyone. Private nodes require explicit read '
'permission. Write and admin access are the same for '
'public and private nodes. Administrators on a parent '
'node have implicit read permissions for all child nodes'))
current_user_permissions = HideIfWithdrawal(
ser.SerializerMethodField(
help_text='List of strings representing the permissions '
'for the current user on this node.'))
pending_embargo_approval = HideIfWithdrawal(
ser.BooleanField(
read_only=True,
source='is_pending_embargo',
help_text=
'The associated Embargo is awaiting approval by project admins.'))
pending_registration_approval = HideIfWithdrawal(
ser.BooleanField(
source='is_pending_registration',
read_only=True,
help_text=
'The associated RegistrationApproval is awaiting approval by project admins.'
))
pending_withdrawal = HideIfWithdrawal(
ser.BooleanField(
source='is_pending_retraction',
read_only=True,
help_text=
'The registration is awaiting withdrawal approval by project admins.'
))
withdrawn = ser.BooleanField(
source='is_retracted',
read_only=True,
help_text='The registration has been withdrawn.')
date_registered = VersionedDateTimeField(
source='registered_date',
read_only=True,
help_text='Date time of registration.')
date_withdrawn = VersionedDateTimeField(
source='retraction.date_retracted',
read_only=True,
help_text='Date time of when this registration was retracted.')
embargo_end_date = HideIfWithdrawal(
ser.SerializerMethodField(
help_text='When the embargo on this registration will be lifted.'))
withdrawal_justification = ser.CharField(source='retraction.justification',
read_only=True)
template_from = HideIfWithdrawal(
ser.CharField(
read_only=True,
allow_blank=False,
allow_null=False,
help_text=
'Specify a node id for a node you would like to use as a template for the '
'new node. Templating is like forking, except that you do not copy the '
'files, only the project structure. Some information is changed on the top '
'level project by submitting the appropriate fields in the request body, '
'and some information will not change. By default, the description will '
'be cleared and the project will be made private.'))
registration_supplement = ser.SerializerMethodField()
registered_meta = HideIfWithdrawal(
ser.SerializerMethodField(
help_text=
'A dictionary with supplemental registration questions and responses.'
))
registered_by = HideIfWithdrawal(
RelationshipField(
related_view='users:user-detail',
related_view_kwargs={'user_id': '<registered_user._id>'}))
registered_from = HideIfWithdrawal(
RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<registered_from._id>'}))
children = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-children',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_node_count'},
))
comments = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-comments',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'unread': 'get_unread_comments_count'},
filter={'target': '<_id>'}))
contributors = RelationshipField(
related_view='registrations:registration-contributors',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_contrib_count'})
implicit_contributors = RelationshipField(
related_view='registrations:registration-implicit-contributors',
related_view_kwargs={'node_id': '<_id>'},
help_text=
'This feature is experimental and being tested. It may be deprecated.')
files = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-providers',
related_view_kwargs={'node_id': '<_id>'}))
wikis = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-wikis',
related_view_kwargs={'node_id': '<_id>'},
))
forked_from = HideIfWithdrawal(
RelationshipField(
related_view=lambda n: 'registrations:registration-detail'
if getattr(n, 'is_registration', False) else 'nodes:node-detail',
related_view_kwargs={'node_id': '<forked_from_id>'}))
template_node = HideIfWithdrawal(
RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<template_node._id>'}))
license = HideIfWithdrawal(
RelationshipField(
related_view='licenses:license-detail',
related_view_kwargs={
'license_id': '<node_license.node_license._id>'
},
))
logs = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-logs',
related_view_kwargs={'node_id': '<_id>'},
))
forks = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-forks',
related_view_kwargs={'node_id': '<_id>'}))
node_links = ShowIfVersion(HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-pointers',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_pointers_count'},
help_text=
'This feature is deprecated as of version 2.1. Use linked_nodes instead.'
)),
min_version='2.0',
max_version='2.0')
parent = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-detail',
related_view_kwargs={'node_id': '<parent_node._id>'},
filter_key='parent_node'))
root = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-detail',
related_view_kwargs={'node_id': '<root._id>'}))
affiliated_institutions = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-institutions',
related_view_kwargs={'node_id': '<_id>'}))
registration_schema = RelationshipField(
related_view='metaschemas:metaschema-detail',
related_view_kwargs={'metaschema_id': '<registered_schema_id>'})
registrations = HideIfRegistration(
RelationshipField(related_view='nodes:node-registrations',
related_view_kwargs={'node_id': '<_id>'}))
draft_registrations = HideIfRegistration(
RelationshipField(related_view='nodes:node-draft-registrations',
related_view_kwargs={'node_id': '<_id>'}))
preprints = HideIfWithdrawal(
HideIfRegistration(
RelationshipField(related_view='nodes:node-preprints',
related_view_kwargs={'node_id': '<_id>'})))
identifiers = HideIfWithdrawal(
RelationshipField(related_view='registrations:identifier-list',
related_view_kwargs={'node_id': '<_id>'}))
linked_nodes = HideIfWithdrawal(
RelationshipField(related_view='registrations:linked-nodes',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_node_links_count'},
self_view='registrations:node-pointer-relationship',
self_view_kwargs={'node_id': '<_id>'}))
linked_registrations = HideIfWithdrawal(
RelationshipField(
related_view='registrations:linked-registrations',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_registration_links_count'},
self_view='registrations:node-registration-pointer-relationship',
self_view_kwargs={'node_id': '<_id>'}))
view_only_links = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-view-only-links',
related_view_kwargs={'node_id': '<_id>'},
related_meta={'count': 'get_view_only_links_count'},
))
citation = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-citation',
related_view_kwargs={'node_id': '<_id>'}))
links = LinksField({
'self': 'get_registration_url',
'html': 'get_absolute_html_url'
})
def get_registration_url(self, obj):
return absolute_reverse(
'registrations:registration-detail',
kwargs={
'node_id':
obj._id,
'version':
self.context['request'].parser_context['kwargs']['version']
})
def get_absolute_url(self, obj):
return self.get_registration_url(obj)
def create(self, validated_data):
auth = get_user_auth(self.context['request'])
draft = validated_data.pop('draft')
registration_choice = validated_data.pop('registration_choice',
'immediate')
embargo_lifted = validated_data.pop('lift_embargo', None)
reviewer = is_prereg_admin_not_project_admin(self.context['request'],
draft)
try:
draft.validate_metadata(metadata=draft.registration_metadata,
reviewer=reviewer,
required_fields=True)
except ValidationValueError as e:
raise exceptions.ValidationError(e.message)
registration = draft.register(auth, save=True)
if registration_choice == 'embargo':
if not embargo_lifted:
raise exceptions.ValidationError(
'lift_embargo must be specified.')
