def filter_queryset(self, request, queryset, view): accessibility_filtering = request.query_params.get( 'order_by', None) == 'accessibility' viewpoint_defined = 'accessibility_viewpoint' in request.query_params if accessibility_filtering and not viewpoint_defined: error_message = "'accessibility_viewpoint' must be defined when ordering by accessibility" raise exceptions.ParseError(error_message) return ResourceFilterSet(request.query_params, queryset=queryset, user=request.user).qs
def save_as_template(self, request, pk=None): obj = self.get_object() name = request.data.get('name') if not name: raise exceptions.ParseError('Missing "name" parameter') template, _ = ProfileIPDataTemplate.objects.update_or_create( name=name, profile=obj.relation.profile, defaults={'data': obj.data}) return Response(ProfileIPDataTemplateSerializer(template).data)
def get(self, request, *args, **kwargs): try: page_size = int( self.request.GET.get('page_size', api_settings.PAGE_SIZE)) except ValueError: raise exceptions.ParseError('Invalid page_size parameter') # Simulate pagination-like results, without actual pagination. queryset = self.filter_queryset(self.get_queryset()[:page_size]) serializer = self.get_serializer(queryset, many=True) return Response({'results': serializer.data})
def _get_entities(self, user, ids): """Return entities queryset based on provided entity ids.""" queryset = Entity.objects.filter(id__in=ids).filter_for_user(user) actual_ids = queryset.values_list("id", flat=True) missing_ids = list(set(ids) - set(actual_ids)) if missing_ids: raise exceptions.ParseError( "Entities with the following ids not found: {}".format( ", ".join(map(str, missing_ids)))) return queryset
def create(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) data = serializer.data data["S-creator"] = request.user.username try: res = es.create(index=data_index, doc_type="data", id=str(uuid.uuid1()).replace("-", ""), body=data) except ConflictError as exc: raise exceptions.ParseError("Document is exists") headers = self.get_success_headers(serializer.data) return Response(res, status=status.HTTP_201_CREATED, headers=headers)
def filter_type(self, queryset, name, value): workarea_type_reverse = dict( (v.lower(), k) for k, v in Workarea.TYPE_CHOICES) try: workarea_type = workarea_type_reverse[value] except KeyError: raise exceptions.ParseError( 'Workarea of type "%s" does not exist' % value) return queryset.filter(**{name: workarea_type})
def get(self, request): address = request.query_params.get("q") if not address: return Response() try: point = get_geo_point_from_address(address) except AddressNotFound: raise exceptions.ParseError(detail="address not found") providers_coverage = get_closest_coverage_for_each_provider_from_point( point) return Response(providers_coverage)
def initial(self, request, *args, **kwargs): super().initial(request, *args, **kwargs) if request.method == 'POST' and self.require_post_token: token = request.data.get('T', request.query_params.get('T', None)) if token is None: logger.info("Missing POST token, %s", data=dict(request.data), request=request) raise exceptions.ParseError("Missing 'T' POST token") user_id = check_post_token(token) if not user_id == request.user.pk: raise BadToken
def finish_item_check(self, request, pk): inbound_detail_id = request.POST.get('inbound_detail_id') inbound_detail = get_object_or_404(InBoundDetail, id=inbound_detail_id) arrival_quantity = int(request.POST.get("arrival_quantity")) inferior_quantity = int(request.POST.get("inferior_quantity")) try: inbound_detail.finish_check(arrival_quantity, inferior_quantity) packing_skus() return Response({'res': True}) except Exception, e0: raise exceptions.ParseError(e0.message)
def initial(self, request, *args, **kwargs): super(ReaderView, self).initial(request, *args, **kwargs) if request.method == 'POST' and self.require_post_token: token = request.DATA.get('T', request.GET.get('T', None)) if token is None: logger.info(u"Missing POST token, {0}".format( request.DATA.dict())) raise exceptions.ParseError("Missing 'T' POST token") user_id = check_post_token(token) if not user_id == request.user.pk: raise BadToken
def to_representation(self, obj): if obj is None: return super(StatsInstanceSerializer, self).to_representation(obj) request = self.context.get('request') method = request.query_params.get('method', None) field = request.query_params.get('field', None) if field and field not in obj.data_dictionary().get_keys(): raise exceptions.ParseError(detail=_("Field not in XForm.")) stats_function = STATS_FUNCTIONS.get(method and method.lower(), get_all_stats) try: data = stats_function(obj, field) except ValueError as e: raise exceptions.ParseError(detail=e.message) return data
