class ManyToManyTargetSerializer(serializers.HyperlinkedModelSerializer): sources = serializers.HyperlinkedRelatedField( many=True, view_name='manytomanysource-detail') class Meta: model = ManyToManyTarget
class TestSerializer(serializers.Serializer): via_unreachable = serializers.HyperlinkedRelatedField( source='does_not_exist.unreachable', view_name='example', read_only=True, )
class UserSerializer(serializers.HyperlinkedModelSerializer): snippets = serializers.HyperlinkedRelatedField(many=True, view_name='snippet-detail', read_only=True) class Meta: model = User fields = ('url', 'username', 'snippets')
class AttestationSerializer(serializers.HyperlinkedModelSerializer): source_document = serializers.HyperlinkedRelatedField(read_only=True, view_name='api:source-document-detail') class Meta: model = models.Attestation fields = ('source_document',)
class KlienciSerializer(serializers.ModelSerializer): zamowienia = serializers.HyperlinkedRelatedField(many=True, read_only=True, view_name='zamowienia-detail') class Meta: model = Klienci fields = ['url', 'pk', 'Imie', 'Nazwisko', 'PESEL', 'Nr_Telefonu','zamowienia']
class UserSerializer(serializers.ModelSerializer): # serializers.PrimaryKeyRelatedField(read_only=True, many=True) profile = UserProfileSerializer(read_only=True) # answers = serializers.HyperlinkedRelatedField(view_name='answer-detail', many=True, read_only=True, allow_null=True) # answers = RoomAnswerSerializer(many=True, read_only=True) # # StringRelatedField cannot set 'read_only' and 'required' arguments. Use SlugRelatedField instead : rooms_owner = serializers.SlugRelatedField(slug_field='title', many=True, read_only=True) rooms_owner_links = serializers.HyperlinkedRelatedField( view_name='room-detail', source='rooms_owner', many=True, read_only=True, allow_null=True) rooms_guest = serializers.SlugRelatedField(slug_field='title', many=True, read_only=True) rooms_guest_links = serializers.HyperlinkedRelatedField( view_name='room-detail', source='rooms_guest', many=True, read_only=True, allow_null=True) class Meta: model = User fields = '__all__' read_only_fields = ( 'last_login', 'is_active', ) extra_kwargs = { 'password': { 'write_only': True }, # hide password field when GET request } def validate(self, data): super().validate(data) if not self.partial: # for 'POST' and 'PUT' method user = User(**data) password = data.get( 'password' ) # get return None by default in case of non-exist key (never throw Error) errors = dict( ) # keys in this dict will be keys in JSON response in case an error occurs try: validators.validate_password(password=password, user=user) except exceptions.ValidationError as e: errors['password'] = list(e.messages) else: # for 'PATCH' method user = User(**data) password = data.get('password') errors = dict() if password is None: # a user dont want to change password return data else: # a user want to change password try: validators.validate_password(password=password, user=user) except exceptions.ValidationError as e: errors['password'] = list(e.messages) if errors: raise serializers.ValidationError(errors) # add to JSON return data def create(self, validated_data): return User.objects.create_user(**validated_data) def update(self, instance, validated_data): instance.email = validated_data.get('email', instance.email) instance.first_name = validated_data.get('first_name', instance.first_name) instance.last_name = validated_data.get('last_name', instance.last_name) instance.is_active = validated_data.get('is_active', instance.is_active) password = validated_data.get('password', None) if password: instance.set_password(password) instance.save() return instance
class AllFieldsSerializer(serializers.ModelSerializer): field_decimal_uncoerced = serializers.DecimalField( source='field_decimal', max_digits=6, decimal_places=3, coerce_to_string=False ) field_method_float = serializers.SerializerMethodField() def get_field_method_float(self, obj) -> float: return 1.3456 field_method_object = serializers.SerializerMethodField() def get_field_method_object(self, obj) -> dict: return {'key': 'value'} field_regex = serializers.RegexField(r'^[a-zA-z0-9]{10}\-[a-z]') # composite fields field_list = serializers.ListField( child=serializers.FloatField(), min_length=3, max_length=100, ) field_list_serializer = serializers.ListField( child=AuxSerializer(), source='field_list_object', ) # extra related fields field_related_slug = serializers.SlugRelatedField( read_only=True, source='field_foreign', slug_field='id' ) field_related_string = serializers.StringRelatedField( source='field_foreign' ) field_related_hyperlink = serializers.HyperlinkedRelatedField( read_only=True, source='field_foreign', view_name='aux-detail' ) field_identity_hyperlink = serializers.HyperlinkedIdentityField( read_only=True, view_name='allfields-detail' ) # read only - model traversal field_read_only_nav_uuid = serializers.ReadOnlyField(source='field_foreign.id') field_read_only_nav_uuid_3steps = serializers.ReadOnlyField( source='field_foreign.field_foreign.field_foreign.id', allow_null=True, # force field output even if traversal fails ) field_read_only_model_function_basic = serializers.ReadOnlyField(source='model_function_basic') field_read_only_model_function_model = serializers.ReadOnlyField(source='model_function_model.id') # override default writable bool field with readonly field_bool_override = serializers.ReadOnlyField() field_model_property_float = serializers.ReadOnlyField() field_model_cached_property_float = serializers.ReadOnlyField() field_dict_int = serializers.DictField( child=serializers.IntegerField(), source='field_json', ) # there is a JSON model field for django>=3.1 that would be placed automatically. for <=3.1 we # need to set the field explicitly. defined here for both cases to have consistent ordering. field_json = serializers.JSONField() class Meta: fields = '__all__' model = AllFields
