Beispiel #1
0
 def respond_with_user(self, request, user_id):
     return JsonResponse(
         self._get_objs(
             annotate(
                 self.get_queryset(request).filter(pk=user_id), request),
             request=request,
         )[0])
Beispiel #2
0
    def login(self, request):
        data = jsonloads(request.body)
        username = data.get('username', '').lower()
        password = data.get('password', '')
        if request.method != 'POST':
            raise BinderMethodNotAllowed()

        user = auth.authenticate(username=username, password=password)

        if user is None:
            raise BinderNotAuthenticated()

        auth.login(request, user)
        return JsonResponse(UserView()._get_obj(user.id, request=request))
Beispiel #3
0
    def get_aggregate(self, request):
        start_date = parse_date(request.GET.get('start_date'))
        end_date = parse_date(request.GET.get('end_date'))

        # Django doesn't have a decent query builder,
        # so we first get the aggregate for each category
        qs = self.get_queryset(request).order_by('id').filter(user=request.user) \
            .annotate(sum_amount=Subquery(
                Transaction.objects.order_by().filter(
                    category=OuterRef('pk'),
                    date__range=(start_date, end_date)
                ).values('category_id')
                .annotate(sum_amount=Sum('amount')).values('sum_amount'),
                output_field=IntegerField()
            )
        ).values('id', 'name', 'color', 'sum_amount')
        res = list(qs.all())

        # And then we get the aggregate for transactions without category
        sum_category_null = TransactionView().get_queryset(request).order_by(
        ).filter(
            user=request.user,
            category__isnull=True,
            date__range=(start_date, end_date)).values('category_id').annotate(
                sum_amount=Sum('amount')).values('sum_amount').all()

        sum_amount = 0
        if len(sum_category_null):
            sum_amount = sum_category_null[0]['sum_amount']

        res.append({
            'id': None,
            'name': None,
            'color': None,
            'sum_amount': sum_amount,
        })

        data = []
        for record in res:
            row = {}
            for k, v in record.items():
                row[k] = v
            data.append(row)

        return JsonResponse({
            'data': data,
            'meta': {
                'total_records': qs.count() + 1
            }
        })
Beispiel #4
0
    def reset(self, request):
        body = jsonloads(request.body)

        # form = ResetForm(body)
        # if not form.is_valid():
        # 	raise BinderValidationError(form.errors)

        for s in self._get_images(body, request):
            file = self._get_file(s)
            original_file = self._get_backup_file(s)
            src_im = Image.open(original_file)
            src_im.save(file.file.name, overwrite=True)
            file.file.close()
            original_file.file.close()

        return JsonResponse([])
Beispiel #5
0
    def rotate(self, request):
        body = jsonloads(request.body)

        form = RotateForm(body)

        if not form.is_valid():
            raise BinderValidationError(form.errors)

        angle = body['angle']

        for s in self._get_images(body, request):
            file = self._get_file(s)
            src_im = Image.open(file)
            rotated_img = src_im.rotate(angle, expand=1)
            rotated_img.save(file.file.name, overwrite=True)
            file.close()
        return JsonResponse([])
Beispiel #6
0
    def dispatch_file_field(self, request, pk=None, file_field=None):
        if isinstance(pk, self.model):
            obj = pk
        else:
            try:
                obj = self.get_queryset(request).get(pk=int(pk))
            except self.model.DoesNotExist:
                raise BinderNotFound()

        res = super().dispatch_file_field(request, obj, file_field)

        if request.method == 'POST':
            data = jsonloads(res.content)
            field = next(iter(data['data']))
            data['data'][field] += self._get_params(obj, field)
            return JsonResponse(data)

        return res
Beispiel #7
0
    def crop(self, request):
        body = jsonloads(request.body)

        form = CropForm(body)
        if not form.is_valid():
            raise BinderValidationError(form.errors)

        x_1 = body['x_1']
        x_2 = body['x_2']
        y_1 = body['y_1']
        y_2 = body['y_2']

