def create(self, validated_data): request = self.context.get('request') # If a Server Admin declares another user as creator, set it to that other user. Otherwise, use request.user user = validated_data.pop('cached_creator', None) if user: validated_data['created_by'] = user potential_email = validated_data['email'] if validated_data.get('badgrapp') is None: validated_data['badgrapp'] = BadgrApp.objects.get_current(request) # Server admins are exempt from email verification requirement. They will enforce it themselves. if not request_authenticated_with_server_admin_token( request) and not validated_data[ 'created_by'].is_email_verified(potential_email): raise serializers.ValidationError( "Issuer email must be one of your verified addresses. Add this email to your profile and try again." ) staff = validated_data.pop('staff_items', []) new_issuer = super(IssuerSerializerV2, self).create(validated_data) # update staff after issuer is created new_issuer.staff_items = staff return new_issuer
def validate(self, data): if data.get('badgrapp' ) and not request_authenticated_with_server_admin_token( self.context.get('request')): data.pop('badgrapp') return data
def validate_createdBy(self, val): if not request_authenticated_with_server_admin_token( self.context.get('request')): return None return val