def check_api_permissions(self, request, *args, **kwargs):
if not isinstance(request.user, auth_models.AbstractUser):
raise CoolAPIException(ErrorCode.ERR_AUTH_NOLOGIN)
if not request.user.is_active or not request.user.is_staff:
raise CoolAPIException(ErrorCode.ERR_AUTH_PERMISSION)
if self.need_superuser:
if not request.user.is_superuser:
raise CoolAPIException(ErrorCode.ERR_AUTH_PERMISSION)
def check_api_permissions(self, request, *args, **kwargs):
super(RoomBase, self).check_api_permissions(request, *args, **kwargs)
room = models.Room.objects.filter(pk=request.params.room_id).first()
if room is None:
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
setattr(self, 'room', room)
if self.check_manager:
if room.create_user_id != request.user.pk:
raise CoolAPIException(ErrorCode.ERROR_PERMISSION)
def check_api_permissions(self, request, *args, **kwargs):
super(RoomBase, self).check_api_permissions(request, *args, **kwargs)
room = models.Room.get_obj_by_pk_from_cache(request.params.room_id)
if room is None:
raise CoolAPIException(ErrorCode.ERR_MEETING_ROOM_NOT_FOUND)
setattr(self, 'room', room)
if self.check_manager:
if room.create_user_id != request.user.pk:
raise CoolAPIException(ErrorCode.ERROR_PERMISSION)
def check_api_permissions(self, request, *args, **kwargs):
super(MeetingBase, self).check_api_permissions(request, *args, **kwargs)
meeting = models.Meeting.objects.filter(pk=request.params.meeting_id).first()
if meeting is None:
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
setattr(self, 'meeting', meeting)
if self.check_manager:
if meeting.user_id != request.user.pk and (
not meeting.room.create_user_manager or request.user.pk != meeting.room.create_user_id
):
raise CoolAPIException(ErrorCode.ERROR_PERMISSION)
def check_api_permissions(self, request, *args, **kwargs):
super(MeetingBase, self).check_api_permissions(request, *args,
**kwargs)
meeting = models.Meeting.get_obj_by_pk_from_cache(
request.params.meeting_id)
if meeting is None:
raise CoolAPIException(ErrorCode.ERR_MEETING_NOT_FOUND)
setattr(self, 'meeting', meeting)
if self.check_manager:
if meeting.user_id != request.user.pk and (
not meeting.room.create_user_manager
or request.user.pk != meeting.room.create_user_id):
raise CoolAPIException(ErrorCode.ERROR_PERMISSION)
def get_context(self, request, *args, **kwargs):
follow = models.UserFollowRoom.objects.filter(
room_id=request.params.room_id, user_id=request.user.pk).first()
if follow is None:
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
follow.delete()
return {}
def get_context(self, request, *args, **kwargs):
attendee = models.MeetingAttendee.objects.filter(
meeting_id=request.params.meeting_id, user_id=request.user.pk)
if attendee is None:
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
attendee.delete()
return self.meeting
def get_context(self, request, *args, **kwargs):
user = authenticate(self,
base_username=request.params.username,
base_password=request.params.password)
if user is None:
raise CoolAPIException(ErrorCode.ERR_DEMO_NOTFOUND)
login(request, user)
return serializer.UserSerializer(user, request=request).data
def get_context(self, request, *args, **kwargs):
session = biz.wechat.wxa.code_to_session(request.params.js_code)
wxa_user, new = models.User.objects.get_or_create(
openid=session['openid'])
wxa_user.set_info(session)
login_user = authenticate(request, openid=wxa_user.openid)
if login_user is None:
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
login(request, login_user)
return serializer.UserSerializer(wxa_user, request=request).data
def get_context(self, request, *args, **kwargs):
if request.params.encrypted_data or request.params.iv:
try:
data = biz.decrypt_message(request.user.session_key,
request.params.iv,
request.params.encrypted_data)
except Exception:
utils.exception_logging.exception("decrypt_message",
