def post(self, request, collection):
"""Create a new collection
View to create a new collection and an associated bosskey for that collection
Args:
request: DRF Request object
collection : Collection name
Returns:
Collection
"""
col_data = request.data.copy()
col_data['name'] = collection
# Save the object
serializer = CollectionSerializer(data=col_data)
if serializer.is_valid():
serializer.save(creator=self.request.user)
collection_obj = Collection.objects.get(name=col_data['name'])
# Assign permissions to the users primary group and admin group
BossPermissionManager.add_permissions_primary_group(self.request.user, collection_obj)
BossPermissionManager.add_permissions_admin_group(collection_obj)
lookup_key = str(collection_obj.pk)
boss_key = collection_obj.name
LookUpKey.add_lookup(lookup_key, boss_key, collection_obj.name)
return Response(serializer.data, status=status.HTTP_201_CREATED)
else:
return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT)
def delete(self, request, collection):
"""
Delete a collection
Args:
request: DRF Request object
collection: Name of collection to delete
Returns:
Http status
"""
try:
collection_obj = Collection.objects.get(name=collection)
if request.user.has_perm("delete", collection_obj):
# Are there experiments that reference it
serializer = CollectionSerializer(collection_obj)
if len(serializer.get_valid_experiments(collection_obj)) > 0:
# This collection has experiments that reference it and cannot be deleted
return BossHTTPError(" Collection {} has experiments that reference it and cannot be deleted."
"Please delete the experiments first.".format(collection),
ErrorCodes.INTEGRITY_ERROR)
collection_obj.to_be_deleted = datetime.now()
collection_obj.save()
return HttpResponse(status=204)
else:
return BossPermissionError('delete', collection)
except Collection.DoesNotExist:
return BossResourceNotFoundError(collection)
except ProtectedError:
return BossHTTPError("Cannot delete {}. It has experiments that reference it.".format(collection),
ErrorCodes.INTEGRITY_ERROR)
def put(self, request, collection):
"""
Update a collection using django rest framework
Args:
request: DRF Request object
collection: Collection name
Returns:
Collection
"""
try:
# Check if the object exists
collection_obj = Collection.objects.get(name=collection)
# Check for permissions
if request.user.has_perm("update", collection_obj):
serializer = CollectionSerializer(collection_obj, data=request.data, partial=True)
if serializer.is_valid():
serializer.save()
# update the lookup key if you update the name
if 'name' in request.data and request.data['name'] != collection:
lookup_key = str(collection_obj.pk)
boss_key = request.data['name']
LookUpKey.update_lookup(lookup_key, boss_key, request.data['name'])
return Response(serializer.data)
else:
return BossHTTPError("{}".format(serializer.errors), ErrorCodes.INVALID_POST_ARGUMENT)
else:
return BossPermissionError('update', collection)
except Collection.DoesNotExist:
return BossResourceNotFoundError(collection)
def get(self, request, collection):
"""
Get a single instance of a collection
Args:
request: DRF Request object
collection: Collection name specifying the collection you want
Returns:
Collection
"""
try:
collection_obj = Collection.objects.get(name=collection)
# Check for permissions
if collection_obj is None:
return BossResourceNotFoundError(collection)
if collection_obj.public or request.user.has_perm(
"read", collection_obj):
if collection_obj.to_be_deleted is not None:
return BossHTTPError(
"Invalid Request. This Resource has been marked for deletion",
ErrorCodes.RESOURCE_MARKED_FOR_DELETION)
serializer = CollectionSerializer(collection_obj)
data = serializer.data
data['experiments'] = serializer.get_experiments_permissions(
collection_obj, request.user)
return Response(data, status=200)
else:
return BossPermissionError('read', collection)
except Collection.DoesNotExist:
return BossResourceNotFoundError(collection)
def list(self, request, *args, **kwargs):
"""
Display only objects that a user has access to
Args:
request: DRF request
*args:
**kwargs:
Returns: Collections that user has view permissions on
"""
# queryset = self.get_queryset()
collections = get_objects_for_user(request.user, 'read', klass=Collection)
serializer = CollectionSerializer(collections, many=True)
return Response(serializer.data)
def get(self, request, collection):
"""
Get a single instance of a collection
Args:
request: DRF Request object
collection: Collection name specifying the collection you want
Returns:
Collection
"""
try:
collection_obj = Collection.objects.get(name=collection)
# Check for permissions
if request.user.has_perm("read", collection_obj):
serializer = CollectionSerializer(collection_obj)
return Response(serializer.data, status=200)
else:
return BossPermissionError('read', collection)
except Collection.DoesNotExist:
return BossResourceNotFoundError(collection)