class FileUploadSerializer(serializers.Serializer): file = serializers.FileField(write_only=True) path = serializers.CharField(write_only=True) filename = serializers.CharField(write_only=True, required=False) uploaded_path = serializers.CharField(read_only=True) uploaded_url = serializers.CharField(read_only=True) def validate(self, attrs): if attrs.get('filename') is None: attrs['filename'] = attrs['file'].name attrs['full_path'] = os.path.join(attrs['path'], attrs['filename']) try: default_storage.get_available_name(attrs['full_path']) except SuspiciousFileOperation: raise ValidationError(_('forbidden path')) return attrs def save(self, **kwargs): request = self.context.get('request', None) uploaded_path = default_storage.save(self.validated_data['full_path'], self.validated_data['file']) self.instance = { 'uploaded_path': uploaded_path, 'uploaded_url': request.build_absolute_uri(default_storage.url(uploaded_path)) }
class AuthTokenSerializer(serializers.Serializer): username = serializers.CharField(label=_("Username")) password = serializers.CharField(label=_("Password"), style={'input_type': 'password'}, trim_whitespace=False) def validate(self, attrs): username = attrs.get('username') password = attrs.get('password') if username and password: user = authenticate(request=self.context.get('request'), username=username, password=password) # The authenticate call simply returns None for is_active=False # users. (Assuming the default ModelBackend authentication # backend.) if not user: msg = _('Unable to log in with provided credentials.') raise serializers.ValidationError(msg, code='authorization') else: msg = _('Must include "username" and "password".') raise serializers.ValidationError(msg, code='authorization') attrs['user'] = user return attrs
class SqlSerializer(serializers.Serializer): query = serializers.CharField() params = ParamsSerializers(required=False) def validate_query(self, value): forbidden = ['insert', 'update', 'delete', 'grant', 'show'] for i in range(len(forbidden)): forbidden.append('({}'.format(forbidden[i])) if any( map( lambda x: ' {} '.format(value.lower()).find(' {} '.format( x)) != -1, forbidden)): raise ValidationError('forbidden query') return value def execute(self, data): with connection.cursor() as cursor: try: cursor.execute(data['query'], data.get('params', [])) except (DatabaseError, TypeError) as e: raise SqlError(e) rows = cursor.fetchall() def map_column(x): if not isinstance(x, tuple) or len(x) == 0: return if x[0] == '?column?': return return x[0] return { 'data': rows, 'columns': map(map_column, cursor.description) }
class ReorderSerializer(serializers.Serializer): ordering_field = serializers.CharField() forward = serializers.BooleanField() segment_from = relations.PrimaryKeyRelatedField( queryset=build_queryset) segment_to = relations.PrimaryKeyRelatedField(queryset=build_queryset) item = relations.PrimaryKeyRelatedField(queryset=build_queryset) def save(self): ordering_field = self.validated_data['ordering_field'] segment_from = getattr(self.validated_data['segment_from'], ordering_field) segment_to = getattr(self.validated_data['segment_to'], ordering_field) with transaction.atomic(): if self.validated_data['forward']: build_queryset.filter( **{ '{}__gte'.format(ordering_field): segment_from, '{}__lte'.format(ordering_field): segment_to }).update(**{ordering_field: F(ordering_field) - 1}) build_queryset.filter( pk=self.validated_data['item'].pk).update( **{ordering_field: segment_to}) else: build_queryset.filter( **{ '{}__gte'.format(ordering_field): segment_from, '{}__lte'.format(ordering_field): segment_to }).update(**{ordering_field: F(ordering_field) + 1}) build_queryset.filter( pk=self.validated_data['item'].pk).update( **{ordering_field: segment_from})
class MessageSerializer(serializers.Serializer): name = serializers.CharField() params = serializers.JSONField(required=False, default={}) def save(self, **kwargs): handler = jet.get_message_handler(self.validated_data['name']) if not handler: return return handler(self.validated_data.get('params'))
class GroupSerializer(serializers.Serializer): group = serializers.CharField() y_func = serializers.IntegerField() def __init__(self, *args, **kwargs): if 'group_serializer' in kwargs: self.fields['group'] = kwargs.pop('group_serializer') if 'y_func_serializer' in kwargs: self.fields['y_func'] = kwargs.pop('y_func_serializer') super().__init__(*args, **kwargs)
class ResetOrderSerializer(serializers.Serializer): ordering_field = serializers.CharField() ordering = serializers.CharField(required=False, allow_null=True) value_ordering = serializers.CharField(required=False, allow_null=True) def save(self): ordering_field = self.validated_data['ordering_field'] ordering = self.validated_data.get('ordering') value_ordering = self.validated_data.get('value_ordering') qs = build_queryset order_by = [] if value_ordering: field, values_str = value_ordering.split('-', 2) values = values_str.split(',') qs = qs.annotate(__custom_order__=Case( *[ When(**dict([(field, x), ('then', Value(i))])) for i, x in enumerate(values) ], default=Value(len(values)), output_field=IntegerField(), )) order_by.append('__custom_order__') if ordering: order_by.extend(ordering.split(',')) if len(order_by): qs = qs.order_by(*order_by) i = 1 for instance in qs: setattr(instance, ordering_field, i) instance.save(update_fields=[ordering_field]) i += 1