def update(self, request, pantry_id, food_id): # Retrieve data parameters... amount = float(request.data.get('amount')) unit_of_measure_id = int(request.data.get('unit_of_measure')) unit_of_measure = get_object_or_404(UnitOfMeasure, pk=unit_of_measure_id) # Retrieve pantry... get_user_pantry_or_404(request.user, pantry_id=pantry_id) # Retrieve food... get_object_or_404(Food, pk=food_id) # Find pantry food... try: pantry_food = PantryFood.objects.select_related('pantry', 'food').get( pantry__pk=pantry_id, food__pk=food_id ) except PantryFood.DoesNotExist: return Response(status=status.HTTP_400_BAD_REQUEST, data={ 'message': 'The specified food is not in your pantry.' }) else: pantry_food.amount = amount pantry_food.unit_of_measure = unit_of_measure pantry_food.save() return Response(status=status.HTTP_200_OK)
def post(self, request, provider_id): """ POST handler. """ provider = generics.get_object_or_404(CreditProvider, provider_id=provider_id) data = request.data # Ensure the input data is valid serializer = CreditProviderCallbackSerializer(data=data, provider=provider) serializer.is_valid(raise_exception=True) # Update the credit request status request_uuid = data["request_uuid"] new_status = data["status"] credit_request = generics.get_object_or_404(CreditRequest, uuid=request_uuid, provider=provider) old_status = credit_request.status credit_request.status = new_status credit_request.save() log.info( "Updated [%s] CreditRequest [%s] from status [%s] to [%s].", provider_id, request_uuid, old_status, new_status, ) return Response()
def social_routes(self, request, *args, **kwargs): ''' return a list of [ {profile_id: ''} ] ''' target_user_id = request.query_params.get('target_user') dest_profile = get_object_or_404(Profile, user_id=target_user_id) src_profile = get_object_or_404(Profile, user=request.user) routes = calculate_topN_social_routes(src_profile, dest_profile, 10) profile_id_set = set() for route in routes: profile_id_set.update(route['profile_ids']) p_qs = Profile.objects.filter(id__in=profile_id_set).values('id', 'user__nickname', 'user__username', 'phone_num') id_profile_dict = {} for p in p_qs: nickname = p.pop('user__nickname') username = p.pop('user__username') p.update({ 'display_name': nickname or username, }) # if display_name is '' then from user's own mobile if p['display_name']: p.pop('phone_num') id_profile_dict[ p['id'] ] = p result = [] for route in routes: result.append( self._prepare_route_result(route, id_profile_dict) ) return Response(result)
def retrieve(self, request, pk=None): if is_integer(pk): queryset = get_object_or_404(Project, pk=pk) else: queryset = get_object_or_404(Project, linkname=pk) serializer = ProjectSerializer(queryset) return Response(serializer.data)
def get_object(self, queryset=None): obj = super(DataViewSet, self).get_object() pk_lookup, dataid_lookup = self.lookup_fields pk = self.kwargs.get(pk_lookup) dataid = self.kwargs.get(dataid_lookup) if pk is not None and dataid is not None: try: int(dataid) except ValueError: raise ParseError(_(u"Invalid dataid %(dataid)s" % {'dataid': dataid})) if not obj.is_merged_dataset: obj = get_object_or_404(Instance, pk=dataid, xform__pk=pk, deleted_at__isnull=True) else: xforms = obj.mergedxform.xforms.filter(deleted_at__isnull=True) pks = [xform_id for xform_id in xforms.values_list('pk', flat=True)] obj = get_object_or_404(Instance, pk=dataid, xform_id__in=pks, deleted_at__isnull=True) return obj
def post(self, request, *args, **kwargs): print "Updating" self.folder = get_object_or_404(self.get_queryset(), pk=self.kwargs["pk"]) self.ctype = get_object_or_404(ContentType, model=self.kwargs["model"], app_label=self.kwargs["app"]) self.object = get_object_or_404(self.ctype.model_class(), pk=self.kwargs["pki"]) FolderContent.objects.create(folder=self.folder, content_object=self.object) return Response({"ok": 1}, status=status.HTTP_201_CREATED)
