def obj_create(self, bundle, **kwargs): """ obj_create() with permissions and overlapping checks. Sets the 'by' field to the request's user. """ bundle.obj = self._meta.object_class() for key, value in kwargs.items(): setattr(bundle.obj, key, value) bundle = self.full_hydrate(bundle) m2m_bundle = self.hydrate_m2m(bundle) # XXX: BEGIN self.authorized_create_detail(self.get_object_list(bundle.request), bundle) assets = [] for asset_bundle in m2m_bundle.data['assets']: assets.append(asset_bundle.obj) if is_overlapped(dict(start=bundle.obj.start, end=bundle.obj.end), assets=assets): raise ImmediateHttpResponse(response=HttpConflict()) # Check to see if all targeted assets are reservable by this user. if private_asset_check(bundle.request.user, assets): raise ImmediateHttpResponse(response=HttpConflict()) if not hasattr(bundle.obj, 'to') or not bundle.obj.to: setattr(bundle.obj, 'to', bundle.request.user) bundle.obj.by = bundle.request.user # XXX: END bundle.obj.save() # Now pick up the M2M bits. self.save_m2m(m2m_bundle) return bundle
def obj_update(self, bundle, **kwargs): """ obj_update() with permissions and overlapping checks. Sets the 'by' field to the request's user. """ if not bundle.obj or not bundle.obj.pk: try: bundle.obj = self.get_object_list(bundle.request).model() bundle.data.update(kwargs) bundle = self.full_hydrate(bundle, update=True) lookup_kwargs = kwargs.copy() lookup_kwargs.update(dict( (k, getattr(bundle.obj, k)) for k in kwargs.keys() if getattr(bundle.obj, k) is not None)) except: # if there is trouble hydrating the data, fall back to just # using kwargs by itself (usually it only contains a "pk" key # and this will work fine. lookup_kwargs = kwargs try: bundle.obj = self.get_object_list(bundle.request).get(**lookup_kwargs) except ObjectDoesNotExist: raise NotFound("A model instance matching the provided arguments could not be found.") bundle = self.full_hydrate(bundle, update=True) # XXX: BEGIN if not hasattr(bundle.obj, 'to') or not bundle.obj.to: setattr(bundle.obj, 'to', bundle.request.user) bundle.obj.by = bundle.request.user if is_overlapped(dict(start=bundle.obj.start, end=bundle.obj.end), event=bundle.obj): raise ImmediateHttpResponse(response=HttpConflict()) # Check to see if all targeted assets are reservable by this user. ret = private_asset_check(bundle.request.user, bundle.obj.assets.all()) if ret: raise ImmediateHttpResponse(response=HttpConflict("Asset %s is private and can't be reserved." % ret)) self.authorized_update_detail(self.get_object_list(bundle.request), bundle) # XXX: END bundle.obj.save() # Now pick up the M2M bits. m2m_bundle = self.hydrate_m2m(bundle, update=True) self.save_m2m(m2m_bundle, update=True) return bundle