class BatchTimeSlotSerializer(serializers.HyperlinkedModelSerializer): start_time = serializers.TimeField() end_time = serializers.TimeField() start_date = serializers.DateField() end_date = serializers.DateField() period = serializers.HyperlinkedRelatedField( view_name='period-detail', queryset=Period.objects.all(), ) weekdays = serializers.ListField( child=serializers.IntegerField(max_value=6, min_value=0)) def validate_weekdays(self, weekdays): """ Check that no weekday is duplicated. """ if len(weekdays) != len(set(weekdays)): raise serializers.ValidationError( _("Duplicated weekdays are not authorized.")) return weekdays def validate(self, attrs): validated_data = super(BatchTimeSlotSerializer, self).validate(attrs) period = validated_data['period'] period_start_date = period.start_date period_end_date = period.end_date start_date = attrs.get('start_date') end_date = attrs.get('end_date') start_time = attrs.get('start_time') end_time = attrs.get('end_time') # Use workplace's timezone if possible. Otherwise use Montreal timezone if period.workplace and period.workplace.timezone: tz = pytz.timezone(period.workplace.timezone) else: tz = pytz.timezone('America/Montreal') # Convert provided date and time to timezone aware datetimes aware_start = tz.localize(datetime.combine(start_date, start_time)) aware_end = tz.localize(datetime.combine(end_date, end_time)) # Make sure that start_date & end_date are within the period's # start_date & end_date if aware_start < period_start_date or aware_start > period_end_date: raise serializers.ValidationError({ 'start_date': [ _("Start date must be set within the period's start_date " "and end_date.") ], }) if aware_end < period_start_date or aware_end > period_end_date: raise serializers.ValidationError({ 'end_date': [ _("End date must be set within the period's start_date " "and end_date.") ], }) # Make sure that start_date is lower than end_date if aware_start >= aware_end: raise serializers.ValidationError({ 'end_date': [_("End date must be later than start_date.")], 'start_date': [_("Start date must be earlier than end_date.")], }) time_list = TimeSlot.objects.filter( period=validated_data['period']).values_list( 'start_time', 'end_time') timeslot_data = { 'period': validated_data['period'], } timeslot_data_list = list() # Create a list of start times for timeslots # Naive datetimes are used to avoid problems with DST (not handled by # rrule) timeslot_start_dates = list( rrule( freq=DAILY, dtstart=aware_start.replace(tzinfo=None), until=aware_end.replace(tzinfo=None), byweekday=validated_data['weekdays'], )) # Create a list of end times for timeslots # Naive datetimes are used to avoid problems with DST (not handled by # rrule) timeslot_end_dates = list( rrule( freq=DAILY, dtstart=aware_start.replace( hour=aware_end.hour, minute=aware_end.minute, second=aware_end.second, tzinfo=None, ), until=aware_end.replace(tzinfo=None), byweekday=validated_data['weekdays'], )) # For every start/end times in the list built by rrule, we add the # timezone information and create the timeslot using that timezone- # aware datetime. This will be automatically converted to correct UTC # time by Django. for start, end in zip(timeslot_start_dates, timeslot_end_dates): timeslot_data['start_time'] = tz.localize(start) timeslot_data['end_time'] = tz.localize(end) new_timeslot = TimeSlot(**timeslot_data) timeslot_data_list.append(new_timeslot) for duration in time_list: for timeslot in timeslot_data_list: start = timeslot.start_time end = timeslot.end_time if max(duration[0], start) < min(duration[1], end): raise serializers.ValidationError({ 'non_field_errors': _("An existing timeslot overlaps with the provided " "start_time and end_time."), }) return timeslot_data_list def create(self, validated_data): return TimeSlot.objects.bulk_create(validated_data) def save(self, **kwargs): return self.create(self.validated_data) class Meta: model = TimeSlot exclude = ( 'deleted', 'price', 'users', 'name', )
class NameserverSerializer(api.CommonDNSSerializer): domain = serializers.HyperlinkedRelatedField( read_only=True, view_name='api-dns-domain-detail') class Meta(api.CommonDNSMeta): model = Nameserver
class GroupsSerializer(serializers.HyperlinkedModelSerializer): owner = serializers.HyperlinkedRelatedField(source='users',view_name = 'users-detail') class Meta: model = Groups fields = ('id', 'name','owner','members','city','state','country','typeT','deleted','content')
class TripsSerializer(serializers.HyperlinkedModelSerializer): owner = serializers.HyperlinkedRelatedField(source='groups',view_name = 'groups-detail') class Meta: model = Trips fields = ('id', 'name','groups','members','fromLoc','toLoc','typeT','deleted','content')