embargo_end_date = embargo_lifted.replace(tzinfo=pytz.utc)
try:
registration.embargo_registration(auth.user, embargo_end_date)
except ValidationError as err:
raise exceptions.ValidationError(err.message)
else:
try:
registration.require_approval(auth.user)
except NodeStateError as err:
raise exceptions.ValidationError(err)
registration.save()
return registration
def get_registered_meta(self, obj):
if obj.registered_meta:
meta_values = obj.registered_meta.values()[0]
try:
return json.loads(meta_values)
except TypeError:
return meta_values
except ValueError:
return meta_values
return None
def get_embargo_end_date(self, obj):
if obj.embargo_end_date:
return obj.embargo_end_date
return None
def get_registration_supplement(self, obj):
if obj.registered_schema:
schema = obj.registered_schema.first()
if schema is None:
return None
return schema.name
return None
def get_current_user_permissions(self, obj):
return NodeSerializer.get_current_user_permissions(self, obj)
def update(self, registration, validated_data):
auth = Auth(self.context['request'].user)
# Update tags
if 'tags' in validated_data:
new_tags = validated_data.pop('tags', [])
try:
registration.update_tags(new_tags, auth=auth)
except NodeStateError as err:
raise Conflict(err.message)
is_public = validated_data.get('is_public', None)
if is_public is not None:
if is_public:
try:
registration.update(validated_data, auth=auth)
except NodeUpdateError as err:
raise exceptions.ValidationError(err.reason)
except NodeStateError as err:
raise exceptions.ValidationError(err.message)
else:
raise exceptions.ValidationError(
'Registrations can only be turned from private to public.')
return registration
class Meta:
type_ = 'registrations'
class PreprintSerializer(JSONAPISerializer):
filterable_fields = frozenset([
'id',
'date_created',
'date_modified',
'date_published',
'original_publication_date',
'provider',
'is_published',
'subjects',
'reviews_state',
'node_is_public',
])
id = IDField(source='_id', read_only=True)
subjects = ser.SerializerMethodField()
date_created = DateByVersion(read_only=True)
date_modified = DateByVersion(read_only=True)
date_published = DateByVersion(read_only=True)
original_publication_date = DateByVersion(required=False)
doi = ser.CharField(source='article_doi', required=False, allow_null=True)
is_published = ser.BooleanField(required=False)
is_preprint_orphan = ser.BooleanField(read_only=True)
license_record = NodeLicenseSerializer(required=False, source='license')
title = ser.CharField(source='node.title', required=False)
description = ser.CharField(required=False,
allow_blank=True,
allow_null=True,
source='node.description')
tags = JSONAPIListField(child=NodeTagField(),
required=False,
source='node.tags')
node_is_public = ser.BooleanField(read_only=True, source='node__is_public')
contributors = RelationshipField(
related_view='nodes:node-contributors',
related_view_kwargs={'node_id': '<node._id>'},
)
reviews_state = ser.CharField(read_only=True, max_length=15)
date_last_transitioned = DateByVersion(read_only=True)
citation = RelationshipField(related_view='preprints:preprint-citation',
related_view_kwargs={'preprint_id': '<_id>'})
identifiers = RelationshipField(
related_view='preprints:identifier-list',
related_view_kwargs={'preprint_id': '<_id>'})
node = NodeRelationshipField(related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<node._id>'},
read_only=False)
license = PreprintLicenseRelationshipField(
related_view='licenses:license-detail',
related_view_kwargs={'license_id': '<license.node_license._id>'},
read_only=False)
provider = PreprintProviderRelationshipField(
related_view='preprint_providers:preprint_provider-detail',
related_view_kwargs={'provider_id': '<provider._id>'},
read_only=False)
files = RelationshipField(related_view='nodes:node-providers',
related_view_kwargs={'node_id': '<_id>'})
primary_file = PrimaryFileRelationshipField(
related_view='files:file-detail',
related_view_kwargs={'file_id': '<primary_file._id>'},
lookup_url_kwarg='file_id',
read_only=False)
actions = RelationshipField(related_view='preprints:preprint-action-list',
related_view_kwargs={'preprint_id': '<_id>'})
links = LinksField({
'self': 'get_preprint_url',
'html': 'get_absolute_html_url',
'doi': 'get_article_doi_url',
'preprint_doi': 'get_preprint_doi_url'
})
class Meta:
type_ = 'preprints'
def get_subjects(self, obj):
return [[TaxonomyField().to_representation(subj) for subj in hier]
for hier in obj.subject_hierarchy]
def get_preprint_url(self, obj):
return absolute_reverse(
'preprints:preprint-detail',
kwargs={
'preprint_id':
obj._id,
'version':
self.context['request'].parser_context['kwargs']['version']
})
def get_absolute_url(self, obj):
return self.get_preprint_url(obj)
def get_article_doi_url(self, obj):
return 'https://dx.doi.org/{}'.format(
obj.article_doi) if obj.article_doi else None
def get_preprint_doi_url(self, obj):
doi_identifier = obj.get_identifier('doi')
return 'https://dx.doi.org/{}'.format(
doi_identifier.value) if doi_identifier else None
def run_validation(self, *args, **kwargs):
# Overrides construtor for validated_data to allow writes to a SerializerMethodField
# Validation for `subjects` happens in the model
_validated_data = super(PreprintSerializer,
self).run_validation(*args, **kwargs)
if 'subjects' in self.initial_data:
_validated_data['subjects'] = self.initial_data['subjects']
return _validated_data
def update(self, preprint, validated_data):
assert isinstance(
preprint,
PreprintService), 'You must specify a valid preprint to be updated'
assert isinstance(
preprint.node, Node
), 'You must specify a preprint with a valid node to be updated.'