def reduce_score(self, request, *args, **kwargs): student_id = kwargs.get('student_id') problem_id = kwargs.get('problem_id') student = get_object_or_404(User.objects.all(), member_id=student_id) problem = get_object_or_404(Problem.objects.all(), id=problem_id) assignment = problem.assignment_id try: instance = PlagiarismRequest.objects.get(assignment=assignment) if not instance.status: return Response({'status': 'failure', 'message': 'Plagiarism Check not done'}, status=status.HTTP_400_BAD_REQUEST) points = self.request.data.get('points', None) print "points", points if points is None or not (0 <= points <= problem.points): return Response({'status': 'failure', 'message': 'Invalid point allocation'}, status=status.HTTP_400_BAD_REQUEST) problem_score = get_object_or_404(ProblemScore, student=student, problem=problem) problem_score.score = points problem_score.save() return Response({'status': 'success', 'message': 'Points Updated'}, status=status.HTTP_200_OK) except PlagiarismRequest.DoesNotExist: return Response({'status': 'failure', 'message': 'Plagiarism Check not done'}, status=status.HTTP_400_BAD_REQUEST)
def create(self, request, pantry_id, food_id): # Retrieve data parameters... amount = float(request.data.get('amount')) unit_of_measure_id = int(request.data.get('unit_of_measure')) unit_of_measure = get_object_or_404(UnitOfMeasure, pk=unit_of_measure_id) # Retrieve pantry... user_pantry = get_user_pantry_or_404(request.user, pantry_id=pantry_id) # Retrieve food... food = get_object_or_404(Food, pk=food_id) # Find pantry food... try: PantryFood.objects.select_related('pantry', 'food').get(pantry__pk=pantry_id, food__pk=food_id) return Response(status=status.HTTP_400_BAD_REQUEST, data={ 'message': 'The specified food is already in your pantry.' }) except PantryFood.DoesNotExist: PantryFood.objects.create( pantry=user_pantry.pantry, food=food, amount=amount, unit_of_measure=unit_of_measure ) return Response(status=status.HTTP_201_CREATED)
def get(self, request, *args, **kwargs): account_slug = kwargs['account_slug'] board_slug = kwargs['board_slug'] account_collaborator = get_object_or_404( AccountCollaborator.objects.select_related('account', 'user'), account__slug=account_slug, is_owner=True) if account_collaborator.account.type == Account.PERSONAL_ACCOUNT: boards = account_collaborator.user.boards board = get_object_or_404(boards, slug=board_slug) collaborator_users = [] if board.is_shared: collaborator_users = BoardCollaborator.objects.filter( board_id=board.id, user__isnull=False ).values_list('user', flat=True) data = { 'board': board, 'collaborator_users': collaborator_users } return Response(data, template_name='index.html')
def create(self, request, **kwargs): app = get_object_or_404(self.model, id=kwargs['id']) if request.user != app.owner and not request.user.is_superuser: return Response(status=status.HTTP_403_FORBIDDEN) user = get_object_or_404(User, username=request.DATA['username']) assign_perm(self.perm, user, app) models.log_event(app, "User {} was granted access to {}".format(user, app)) return Response(status=status.HTTP_201_CREATED)
def destroy(self, request, pk=None, parent_lookup_organization=None): '''Remove a user from an organization.''' user = get_object_or_404(User, pk=pk) org = get_object_or_404( SeedOrganization, pk=parent_lookup_organization) self.check_object_permissions(request, org) org.users.remove(user) return Response(status=status.HTTP_204_NO_CONTENT)
def update(self, request, pk=None, parent_lookup_organization=None): '''Add a user to an organization.''' user = get_object_or_404(User, pk=pk) org = get_object_or_404( SeedOrganization, pk=parent_lookup_organization) self.check_object_permissions(request, org) org.users.add(user) return Response(status=status.HTTP_204_NO_CONTENT)
def create(self, request, *args, **kwargs): request._data = request.DATA.copy() app = request.DATA["app"] = get_object_or_404(models.App, id=self.kwargs["id"]) # check the user is authorized for this app user = request.DATA["owner"] = get_object_or_404(User, username=self.request.DATA["receive_user"]) if user == app.owner or user in get_users_with_perms(app): return super(AppPushViewSet, self).create(request, *args, **kwargs) raise PermissionDenied()
def create(self, request, **kwargs): app = get_object_or_404(self.model, id=kwargs['id']) if request.user != app.owner: return Response(status=status.HTTP_403_FORBIDDEN) user = get_object_or_404(User, username=request.DATA['username']) assign_perm(self.perm, user, app) app.publish() tasks.converge_controller.apply_async().wait() return Response(status=status.HTTP_201_CREATED)