def create(self, request, *args, **kwargs): upload_pk = request.data.get('validation_id', '') if not upload_pk: raise exceptions.ParseError(_('No validation_id specified.')) try: upload = FileUpload.objects.get(pk=upload_pk, user=request.user) except FileUpload.DoesNotExist: raise Http404(_('No such upload.')) if not upload.valid: raise exceptions.ParseError( _('The specified upload has not passed validation.')) if 'extension_pk' in self.kwargs: # We are creating a new ExtensionVersion. params = {'parent': self.get_extension_object()} else: # We are creating a new Extension. params = {'user': request.user} # self.model.from_upload() will raise ParseError if appropriate. obj = self.model.from_upload(upload, **params) log.info('%s created: %s' % (self.model, self.model.pk)) # TODO: change create_comm_note to just take a version. if 'extension_pk' in self.kwargs: create_comm_note(obj.extension, obj, request.user, request.data.get('message', ''), note_type=comm.SUBMISSION) else: create_comm_note(obj, obj.latest_version, request.user, request.data.get('message', ''), note_type=comm.SUBMISSION) serializer = self.get_serializer(obj) return Response(serializer.data, status=status.HTTP_201_CREATED)
def perform_update(self, serializer): """ Updates the request and performs any update actions. """ # NOTE: An identity could possible have multiple memberships # It may be better to directly take membership rather than an identity identity = serializer.initial_data.get('identity', {}) membership = None if isinstance(identity, dict): identity_id = identity.get("id", None) else: identity_id = identity try: if identity_id is not None: membership = IdentityMembership.objects.get( identity=identity_id) if membership: instance = serializer.save(end_date=timezone.now(), membership=membership) else: instance = serializer.save(end_date=timezone.now()) except core_exceptions.ProviderLimitExceeded: message = "Only one active request is allowed per provider." raise exceptions.MethodNotAllowed('create', detail=message) except core_exceptions.InvalidMembership: message = ("The user '%s' is not a valid member." % self.request.user.username) raise exceptions.ParseError(detail=message) except IdentityMembership.DoesNotExist: message = ("The identity '%s' does not have a membership" % identity_id) raise exceptions.ParseError(detail=message) if instance.is_approved(): self.approve_action(instance) if instance.is_denied(): self.deny_action(instance)
def create(self, request, *args, **kwargs): uuid = request.data.get('upload', '') if uuid: is_packaged = True else: uuid = request.data.get('manifest', '') is_packaged = False if not uuid: raise exceptions.ParseError( 'No upload or manifest specified.') try: upload = FileUpload.objects.get(uuid=uuid) except FileUpload.DoesNotExist: raise exceptions.ParseError('No upload found.') if not upload.valid: raise exceptions.ParseError('Upload not valid.') if not request.user.read_dev_agreement: log.info(u'Attempt to use API without dev agreement: %s' % request.user.pk) raise exceptions.PermissionDenied('Terms of Service not accepted.') if not (upload.user and upload.user.pk == request.user.pk): raise exceptions.PermissionDenied('You do not own that app.') # Create app, user and fetch the icon. try: obj = Webapp.from_upload(upload, is_packaged=is_packaged) except (serializers.ValidationError, django_forms.ValidationError) as e: raise exceptions.ParseError(unicode(e)) AddonUser(addon=obj, user=request.user).save() tasks.fetch_icon.delay(obj.pk, obj.latest_version.all_files[0].pk) record_action('app-submitted', request, {'app-id': obj.pk}) log.info('App created: %s' % obj.pk) data = AppSerializer( context=self.get_serializer_context(), instance=obj).data return response.Response( data, status=201, headers={'Location': reverse('app-detail', kwargs={'pk': obj.pk})})
def gateway_firewall_rule(request): if request.method == 'POST': try: scene_id = request.shift_data.get('scene', int) gateway_id = request.shift_data.get('gateway') firewall_rule = json.loads(request.shift_data.get('firewall_rule')) except Exception as e: raise exceptions.ParseError(error.INVALID_PARAMS) try: scene_gateway = SceneGateway.objects.get(scene=scene_id, sub_id=gateway_id) except SceneGateway.DoesNotExist as e: raise exceptions.NotFound(error.GATEWAY_NOT_FOUND) gateway_util = SceneHandler(request.user).get_gateway_util(scene_gateway) try: gateway_util.add_firewall_rule(firewall_rule) except SceneException as e: raise exceptions.PermissionDenied(e.message) return Response(status=status.HTTP_201_CREATED) elif request.method == 'DELETE': try: scene_id = request.shift_data.get('scene', int) gateway_id = request.shift_data.get('gateway') firewall_rule = json.loads(request.shift_data.get('firewall_rule')) except Exception as e: raise exceptions.ParseError(error.INVALID_PARAMS) try: scene_gateway = SceneGateway.objects.get(scene=scene_id, sub_id=gateway_id) except SceneGateway.DoesNotExist as e: raise exceptions.NotFound(error.GATEWAY_NOT_FOUND) gateway_util = SceneHandler(request.user).get_gateway_util(scene_gateway) try: gateway_util.remove_firewall_rule(firewall_rule) except SceneException as e: raise exceptions.PermissionDenied(e.message) return Response(status=status.HTTP_204_NO_CONTENT)