        for s in self._get_images(body, request):
            file = self._get_file(s)
            src_im = Image.open(file)
            rotated_img = src_im.crop((x_1, y_1, x_2, y_2))
            rotated_img.save(file.file.name, overwrite=True)
            file.close()

        return JsonResponse([])
Beispiel #8
0
	def login(self, request):
		perm = 'auth.login_user'
		# {permissions/views.py copy-paste}
		if getattr(request, '_permission', None) is None:
			self._parse_permissions(request)
		if perm not in request._permission:
			raise BinderForbidden(perm, request.user)

		try:
			body = jsonloads(request.body)
			username = body.get('username', '')
			password = body.get('password', '')
		except Exception:
			username = request.POST.get('username', '')
			password = request.POST.get('password', '')

		user = authenticate(username=username.lower(), password=password)
		if user is None:
			raise BinderNotAuthenticated()

		request.user = user
		data = self._store(Token(), {'user': user.pk}, request)
		meta = data.setdefault('_meta', {})
		withs = self._get_withs([data['id']], request=request, withs=None)
		meta['with'], meta['with_mapping'], meta['with_related_name_mapping'], field_results = withs

		for datum in data:
			for (w, (view, ids_dict, is_singular)) in field_results.items():
				if is_singular:
					try:
						datum[w] = list(ids_dict[datum['id']])[0]
					except IndexError:
						datum[w] = None
				else:
					datum[w] = list(ids_dict[datum['id']])

		return JsonResponse(data)
Beispiel #9
0
def custom(request):
    return JsonResponse({'custom': True})
Beispiel #10
0
import json
import unittest
from unittest.mock import patch

from django.contrib.auth.models import User, Group
from django.contrib.auth.tokens import default_token_generator
from django.test import TestCase, Client, override_settings

from binder.json import JsonResponse


@patch(
	'binder.plugins.views.UserViewMixIn._reset_pass_for_user',
	side_effect=lambda *args: JsonResponse({}),
)
class UserPasswordResetTestCase(TestCase):

	def setUp(self):
		self.user = User.objects.create_user(username='******', password='******')
		self.user.save()
		self.token = default_token_generator.make_token(self.user)

	def test_reset_call(self, reset_mock):
		client = Client()
		res = client.put('/user/{}/reset_password/'.format(self.user.pk), json.dumps({
			'reset_code': self.token,
			'password': '******',
		}))

		self.assertEqual(200, res.status_code)
Beispiel #11
0
    def send_activation_email(self, request):
        """
		Endpoint that can be used to send an activation mail for an user.
		Calls the _send_activation_email callback if the user is succesfully activated

		Request:

		POST
		{
			"email": "email"
		}

		Response:
		{
			"code": code
		}

		Possible codes:

		sent			Mail is send sucessfully
		already active 	User is already active, no mail was send
		blacklisted		User was not activated

		"""
        if request.method != 'PUT':
            raise BinderMethodNotAllowed()

        # For lack of a better check
        self._require_model_perm('reset_password', request)

        decoded = request.body.decode()
        try:
            body = json.loads(decoded)
        except ValueError:
            raise BinderRequestError(
                _('Invalid request body: not a JSON document.'))

        logger.info('activation email attempt for {}'.format(
            body.get('email', '')))

        if body.get('email') is None:
            raise BinderValidationError({'email': ['missing']})

        try:
            user = self.model._default_manager.get(email=body.get('email'))
        except self.model.DoesNotExist:
            raise BinderNotFound()

        if user.is_active:
            if user.last_login is None:
                # TODO: Figure out a way to make this customisable without
                # allowing injection of arbitrary URLs (phishing!)
                self._send_activation_email(request, user)
                response = JsonResponse({'code': 'sent'})
                response.status_code = 201
            else:
                response = JsonResponse({'code': 'already active'})
        else:
            response = JsonResponse({'code': 'blacklisted'})
            response.status_code = 400

        return response