def create(self, request, *args, **kwargs): app = get_object_or_404(models.App, id=request.DATA["receive_repo"]) user = get_object_or_404(User, username=request.DATA["receive_user"]) # check the user is authorized for this app if user == app.owner or user in get_users_with_perms(app): config = app.release_set.latest().config serializer = self.get_serializer(config) return Response(serializer.data, status=status.HTTP_200_OK) raise PermissionDenied()
def create(self, request, *args, **kwargs): app = get_object_or_404(models.App, id=request.DATA["receive_repo"]) user = get_object_or_404(User, username=request.DATA["receive_user"]) # check the user is authorized for this app if user == app.owner or user in get_users_with_perms(app): request._data = request.DATA.copy() request.DATA["app"] = app request.DATA["owner"] = user return super(PushHookViewSet, self).create(request, *args, **kwargs) raise PermissionDenied()
def create(self, request, **kwargs): app = get_object_or_404(self.model, id=kwargs["id"]) if request.user != app.owner: return Response(status=status.HTTP_403_FORBIDDEN) user = get_object_or_404(User, username=request.DATA["username"]) assign_perm(self.perm, user, app) app.publish() tasks.converge_controller.apply_async().wait() models.log_event(app, "User {} was granted access to {}".format(user, app)) return Response(status=status.HTTP_201_CREATED)
def destroy(self, request, **kwargs): app = get_object_or_404(self.model, id=kwargs['id']) if request.user != app.owner and not request.user.is_superuser: return Response(status=status.HTTP_403_FORBIDDEN) user = get_object_or_404(User, username=kwargs['username']) if user.has_perm(self.perm, app): remove_perm(self.perm, user, app) models.log_event(app, "User {} was revoked access to {}".format(user, app)) return Response(status=status.HTTP_204_NO_CONTENT) else: return Response(status=status.HTTP_404_NOT_FOUND)
def update(self, request, pk): product = get_object_or_404(Product, pk=pk) self.check_object_permissions(request, product) # compruebo si el usuario autenticado puede hacer PUT en este product serializer = ProductUpdateSerializer(instance=product, data=request.data) if serializer.is_valid(): category = get_object_or_404(Category, index=request.data.get('category', dict()).get('index')) seller = get_object_or_404(Profile, user=request.user) product = serializer.save(seller=seller, category=category) response_serializer = ProductSerializer(product) return Response(response_serializer.data, status=status.HTTP_200_OK) else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def destroy(self, request, **kwargs): app = get_object_or_404(self.model, id=kwargs['id']) if request.user != app.owner: return Response(status=status.HTTP_403_FORBIDDEN) user = get_object_or_404(User, username=kwargs['username']) if user.has_perm(self.perm, app): remove_perm(self.perm, user, app) app.publish() tasks.converge_controller.apply_async().wait() return Response(status=status.HTTP_204_NO_CONTENT) else: return Response(status=status.HTTP_404_NOT_FOUND)
def create(self, request, *args, **kwargs): app = get_object_or_404(models.App, id=request.DATA['receive_repo']) user = get_object_or_404( User, username=request.DATA['receive_user']) # check the user is authorized for this app if user == app.owner or user in get_users_with_perms(app): request._data = request.DATA.copy() request.DATA['app'] = app request.DATA['owner'] = user super(BuildHookViewSet, self).create(request, *args, **kwargs) # return the application databag return Response(app.calculate(), status=status.HTTP_200_OK) raise PermissionDenied()
def delete(self, request, *args, **kwargs): try: uuid = request.data['uuid'] except KeyError: raise Http404 filter_params = { 'uuid': uuid, 'user': request.user } get_object_or_404(self.model, **filter_params).delete() return Response(status=204)
def destroy(self, request, **kwargs): app = get_object_or_404(self.model, id=kwargs["id"]) if request.user != app.owner: return Response(status=status.HTTP_403_FORBIDDEN) user = get_object_or_404(User, username=kwargs["username"]) if user.has_perm(self.perm, app): remove_perm(self.perm, user, app) app.publish() tasks.converge_controller.apply_async().wait() models.log_event(app, "User {} was revoked access to {}".format(user, app)) return Response(status=status.HTTP_204_NO_CONTENT) else: return Response(status=status.HTTP_404_NOT_FOUND)
