def build_query_from_field(self, field_name, operation):
if field_name == 'author_name':
if operation['op'] != 'eq':
raise InvalidFilterOperator(value=operation['op'],
valid_operators=['eq'])
return Q(author_name__icontains=operation['value'])
if field_name == 'meeting_category':
if operation['op'] != 'eq':
raise InvalidFilterOperator(value=operation['op'],
valid_operators=['eq'])
return Q(meeting_category__icontains=operation['value'])
return super(MeetingSubmissionList,
self).build_query_from_field(field_name, operation)
def _validate_operator(self, field, field_name, op):
"""
Check that the operator and field combination is valid
:raises InvalidFilterComparisonType: If the query contains comparisons against non-date or non-numeric fields
:raises InvalidFilterMatchType: If the query contains comparisons against non-string or non-list fields
:raises InvalidFilterOperator: If the filter operator is not a member of self.COMPARISON_OPERATORS
"""
if op not in set(self.MATCH_OPERATORS + self.COMPARISON_OPERATORS +
self.DEFAULT_OPERATORS):
valid_operators = self._get_valid_operators(field)
raise InvalidFilterOperator(value=op,
valid_operators=valid_operators)
if op in self.COMPARISON_OPERATORS:
if not isinstance(field, self.COMPARABLE_FIELDS):
raise InvalidFilterComparisonType(
parameter='filter',
detail=
"Field '{0}' does not support comparison operators in a filter."
.format(field_name))
if op in self.MATCH_OPERATORS:
if not isinstance(field, self.MATCHABLE_FIELDS):
raise InvalidFilterMatchType(
parameter='filter',
detail=
"Field '{0}' does not support match operators in a filter."
.format(field_name))
def build_query_from_field(self, field_name, operation):
if field_name == 'permission':
if operation['op'] != 'eq':
raise InvalidFilterOperator(value=operation['op'],
valid_operators=['eq'])
# operation['value'] should be 'admin', 'write', or 'read'
query_val = operation['value'].lower().strip()
if query_val not in API_CONTRIBUTOR_PERMISSIONS:
raise InvalidFilterValue(value=operation['value'])
# This endpoint should only be returning *contributors* not group members
resource = self.get_resource()
if query_val == READ:
# If read, return all contributors
return Q(user_id__in=resource.contributors.values_list(
'id', flat=True))
elif query_val == WRITE:
# If write, return members of write and admin groups, both groups have write perms
return Q(user_id__in=(resource.get_group(
WRITE).user_set.values_list('id', flat=True)
| resource.get_group(ADMIN).user_set.
values_list('id', flat=True)))
elif query_val == ADMIN:
# If admin, return only members of admin group
return Q(user_id__in=resource.get_group(
ADMIN).user_set.values_list('id', flat=True))
return super(BaseContributorList,
self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation):
if field_name == 'permission':
if operation['op'] != 'eq':
raise InvalidFilterOperator(value=operation['op'],
valid_operators=['eq'])
# operation['value'] should be 'admin', 'write', or 'read'
if operation['value'].lower().strip() not in PERMISSIONS:
raise InvalidFilterValue(value=operation['value'])
return Q(**{operation['value'].lower().strip(): True})
return super(BaseContributorList,
self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation):
if field_name == 'permission':
if operation['op'] != 'eq':
raise InvalidFilterOperator(value=operation['op'],
valid_operators=['eq'])
# operation['value'] should be 'admin', 'write', or 'read'
query_val = operation['value'].lower().strip()
if query_val not in PERMISSIONS:
raise InvalidFilterValue(value=operation['value'])
return Q(user__in=self.get_resource().get_group(
query_val).user_set.all())
return super(PreprintContributorsList,
self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation):
if field_name == 'parent':
if operation['op'] == 'eq':
if operation['value']:
# filter[parent]=<nid>
parent = utils.get_object_or_error(AbstractNode,
operation['value'],
self.request,
display_name='parent')
node_ids = NodeRelation.objects.filter(
parent=parent,
is_node_link=False).values_list('child_id', flat=True)
return Q(id__in=node_ids)
elif operation['op'] == 'ne':
if not operation['value']:
# filter[parent][ne]=null
child_ids = (NodeRelation.objects.filter(
is_node_link=False,
child___contributors=self.get_user(),
).exclude(parent__type='osf.collection').exclude(
child__is_deleted=True).values_list('child_id',
flat=True))
return Q(id__in=set(child_ids))
# TODO: support this case in the future:
# else filter[parent][ne]=<nid>
raise InvalidFilterValue(
detail=
'Only "null" is accepted as valid input to "filter[parent][ne]"'
)
else:
# filter[parent][gte]=''
raise InvalidFilterOperator(value=operation['op'],
valid_operators=['eq', 'ne'])
if field_name == 'root':
if None in operation['value']:
raise InvalidFilterValue(value=operation['value'])
with_as_root_query = Q(root__guids___id__in=operation['value'])
return ~with_as_root_query if operation[
'op'] == 'ne' else with_as_root_query
if field_name == 'preprint':
not_preprint_query = (Q(preprint_file=None)
| Q(_is_preprint_orphan=True)
| Q(_has_abandoned_preprint=True))
return ~not_preprint_query if utils.is_truthy(
operation['value']) else not_preprint_query
return super(NodesFilterMixin,
self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation):
if field_name == 'role':
if operation['op'] != 'eq':
raise InvalidFilterOperator(value=operation['op'],
valid_operators=['eq'])
# operation['value'] should be 'member' or 'manager'
role = operation['value'].lower().strip()
if role not in GROUP_ROLES:
raise InvalidFilterValue(value=operation['value'])
group = self.get_osf_group(check_object_permissions=False)
return Q(id__in=group.managers if role ==
MANAGER else group.members_only)
return super(GroupMembersList,
self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation):
if field_name == 'permissions':
if operation['op'] != 'eq':
raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq'])
auth = get_user_auth(self.request)
auth_user = getattr(auth, 'user', None)
if not auth_user:
raise NotAuthenticated()
value = operation['value'].lstrip('[').rstrip(']')
permissions = [v.strip() for v in value.split(',')]
if any(p not in PERMISSIONS for p in permissions):
valid_permissions = ', '.join(PERMISSIONS.keys())
raise InvalidFilterValue('Invalid permission! Valid values are: {}'.format(valid_permissions))
return Q(id__in=get_objects_for_user(auth_user, permissions, PreprintProvider, any_perm=True))
return super(PreprintProviderList, self).build_query_from_field(field_name, operation)