class EventOwnedSerializer(serializers.ModelSerializer): """Serializer for user generated events, model=UserEvent.""" id = serializers.ReadOnlyField() calendar = serializers.HyperlinkedRelatedField(many=False, view_name='calendar-detail', read_only=True) start_date = serializers.DateField( input_formats=['%Y-%m-%d'], format=None, allow_null=True, help_text='Accepted format is YYYY-MM-DD', style={ 'input_type': 'text', 'placeholder': '2022-01-30' }, ) end_date = serializers.DateField( input_formats=['%Y-%m-%d'], format=None, allow_null=True, help_text='Accepted format is YYYY-MM-DD', style={ 'input_type': 'text', 'placeholder': '2022-01-30' }, ) class Meta: model = UserEvent fields = ( 'id', 'title', 'description', 'week_number', 'month_number', 'calendar', 'priority', 'type', 'start_date', 'end_date', 'duration', ) read_only_fields = ( 'calendar_id', 'week_number', 'month_number', ) def validate(self, attrs): if "start_date" in attrs and "end_date" in attrs: if attrs["end_date"] < attrs["start_date"]: raise serializers.ValidationError({ "date validation": "End date must be greater than start date", }) return super(EventOwnedSerializer, self).validate(attrs) def save(self, **kwargs): start_date = self.validated_data.get('start_date', datetime.now()) end_date = self.validated_data.get('end_date', datetime.now()) week_number = self.validated_data.get('week_number') month_number = self.validated_data.get('month_number') calendar = self.validated_data.get('calendar') self.validated_data['calendar'] = calendar self.validated_data['week_number'] = week_number self.validated_data['month_number'] = month_number self.validated_data['start_date'] = start_date self.validated_data['end_date'] = end_date super(EventOwnedSerializer, self).save(**kwargs) def create(self, validated_data): return UserEvent.objects.create(**validated_data)
class NullableOneToOneTargetSerializer(serializers.HyperlinkedModelSerializer): nullable_source = serializers.HyperlinkedRelatedField( view_name='nullableonetoonesource-detail') class Meta: model = OneToOneTarget
class ForeignKeyTargetSerializer(serializers.HyperlinkedModelSerializer): sources = serializers.HyperlinkedRelatedField( many=True, view_name='foreignkeysource-detail') class Meta: model = ForeignKeyTarget
class UserSerializer(serializers.HyperlinkedModelSerializer): customers = serializers.HyperlinkedRelatedField(many=True, view_name='customer-detail', read_only=True) class Meta: model = User fields = ['url', 'id', 'username', 'customers', 'email']
class CheckoutSerializer(serializers.Serializer, OrderPlacementMixin): basket = serializers.HyperlinkedRelatedField( view_name='basket-detail', queryset=Basket.objects) guest_email = serializers.EmailField(allow_blank=True, required=False) total = serializers.DecimalField( decimal_places=2, max_digits=12, required=False) shipping_method_code = serializers.CharField( max_length=128, required=False) shipping_charge = PriceSerializer(many=False, required=False) shipping_address = ShippingAddressSerializer(many=False, required=False) billing_address = BillingAddressSerializer(many=False, required=False) def get_initial_order_status(self, basket): return overridable('OSCARAPI_INITIAL_ORDER_STATUS', default='new') def validate(self, attrs): request = self.context['request'] if request.user.is_anonymous: if not settings.OSCAR_ALLOW_ANON_CHECKOUT: message = _('Anonymous checkout forbidden') raise serializers.ValidationError(message) if not attrs.get('guest_email'): # Always require the guest email field if the user is anonymous message = _('Guest email is required for anonymous checkouts') raise serializers.ValidationError(message) else: if 'guest_email' in attrs: # Don't store guest_email field if the user is authenticated del attrs['guest_email'] basket = attrs.get('basket') basket = assign_basket_strategy(basket, request) if basket.num_items <= 0: message = _('Cannot checkout with empty basket') raise serializers.ValidationError(message) shipping_method = self._shipping_method( request, basket, attrs.get('shipping_method_code'), attrs.get('shipping_address') ) shipping_charge = shipping_method.calculate(basket) posted_shipping_charge = attrs.get('shipping_charge') if posted_shipping_charge is not None: posted_shipping_charge = prices.Price(**posted_shipping_charge) # test submitted data. if not posted_shipping_charge == shipping_charge: message = _('Shipping price incorrect %s != %s' % ( posted_shipping_charge, shipping_charge )) raise serializers.ValidationError(message) posted_total = attrs.get('total') total = OrderTotalCalculator().calculate(basket, shipping_charge) if posted_total is not None: if posted_total != total.incl_tax: message = _('Total incorrect %s != %s' % ( posted_total, total.incl_tax )) raise serializers.ValidationError(message) # update attrs with validated data. attrs['total'] = total attrs['shipping_method'] = shipping_method attrs['shipping_charge'] = shipping_charge attrs['basket'] = basket return attrs def create(self, validated_data): try: basket = validated_data.get('basket') order_number = self.generate_order_number(basket) request = self.context['request'] if 'shipping_address' in validated_data: shipping_address = ShippingAddress( **validated_data['shipping_address']) else: shipping_address = None if 'billing_address' in validated_data: billing_address = BillingAddress( **validated_data['billing_address']) else: billing_address = None return self.place_order( order_number=order_number, user=request.user, basket=basket, shipping_address=shipping_address, shipping_method=validated_data.get('shipping_method'), shipping_charge=validated_data.get('shipping_charge'), billing_address=billing_address, order_total=validated_data.get('total'), guest_email=validated_data.get('guest_email') or '' ) except ValueError as e: raise exceptions.NotAcceptable(str(e)) def _shipping_method(self, request, basket, shipping_method_code, shipping_address): repo = Repository() default = repo.get_default_shipping_method( basket=basket, user=request.user, request=request, shipping_addr=shipping_address ) if shipping_method_code is not None: methods = repo.get_shipping_methods( basket=basket, user=request.user, request=request, shipping_addr=shipping_address ) find_method = ( s for s in methods if s.code == shipping_method_code) shipping_method = next(find_method, default) return shipping_method return default
