class UserProfileResource(ConditionalFullResource):
organisation = ConditionalFullToOneField(
'akvo.api.resources.OrganisationResource', 'organisation')
user = ConditionalFullToOneField('akvo.api.resources.UserResource', 'user')
class Meta:
authentication = ApiKeyAuthentication()
allowed_methods = ['get']
queryset = UserProfile.objects.filter(user__is_active=True)
resource_name = 'user_profile'
fields = [
'organisation',
'user',
]
filtering = dict(
# foreign keys
user=ALL_WITH_RELATIONS,
organisation=ALL_WITH_RELATIONS,
)
def get_object_list(self, request):
""" Limit access to the users in your own organisation
"""
organisation = request.user.get_profile().organisation
return UserProfile.objects.filter(organisation=organisation)
def dehydrate(self, bundle):
""" Add meta fields showing if the user profile is an organisation admin or an organisation editor
"""
bundle = super(UserProfileResource, self).dehydrate(bundle)
bundle.data['is_org_admin'] = bundle.obj.get_is_org_admin()
bundle.data['is_org_editor'] = bundle.obj.get_is_org_editor()
return bundle
class PartnershipResource(ConditionalFullResource):
organisation = ConditionalFullToOneField('akvo.api.resources.OrganisationResource', 'organisation')
project = ConditionalFullToOneField('akvo.api.resources.ProjectResource', 'project')
def __init__(self, api_name=None):
""" override to be able to create custom help_text on the partner_type field
"""
super(PartnershipResource, self).__init__(api_name=None)
self.fields['partner_type'].help_text = "Uses the following key-value pair list: {%s}" % ', '.join(
['"%s": "%s"' % (k, v) for k, v in Partnership.PARTNER_TYPES]
)
class Meta:
allowed_methods = ['get']
queryset = Partnership.objects.all()
resource_name = 'partnership'
filtering = dict(organisation=ALL_WITH_RELATIONS)
filtering = dict(
# other fields
iati_activity_id = ALL,
internal_id = ALL,
partner_type = ALL,
# foreign keys
organisation = ALL_WITH_RELATIONS,
project = ALL_WITH_RELATIONS,
)
class BudgetItemResource(ConditionalFullResource):
label = ConditionalFullToOneField('akvo.api.resources.BudgetItemLabelResource', 'label', full=True)
project = ConditionalFullToOneField('akvo.api.resources.ProjectResource', 'project')
class Meta:
allowed_methods = ['get']
queryset = BudgetItem.objects.all()
resource_name = 'budget_item'
filtering = dict(
# foreign keys
label = ALL_WITH_RELATIONS,
project = ALL_WITH_RELATIONS,
)
class InvoiceResource(ConditionalFullResource):
project = ConditionalFullToOneField('akvo.api.resources.ProjectResource',
'project')
class Meta:
max_limit = 10
allowed_methods = ['get']
queryset = Invoice.objects.filter(
status__exact=Invoice.PAYPAL_INVOICE_STATUS_COMPLETE)
resource_name = 'invoice'
fields = [
'amount',
'amount_received',
'is_anonymous',
]
filtering = dict(
# foreign keys
project=ALL_WITH_RELATIONS,
user=ALL_WITH_RELATIONS,
)
def dehydrate(self, bundle):
""" Add name and email for non-anonymous donators
"""
bundle = super(InvoiceResource, self).dehydrate(bundle)
if not bundle.obj.is_anonymous:
# bundle.data['email'] = bundle.obj.email
bundle.data['name'] = bundle.obj.name
return bundle
class PartnerSiteResource(ConditionalFullResource):
organisation = ConditionalFullToOneField(
'akvo.api.resources.OrganisationResource', 'organisation',
)
keywords = ConditionalFullToManyField(
'akvo.api.resources.KeywordResource', 'keywords',
)
class Meta:
max_limit = 10
allowed_methods = ['get']
queryset = PartnerSite.objects.all()
resource_name = 'partner_site'
fields = [
'id',
'organisation',
'hostname',
'cname',
'enabled',
'ui_translation',
'google_translation',
'partner_projects',
'keywords',
]
filtering = dict(
hostname = ALL,
cname = ALL,
enabled = ALL,
ui_translation = ALL,
google_translation = ALL,
partner_projects = ALL,
keywords = ALL_WITH_RELATIONS,
organisation = ALL_WITH_RELATIONS,
)
class ProjectLocationResource(ConditionalFullResource):
project = ConditionalFullToOneField(ProjectResource, 'location_target')
country = ConditionalFullToOneField(CountryResource, 'country')
class Meta:
allowed_methods = ['get']
queryset = ProjectLocation.objects.all()
resource_name = 'project_location'
filtering = dict(
# other fields
latitude = ALL,
longitude = ALL,
primary = ALL,
# foreign keys
country = ALL_WITH_RELATIONS,
project = ALL_WITH_RELATIONS,
)
class ProjectUpdateResource(ConditionalFullResource):
photo = Base64FileField("photo", blank=True, null=True)
project = ConditionalFullToOneField('akvo.api.resources.ProjectResource',
'project')
user = ConditionalFullToOneField('akvo.api.resources.UserResource', 'user')
class Meta:
max_limit = 10
allowed_methods = ['get', 'post']
authorization = Authorization()
authentication = ConditionalApiKeyAuthentication(
