Example #1
0
 def post(self, request, lib_key_str):
     """
     Add a user to this content library via email, with permissions specified in the
     request body.
     """
     key = LibraryLocatorV2.from_string(lib_key_str)
     api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM)
     serializer = ContentLibraryAddPermissionByEmailSerializer(data=request.data)
     serializer.is_valid(raise_exception=True)
     try:
         user = User.objects.get(email=serializer.validated_data.get('email'))
     except User.DoesNotExist:
         raise ValidationError({'email': _('We could not find a user with that email address.')})
     grant = api.get_library_user_permissions(key, user)
     if grant:
         return Response(
             {'email': [_('This user already has access to this library.')]},
             status=status.HTTP_400_BAD_REQUEST,
         )
     try:
         api.set_library_user_permissions(key, user, access_level=serializer.validated_data["access_level"])
     except api.LibraryPermissionIntegrityError as err:
         raise ValidationError(detail=str(err))
     grant = api.get_library_user_permissions(key, user)
     return Response(ContentLibraryPermissionSerializer(grant).data)
Example #2
0
 def get(self, request, lib_key_str):
     """
     Get the list of users and groups who have permissions to view and edit
     this library.
     """
     key = LibraryLocatorV2.from_string(lib_key_str)
     api.require_permission_for_library_key(key, request.user, permissions.CAN_VIEW_THIS_CONTENT_LIBRARY_TEAM)
     team = api.get_library_team(key)
     return Response(ContentLibraryPermissionSerializer(team, many=True).data)
Example #3
0
 def get(self, request, lib_key_str, username):
     """
     Gets the current permissions settings for a particular user.
     """
     key = LibraryLocatorV2.from_string(lib_key_str)
     api.require_permission_for_library_key(key, request.user, permissions.CAN_VIEW_THIS_CONTENT_LIBRARY_TEAM)
     user = get_object_or_404(User, username=username)
     grant = api.get_library_user_permissions(key, user)
     if not grant:
         raise NotFound
     return Response(ContentLibraryPermissionSerializer(grant).data)
Example #4
0
 def put(self, request, lib_key_str, username):
     """
     Add a user to this content library, with permissions specified in the
     request body.
     """
     key = LibraryLocatorV2.from_string(lib_key_str)
     api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM)
     serializer = ContentLibraryPermissionLevelSerializer(data=request.data)
     serializer.is_valid(raise_exception=True)
     user = get_object_or_404(User, username=username)
     try:
         api.set_library_user_permissions(key, user, access_level=serializer.validated_data["access_level"])
     except api.LibraryPermissionIntegrityError as err:
         raise ValidationError(detail=str(err))
     grant = api.get_library_user_permissions(key, user)
     return Response(ContentLibraryPermissionSerializer(grant).data)