auth = get_user_auth(self.context['request'])
if not preprint.node.has_permission(auth.user, 'admin'):
raise exceptions.PermissionDenied(
detail='User must be an admin to update a preprint.')
published = validated_data.pop('is_published', None)
if published and preprint.provider.is_reviewed:
raise Conflict(
'{} uses a moderation workflow, so preprints must be submitted for review instead of published directly. Submit a preprint by creating a `submit` Action at {}'
.format(
preprint.provider.name,
absolute_reverse(
'actions:create-action',
kwargs={
'version':
self.context['request'].parser_context['kwargs']
['version']
})))
save_node = False
save_preprint = False
recently_published = False
primary_file = validated_data.pop('primary_file', None)
if primary_file:
self.set_field(preprint.set_primary_file, primary_file, auth)
save_node = True
old_tags = set(preprint.node.tags.values_list('name', flat=True))
if validated_data.get('node') and 'tags' in validated_data['node']:
current_tags = set(validated_data['node'].pop('tags', []))
elif self.partial:
current_tags = set(old_tags)
else:
current_tags = set()
for new_tag in (current_tags - old_tags):
preprint.node.add_tag(new_tag, auth=auth)
for deleted_tag in (old_tags - current_tags):
preprint.node.remove_tag(deleted_tag, auth=auth)
if 'node' in validated_data:
preprint.node.update(fields=validated_data.pop('node'))
save_node = True
if 'subjects' in validated_data:
subjects = validated_data.pop('subjects', None)
self.set_field(preprint.set_subjects, subjects, auth)
save_preprint = True
if 'article_doi' in validated_data:
preprint.node.preprint_article_doi = validated_data['article_doi']
save_node = True
if 'license_type' in validated_data or 'license' in validated_data:
license_details = get_license_details(preprint, validated_data)
self.set_field(preprint.set_preprint_license, license_details,
auth)
save_preprint = True
if 'original_publication_date' in validated_data:
preprint.original_publication_date = validated_data[
'original_publication_date']
save_preprint = True
if published is not None:
if not preprint.primary_file:
raise exceptions.ValidationError(
detail=
'A valid primary_file must be set before publishing a preprint.'
)
self.set_field(preprint.set_published, published, auth)
save_preprint = True
recently_published = published
preprint.node.set_privacy('public')
save_node = True
if save_node:
try:
preprint.node.save()
except ValidationError as e:
# Raised from invalid DOI
raise exceptions.ValidationError(detail=e.messages[0])
if save_preprint:
preprint.save()
# Send preprint confirmation email signal to new authors on preprint! -- only when published
# TODO: Some more thought might be required on this; preprints made from existing
# nodes will send emails making it seem like a new node.
if recently_published:
for author in preprint.node.contributors:
if author != auth.user:
project_signals.contributor_added.send(
preprint.node,
contributor=author,
auth=auth,
email_template='preprint')
return preprint
def set_field(self, func, val, auth, save=False):
try:
func(val, auth)
except PermissionsError as e:
raise exceptions.PermissionDenied(detail=e.message)
except (ValueError, ValidationError, NodeStateError) as e:
raise exceptions.ValidationError(detail=e.message)
class FileSerializer(JSONAPISerializer):
filterable_fields = frozenset([
'id',
'name',
'node',
'kind',
'path',
'materialized_path',
'size',
'provider',
'last_touched',
'tags',
])
id = IDField(source='_id', read_only=True)
type = TypeField()
checkout = CheckoutField()
name = ser.CharField(
read_only=True,
help_text='Display name used in the general user interface')
kind = ser.CharField(read_only=True, help_text='Either folder or file')
path = ser.CharField(
read_only=True,
help_text='The unique path used to reference this object')
size = ser.SerializerMethodField(
read_only=True, help_text='The size of this file at this version')
provider = ser.CharField(
read_only=True,
help_text='The Add-on service this file originates from')
materialized_path = ser.CharField(
read_only=True,
help_text=
'The Unix-style path of this object relative to the provider root')
last_touched = ser.DateTimeField(
read_only=True,
help_text=
'The last time this file had information fetched about it via the OSF')
date_modified = ser.SerializerMethodField(
read_only=True, help_text='Timestamp when the file was last modified')
date_created = ser.SerializerMethodField(
read_only=True, help_text='Timestamp when the file was created')
extra = ser.SerializerMethodField(
read_only=True, help_text='Additional metadata about this file')
tags = JSONAPIListField(child=FileTagField(), required=False)
files = NodeFileHyperLinkField(related_view='nodes:node-files',
related_view_kwargs={
'node_id': '<node_id>',
'path': '<path>',
'provider': '<provider>'
},
kind='folder')
versions = NodeFileHyperLinkField(related_view='files:file-versions',
related_view_kwargs={'file_id': '<_id>'},
kind='file')
comments = FileCommentRelationshipField(
related_view='nodes:node-comments',
related_view_kwargs={'node_id': '<node._id>'},
related_meta={'unread': 'get_unread_comments_count'},
filter={'target': 'get_file_guid'})
links = LinksField({
'info':
Link('files:file-detail', kwargs={'file_id': '<_id>'}),
'move':
WaterbutlerLink(),
'upload':
WaterbutlerLink(),
'delete':
WaterbutlerLink(),
'download':
WaterbutlerLink(must_be_file=True),
'new_folder':
WaterbutlerLink(must_be_folder=True, kind='folder'),
})
class Meta:
type_ = 'files'
def get_size(self, obj):
if obj.versions:
return obj.versions[-1].size
return None
def get_date_modified(self, obj):
mod_dt = None
if obj.provider == 'osfstorage' and obj.versions:
