def list(self, request, app_slug): """Return list of threads for the extension.""" form = forms.ExtensionSlugForm({'extension': app_slug}) if not form.is_valid(): # 404 if add-on with given slug/id not found. return Response('Add-on does not exist or no slug given', status=status.HTTP_404_NOT_FOUND) elif not user_has_perm_app(request.user, form.cleaned_data['extension']): # 403 if user does not have auth to access add-on's comm. return Response('You do not have permissions for this add-on', status=status.HTTP_403_FORBIDDEN) self.queryset = CommunicationThread.objects.filter( _extension=form.cleaned_data['extension']) return SilentListModelMixin.list(self, request)
def list(self, request, app_slug): """Return list of threads for the app.""" form = forms.AppSlugForm({'app': app_slug}) if not form.is_valid(): # 404 if app with given slug/id not found. return Response('App does not exist or no app slug given', status=status.HTTP_404_NOT_FOUND) elif not user_has_perm_app(request.user, form.cleaned_data['app']): # 403 if user does not have auth to access app's comm. return Response('You do not have permissions for this app', status=status.HTTP_403_FORBIDDEN) # Use simple serializer, which rets only ID + Version #s, if specified. if request.GET.get('serializer') == 'simple': self.serializer_class = ThreadSimpleSerializer self.queryset = CommunicationThread.objects.filter( _addon=form.cleaned_data['app']).order_by('_version__version') return SilentListModelMixin.list(self, request)
def list(self, request): self.serializer_class = ThreadSerializer profile = request.user # We list all the threads where the user has been CC'd. cc = list(profile.comm_thread_cc.values_list('thread', flat=True)) # This gives 404 when an app with given slug/id is not found. data = {} if 'app' in request.GET: form = forms.AppSlugForm(request.GET) if not form.is_valid(): return Response('App does not exist or no app slug given', status=status.HTTP_404_NOT_FOUND) elif not user_has_perm_app(profile, form.cleaned_data['app']): return Response('You do not have permissions for this app', status=status.HTTP_403_FORBIDDEN) queryset = CommunicationThread.objects.filter( _addon=form.cleaned_data['app']) # Thread IDs and version numbers from same app. data['app_threads'] = list(queryset.order_by('_version__version') .values('id', '_version__version')) for app_thread in data['app_threads']: app_thread['version__version'] = app_thread.pop( '_version__version') else: # We list all the threads that user is developer of or # is subscribed/CC'ed to. addons = list(profile.addons.values_list('pk', flat=True)) q_dev = Q(_addon__in=addons, read_permission_developer=True) queryset = CommunicationThread.objects.filter( Q(pk__in=cc) | q_dev) self.queryset = queryset res = SilentListModelMixin.list(self, request) if res.data: res.data.update(data) return res
def list(self, request): """Deprecated by CommAppViewSet and ThreadViewSetV2.""" self.serializer_class = ThreadSerializer profile = request.user # We list all the threads where the user has been CC'd. cc = list(profile.comm_thread_cc.values_list('thread', flat=True)) # This gives 404 when an app with given slug/id is not found. data = {} if 'app' in request.GET: form = forms.AppSlugForm(request.GET) if not form.is_valid(): return Response('App does not exist or no app slug given', status=status.HTTP_404_NOT_FOUND) elif not user_has_perm_app(profile, form.cleaned_data['app']): return Response('You do not have permissions for this app', status=status.HTTP_403_FORBIDDEN) queryset = CommunicationThread.objects.filter( _addon=form.cleaned_data['app']) # Thread IDs and version numbers from same app. data['app_threads'] = list( queryset.order_by('_version__version').values( 'id', '_version__version')) for app_thread in data['app_threads']: app_thread['version__version'] = app_thread.pop( '_version__version') else: # We list all the threads that user is developer of or # is subscribed/CC'ed to. queryset = CommunicationThread.objects.filter(_addon__isnull=False, pk__in=cc) self.queryset = queryset res = SilentListModelMixin.list(self, request) if res.data: res.data.update(data) return res
def list(self, request): self.serializer_class = ThreadSerializer profile = request.amo_user # We list all the threads the user has posted a note to. notes = list(profile.comm_notes.values_list('thread', flat=True)) # We list all the threads where the user has been CC'd. cc = list(profile.comm_thread_cc.values_list('thread', flat=True)) # This gives 404 when an app with given slug/id is not found. data = {} if 'app' in request.GET: form = forms.AppSlugForm(request.GET) if not form.is_valid(): return Response('App does not exist or no app slug given', status=status.HTTP_404_NOT_FOUND) elif not user_has_perm_app(profile, form.cleaned_data['app']): return Response('You do not have permissions for this app', status=status.HTTP_403_FORBIDDEN) queryset = CommunicationThread.objects.filter( addon=form.cleaned_data['app']) # Thread IDs and version numbers from same app. data['app_threads'] = list(queryset.order_by('version__version') .values('id', 'version__version')) else: # We list all the threads which uses an add-on authored by the # user and with read permissions for add-on devs. addons = list(profile.addons.values_list('pk', flat=True)) q_dev = Q(addon__in=addons, read_permission_developer=True) queryset = CommunicationThread.objects.filter( Q(pk__in=notes + cc) | q_dev) self.queryset = queryset res = SilentListModelMixin.list(self, request) if res.data: res.data.update(data) return res
def test_has_perm_app_developer(self): ok_(not user_has_perm_app(self.user, self.addon)) self.addon.addonuser_set.create(user=self.user) ok_(user_has_perm_app(self.user, self.addon))
def test_has_perm_app_reviewer(self): ok_(not user_has_perm_app(self.user, self.addon)) self.grant_permission(self.user, 'Apps:Review') ok_(user_has_perm_app(self.user, self.addon))