def create(self, validated_data): """Add desserts to cart.""" # Get current user user = self.context['request'].user # Get current car items current_cart = CartItem.objects.filter(owner=user) current_cart_items_ids = map(lambda item: item.dessert_id, current_cart) # List to prepare items in-memory for bulk save cart_items = list() for dessert_data in validated_data['desserts']: dessert_id = dessert_data['dessert_id'] # Break and return 400 if a dessert already in cart if dessert_id in current_cart_items_ids: raise exceptions.ParseError( detail="Dessert (%s) alraedy exists in the cart" % dessert_id) return try: # Check if item_id added to cart is valid dessert_id else return 400 dessert = Dessert.objects.get( id=dessert_id) # FIXME: Bulk query instead of looping except Dessert.DoesNotExist: raise exceptions.ParseError(detail="No such Dessert ID (%s)" % dessert_id) return # Create CartItem in memory and add to cart_items list quantity = dessert_data['quantity'] cart_items.append( CartItem(owner=user, dessert=dessert, quantity=quantity)) # Bulk save cart_items to DB result = CartItem.objects.bulk_create(cart_items) # Merge recently added items with the current ones in 'shared_with'cart to resturn # response with all items in cart response = {'desserts': list(current_cart) + result} return response
def _parse_mac_to_queryset(mac, queryset): if not mac: return queryset try: mac = MacPrefix(mac, min_prefix_len=2) except ValueError as e: raise exceptions.ParseError("mac: %s" % e) low, high = mac[0], mac[-1] return queryset.extra(where=["mac BETWEEN %s AND %s"], params=[str(low), str(high)])
def destroy(self, request, *args, **kwargs): instance = self.get_object() try: self.perform_destroy(instance) return Response(status=status.HTTP_204_NO_CONTENT) except Exception as e: message = { "An error was encoutered when closing the request: %s" % e.message } logger.exception(e) raise exceptions.ParseError(detail=message)
def mount(self, request, pk=None): drive = self.get_object() try: storage_medium = StorageMedium.objects.get(pk=request.data['storage_medium']) except KeyError: raise exceptions.ParseError('Missing parameter storage_medium') except StorageMedium.DoesNotExist: raise exceptions.ParseError('Invalid storage_medium') if storage_medium.get_type() != TAPE: raise exceptions.ParseError('%s is not a tape' % storage_medium) RobotQueue.objects.get_or_create( user=self.request.user, storage_medium_id=storage_medium, tape_drive=drive, req_type=10, status__in=[0, 2], defaults={'status': 0} ) return Response()
def get_queryset(self): search_word = self.kwargs.get('search_word') if search_word is None: raise exceptions.ParseError( _('Please enter at least 2 characters.')) if search_word == "": raise exceptions.ParseError( _('Please enter at least 2 characters.')) if len(search_word) < 2: raise exceptions.ParseError( _('Please enter at least 2 characters.')) return Post.objects.filter( Q(subject__contains=search_word) | Q(text_content__contains=search_word) | Q(reply__text_content__contains=search_word)).order_by( '-%s' % self.kwargs.get('order')).all().annotate( reply_content=F('reply__content'))
def filter_queryset(self, request, queryset, view): """ Return a filtered queryset. """ if view.action == 'list': target_type = request.query_params.get('target_type') if target_type: try: target = get_target(target_type) except TargetDoesNotExist: raise exceptions.ParseError( "Unknown target_type {}".format(target_type)) return queryset.filter(target_content_type=target) raise exceptions.ParseError( _("Parameter 'target_type' is missing.")) return queryset
def post(self, request, *args, **kwarg): confirmation_id = kwarg.get('confirmation_id') try: subscription = Subscription.objects.get( confirmation_id=confirmation_id) except Subscription.DoesNotExist: raise exceptions.ParseError(detail="ConfirmationId is invalid") if self.is_confirmation_expired(subscription): raise exceptions.ParseError(detail="ConfirmationId is expired") isSubscribed = subscription.subscribed if isSubscribed is True: subscription.updated_at = timezone.now() else: subscription.subscribed = True subscription.subscribed_at = timezone.now() subscription.confirmation_id = None subscription.confirmation_requested_at = None subscription.save() return Response(status=200 if isSubscribed is True else 201)
def attend_class_time(request, lesson_id, **kwargs): try: seconds = int(request.query_params.get('seconds')) if seconds <= 0 or seconds > 60 * 3: raise Exception() lesson = Lesson.objects.filter(pk=lesson_id) except Exception as e: raise exceptions.ParseError() add_attend_class_time(request.user, lesson, seconds) return response.Response()
