class FileUploadSerializer(serializers.Serializer):
file = serializers.FileField(write_only=True)
path = serializers.CharField(write_only=True)
filename = serializers.CharField(write_only=True, required=False)
uploaded_path = serializers.CharField(read_only=True)
uploaded_url = serializers.CharField(read_only=True)
def validate(self, attrs):
if attrs.get('filename') is None:
attrs['filename'] = attrs['file'].name
attrs['full_path'] = os.path.join(attrs['path'], attrs['filename'])
try:
default_storage.get_available_name(attrs['full_path'])
except SuspiciousFileOperation:
raise ValidationError(_('forbidden path'))
return attrs
def save(self, **kwargs):
request = self.context.get('request', None)
uploaded_path = default_storage.save(self.validated_data['full_path'],
self.validated_data['file'])
self.instance = {
'uploaded_path':
uploaded_path,
'uploaded_url':
request.build_absolute_uri(default_storage.url(uploaded_path))
}
class AuthTokenSerializer(serializers.Serializer):
username = serializers.CharField(label=_("Username"))
password = serializers.CharField(label=_("Password"),
style={'input_type': 'password'},
trim_whitespace=False)
def validate(self, attrs):
username = attrs.get('username')
password = attrs.get('password')
if username and password:
user = authenticate(request=self.context.get('request'),
username=username,
password=password)
# The authenticate call simply returns None for is_active=False
# users. (Assuming the default ModelBackend authentication
# backend.)
if not user:
msg = _('Unable to log in with provided credentials.')
raise serializers.ValidationError(msg, code='authorization')
else:
msg = _('Must include "username" and "password".')
raise serializers.ValidationError(msg, code='authorization')
attrs['user'] = user
return attrs
class SqlSerializer(serializers.Serializer):
query = serializers.CharField()
params = ParamsSerializers(required=False)
def validate_query(self, value):
forbidden = ['insert', 'update', 'delete', 'grant', 'show']
for i in range(len(forbidden)):
forbidden.append('({}'.format(forbidden[i]))
if any(
map(
lambda x: ' {} '.format(value.lower()).find(' {} '.format(
x)) != -1, forbidden)):
raise ValidationError('forbidden query')
return value
def execute(self, data):
with connection.cursor() as cursor:
try:
cursor.execute(data['query'], data.get('params', []))
except (DatabaseError, TypeError) as e:
raise SqlError(e)
rows = cursor.fetchall()
def map_column(x):
if not isinstance(x, tuple) or len(x) == 0:
return
if x[0] == '?column?':
return
return x[0]
return {
'data': rows,
'columns': map(map_column, cursor.description)
}
class ReorderSerializer(serializers.Serializer):
ordering_field = serializers.CharField()
forward = serializers.BooleanField()
segment_from = relations.PrimaryKeyRelatedField(
queryset=build_queryset)
segment_to = relations.PrimaryKeyRelatedField(queryset=build_queryset)
item = relations.PrimaryKeyRelatedField(queryset=build_queryset)
def save(self):
ordering_field = self.validated_data['ordering_field']
segment_from = getattr(self.validated_data['segment_from'],
ordering_field)
segment_to = getattr(self.validated_data['segment_to'],
ordering_field)
with transaction.atomic():
if self.validated_data['forward']:
build_queryset.filter(
**{
'{}__gte'.format(ordering_field): segment_from,
'{}__lte'.format(ordering_field): segment_to
}).update(**{ordering_field: F(ordering_field) - 1})
build_queryset.filter(
pk=self.validated_data['item'].pk).update(
**{ordering_field: segment_to})
else:
build_queryset.filter(
**{
'{}__gte'.format(ordering_field): segment_from,
'{}__lte'.format(ordering_field): segment_to
}).update(**{ordering_field: F(ordering_field) + 1})
build_queryset.filter(
pk=self.validated_data['item'].pk).update(
**{ordering_field: segment_from})
class MessageSerializer(serializers.Serializer):
name = serializers.CharField()
params = serializers.JSONField(required=False, default={})
def save(self, **kwargs):
handler = jet.get_message_handler(self.validated_data['name'])
if not handler:
return
return handler(self.validated_data.get('params'))
class GroupSerializer(serializers.Serializer):
group = serializers.CharField()
y_func = serializers.IntegerField()
def __init__(self, *args, **kwargs):
if 'group_serializer' in kwargs:
self.fields['group'] = kwargs.pop('group_serializer')
if 'y_func_serializer' in kwargs:
self.fields['y_func'] = kwargs.pop('y_func_serializer')
super().__init__(*args, **kwargs)
class ResetOrderSerializer(serializers.Serializer):
ordering_field = serializers.CharField()
ordering = serializers.CharField(required=False, allow_null=True)
value_ordering = serializers.CharField(required=False, allow_null=True)
def save(self):
ordering_field = self.validated_data['ordering_field']
ordering = self.validated_data.get('ordering')
value_ordering = self.validated_data.get('value_ordering')
qs = build_queryset
order_by = []
if value_ordering:
field, values_str = value_ordering.split('-', 2)
values = values_str.split(',')
qs = qs.annotate(__custom_order__=Case(
*[
When(**dict([(field, x), ('then', Value(i))]))
for i, x in enumerate(values)
],
default=Value(len(values)),
output_field=IntegerField(),
))
order_by.append('__custom_order__')
if ordering:
order_by.extend(ordering.split(','))
if len(order_by):
qs = qs.order_by(*order_by)
i = 1
for instance in qs:
setattr(instance, ordering_field, i)
instance.save(update_fields=[ordering_field])
i += 1
