def retrieve(self, request, *args, **kwargs): qs = self.get_queryset() if self.action == "by_slug": self.lookup_field = "slug" # If we retrieve the project by slug we want to filter by user the # permissions and return 404 in case the user don't have access flt = filters.get_filter_expression_can_view_projects(request.user) qs = qs.filter(flt) self.object = get_object_or_error(qs, request.user, **kwargs) self.check_permissions(request, 'retrieve', self.object) if self.object is None: raise Http404 serializer = self.get_serializer(self.object) return response.Ok(serializer.data)
def filter_queryset(self, request, queryset, view): project_id = None # Filter by filter_fields if (hasattr(view, "filter_fields") and "project" in view.filter_fields and "project" in request.QUERY_PARAMS): try: project_id = int(request.QUERY_PARAMS["project"]) except: logger.error( "Filtering project diferent value than an integer: {}". format(request.QUERY_PARAMS["project"])) raise exc.BadRequest(_("'project' must be an integer value.")) filter_expression = get_filter_expression_can_view_projects( request.user, project_id) qs = queryset.filter(filter_expression) return super().filter_queryset(request, qs, view)
def retrieve(self, request, *args, **kwargs): qs = self.get_queryset() if self.action == "by_slug": self.lookup_field = "slug" # If we retrieve the project by slug we want to filter by user the # permissions and return 404 in case the user don't have access flt = filters.get_filter_expression_can_view_projects( self.request.user) qs = qs.filter(flt) self.object = get_object_or_404(qs, **kwargs) self.check_permissions(request, 'retrieve', self.object) if self.object is None: raise Http404 serializer = self.get_serializer(self.object) return response.Ok(serializer.data)
def filter_queryset(self, request, queryset, view): project_id = None # Filter by filter_fields if (hasattr(view, "filter_fields") and "project" in view.filter_fields and "project" in request.QUERY_PARAMS): try: project_id = int(request.QUERY_PARAMS["project"]) except: logger.error("Filtering project diferent value than an integer: {}".format( request.QUERY_PARAMS["project"] )) raise exc.BadRequest(_("'project' must be an integer value.")) filter_expression = get_filter_expression_can_view_projects( request.user, project_id) qs = queryset.filter(filter_expression) return super().filter_queryset(request, qs, view)