def _filter_queryset(self, queryset): """Filter queryset by queryparameters. Filtering is supported by ``name``, ``collection``, ``entities`` and ``positions``. If ``positions`` parameter is given, it is combined with coresponding id in ``samples`` parameter and relations are filtered by (sample, position) pairs. Because of this, if ``positions`` is given, also ``samples`` must be given and they must be of the same length. NOTE: Because of complex filtering requirements it is not possible to use django_restframework_filters (at least not in a straight foreward way) """ # query_params must be casted to dict, otherwise list values cannot be retrieved query_params = dict(self.request.query_params) id_ = query_params.get('id', None) relation_type = query_params.get('type', None) label = query_params.get('label', None) entities = query_params.get('entity', None) positions = query_params.get('position', None) collection = query_params.get('collection', None) if id_: queryset = queryset.filter(id=id_[0]) if relation_type: queryset = queryset.filter(type__name=relation_type[0]) if label: queryset = queryset.filter(label=label[0]) if positions is not None and (entities is None or len(positions) != len(entities)): raise exceptions.ParseError( 'If `positions` query parameter is given, also `entities` ' 'must be given and they must be of the same length.') if collection: queryset = queryset.filter(collection__pk=collection[0]) if entities: for entity, position in six.moves.zip_longest( entities, positions or []): filter_params = {'entities__pk': entity} if position: filter_params['positioninrelation__position'] = position queryset = queryset.filter(**filter_params) return queryset
def change_email(self, request, serializer): code = serializer.validated_data.get("verify_code", None) if code is None: verify_phone(serializer.validated_data['email']) return Response(status=status.HTTP_204_NO_CONTENT) else: if verify_phone(serializer.validated_data['email'], code): self.object.username = serializer.validated_data['email'] self.object.save() return Response(status=status.HTTP_204_NO_CONTENT) else: raise exceptions.ParseError(detail="verify code not valid.")
def new_structure(self, request, pk=None): try: name = request.data['name'] except KeyError: raise exceptions.ParseError('Missing "name" parameter') with transaction.atomic(): structure = Structure.objects.create(name=name) tag = self.get_tag_object() tag.get_active_structure().create_new(structure) return Response()
def update(self, request, pk, *args, **kwargs): if 'xls_file' in request.FILES or 'text_xls_form' in request.data: # A new XLSForm has been uploaded and will replace the existing # form existing_xform = get_object_or_404(XForm, pk=pk) # Behave like `onadata.apps.main.views.update_xform`: only allow # the update to proceed if the user is the owner owner = existing_xform.user if request.user.pk != owner.pk: raise exceptions.PermissionDenied( detail=_("Only a form's owner can overwrite its contents")) survey = utils.publish_xlsform(request, owner, existing_xform) if not isinstance(survey, XForm): if isinstance(survey, dict) and 'text' in survey: # Typical error text; pass it along raise exceptions.ParseError(detail=survey['text']) else: # Something odd; hopefully it can be coerced into a string raise exceptions.ParseError(detail=survey) # Let the superclass handle updates to the other fields return super(XFormViewSet, self).update(request, pk, *args, **kwargs)
def retry(self, request, pk=None): obj = self.get_object() if obj.status not in celery_states.EXCEPTION_STATES: raise exceptions.ParseError('Only failed tasks can be retried') root = obj.get_root_step() if root is not None: root.resume() else: obj.retry() return Response({'status': 'retries task'})
def _validate_vote_value(self, vote): if vote is None: raise exceptions.ParseError(detail={ 'detail': f'A vote_value must be provided in the json data.' }) try: vote = int(vote) if not vote in [-1, 0, 1]: raise exceptions.ParseError( detail={ 'detail': f'Vote value \'{vote}\' outside allowed range (-1<=vote<=1).' }) except ValueError: raise exceptions.ParseError( detail={ 'detail': f'The vote value must be an integer: -1 | 0 | 1.' }) return vote
def create(self, request, *args, **kwargs): user = request.user data = request.data subscribed_event_id = self.get_event_id(data) if not subscribed_event_id: raise exceptions.ParseError( 'Please, transmit event as dict or str.') subscribed_event = self.get_obj_by_id(subscribed_event_id, Event) if not subscribed_event.is_available_for_subscription: raise exceptions.PermissionDenied('Too late to subscribe.') response = self.create_subscription(user, subscribed_event) return response