class AllocationSerializer( structure_serializers.BaseResourceSerializer, core_serializers.AugmentedSerializerMixin, ): service = rf_serializers.HyperlinkedRelatedField( source='service_project_link.service', view_name='slurm-detail', read_only=True, lookup_field='uuid', ) service_project_link = rf_serializers.HyperlinkedRelatedField( view_name='slurm-spl-detail', queryset=models.SlurmServiceProjectLink.objects.all(), allow_null=True, required=False, ) username = rf_serializers.SerializerMethodField() gateway = rf_serializers.SerializerMethodField() batch_service = rf_serializers.ReadOnlyField() homepage = rf_serializers.ReadOnlyField( source='service_project_link.service.settings.homepage' ) def get_username(self, allocation): request = self.context['request'] try: profile = freeipa_models.Profile.objects.get(user=request.user) return profile.username except freeipa_models.Profile.DoesNotExist: return None def get_gateway(self, allocation): options = allocation.service_project_link.service.settings.options return options.get('gateway') or options.get('hostname') class Meta(structure_serializers.BaseResourceSerializer.Meta): model = models.Allocation fields = structure_serializers.BaseResourceSerializer.Meta.fields + ( 'cpu_limit', 'cpu_usage', 'gpu_limit', 'gpu_usage', 'ram_limit', 'ram_usage', 'deposit_limit', 'deposit_usage', 'username', 'gateway', 'is_active', 'batch_service', 'homepage', ) read_only_fields = ( structure_serializers.BaseResourceSerializer.Meta.read_only_fields + ( 'cpu_usage', 'gpu_usage', 'ram_usage', 'cpu_limit', 'gpu_limit', 'ram_limit', 'is_active', 'deposit_limit', 'deposit_usage', ) ) extra_kwargs = dict( url={'lookup_field': 'uuid', 'view_name': 'slurm-allocation-detail'}, cpu_limit={'validators': [MinValueValidator(0)]}, gpu_limit={'validators': [MinValueValidator(0)]}, ram_limit={'validators': [MinValueValidator(0)]}, ) def validate(self, attrs): attrs = super(AllocationSerializer, self).validate(attrs) # Skip validation on update if self.instance: return attrs correct_name_regex = '^([%s]{1,63})$' % models.SLURM_ALLOCATION_REGEX name = attrs.get('name') if not re.match(correct_name_regex, name): raise core_serializers.ValidationError( _( "Name '%s' must be 1-63 characters long, each of " "which can only be alphanumeric or a hyphen" ) % name ) spl = attrs['service_project_link'] user = self.context['request'].user if not _has_owner_access(user, spl.project.customer): raise rf_exceptions.PermissionDenied( _('You do not have permissions to create allocation for given project.') ) return attrs
class VirtualMachineSerializer(structure_serializers.VirtualMachineSerializer, BaseResourceGroupSerializer): image = serializers.HyperlinkedRelatedField( view_name='azure-image-detail', lookup_field='uuid', queryset=models.Image.objects.all(), ) size = serializers.HyperlinkedRelatedField( view_name='azure-size-detail', lookup_field='uuid', queryset=models.Size.objects.all(), ) ssh_public_key = serializers.HyperlinkedRelatedField( view_name='sshpublickey-detail', lookup_field='uuid', queryset=SshPublicKey.objects.all(), required=False, allow_null=True, write_only=True, source='ssh_key' ) size_name = serializers.ReadOnlyField(source='size.name') image_name = serializers.ReadOnlyField(source='image.name') class Meta(structure_serializers.VirtualMachineSerializer.Meta): model = models.VirtualMachine view_name = 'azure-virtualmachine-detail' fields = structure_serializers.VirtualMachineSerializer.Meta.fields + ( 'image', 'size', 'user_data', 'runtime_state', 'start_time', 'cores', 'ram', 'disk', 'image_name', 'location', 'resource_group', 'username', 'password', 'resource_group_name', 'location_name', 'image_name', 'size_name' ) protected_fields = structure_serializers.VirtualMachineSerializer.Meta.protected_fields + ( 'image', 'size', 'user_data', 'name' ) read_only_fields = structure_serializers.VirtualMachineSerializer.Meta.read_only_fields + ( 'runtime_state', 'start_time', 'cores', 'ram', 'disk', 'image_name', 'username', 'password' ) @transaction.atomic def create(self, validated_data): vm_name = validated_data['name'] spl = validated_data['service_project_link'] size = validated_data['size'] location = validated_data.pop('location') resource_group_name = 'group{}'.format(uuid.uuid4().hex) storage_account_name = 'storage{}'.format(hash_string(vm_name.lower(), 14)) network_name = 'net{}'.format(vm_name) subnet_name = 'subnet{}'.format(vm_name) nic_name = 'nic{}'.format(vm_name) config_name = 'ipconf{}'.format(vm_name) public_ip_name = 'pubip{}'.format(vm_name) security_group_name = 'NSG{}'.format(vm_name) resource_group = models.ResourceGroup.objects.create( service_project_link=spl, name=resource_group_name, location=location, ) models.StorageAccount.objects.create( service_project_link=spl, name=storage_account_name, resource_group=resource_group, ) network = models.Network.objects.create( service_project_link=spl, resource_group=resource_group, name=network_name, cidr='10.0.0.0/16', ) subnet = models.SubNet.objects.create( service_project_link=spl, resource_group=resource_group, name=subnet_name, cidr='10.0.0.0/24', network=network, ) public_ip = models.PublicIP.objects.create( service_project_link=spl, resource_group=resource_group, location=location, name=public_ip_name, ) security_group = models.SecurityGroup.objects.create( service_project_link=spl, resource_group=resource_group, name=security_group_name, ) nic = models.NetworkInterface.objects.create( service_project_link=spl, resource_group=resource_group, name=nic_name, subnet=subnet, config_name=config_name, public_ip=public_ip, security_group=security_group, ) validated_data['ram'] = size.memory_in_mb validated_data['cores'] = size.number_of_cores validated_data['disk'] = size.os_disk_size_in_mb + size.resource_disk_size_in_mb validated_data['network_interface'] = nic validated_data['resource_group'] = resource_group validated_data['username'] = generate_username() validated_data['password'] = generate_password() return super(VirtualMachineSerializer, self).create(validated_data)
def test_hyperlinked_related_field_with_empty_string(self): field = serializers.HyperlinkedRelatedField(queryset=NullModel.objects.all(), view_name='') self.assertRaises(serializers.ValidationError, field.from_native, '') self.assertRaises(serializers.ValidationError, field.from_native, [])
class UserSerializer(serializers.HyperlinkedModelSerializer): snippets = serializers.HyperlinkedRelatedField(many=True, view_name='snippet-detail', read_only=True) # owner = serializers.ReadOnlyField(source='owner.username') class Meta: model = User fields = ('id', 'username','snippets')
class RatingSerializer(serializers.ModelSerializer): app = SplitField( SlugOrPrimaryKeyRelatedField(slug_field='app_slug', queryset=Webapp.objects.all(), source='addon'), serializers.HyperlinkedRelatedField(view_name='app-detail', read_only=True, source='addon')) body = serializers.CharField() user = AccountSerializer(read_only=True) report_spam = serializers.SerializerMethodField('get_report_spam_link') resource_uri = serializers.HyperlinkedIdentityField( view_name='ratings-detail') is_author = serializers.SerializerMethodField('get_is_author') has_flagged = serializers.SerializerMethodField('get_has_flagged') version = SimpleVersionSerializer(read_only=True) class Meta: model = Review fields = ('app', 'body', 'created', 'has_flagged', 'is_author', 'modified', 'rating', 'report_spam', 'resource_uri', 'user', 'version') def __init__(self, *args, **kwargs): super(RatingSerializer, self).__init__(*args, **kwargs) if 'request' in self.context: self.request = self.context['request'] else: self.request = None if not self.request or not self.request.amo_user: self.fields.pop('is_author') self.fields.pop('has_flagged') if self.request.method in ('PUT', 'PATCH'): # Don't let users modify 'app' field at edit time self.fields['app'].read_only = True def get_report_spam_link(self, obj): return reverse('ratings-flag', kwargs={'pk': obj.pk}) def get_is_author(self, obj): return obj.user.pk == self.request.amo_user.pk def get_has_flagged(self, obj): return (not self.get_is_author(obj) and obj.reviewflag_set.filter(user=self.request.amo_user).exists()) @classmethod def get_app_from_value(cls, value): try: app = Webapp.objects.valid().get(id=value) except (Webapp.DoesNotExist, ValueError): try: app = Webapp.objects.valid().get(app_slug=value) except Webapp.DoesNotExist: raise serializers.ValidationError('Invalid app') if not app.listed_in(region=REGIONS_DICT[get_region()]): raise serializers.ValidationError( 'App not available in this region') return app def validate(self, attrs): attrs['user'] = self.request.amo_user attrs['ip_address'] = self.request.META.get('REMOTE_ADDR', '') if not getattr(self, 'object'): if attrs['addon'].is_packaged: attrs['version'] = attrs['addon'].current_version # Return 409 if the user has already reviewed this app. app = attrs['addon'] amo_user = self.request.amo_user qs = self.context['view'].queryset.filter(addon=app, user=amo_user) if app.is_packaged: qs = qs.filter(version=attrs['version']) if qs.exists(): raise Conflict('You have already reviewed this app.') # Return 403 if the user is attempting to review their own app: if app.has_author(amo_user): raise PermissionDenied('You may not review your own app.') # Return 403 if not a free app and the user hasn't purchased it. if app.is_premium() and not app.is_purchased(amo_user): raise PermissionDenied("You may not review paid apps you " "haven't purchased.") return attrs def validate_app(self, attrs, source): if not getattr(self, 'object'): app = attrs[source] attrs[source] = RatingSerializer.get_app_from_value(app.pk) else: attrs[source] = self.object.addon return attrs
class XFormSerializer(XFormMixin, serializers.HyperlinkedModelSerializer): formid = serializers.ReadOnlyField(source='id') metadata = serializers.SerializerMethodField() owner = serializers.HyperlinkedRelatedField( view_name='user-detail', source='user', lookup_field='username', queryset=User.objects.exclude( username__iexact=settings.ANONYMOUS_DEFAULT_USERNAME)) created_by = serializers.HyperlinkedRelatedField( view_name='user-detail', lookup_field='username', queryset=User.objects.exclude( username__iexact=settings.ANONYMOUS_DEFAULT_USERNAME)) public = serializers.BooleanField(source='shared') public_data = serializers.BooleanField(source='shared_data') public_key = serializers.CharField(required=False) require_auth = serializers.BooleanField() submission_count_for_today = serializers.ReadOnlyField() tags = TagListSerializer(read_only=True) title = serializers.CharField(max_length=255) url = serializers.HyperlinkedIdentityField( view_name='xform-detail', lookup_field='pk') users = serializers.SerializerMethodField() enketo_url = serializers.SerializerMethodField() enketo_preview_url = serializers.SerializerMethodField() num_of_submissions = serializers.SerializerMethodField() last_submission_time = serializers.SerializerMethodField() form_versions = serializers.SerializerMethodField() data_views = serializers.SerializerMethodField() class Meta: model = XForm read_only_fields = ('json', 'xml', 'date_created', 'date_modified', 'encrypted', 'bamboo_dataset', 'last_submission_time', 'is_merged_dataset') exclude = ('json', 'xml', 'xls', 'user', 'has_start_time', 'shared', 'shared_data', 'deleted_at', 'deleted_by') def get_metadata(self, obj): xform_metadata = [] if obj: xform_metadata = cache.get( '{}{}'.format(XFORM_METADATA_CACHE, obj.pk)) if xform_metadata: return xform_metadata xform_metadata = list( MetaDataSerializer( obj.metadata_set.all(), many=True, context=self.context) .data) cache.set('{}{}'.format(XFORM_METADATA_CACHE, obj.pk), xform_metadata) return xform_metadata def validate_public_key(self, value): # pylint: disable=no-self-use """ Checks that the given RSA public key is a valid key by trying to use the key data to create an RSA key object using the cryptography package """ try: load_pem_public_key( value.encode('utf-8'), backend=default_backend()) except ValueError: raise serializers.ValidationError( _('The public key is not a valid base64 RSA key')) return clean_public_key(value) def get_form_versions(self, obj): versions = [] if obj: versions = cache.get('{}{}'.format(XFORM_DATA_VERSIONS, obj.pk)) if versions: return versions versions = list( Instance.objects.filter(xform=obj, deleted_at__isnull=True) .values('version').annotate(total=Count('version'))) if versions: cache.set('{}{}'.format(XFORM_DATA_VERSIONS, obj.pk), list(versions)) return versions
class WarzywaSerializer(serializers.ModelSerializer): zamowienia = serializers.HyperlinkedRelatedField(many=True, read_only=True, view_name='zamowienia-detail') class Meta: model = Warzywa fields = ['Warzywo', 'Cena','zamowienia']
class BaseProjectSerializer(serializers.HyperlinkedModelSerializer): """ BaseProjectSerializer class. """ projectid = serializers.ReadOnlyField(source='id') url = serializers.HyperlinkedIdentityField( view_name='project-detail', lookup_field='pk') owner = serializers.HyperlinkedRelatedField( view_name='user-detail', source='organization', lookup_field='username', queryset=User.objects.exclude( username__iexact=settings.ANONYMOUS_DEFAULT_USERNAME)) created_by = serializers.HyperlinkedRelatedField( view_name='user-detail', lookup_field='username', read_only=True) metadata = JsonField(required=False) starred = serializers.SerializerMethodField() users = serializers.SerializerMethodField() forms = serializers.SerializerMethodField() public = serializers.BooleanField(source='shared') tags = TagListSerializer(read_only=True) num_datasets = serializers.SerializerMethodField() last_submission_date = serializers.SerializerMethodField() teams = serializers.SerializerMethodField() class Meta: model = Project fields = [ 'url', 'projectid', 'owner', 'created_by', 'metadata', 'starred', 'users', 'forms', 'public', 'tags', 'num_datasets', 'last_submission_date', 'teams', 'name', 'date_created', 'date_modified', 'deleted_at' ] def get_starred(self, obj): """ Return True if request user has starred this project. """ return is_starred(obj, self.context['request']) def get_users(self, obj): """ Return a list of users and organizations that have access to the project. """ owner_query_param_in_request = 'request' in self.context and\ "owner" in self.context['request'].GET return get_users(obj, self.context, owner_query_param_in_request) @check_obj def get_forms(self, obj): """ Return list of xforms in the project. """ forms = cache.get('{}{}'.format(PROJ_BASE_FORMS_CACHE, obj.pk)) if forms: return forms xforms = get_project_xforms(obj) request = self.context.get('request') serializer = BaseProjectXFormSerializer( xforms, context={'request': request}, many=True) forms = list(serializer.data) cache.set('{}{}'.format(PROJ_BASE_FORMS_CACHE, obj.pk), forms) return forms def get_num_datasets(self, obj): # pylint: disable=no-self-use """ Return the number of datasets attached to the project. """ return get_num_datasets(obj) def get_last_submission_date(self, obj): # pylint: disable=no-self-use """ Return the most recent submission date to any of the projects datasets. """ return get_last_submission_date(obj) def get_teams(self, obj): # pylint: disable=no-self-use """ Return the teams with access to the project. """ return get_teams(obj)
