def perform_create(self, serializer): data = serializer.validated_data up = UserProfile.objects.get(user=self.request.user) users = [] relation, group = data.get('to_relation'), data.get('to_group') if relation is not None and group is not None: raise ValidationError( 'You cannot have a relation and a group for the same message, one should be null' ) if relation is not None: if not relation.requestStatus: raise ValidationError( 'You cannot send a message because the relation is not confirmed' ) if relation.coach != up and relation.trainee != up: raise ValidationError( 'You cannot send a message because you are not involved in this relation' ) if not relation.active: raise ValidationError('This relation is not active anymore') users.append(relation.trainee if relation.coach == up else relation.coach) if group is not None: if not is_user_in_group(up, group): raise ValidationError( 'You cannot send a message because you are not a member of this group' ) users = get_members(group) users.remove(up) m = serializer.save(from_user=up) scripts.sendGCMNewMessage(users=users, message=m)
def has_object_permission(self, request, view, obj): if request.method in permissions.SAFE_METHODS: return True else: if request.user.is_superuser: return True if request.user.is_authenticated(): up = UserProfile.objects.get(user=request.user) relation, group = obj.to_relation, obj.to_group if relation is not None : if relation.coach==up or relation.trainee==up : return True if group is not None : if is_user_in_group(up,group) : return True return False else: return False
def perform_create(self, serializer): data = serializer.validated_data up = UserProfile.objects.get(user=self.request.user) users = [] relation, group = data.get('to_relation'), data.get('to_group') if relation is not None and group is not None: raise ValidationError('You cannot have a relation and a group for the same message, one should be null') if relation is not None: if not relation.requestStatus: raise ValidationError('You cannot send a message because the relation is not confirmed') if relation.coach != up and relation.trainee != up: raise ValidationError('You cannot send a message because you are not involved in this relation') if not relation.active: raise ValidationError('This relation is not active anymore') users.append(relation.trainee if relation.coach == up else relation.coach) if group is not None: if not is_user_in_group(up, group): raise ValidationError('You cannot send a message because you are not a member of this group') users = get_members(group) users.remove(up) m = serializer.save(from_user=up) scripts.sendGCMNewMessage(users=users, message=m)