# Each time an osfstorage file is added or uploaded, a new version object is created with its
# date_created equal to the time of the update. The date_modified is the modified date
# from the backend the file is stored on. This field refers to the modified date on osfstorage,
# so prefer to use the date_created of the latest version.
mod_dt = obj.versions[-1].date_created
elif obj.provider != 'osfstorage' and obj.history:
mod_dt = obj.history[-1].get('modified', None)
return mod_dt and mod_dt.replace(tzinfo=pytz.utc)
def get_date_created(self, obj):
creat_dt = None
if obj.provider == 'osfstorage' and obj.versions:
creat_dt = obj.versions[0].date_created
elif obj.provider != 'osfstorage' and obj.history:
# Non-osfstorage files don't store a created date, so instead get the modified date of the
# earliest entry in the file history.
creat_dt = obj.history[0].get('modified', None)
return creat_dt and creat_dt.replace(tzinfo=pytz.utc)
def get_extra(self, obj):
metadata = {}
if obj.provider == 'osfstorage' and obj.versions:
metadata = obj.versions[-1].metadata
elif obj.provider != 'osfstorage' and obj.history:
metadata = obj.history[-1].get('extra', {})
extras = {}
extras['hashes'] = { # mimic waterbutler response
'md5': metadata.get('md5', None),
'sha256': metadata.get('sha256', None),
}
return extras
def get_unread_comments_count(self, obj):
user = self.context['request'].user
if user.is_anonymous():
return 0
return Comment.find_n_unread(user=user,
node=obj.node,
page='files',
root_id=obj.get_guid()._id)
def user_id(self, obj):
# NOTE: obj is the user here, the meta field for
# Hyperlinks is weird
if obj:
return obj._id
return None
def update(self, instance, validated_data):
assert isinstance(instance, FileNode), 'Instance must be a FileNode'
if instance.provider != 'osfstorage' and 'tags' in validated_data:
raise Conflict(
'File service provider {} does not support tags on the OSF.'.
format(instance.provider))
auth = get_user_auth(self.context['request'])
old_tags = set([tag._id for tag in instance.tags])
if 'tags' in validated_data:
current_tags = set(validated_data.pop('tags', []))
else:
current_tags = set(old_tags)
for new_tag in (current_tags - old_tags):
instance.add_tag(new_tag, auth=auth)
for deleted_tag in (old_tags - current_tags):
instance.remove_tag(deleted_tag, auth=auth)
for attr, value in validated_data.items():
if attr == 'checkout':
user = self.context['request'].user
instance.check_in_or_out(user, value)
else:
setattr(instance, attr, value)
instance.save()
return instance
def is_valid(self, **kwargs):
return super(FileSerializer, self).is_valid(clean_html=False, **kwargs)
def get_file_guid(self, obj):
if obj:
guid = obj.get_guid()
if guid:
return guid._id
return None
def get_absolute_url(self, obj):
return api_v2_url('files/{}/'.format(obj._id))
class PreprintSerializer(TaxonomizableSerializerMixin, MetricsSerializerMixin,
JSONAPISerializer):
filterable_fields = frozenset([
'id',
'date_created',
'date_modified',
'date_published',
'original_publication_date',
'provider',
'is_published',
'subjects',
'reviews_state',
'node_is_public',
])
available_metrics = frozenset([
'downloads',
'views',
])
id = IDField(source='_id', read_only=True)
type = TypeField()
date_created = VersionedDateTimeField(source='created', read_only=True)
date_modified = VersionedDateTimeField(source='modified', read_only=True)
date_published = VersionedDateTimeField(read_only=True)
original_publication_date = VersionedDateTimeField(required=False,
allow_null=True)
doi = ser.CharField(source='article_doi', required=False, allow_null=True)
title = ser.CharField(required=True, max_length=512)
description = ser.CharField(required=False,
allow_blank=True,
allow_null=True)
is_published = NoneIfWithdrawal(ser.BooleanField(required=False))
is_preprint_orphan = NoneIfWithdrawal(ser.BooleanField(read_only=True))
license_record = NodeLicenseSerializer(required=False, source='license')
tags = JSONAPIListField(child=NodeTagField(), required=False)
node_is_public = ser.BooleanField(
read_only=True,
source='node__is_public',
help_text='Is supplementary project public?')