extra={'request': request})
raise CoolAPIException(ErrorCode.ERROR_SYSTEM)
request.user.set_info(data)
return serializer.UserSerializer(request.user, request=request).data
def get_context(self, request, *args, **kwargs):
if request.params.start_time >= request.params.end_time:
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
if not self.time_ok(request.params.start_time) or not self.time_ok(
request.params.end_time):
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
now = datetime.datetime.now()
if request.params.date == now.date(
) and request.params.start_time < now.time():
raise CoolAPIException(ErrorCode.ERR_MEETING_ROOM_TIMEOVER)
with transaction.atomic():
if models.Meeting.objects.filter(
room_id=request.params.room_id,
date=request.params.date).filter(
(Q(start_time__lte=request.params.start_time)
& Q(end_time__gt=request.params.start_time))
| (Q(start_time__lt=request.params.end_time)
& Q(end_time__gte=request.params.end_time))
| (Q(start_time__lte=request.params.start_time)
& Q(start_time__gt=request.params.end_time))
| (Q(end_time__lt=request.params.start_time)
& Q(end_time__gte=request.params.end_time))
).select_for_update().exists():
raise CoolAPIException(ErrorCode.ERR_MEETING_ROOM_INUSE)
meeting = models.Meeting.objects.create(
user_id=request.user.pk,
room_id=request.params.room_id,
name=request.params.name,
description=request.params.description,
date=request.params.date,
start_time=request.params.start_time,
end_time=request.params.end_time,
)
models.MeetingAttendee.objects.create(user_id=request.user.pk,
meeting_id=meeting.pk)
self.get_room_follow(request.params.room_id, request.user.pk)
return serializer.MeetingDetailSerializer(meeting,
request=request).data
def get_context(self, request, *args, **kwargs):
if len(request.params.room_ids) > 10:
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
d = datetime.date.today()
if request.params.date is not None:
d = request.params.date
rooms = list(sorted(models.Room.objects.filter(
id__in=request.params.room_ids), key=lambda x: request.params.room_ids.index(x.id)
))
meetings = models.Meeting.objects.filter(room_id__in=request.params.room_ids, date=d).order_by('start_time')
ret = self.get_date_time_settings()
ret.update({
'rooms': serializer.RoomSerializer(rooms, request=request, many=True).data,
'meetings': serializer.MeetingSerializer(meetings, request=request, many=True).data
})
return ret
def get_obj(self, request, queryset=None):
if queryset is None:
queryset = self.model.objects.all()
blank = True
param_fields = [(self.get_model_field_info().pk.name,
self.get_model_field_info().pk.name)]
param_fields.extend(self.get_field_detail(self.ex_unique_ids))
for req_name, field_name in param_fields:
field = getattr(request.params, req_name)
if field is not None:
blank = False
queryset = queryset.filter(**{field_name: field})
if blank:
raise CoolAPIException(
ErrorCode.ERROR_BAD_PARAMETER,
data=_("{fields} cannot be empty at the same time").format(
fields=",".join(map(lambda x: x[0], param_fields))))
return queryset.first()
def check_api_permissions(self, request, *args, **kwargs):
if not isinstance(request.user, models.User):
raise CoolAPIException(ErrorCode.ERR_DEMO_NOLOGIN)
for permission in self.need_permissions:
if not request.user.has_perm(permission):
raise CoolAPIException(ErrorCode.ERR_DEMO_PERMISSION)
def get_context(self, request, *args, **kwargs):
if len(request.params.room_id) > 50:
raise CoolAPIException(ErrorCode.ERROR_BAD_PARAMETER)
for room_id in request.params.room_id:
self.get_room_follow(room_id, request.user.pk).un_delete()
return {}
def check_api_permissions(self, request, *args, **kwargs):
super(UserBaseView,
self).check_api_permissions(request, *args, **kwargs)
if not isinstance(request.user, models.User):
raise CoolAPIException(ErrorCode.ERR_WECHAT_LOGIN)