def post(self, request, collection): """Create a new collection View to create a new collection and an associated bosskey for that collection Args: request: DRF Request object collection : Collection name Returns: Collection """ col_data = request.data.copy() col_data['name'] = collection # Save the object serializer = CollectionSerializer(data=col_data) if serializer.is_valid(): serializer.save(creator=self.request.user) collection_obj = Collection.objects.get(name=col_data['name']) # Assign permissions to the users primary group and admin group BossPermissionManager.add_permissions_primary_group(self.request.user, collection_obj) BossPermissionManager.add_permissions_admin_group(collection_obj) lookup_key = str(collection_obj.pk) boss_key = collection_obj.name LookUpKey.add_lookup(lookup_key, boss_key, collection_obj.name) return Response(serializer.data, status=status.HTTP_201_CREATED) else: return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT)
def delete(self, request, collection): """ Delete a collection Args: request: DRF Request object collection: Name of collection to delete Returns: Http status """ try: collection_obj = Collection.objects.get(name=collection) if request.user.has_perm("delete", collection_obj): # Are there experiments that reference it serializer = CollectionSerializer(collection_obj) if len(serializer.get_valid_experiments(collection_obj)) > 0: # This collection has experiments that reference it and cannot be deleted return BossHTTPError(" Collection {} has experiments that reference it and cannot be deleted." "Please delete the experiments first.".format(collection), ErrorCodes.INTEGRITY_ERROR) collection_obj.to_be_deleted = datetime.now() collection_obj.save() return HttpResponse(status=204) else: return BossPermissionError('delete', collection) except Collection.DoesNotExist: return BossResourceNotFoundError(collection) except ProtectedError: return BossHTTPError("Cannot delete {}. It has experiments that reference it.".format(collection), ErrorCodes.INTEGRITY_ERROR)
def put(self, request, collection): """ Update a collection using django rest framework Args: request: DRF Request object collection: Collection name Returns: Collection """ try: # Check if the object exists collection_obj = Collection.objects.get(name=collection) # Check for permissions if request.user.has_perm("update", collection_obj): serializer = CollectionSerializer(collection_obj, data=request.data, partial=True) if serializer.is_valid(): serializer.save() # update the lookup key if you update the name if 'name' in request.data and request.data['name'] != collection: lookup_key = str(collection_obj.pk) boss_key = request.data['name'] LookUpKey.update_lookup(lookup_key, boss_key, request.data['name']) return Response(serializer.data) else: return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT) else: return BossPermissionError('update', collection) except Collection.DoesNotExist: return BossResourceNotFoundError(collection)
def get(self, request, collection): """ Get a single instance of a collection Args: request: DRF Request object collection: Collection name specifying the collection you want Returns: Collection """ try: collection_obj = Collection.objects.get(name=collection) # Check for permissions if collection_obj is None: return BossResourceNotFoundError(collection) if collection_obj.public or request.user.has_perm( "read", collection_obj): if collection_obj.to_be_deleted is not None: return BossHTTPError( "Invalid Request. This Resource has been marked for deletion", ErrorCodes.RESOURCE_MARKED_FOR_DELETION) serializer = CollectionSerializer(collection_obj) data = serializer.data data['experiments'] = serializer.get_experiments_permissions( collection_obj, request.user) return Response(data, status=200) else: return BossPermissionError('read', collection) except Collection.DoesNotExist: return BossResourceNotFoundError(collection)
def list(self, request, *args, **kwargs): """ Display only objects that a user has access to Args: request: DRF request *args: **kwargs: Returns: Collections that user has view permissions on """ # queryset = self.get_queryset() collections = get_objects_for_user(request.user, 'read', klass=Collection) serializer = CollectionSerializer(collections, many=True) return Response(serializer.data)
def get(self, request, collection): """ Get a single instance of a collection Args: request: DRF Request object collection: Collection name specifying the collection you want Returns: Collection """ try: collection_obj = Collection.objects.get(name=collection) # Check for permissions if request.user.has_perm("read", collection_obj): serializer = CollectionSerializer(collection_obj) return Response(serializer.data, status=200) else: return BossPermissionError('read', collection) except Collection.DoesNotExist: return BossResourceNotFoundError(collection)