preprint_doi_created = NoneIfWithdrawal(
VersionedDateTimeField(read_only=True))
date_withdrawn = VersionedDateTimeField(read_only=True, allow_null=True)
withdrawal_justification = HideIfNotWithdrawal(
ser.CharField(required=False, read_only=True, allow_blank=True))
current_user_permissions = ser.SerializerMethodField(
help_text='List of strings representing the permissions '
'for the current user on this preprint.', )
public = ser.BooleanField(source='is_public',
required=False,
read_only=True)
contributors = RelationshipField(
related_view='preprints:preprint-contributors',
related_view_kwargs={'preprint_id': '<_id>'},
)
reviews_state = ser.CharField(source='machine_state',
read_only=True,
max_length=15)
date_last_transitioned = NoneIfWithdrawal(
VersionedDateTimeField(read_only=True))
citation = NoneIfWithdrawal(
RelationshipField(
related_view='preprints:preprint-citation',
related_view_kwargs={'preprint_id': '<_id>'},
))
identifiers = NoneIfWithdrawal(
RelationshipField(
related_view='preprints:identifier-list',
related_view_kwargs={'preprint_id': '<_id>'},
))
node = NoneIfWithdrawal(
NodeRelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<node._id>'},
read_only=False,
many=False,
self_view='preprints:preprint-node-relationship',
self_view_kwargs={'preprint_id': '<_id>'},
))
license = PreprintLicenseRelationshipField(
related_view='licenses:license-detail',
related_view_kwargs={'license_id': '<license.node_license._id>'},
read_only=False,
)
provider = PreprintProviderRelationshipField(
related_view='providers:preprint-providers:preprint-provider-detail',
related_view_kwargs={'provider_id': '<provider._id>'},
read_only=False,
)
files = NoneIfWithdrawal(
RelationshipField(
related_view='preprints:preprint-storage-providers',
related_view_kwargs={'preprint_id': '<_id>'},
))
primary_file = NoneIfWithdrawal(
PrimaryFileRelationshipField(
related_view='files:file-detail',
related_view_kwargs={'file_id': '<primary_file._id>'},
read_only=False,
))
review_actions = RelationshipField(
related_view='preprints:preprint-review-action-list',
related_view_kwargs={'preprint_id': '<_id>'},
)
requests = NoneIfWithdrawal(
RelationshipField(
related_view='preprints:preprint-request-list',
related_view_kwargs={'preprint_id': '<_id>'},
))
links = LinksField(
{
'self': 'get_preprint_url',
'html': 'get_absolute_html_url',
'doi': 'get_article_doi_url',
'preprint_doi': 'get_preprint_doi_url',
}, )
class Meta:
type_ = 'preprints'
def get_preprint_url(self, obj):
return absolute_reverse(
'preprints:preprint-detail',
kwargs={
'preprint_id':
obj._id,
'version':
self.context['request'].parser_context['kwargs']['version']
})
def get_absolute_url(self, obj):
return self.get_preprint_url(obj)
def get_article_doi_url(self, obj):
return 'https://doi.org/{}'.format(
obj.article_doi) if obj.article_doi else None
def get_current_user_permissions(self, obj):
user = self.context['request'].user
all_perms = ['read', 'write', 'admin']
user_perms = []
for p in all_perms:
if obj.has_permission(user, p):
user_perms.append(p)
return user_perms
def get_preprint_doi_url(self, obj):
doi = None
doi_identifier = obj.get_identifier('doi')
if doi_identifier:
doi = doi_identifier.value
# if a preprint hasn't been published yet, don't show the DOI prematurely
elif obj.is_published:
client = obj.get_doi_client()
doi = client.build_doi(preprint=obj) if client else None
return 'https://doi.org/{}'.format(doi) if doi else None
def update(self, preprint, validated_data):
assert isinstance(
preprint,
Preprint), 'You must specify a valid preprint to be updated'
auth = get_user_auth(self.context['request'])
if not preprint.has_permission(auth.user, osf_permissions.WRITE):
raise exceptions.PermissionDenied(
detail=
'User must have admin or write permissions to update a preprint.'
)
published = validated_data.pop('is_published', None)
if published and preprint.provider.is_reviewed:
raise Conflict(
'{} uses a moderation workflow, so preprints must be submitted for review instead of published directly. Submit a preprint by creating a `submit` Action at {}'
.format(
preprint.provider.name,
absolute_reverse(
'preprints:preprint-review-action-list',
kwargs={
'version':
self.context['request'].parser_context['kwargs']
['version'],
'preprint_id':
preprint._id,
},
),
))
save_preprint = False
recently_published = False
primary_file = validated_data.pop('primary_file', None)
if primary_file:
self.set_field(preprint.set_primary_file, primary_file, auth)
save_preprint = True
old_tags = set(preprint.tags.values_list('name', flat=True))
if 'tags' in validated_data:
current_tags = set(validated_data.pop('tags', []))
elif self.partial:
current_tags = set(old_tags)
else:
current_tags = set()
for new_tag in (current_tags - old_tags):
preprint.add_tag(new_tag, auth=auth)
for deleted_tag in (old_tags - current_tags):
preprint.remove_tag(deleted_tag, auth=auth)
if 'node' in validated_data:
node = validated_data.pop('node', None)
self.set_field(preprint.set_supplemental_node, node, auth)
save_preprint = True
if 'subjects' in validated_data:
subjects = validated_data.pop('subjects', None)
self.set_field(preprint.set_subjects, subjects, auth)
save_preprint = True
if 'title' in validated_data:
title = validated_data['title']
self.set_field(preprint.set_title, title, auth)
save_preprint = True
if 'description' in validated_data:
description = validated_data['description']
self.set_field(preprint.set_description, description, auth)
save_preprint = True
if 'article_doi' in validated_data:
preprint.article_doi = validated_data['article_doi']
save_preprint = True
if 'license_type' in validated_data or 'license' in validated_data:
license_details = get_license_details(preprint, validated_data)
self.set_field(preprint.set_preprint_license, license_details,
auth)
save_preprint = True
if 'original_publication_date' in validated_data:
preprint.original_publication_date = validated_data[
'original_publication_date'] or None
save_preprint = True
if published is not None:
if not preprint.primary_file:
raise exceptions.ValidationError(
detail=
'A valid primary_file must be set before publishing a preprint.'