def assignment_review(self, request, *args, **kwargs): review = self.request.data.get('review', None) if not review: return Response({'status': 'failure'}, status=status.HTTP_400_BAD_REQUEST) student_id = kwargs.get('student_id') assignment_id = kwargs.get('assignment_id') student = get_object_or_404(User.objects.all(), member_id=student_id) assignment = get_object_or_404(Assignment.objects.all(), id=assignment_id) instance = AssignmentReview(student=student, assignment=assignment, review=review) instance.save() return Response({'status': 'success', 'message': 'Review added'}, status=status.HTTP_201_CREATED)
def submission_review(self, request, *args, **kwargs): review = self.request.data.get('review', None) if not review: return Response({'status': 'failure'}, status=status.HTTP_400_BAD_REQUEST) student_id = kwargs.get('student_id') problem_id = kwargs.get('problem_id') student = get_object_or_404(User.objects.all(), member_id=student_id) problem = get_object_or_404(Problem.objects.all(), id=problem_id) instance = ProblemReview(student=student, problem=problem, review=review) instance.save() return Response({'status': 'success', 'message': 'Review added'}, status=status.HTTP_201_CREATED)
def get_lookup_or_logged_user(self, queryset, must_auth=True, model=None): lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_field if lookup_url_kwarg in self.kwargs: # 获取指定 user filter_kwargs = {self.lookup_field: self.kwargs[lookup_url_kwarg]} return generics.get_object_or_404(queryset, **filter_kwargs) elif logged_permission.has_permission(self.request, self): # 验证登录 logged = self.request.user if not model or isinstance(logged, model): return logged return generics.get_object_or_404(queryset, pk=logged.pk) elif must_auth: self.permission_denied(self.request)
def check_team_permissions(self, request, teamid, orgid=None): if orgid is not None: team = get_object_or_404( SeedTeam, pk=teamid, organization_id=orgid) else: team = get_object_or_404(SeedTeam, pk=teamid) permission = permissions.TeamPermission() fake_request = clone_request(request, 'PUT') if not permission.has_object_permission(fake_request, self, team): self.permission_denied( request, message=getattr(permission, 'message', None) ) return team
def post(self, request): data = json.loads(request.body) email = data.get('email', None) movie_id = data.get('movie_id', None) user = get_object_or_404(User, email=email) wish = get_object_or_404(Wish, user=user, movie_id=movie_id) if wish: wish.delete() return Response({ 'success': True }, headers={ 'Access-Control-Allow-Origin': '*' })
def create(self, request, *args, **kwargs): app = get_object_or_404(models.App, id=request.DATA['receive_repo']) user = get_object_or_404( User, username=request.DATA['receive_user']) # check the user is authorized for this app if user == app.owner or user in get_users_with_perms(app): request._data = request.DATA.copy() request.DATA['app'] = app request.DATA['owner'] = user super(BuildHookViewSet, self).create(request, *args, **kwargs) # return the application databag response = {'release': {'version': app.release_set.latest().version}, 'domains': ['.'.join([app.id, app.cluster.domain])]} return Response(response, status=status.HTTP_200_OK) raise PermissionDenied()
def get_stack(self, check_permissions=True): queryset = models.Stack.objects.all() obj = get_object_or_404(queryset, id=self.kwargs.get('pk')) if check_permissions: self.check_object_permissions(self.request, obj) return obj
def get_object(self): return get_object_or_404( Page, chapter__slug=self.kwargs['chapter'], slug=self.kwargs['slug'])
def get(self, request, pk): user = get_object_or_404(User, username=pk) self.check_object_permissions(request, user) serializer = UserSerializer(user) return Response(serializer.data)
def perform_create(self, serializer): post = get_object_or_404(Post, pk=self.kwargs['post_pk']) serializer.save(author=self.request.user, post=post) return super().perform_create(serializer)
def get(self, request, pk=None, *args, **kwargs): serializer = self.get_serializer(get_object_or_404(self.get_queryset(), pk=pk), many=False, context={'request': request}) return Response(serializer.data)
def get_object(self): obj = get_object_or_404(self.get_queryset(), id=self.request.user.id) self.check_object_permissions(self.request, obj) return obj