class UserProfileSerializer(serializers.HyperlinkedModelSerializer): """ UserProfile serializer. """ url = serializers.HyperlinkedIdentityField(view_name='userprofile-detail', lookup_field='user') is_org = serializers.SerializerMethodField() username = serializers.CharField(source='user.username', min_length=3, max_length=30) name = serializers.CharField(required=False, allow_blank=True) first_name = serializers.CharField(source='user.first_name', required=False, allow_blank=True, max_length=30) last_name = serializers.CharField(source='user.last_name', required=False, allow_blank=True, max_length=30) email = serializers.EmailField(source='user.email') website = serializers.CharField(source='home_page', required=False, allow_blank=True) twitter = serializers.CharField(required=False, allow_blank=True) gravatar = serializers.ReadOnlyField() password = serializers.CharField(source='user.password', allow_blank=True, required=False) user = serializers.HyperlinkedRelatedField(view_name='user-detail', lookup_field='username', read_only=True) metadata = JsonField(required=False) id = serializers.ReadOnlyField(source='user.id') # pylint: disable=C0103 joined_on = serializers.ReadOnlyField(source='user.date_joined') class Meta: model = UserProfile fields = ('id', 'is_org', 'url', 'username', 'password', 'first_name', 'last_name', 'email', 'city', 'country', 'organization', 'website', 'twitter', 'gravatar', 'require_auth', 'user', 'metadata', 'joined_on', 'name') owner_only_fields = ('metadata', ) def __init__(self, *args, **kwargs): super(UserProfileSerializer, self).__init__(*args, **kwargs) if self.instance and hasattr(self.Meta, 'owner_only_fields'): request = self.context.get('request') if isinstance(self.instance, QuerySet) or \ (request and request.user != self.instance.user) or \ not request: for field in getattr(self.Meta, 'owner_only_fields'): self.fields.pop(field) def get_is_org(self, obj): # pylint: disable=no-self-use """ Returns True if it is an organization profile. """ if obj: is_org = cache.get('{}{}'.format(IS_ORG, obj.pk)) if is_org: return is_org is_org = is_organization(obj) cache.set('{}{}'.format(IS_ORG, obj.pk), is_org) return is_org def to_representation(self, instance): """ Serialize objects -> primitives. """ ret = super(UserProfileSerializer, self).to_representation(instance) if 'password' in ret: del ret['password'] request = self.context['request'] \ if 'request' in self.context else None if 'email' in ret and request is None or request.user \ and not request.user.has_perm(CAN_VIEW_PROFILE, instance): del ret['email'] if 'first_name' in ret: ret['name'] = u' '.join( [ret.get('first_name'), ret.get('last_name', "")]) ret['name'] = ret['name'].strip() return ret def update(self, instance, validated_data): params = validated_data password = params.get("password1") email = params.get('email') # Check password if email is being updated if email and not password: raise serializers.ValidationError( _(u'Your password is required when updating your email ' u'address.')) if password and not instance.user.check_password(password): raise serializers.ValidationError(_(u'Invalid password')) # get user instance.user.email = email or instance.user.email instance.user.first_name = params.get('first_name', instance.user.first_name) instance.user.last_name = params.get('last_name', instance.user.last_name) instance.user.username = params.get('username', instance.user.username) instance.user.save() if email: instance.metadata.update({"is_email_verified": False}) instance.save() request = self.context.get('request') redirect_url = params.get('redirect_url') _send_verification_email(redirect_url, instance.user, request) if password: # force django-digest to regenerate its stored partial digests update_partial_digests(instance.user, password) return super(UserProfileSerializer, self).update(instance, params) @track_object_event(user_field='user', properties={ 'name': 'name', 'country': 'country' }) def create(self, validated_data): params = validated_data request = self.context.get('request') metadata = {} site = Site.objects.get(pk=settings.SITE_ID) try: new_user = RegistrationProfile.objects.create_inactive_user( username=params.get('username'), password=params.get('password1'), email=params.get('email'), site=site, send_email=settings.SEND_EMAIL_ACTIVATION_API) except IntegrityError: raise serializers.ValidationError( _(u"User account {} already exists".format( params.get('username')))) new_user.is_active = True new_user.first_name = params.get('first_name') new_user.last_name = params.get('last_name') new_user.save() if getattr(settings, 'ENABLE_EMAIL_VERIFICATION', False): redirect_url = params.get('redirect_url') _send_verification_email(redirect_url, new_user, request) created_by = request.user created_by = None if created_by.is_anonymous else created_by metadata['last_password_edit'] = timezone.now().isoformat() profile = UserProfile(user=new_user, name=params.get('first_name'), created_by=created_by, city=params.get('city', u''), country=params.get('country', u''), organization=params.get('organization', u''), home_page=params.get('home_page', u''), twitter=params.get('twitter', u''), metadata=metadata) profile.save() return profile def validate_username(self, value): """ Validate username. """ username = value.lower() if isinstance(value, basestring) else value if username in RESERVED_NAMES: raise serializers.ValidationError( _(u"%s is a reserved name, please choose another" % username)) elif not LEGAL_USERNAMES_REGEX.search(username): raise serializers.ValidationError( _(u"username may only contain alpha-numeric characters and " u"underscores")) elif len(username) < 3: raise serializers.ValidationError( _(u"Username must have 3 or more characters")) users = User.objects.filter(username=username) if self.instance: users = users.exclude(pk=self.instance.user.pk) if users.exists(): raise serializers.ValidationError( _(u"%s already exists" % username)) return username def validate_email(self, value): """ Checks if user with the same email has already been registered. """ users = User.objects.filter(email=value) if self.instance: users = users.exclude(pk=self.instance.user.pk) if users.exists(): raise serializers.ValidationError( _(u"This email address is already in use. ")) return value def validate_twitter(self, value): # pylint: disable=no-self-use """ Checks if the twitter handle is valid. """ if isinstance(value, basestring) and value: match = re.search(r"^[A-Za-z0-9_]{1,15}$", value) if not match: raise serializers.ValidationError( _(u"Invalid twitter username {}".format(value))) return value def validate(self, attrs): params = _get_registration_params(attrs) if not self.instance and params.get('name') is None and \ params.get('first_name') is None: raise serializers.ValidationError( {'name': _(u"Either name or first_name should be provided")}) return params
