def validate(self, attrs):
user = AuthHelper.authenticate(attrs.get('auth_user'),
attrs.get('auth_token'))
task = attrs.get('task')
AuthHelper.authorize(user, task.column.board.team_id)
self.instance = task.id
return task
def validate(self, attrs):
user = AuthHelper.authenticate(attrs.get('auth_user'),
attrs.get('auth_token'))
board = attrs.get('board')
if len(board.team.board_set.all()) <= 1:
raise CustomAPIException(
'board', 'You cannot delete the last remaining board.',
status.HTTP_400_BAD_REQUEST)
AuthHelper.authorize(user, board.team_id)
return board
def validate(self, attrs):
authenticated_user = AuthHelper.authenticate(attrs.pop('auth_user'),
attrs.pop('auth_token'))
user = attrs.get('user')
AuthHelper.authorize(authenticated_user, user.team_id)
if user.is_admin:
raise CustomAPIException(
'username', 'Admins cannot be deleted from their teams.',
status.HTTP_403_FORBIDDEN)
return user
def validate(self, attrs):
user = AuthHelper.authenticate(attrs.get('auth_user'),
attrs.get('auth_token'))
board = attrs.get('board')
AuthHelper.authorize(user, board.team_id)
payload = attrs.get('payload')
board_serializer = BoardSerializer(board, data=payload, partial=True)
board_serializer.is_valid(raise_exception=True)
self.instance = board
return payload
def validate(self, attrs):
user = AuthHelper.authenticate(attrs.pop('auth_user'),
attrs.pop('auth_token'))
attrs['user'] = user
column = attrs.pop('column')
if user.team_id != column.board.team_id:
raise AuthHelper.AUTHORIZATION_ERROR
self.instance = column
return attrs
def validate(self, attrs):
user = AuthHelper.authenticate(attrs.get('auth_user'),
attrs.get('auth_token'))
team = attrs.get('team')
AuthHelper.authorize(user, team.id)
board_name = attrs.get('name')
board_serializer = BoardSerializer(data={
'team': team.id,
'name': board_name,
})
if not board_serializer.is_valid():
raise ValidationError({'board': board_serializer.errors})
return {
'board_name': board_name,
'team_id': team.id,
'team_admin': team.user_set.get(username=user.username)
}
def validate(self, attrs):
authenticated_user = AuthHelper.authenticate(attrs.pop('auth_user'),
attrs.pop('auth_token'))
board = attrs.get('board')
try:
user = board.team.user_set.get(username=attrs.get('username'))
except User.DoesNotExist:
raise CustomAPIException('username', 'User not found.',
status.HTTP_404_NOT_FOUND)
AuthHelper.authorize(authenticated_user, user.team_id)
self.instance = {
'user': user,
'board': board,
'is_active': attrs.get('is_active')
}
return attrs
def validate(self, attrs):
user = AuthHelper.authenticate(attrs.get('auth_user'),
attrs.get('auth_token'))
subtask = attrs.get('subtask')
if not user.is_admin and subtask.task.user != user \
or subtask.task.column.board.team_id != user.team.id:
raise AuthHelper.AUTHORIZATION_ERROR
data = attrs.get('data')
if 'title' in data.keys():
self.validate_title(data.get('title'))
if 'done' in data.keys():
self.validate_done(data.get('done'))
if 'order' in data.keys():
self.validate_order(data.get('order'))
serializer = SubtaskSerializer(subtask, data=data, partial=True)
if serializer.is_valid(raise_exception=True):
self.instance = subtask
return data
def validate(self, attrs):
user = AuthHelper.authenticate(attrs.get('auth_user'),
attrs.get('auth_token'))
column = attrs.get('column')
AuthHelper.authorize(user, column.board.team_id)
return attrs