def get_object(self):
obj = get_object_or_404(self.get_queryset(), pk=self.kwargs['pk'])
# check whether the user has permission
viewables = IndicatorPeriodData.get_user_viewable_updates(
self.get_queryset().filter(pk=self.kwargs['pk']),
self.request.user
)
if viewables.count() == 0:
self.permission_denied(self.request)
return obj
def get_updates(self, obj):
user = self.context['request'].user
updates = IndicatorPeriodData.objects.filter(
period=obj).select_related(
'period',
'user',
'approved_by',
).prefetch_related('comments', 'comments__user')
updates = IndicatorPeriodData.get_user_viewable_updates(updates, user)
serializer = IndicatorPeriodDataFrameworkSerializer(updates, many=True)
return serializer.data
def get_updates(self, obj):
user = self.context['request'].user
updates = IndicatorPeriodData.objects.filter(period=obj).select_related(
'period',
'user',
'approved_by',
).prefetch_related(
'comments',
'comments__user'
)
updates = IndicatorPeriodData.get_user_viewable_updates(updates, user)
serializer = IndicatorPeriodDataFrameworkSerializer(updates, many=True)
return serializer.data
def viewable_indicator_updates(self, project_id):
if not hasattr(self, '_viewable_updates'):
self._viewable_updates = {}
if project_id not in self._viewable_updates:
from akvo.rsr.models import IndicatorPeriodData
project_updates = IndicatorPeriodData.objects.filter(
period__indicator__result__project_id=project_id)
viewable_updates = IndicatorPeriodData.get_user_viewable_updates(
project_updates, self)
self._viewable_updates[project_id] = viewable_updates
else:
viewable_updates = self._viewable_updates[project_id]
return viewable_updates
def get_queryset(self):
queryset = super(IndicatorPeriodDataFrameworkViewSet,
self).get_queryset()
return IndicatorPeriodData.get_user_viewable_updates(
queryset, self.request.user)
def filter_queryset(self, queryset):
queryset = super().filter_queryset(queryset)
queryset = IndicatorPeriodData.get_user_viewable_updates(
queryset, self.request.user
)
return queryset