def project_members(request, project_uuid):
project = get_object_or_404(Project, pk=project_uuid)
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
if "user_id" in data:
if not ProjectMemberRole.objects.filter(
project_id=project_uuid, user_id=data["user_id"]
):
user = User.objects.filter(id=data["user_id"])
if not user:
return HttpResponse(
"No user found with this id", status=status.HTTP_404_NOT_FOUND
)
project = Project.objects.filter(uuid=project_uuid).first()
project.members.add(user.first(), through_defaults={"is_admin": False})
serializer = ProjectSerializer(project)
return JsonResponse(serializer.data)
return HttpResponse(
"The user is already a member of the project",
status=status.HTTP_400_BAD_REQUEST,
)
return HttpResponse(
"You must provide a user_id", status=status.HTTP_400_BAD_REQUEST
)
def project_member_detail(request, project_uuid, user_id):
project = get_object_or_404(Project, pk=project_uuid)
check_if_admin_of_project(request.user.id, project.uuid)
project_member = ProjectMemberRole.objects.filter(
project_id=project_uuid, user_id=user_id
)
if not project_member:
return HttpResponse(
"No project member was found", status=status.HTTP_404_NOT_FOUND
)
if request.method == "PUT":
data = JSONParser().parse(request)
if "is_admin" in data and type(data["is_admin"]) is bool:
project_member.update(is_admin=data["is_admin"])
serializer = ProjectMemberRoleSerializer(project_member.first())
return JsonResponse(serializer.data)
return HttpResponse(
"Please provide a valid 'is_admin' value.",
status=status.HTTP_400_BAD_REQUEST,
)
elif request.method == "DELETE":
project_member.delete()
return JsonResponse({}, status=status.HTTP_204_NO_CONTENT)
def project_audit_parameters_detail(request, project_uuid, audit_parameters_uuid):
project = get_object_or_404(Project, pk=project_uuid)
audit_parameters = get_object_or_404(
ProjectAuditParameters, pk=audit_parameters_uuid
)
check_if_member_of_project(request.user.id, project.uuid)
if audit_parameters.project != project:
return JsonResponse({}, status=status.HTTP_400_BAD_REQUEST)
if request.method == "GET":
serializer = ProjectAuditParametersSerializer(audit_parameters)
return JsonResponse(serializer.data)
elif request.method == "PUT":
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = ProjectAuditParametersSerializer(audit_parameters, data=data)
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data)
return JsonResponse(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
elif request.method == "DELETE":
check_if_admin_of_project(request.user.id, project.uuid)
audit_parameters.delete()
return JsonResponse({}, status=status.HTTP_204_NO_CONTENT)
def project_scripts(request, project_uuid):
project = Project.objects.get(uuid=project_uuid)
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = ScriptSerializer(data=data)
if serializer.is_valid():
script = Script.objects.create(project=project, **serializer.validated_data)
script.save()
return JsonResponse(
{"uuid": script.uuid, **serializer.data}, status=status.HTTP_201_CREATED
)
return JsonResponse(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def project_audit_parameter_list(request, project_uuid):
project = Project.objects.get(uuid=project_uuid)
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = ProjectAuditParametersSerializer(data=data)
if serializer.is_valid():
audit_parameter = ProjectAuditParameters.objects.create(
project=project, **serializer.validated_data)
audit_parameter.save()
serializer = ProjectAuditParametersSerializer(audit_parameter)
return JsonResponse(serializer.data, status=status.HTTP_201_CREATED)
return JsonResponse(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def project_page_list(request, project_uuid):
project = Project.objects.get(uuid=project_uuid)
check_if_member_of_project(request.user.id, project.uuid)
if request.method == "GET":
pages = project.pages.all()
serializer = PageSerializer(pages, many=True)
return JsonResponse(serializer.data, safe=False)
elif request.method == "POST":
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = PageSerializer(data=data)
if serializer.is_valid():
page = Page.objects.create(project=project, **serializer.validated_data)
page.save()
return JsonResponse(
{"uuid": page.uuid, **serializer.data}, status=status.HTTP_201_CREATED
)
return JsonResponse(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def project_detail(request, project_uuid):
project = get_object_or_404(Project, pk=project_uuid)
check_if_member_of_project(request.user.id, project.uuid)
if request.method == "GET":
if is_admin_of_project(request.user.id, project.uuid):
serializer = ProjectSerializer(
project, context={"user_id": request.user.id})
return JsonResponse(serializer.data)
serializer = ProjectSerializer(
project,
fields=(
"uuid",
"name",
"project_members",
"pages",
"scripts",
"audit_parameters_list",
"screenshot_url",
"latest_audit_at",
),
context={"user_id": request.user.id},
)
return JsonResponse(serializer.data)
elif request.method == "PUT":
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = ProjectSerializer(project,
data=data,
partial=True,
context={"user_id": request.user.id})
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data)
return JsonResponse(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
elif request.method == "DELETE":
check_if_admin_of_project(request.user.id, project.uuid)
project.delete()
return JsonResponse({}, status=status.HTTP_204_NO_CONTENT)
def project_script_detail(request, project_uuid, script_uuid):
project = get_object_or_404(Project, pk=project_uuid)
script = get_object_or_404(Script, pk=script_uuid)
check_if_member_of_project(request.user.id, project.uuid)
if script.project != project:
return JsonResponse({}, status=status.HTTP_400_BAD_REQUEST)
elif request.method == "PUT":
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = ScriptSerializer(script, data=data)
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data)
return JsonResponse(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
elif request.method == "DELETE":
check_if_admin_of_project(request.user.id, project.uuid)
script.delete()
return JsonResponse({}, status=status.HTTP_204_NO_CONTENT)