methods_requiring_key=['POST'])
validation = ModelFormValidation(form_class=ProjectUpdateModelForm)
queryset = ProjectUpdate.objects.all()
resource_name = 'project_update'
include_absolute_url = True
always_return_data = True
filtering = dict(
# other fields
created_at=ALL,
last_modified_at=ALL,
title=ALL,
update_method=ALL,
uuid=ALL,
photo=ALL,
# foreign keys
project=ALL_WITH_RELATIONS,
user=ALL_WITH_RELATIONS,
)
def dehydrate(self, bundle):
""" Revert the field names "created_at" and "last_modified_at" to the old "time" and "time_last_updated"
respectively to keep the API signature stable
"""
# TODO: remove this for v2 of API
bundle = super(ProjectUpdateResource, self).dehydrate(bundle)
bundle.data['time'] = bundle.data['created_at']
bundle.data['time_last_updated'] = bundle.data['last_modified_at']
del bundle.data['created_at']
del bundle.data['last_modified_at']
if isinstance(bundle.data['time'], bool): bundle.data['time'] = None
if isinstance(bundle.data['time_last_updated'], bool):
bundle.data['time_last_updated'] = None
return bundle
class BenchmarkResource(ConditionalFullResource):
project = ConditionalFullToOneField('akvo.api.resources.ProjectResource',
'project')
category = ConditionalFullToOneField('akvo.api.resources.CategoryResource',
'category')
name = ConditionalFullToOneField(
'akvo.api.resources.BenchmarknameResource', 'name', full=True)
class Meta:
allowed_methods = ['get']
queryset = Benchmark.objects.all()
resource_name = 'benchmark'
filtering = dict(
# foreign keys
category=ALL_WITH_RELATIONS,
name=ALL_WITH_RELATIONS,
project=ALL_WITH_RELATIONS,
)
class OrganisationLocationResource(ConditionalFullResource):
organisation = ConditionalFullToOneField(OrganisationResource,
'location_target')
country = ConditionalFullToOneField(CountryResource, 'country')
class Meta:
max_limit = 10
allowed_methods = ['get']
queryset = OrganisationLocation.objects.all()
resource_name = 'organisation_location'
filtering = dict(
# other fields
latitude=ALL,
longitude=ALL,
primary=ALL,
# foreign keys
organisation=ALL_WITH_RELATIONS,
country=ALL_WITH_RELATIONS,
)
class GoalResource(ConditionalFullResource):
project = ConditionalFullToOneField('akvo.api.resources.ProjectResource',
'project')
class Meta:
allowed_methods = ['get']
queryset = Goal.objects.all()
resource_name = 'goal'
filtering = dict(
# foreign keys
project=ALL_WITH_RELATIONS, )
class ProjectCommentResource(ConditionalFullResource):
project = ConditionalFullToOneField('akvo.api.resources.ProjectResource', 'project')
class Meta:
allowed_methods = ['get']
queryset = ProjectComment.objects.all()
resource_name = 'project_comment'
filtering = dict(
# other fields
time = ALL,
# foreign keys
project = ALL_WITH_RELATIONS,
user = ALL_WITH_RELATIONS,
)
class MapLocationResource(ModelResource):
"""
Base class for locations used by the API driven many-pin maps,
OrganisationMapResource and ProjectMapResource
"""
country = ConditionalFullToOneField(CountryResource, 'country')
class Meta:
allowed_methods = ['get']
filtering = dict(
# other fields
latitude = ALL,
longitude = ALL,
primary = ALL,
# foreign keys
country = ALL_WITH_RELATIONS,
)
class UserResource(ConditionalFullResource):
user_profile = ConditionalFullToOneField('akvo.api.resources.UserProfileResource', 'userprofile', null=True)
class Meta:
authentication = ApiKeyAuthentication()
allowed_methods = ['get']
queryset = User.objects.filter(is_active=True)
resource_name = 'user'
fields = ['username', 'first_name', 'last_name', 'last_login',]
filtering = dict(
username = ALL,
# foreign keys
userprofile = ALL_WITH_RELATIONS,
)
def dehydrate(self, bundle):
""" Workaround for the overloading of 'username' when used in the query.
It is needed for the authentication, but the filtering machinery
intercepts and complains that the 'username' field doesn't allow filtering.
So instead of having username in the fields list we add it here
The adding is conditional, only add fields for users in the same organisation
as request.user which is the API key owner
For other users delete the user_profile field
"""
bundle = super(UserResource, self).dehydrate(bundle)
if self._meta.authentication.is_authenticated(bundle.request):
if getattr(bundle.request.user, 'get_profile', False):
# get the org of the API key owner
organisation = bundle.request.user.get_profile().organisation
else:
organisation = None
# find out if the user has a profile that's associated with the API key owner org
profile = UserProfile.objects.filter(organisation=organisation, user__id=bundle.obj.id)
if profile:
bundle.data['username'] = bundle.obj.username
bundle.data['email'] = bundle.obj.email
else:
del bundle.data['user_profile']
del bundle.data['username']
return bundle