def update(self, request, pk):
"""Update Event.
Needs BodyRole with `UpdE` for at least one associated body.
Disassociating bodies from the event requires the `DelE`
permission and associating needs `AddE`"""
# Prevent events without any body
if 'bodies_id' not in request.data or not request.data['bodies_id']:
return forbidden_no_privileges()
# Get difference in bodies
event = self.get_event(pk)
old_bodies_id = [str(x.id) for x in event.bodies.all()]
new_bodies_id = request.data['bodies_id']
added_bodies = diff_set(new_bodies_id, old_bodies_id)
removed_bodies = diff_set(old_bodies_id, new_bodies_id)
# Check if user can add events for new bodies
can_add_events = all([
user_has_privilege(request.user.profile, id, 'AddE')
for id in added_bodies
])
# Check if user can remove events for removed
can_del_events = all([
user_has_privilege(request.user.profile, id, 'DelE')
for id in removed_bodies
])
# Check if the user can update event for any of the old bodies
can_update = any([
user_has_privilege(request.user.profile, id, 'UpdE')
for id in old_bodies_id
])
if can_add_events and can_del_events and can_update:
# Create added unreusable venues, unlink deleted ones
old_venue_names = [x.name for x in event.venues.all()]
new_venue_names = request.data['venue_names']
added_venues = diff_set(new_venue_names, old_venue_names)
common_venues = list(
set(old_venue_names).intersection(new_venue_names))
common_venue_ids = [
str(x.id) for x in event.venues.filter(name__in=common_venues)
]
added_venue_ids = create_unreusable_locations(added_venues)
request.data['venue_ids'] = added_venue_ids + common_venue_ids
return super().update(request, pk)
return forbidden_no_privileges()
def get_update_venue_ids(venue_names, event):
"""Get venue ids with minimal object creation for updating event."""
old_venue_names = [x.name for x in event.venues.all()]
new_venue_names = venue_names
added_venues = diff_set(new_venue_names, old_venue_names)
common_venues = list(set(old_venue_names).intersection(new_venue_names))
common_venue_ids = [str(x.id) for x in event.venues.filter(name__in=common_venues)]
added_venue_ids = create_unreusable_locations(added_venues)
return added_venue_ids + common_venue_ids
def create(self, request):
"""Create Event.
Needs `AddE` permission for each body to be associated."""
if all([
user_has_privilege(request.user.profile, id, 'AddE')
for id in request.data['bodies_id']
]):
# Fill in ids of venues
request.data['venue_ids'] = create_unreusable_locations(
request.data['venue_names'])
return super().create(request)
return forbidden_no_privileges()