)
self.set_field(preprint.set_published, published, auth)
save_preprint = True
recently_published = published
preprint.set_privacy('public', log=False, save=True)
if save_preprint:
preprint.save()
if recently_published:
for author in preprint.contributors:
if author != auth.user:
project_signals.contributor_added.send(
preprint,
contributor=author,
auth=auth,
email_template='preprint')
return preprint
def set_field(self, func, val, auth, save=False):
try:
func(val, auth)
except PermissionsError as e:
raise exceptions.PermissionDenied(detail=str(e))
except (ValueError, ValidationError, NodeStateError) as e:
raise exceptions.ValidationError(detail=e.message)
class RegistrationSerializer(NodeSerializer):
category_choices = NodeSerializer.category_choices
category_choices_string = NodeSerializer.category_choices_string
category = HideIfWithdrawal(
ser.ChoiceField(choices=category_choices,
help_text="Choices: " + category_choices_string))
date_modified = HideIfWithdrawal(ser.DateTimeField(read_only=True))
fork = HideIfWithdrawal(ser.BooleanField(read_only=True, source='is_fork'))
collection = HideIfWithdrawal(
ser.BooleanField(read_only=True, source='is_collection'))
node_license = HideIfWithdrawal(NodeLicenseSerializer())
tags = HideIfWithdrawal(
JSONAPIListField(child=NodeTagField(), required=False))
public = HideIfWithdrawal(
ser.BooleanField(
source='is_public',
required=False,
help_text='Nodes that are made public will give read-only access '
'to everyone. Private nodes require explicit read '
'permission. Write and admin access are the same for '
'public and private nodes. Administrators on a parent '
'node have implicit read permissions for all child nodes'))
current_user_permissions = HideIfWithdrawal(
ser.SerializerMethodField(
help_text='List of strings representing the permissions '
'for the current user on this node.'))
pending_embargo_approval = HideIfWithdrawal(
ser.BooleanField(
read_only=True,
source='is_pending_embargo',
help_text=
'The associated Embargo is awaiting approval by project admins.'))
pending_registration_approval = HideIfWithdrawal(
ser.BooleanField(
source='is_pending_registration',
read_only=True,
help_text=
'The associated RegistrationApproval is awaiting approval by project admins.'
))
pending_withdrawal = HideIfWithdrawal(
ser.BooleanField(
source='is_pending_retraction',
read_only=True,
help_text=
'The registration is awaiting withdrawal approval by project admins.'
))
withdrawn = ser.BooleanField(
source='is_retracted',
read_only=True,
help_text='The registration has been withdrawn.')
date_registered = ser.DateTimeField(source='registered_date',
read_only=True,
help_text='Date time of registration.')
embargo_end_date = HideIfWithdrawal(
ser.SerializerMethodField(
help_text='When the embargo on this registration will be lifted.'))
withdrawal_justification = ser.CharField(source='retraction.justification',
read_only=True)
template_from = HideIfWithdrawal(
ser.CharField(
required=False,
allow_blank=False,
allow_null=False,
help_text=
'Specify a node id for a node you would like to use as a template for the '
'new node. Templating is like forking, except that you do not copy the '
'files, only the project structure. Some information is changed on the top '
'level project by submitting the appropriate fields in the request body, '
'and some information will not change. By default, the description will '
'be cleared and the project will be made private.'))
registration_supplement = ser.SerializerMethodField()
registered_meta = HideIfWithdrawal(
ser.SerializerMethodField(
help_text=
'A dictionary with supplemental registration questions and responses.'
))
registered_by = HideIfWithdrawal(
RelationshipField(
related_view='users:user-detail',
related_view_kwargs={'user_id': '<registered_user_id>'}))
registered_from = HideIfWithdrawal(
RelationshipField(
related_view='nodes:node-detail',
related_view_kwargs={'node_id': '<registered_from_id>'}))
children = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-children',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_node_count'},
))
comments = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-comments',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'unread':
'get_unread_comments_count'}))
contributors = RelationshipField(
related_view='registrations:registration-contributors',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_contrib_count'})
files = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-providers',
related_view_kwargs={'node_id': '<pk>'}))
wikis = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-wikis',
related_view_kwargs={'node_id': '<pk>'},
))
forked_from = HideIfWithdrawal(
RelationshipField(
related_view=lambda n: 'registrations:registration-detail'
if getattr(n, 'is_registration', False) else 'nodes:node-detail',
related_view_kwargs={'node_id': '<forked_from_id>'}))
license = HideIfWithdrawal(
RelationshipField(
related_view='licenses:license-detail',
related_view_kwargs={
'license_id': '<node_license.node_license._id>'
},
))
forks = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-forks',
related_view_kwargs={'node_id': '<pk>'}))
node_links = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-pointers',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_pointers_count'}))
parent = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-detail',
related_view_kwargs={'node_id': '<parent_node._id>'},
filter_key='parent_node'))
logs = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-logs',
related_view_kwargs={'node_id': '<pk>'},
))
root = HideIfWithdrawal(
RelationshipField(related_view='registrations:registration-detail',
related_view_kwargs={'node_id': '<root._id>'}))
affiliated_institutions = HideIfWithdrawal(
RelationshipField(
related_view='registrations:registration-institutions',
related_view_kwargs={'node_id': '<pk>'}))
registrations = HideIfRegistration(
RelationshipField(related_view='nodes:node-registrations',
related_view_kwargs={'node_id': '<pk>'}))
identifiers = HideIfWithdrawal(
RelationshipField(related_view='registrations:identifier-list',
related_view_kwargs={'node_id': '<pk>'}))