def get_generator(self): job = get_object_or_404(Job, identifier=self.kwargs['identifier']) self.check_object_permissions(self.request, job) return JobArchiveGenerator(job)
def perform_create(self, seralizer): question = get_object_or_404(Question, pk=self.kwargs.get("question_id")) seralizer.save(question=question)
def get_folder_object(self): return get_object_or_404(self.folders_queryset, space_id=self.kwargs['pk'], pk=self.kwargs['folder_id'])
def get_object(self): return get_object_or_404(core.models.Space.objects.owned(self.request.user), pk=self.kwargs['pk'])
def reset(self, request, pk=None): review = get_object_or_404(UserSpecific, pk=pk) review.reset() return Response(status=status.HTTP_204_NO_CONTENT)
def get_object(self, pk): article = get_object_or_404(Article, pk=pk) return article
def get_object(self): instance = get_object_or_404( PostPhoto.objects.filter(pk=self.kwargs['photo_pk'])) self.check_object_permissions(self.request, instance) return instance
def _initialize_context(self) -> None: # pylint:disable=attribute-defined-outside-init super()._initialize_context() self.job = get_object_or_404(ExperimentJob, id=self.job_id, experiment=self.experiment)
def lookup_document(self): qs = Document.objects.undeleted().no_xml() doc_id = self.kwargs['document_id'] return get_object_or_404(qs, id=doc_id)
def get(request, short_code): log = get_object_or_404(filter_query(request, Log.objects.all()), short_code=short_code) serializer = LogSerializer(log) return Response(serializer.data)
def get_object(self): queryset = self.get_queryset() obj = get_object_or_404(queryset, user=self.request.user) self.check_object_permissions(self.request, obj) return obj
def create(self, request, *args, **kwargs): job = get_object_or_404(Job, pk=self.kwargs['job_id']) if not JobAccess(request.user, job).can_decide: raise exceptions.PermissionDenied( _("You don't have an access to decide the job")) return super(CreateDecisionView, self).create(request, *args, **kwargs)
def get_object(self): return get_object_or_404(queryset=self.get_queryset(), id=self.kwargs.get("comment_pk"))
def get_job(self, **kwargs): job = get_object_or_404(Job, **kwargs) if not JobAccess(self.request.user, job).can_decide: raise exceptions.PermissionDenied( _("You don't have an access to start decision of this job")) return job
def delete(self, request, pk): watchlist = get_object_or_404(WatchList.objects.all(), pk=pk) watchlist.delete() return Response( {"message": "watchlist with id `{}` has been deleted.".format(pk)}, status=204)
def perform_create(self, serializer): poll = get_object_or_404(Poll, pk=self.kwargs.get("poll_id")) serializer.save(poll=poll)
def delete(self, request): token = get_object_or_404(Token, user=request.user) token.delete() return Response(status=status.HTTP_204_NO_CONTENT)
def get_request(self): queryset = get_request_queryset(self.request, ResourceRequest.objects.all()) queryset = queryset.filter( external_id=self.kwargs.get("resource_external_id")) return get_object_or_404(queryset)
def get_queryset(self): task = generics.get_object_or_404(Task.objects.for_user( self.request.user), pk=self.kwargs.get('pk', 0)) return Annotation.objects.filter( Q(task=task) & Q(was_cancelled=False)).order_by('pk')
def delete(self, request, pk): user = get_object_or_404(User, username=pk) self.check_object_permissions(request, user) user.delete() return Response(status=status.HTTP_204_NO_CONTENT)
def post(self, request): id = request.data['Code_Modele'] print(id) modele = get_object_or_404(Modele, Code_Modele=id) modele.delete() return Response(status=201)
def get_object(self): if self.action == "partial_update" or self.action == "destroy": pk = self.request.user # return self.queryset.get(user=user_id) return get_object_or_404(self.queryset, pk=pk) return super().get_object()
def delete(request, short_code): log = get_object_or_404(filter_query(request, Log.objects.all()), short_code=short_code) log.delete() return Response({'detail': f'Log {short_code} has been deleted.'})
def get_object(self): return get_object_or_404( Chapter, book__slug=self.kwargs['book'], slug=self.kwargs['chapter'])
def get_object(self): return get_object_or_404(Repo, project=get_permissible_project(view=self))