# TODO: Finish me
# TODO: Override create?
links = LinksField({
'self': 'get_registration_url',
'html': 'get_absolute_html_url'
})
def get_registration_url(self, obj):
return absolute_reverse('registrations:registration-detail',
kwargs={'node_id': obj._id})
def get_absolute_url(self, obj):
return self.get_registration_url(obj)
def get_registered_meta(self, obj):
if obj.registered_meta:
meta_values = obj.registered_meta.values()[0]
try:
return json.loads(meta_values)
except TypeError:
return meta_values
except ValueError:
return meta_values
return None
def get_embargo_end_date(self, obj):
if obj.embargo_end_date:
return obj.embargo_end_date
return None
def get_registration_supplement(self, obj):
if obj.registered_schema:
schema = obj.registered_schema[0]
if schema is None:
return None
return schema.name
return None
def get_current_user_permissions(self, obj):
return NodeSerializer.get_current_user_permissions(self, obj)
def update(self, *args, **kwargs):
raise exceptions.APIException('Registrations cannot be modified.')
class Meta:
type_ = 'registrations'
class PreprintSerializer(JSONAPISerializer):
filterable_fields = frozenset([
'id', 'title', 'tags', 'date_created', 'date_modified', 'contributors',
'subjects', 'doi'
])
title = ser.CharField(required=False)
subjects = JSONAPIListField(child=TaxonomyField(),
required=False,
source='preprint_subjects')
provider = ser.CharField(source='preprint_provider', required=False)
date_created = ser.DateTimeField(read_only=True, source='preprint_created')
date_modified = ser.DateTimeField(read_only=True)
id = IDField(source='_id', required=False)
abstract = ser.CharField(source='description', required=False)
tags = JSONAPIListField(child=NodeTagField(), required=False)
doi = ser.CharField(source='preprint_doi', required=False)
primary_file = PrimaryFileRelationshipField(
related_view='files:file-detail',
related_view_kwargs={'file_id': '<preprint_file._id>'},
lookup_url_kwarg='file_id',
read_only=False)
files = RelationshipField(related_view='nodes:node-providers',
related_view_kwargs={'node_id': '<pk>'})
providers = RelationshipField(
related_view='preprints:preprint-preprint_providers',
related_view_kwargs={'node_id': '<pk>'},
self_view='preprints:preprint-relationships-preprint_providers',
self_view_kwargs={'node_id': '<pk>'})
links = LinksField({
'self': 'get_preprint_url',
'html': 'get_absolute_html_url',
'doi': 'get_doi_url'
})
contributors = RelationshipField(
related_view='nodes:node-contributors',
related_view_kwargs={'node_id': '<pk>'},
related_meta={'count': 'get_contrib_count'},
)
class Meta:
type_ = 'preprints'
def get_preprint_url(self, obj):
return absolute_reverse('preprints:preprint-detail',
kwargs={'node_id': obj._id})
def get_absolute_url(self, obj):
return self.get_preprint_url(obj)
def get_doi_url(self, obj):
return 'https://dx.doi.org/{}'.format(
obj.preprint_doi) if obj.preprint_doi else None
def create(self, validated_data):
node = Node.load(validated_data.pop('_id', None))
if not node:
raise exceptions.NotFound('Unable to find Node with specified id.')
auth = get_user_auth(self.context['request'])
if not node.has_permission(auth.user, permissions.ADMIN):
raise exceptions.PermissionDenied
if node.is_preprint:
raise Conflict(
'This node already stored as a preprint, use the update method instead.'
)
primary_file = validated_data.pop('primary_file', None)
if not primary_file:
raise exceptions.ValidationError(
detail='You must specify a primary_file to create a preprint.')
self.set_node_field(node.set_preprint_file, primary_file, auth)
subjects = validated_data.pop('preprint_subjects', None)
if not subjects:
raise exceptions.ValidationError(
detail=
'You must specify at least one subject to create a preprint.')
self.set_node_field(node.set_preprint_subjects, subjects, auth)
tags = validated_data.pop('tags', None)
if tags:
for tag in tags:
node.add_tag(tag, auth, save=False, log=False)
for key, value in validated_data.iteritems():
setattr(node, key, value)
try:
node.save()
except ValidationValueError as e:
raise exceptions.ValidationError(detail=e.message)
# Send preprint confirmation email signal to new authors on preprint!
for author in node.contributors:
if author != auth.user:
project_signals.contributor_added.send(
node,
contributor=author,
auth=auth,
email_template='preprint')
return node
def update(self, node, validated_data):
from website.models import Node
assert isinstance(node,
Node), 'You must specify a valid node to be updated.'
auth = get_user_auth(self.context['request'])
primary_file = validated_data.pop('primary_file', None)
if primary_file:
self.set_node_field(node.set_preprint_file, primary_file, auth)
subjects = validated_data.pop('preprint_subjects', None)
if subjects:
self.set_node_field(node.set_preprint_subjects, subjects, auth)
old_tags = set([tag._id for tag in node.tags])
if 'tags' in validated_data:
current_tags = set(validated_data.pop('tags', []))
elif self.partial:
current_tags = set(old_tags)
else:
current_tags = set()
for new_tag in (current_tags - old_tags):
node.add_tag(new_tag, auth=auth)
for deleted_tag in (old_tags - current_tags):
node.remove_tag(deleted_tag, auth=auth)
for key, value in validated_data.iteritems():
setattr(node, key, value)
try:
node.save()
except ValidationValueError as e:
raise exceptions.ValidationError(detail=e.message)
return node
def set_node_field(self, func, val, auth):
try:
func(val, auth, save=False)
except PermissionsError:
raise exceptions.PermissionDenied(
'Not authorized to update this node.')
except ValueError as e:
raise exceptions.ValidationError(detail=e.message)
class UserSerializer(JSONAPISerializer):
filterable_fields = frozenset([
'full_name',
'given_name',
'middle_names',
'family_name',
'id'
])
writeable_method_fields = frozenset([
'accepted_terms_of_service',
])
non_anonymized_fields = ['type']
id = IDField(source='_id', read_only=True)
type = TypeField()
full_name = ser.CharField(source='fullname', required=True, label='Full name', help_text='Display name used in the general user interface', max_length=186)
given_name = ser.CharField(required=False, allow_blank=True, help_text='For bibliographic citations')
middle_names = ser.CharField(required=False, allow_blank=True, help_text='For bibliographic citations')
family_name = ser.CharField(required=False, allow_blank=True, help_text='For bibliographic citations')
suffix = HideIfDisabled(ser.CharField(required=False, allow_blank=True, help_text='For bibliographic citations'))
date_registered = HideIfDisabled(VersionedDateTimeField(read_only=True))
active = HideIfDisabled(ser.BooleanField(read_only=True, source='is_active'))
timezone = HideIfDisabled(ser.CharField(required=False, help_text="User's timezone, e.g. 'Etc/UTC"))
locale = HideIfDisabled(ser.CharField(required=False, help_text="User's locale, e.g. 'en_US'"))
social = ListDictField(required=False)
employment = JSONAPIListField(required=False, source='jobs')
education = JSONAPIListField(required=False, source='schools')
can_view_reviews = ShowIfCurrentUser(ser.SerializerMethodField(help_text='Whether the current user has the `view_submissions` permission to ANY reviews provider.'))
accepted_terms_of_service = ShowIfCurrentUser(ser.SerializerMethodField())
links = HideIfDisabled(LinksField(
{
'html': 'absolute_url',
'profile_image': 'profile_image_url',
}
))
nodes = HideIfDisabled(RelationshipField(
related_view='users:user-nodes',
related_view_kwargs={'user_id': '<_id>'},
related_meta={'projects_in_common': 'get_projects_in_common'},
))
quickfiles = HideIfDisabled(QuickFilesRelationshipField(
related_view='users:user-quickfiles',
related_view_kwargs={'user_id': '<_id>'},
))
registrations = HideIfDisabled(RelationshipField(
related_view='users:user-registrations',
related_view_kwargs={'user_id': '<_id>'},
))
institutions = HideIfDisabled(RelationshipField(
related_view='users:user-institutions',
related_view_kwargs={'user_id': '<_id>'},
self_view='users:user-institutions-relationship',
self_view_kwargs={'user_id': '<_id>'},
))
preprints = HideIfDisabled(RelationshipField(
related_view='users:user-preprints',
related_view_kwargs={'user_id': '<_id>'},
))
class Meta:
type_ = 'users'
def get_projects_in_common(self, obj):
user = get_user_auth(self.context['request']).user
if obj == user:
return user.contributor_to.count()
return obj.n_projects_in_common(user)
def absolute_url(self, obj):
if obj is not None:
return obj.absolute_url
return None
def get_absolute_url(self, obj):
return absolute_reverse('users:user-detail', kwargs={
'user_id': obj._id,
'version': self.context['request'].parser_context['kwargs']['version']
})
def get_can_view_reviews(self, obj):
group_qs = GroupObjectPermission.objects.filter(group__user=obj, permission__codename='view_submissions')
return group_qs.exists() or obj.userobjectpermission_set.filter(permission__codename='view_submissions')
def get_accepted_terms_of_service(self, obj):
return bool(obj.accepted_terms_of_service)
def profile_image_url(self, user):
size = self.context['request'].query_params.get('profile_image_size')
return user.profile_image_url(size=size)
def validate_employment(self, value):
validate_user_json(value, 'employment-schema.json')
return value
def validate_education(self, value):
validate_user_json(value, 'education-schema.json')
return value
def update(self, instance, validated_data):
assert isinstance(instance, OSFUser), 'instance must be a User'
for attr, value in validated_data.items():
if 'social' == attr:
for key, val in value.items():
# currently only profileWebsites are a list, the rest of the social key only has one value
if key == 'profileWebsites':
instance.social[key] = val
else:
if len(val) > 1:
raise InvalidModelValueError(
detail='{} only accept a list of one single value'. format(key)
)
instance.social[key] = val[0]
elif 'accepted_terms_of_service' == attr:
if value and not instance.accepted_terms_of_service:
instance.accepted_terms_of_service = timezone.now()
else:
setattr(instance, attr, value)
try:
instance.save()
except ValidationValueError as e:
raise InvalidModelValueError(detail=e.message)
except ValidationError as e:
raise InvalidModelValueError(e)
return instance