class ProjectSerializer(serializers.HyperlinkedModelSerializer): """ ProjectSerializer class - creates and updates a project. """ projectid = serializers.ReadOnlyField(source='id') url = serializers.HyperlinkedIdentityField( view_name='project-detail', lookup_field='pk') owner = serializers.HyperlinkedRelatedField( view_name='user-detail', source='organization', lookup_field='username', queryset=User.objects.exclude( username__iexact=settings.ANONYMOUS_DEFAULT_USERNAME)) created_by = serializers.HyperlinkedRelatedField( view_name='user-detail', lookup_field='username', read_only=True) metadata = JsonField(required=False) starred = serializers.SerializerMethodField() users = serializers.SerializerMethodField() forms = serializers.SerializerMethodField() public = serializers.BooleanField(source='shared') tags = TagListSerializer(read_only=True) num_datasets = serializers.SerializerMethodField() last_submission_date = serializers.SerializerMethodField() teams = serializers.SerializerMethodField() data_views = serializers.SerializerMethodField() class Meta: model = Project exclude = ('shared', 'user_stars', 'deleted_by') extra_kwargs = { 'organization': { 'write_only': True, 'required': False, 'lookup_field': 'username'}} def validate(self, attrs): name = attrs.get('name') organization = attrs.get('organization') if not self.instance and organization: project_w_same_name = Project.objects.filter( name__iexact=name, organization=organization) if project_w_same_name: raise serializers.ValidationError({ 'name': _(u"Project {} already exists.".format(name))}) else: organization = organization or self.instance.organization request = self.context['request'] try: has_perm = can_add_project_to_profile(request.user, organization) except OrganizationProfile.DoesNotExist: # most likely when transfering a project to an individual account # A user does not require permissions to the user's account forms. has_perm = False if not has_perm: raise serializers.ValidationError({ 'owner': _("You do not have permission to create a project " "in the organization %(organization)s." % { 'organization': organization}) }) return attrs def validate_public(self, value): # pylint: disable=no-self-use """ Validate the public field """ if not settings.ALLOW_PUBLIC_DATASETS and value: raise serializers.ValidationError( _('Public projects are currently disabled.')) return value def validate_metadata(self, value): # pylint: disable=no-self-use """ Validate metadaata is a valid JSON value. """ msg = serializers.ValidationError(_("Invaid value for metadata")) try: json_val = JsonField.to_json(value) except ValueError: raise serializers.ValidationError(msg) else: if json_val is None: raise serializers.ValidationError(msg) return value def update(self, instance, validated_data): metadata = JsonField.to_json(validated_data.get('metadata')) if metadata is None: metadata = dict() owner = validated_data.get('organization') if self.partial and metadata: if not isinstance(instance.metadata, dict): instance.metadata = {} instance.metadata.update(metadata) validated_data['metadata'] = instance.metadata if self.partial and owner: # give the new owner permissions set_owners_permission(owner, instance) if is_organization(owner.profile): owners_team = get_or_create_organization_owners_team( owner.profile) members_team = get_organization_members_team(owner.profile) OwnerRole.add(owners_team, instance) ReadOnlyRole.add(members_team, instance) owners = owners_team.user_set.all() # Owners are also members members = members_team.user_set.exclude( username__in=[ user.username for user in owners]) # Exclude new owner if in members members = members.exclude(username=owner.username) # Add permissions to all users in Owners and Members team [OwnerRole.add(owner, instance) for owner in owners] [ReadOnlyRole.add(member, instance) for member in members] # clear cache safe_delete('{}{}'.format(PROJ_PERM_CACHE, instance.pk)) project = super(ProjectSerializer, self)\ .update(instance, validated_data) project.xform_set.exclude(shared=project.shared)\ .update(shared=project.shared, shared_data=project.shared) return instance def create(self, validated_data): metadata = validated_data.get('metadata', dict()) if metadata is None: metadata = dict() created_by = self.context['request'].user try: project = Project.objects.create( # pylint: disable=E1101 name=validated_data.get('name'), organization=validated_data.get('organization'), created_by=created_by, shared=validated_data.get('shared', False), metadata=metadata) except IntegrityError: raise serializers.ValidationError( "The fields name, organization must make a unique set.") else: project.xform_set.exclude(shared=project.shared)\ .update(shared=project.shared, shared_data=project.shared) request = self.context.get('request') serializer = ProjectSerializer( project, context={'request': request}) response = serializer.data cache.set(f'{PROJ_OWNER_CACHE}{project.pk}', response) return project def get_users(self, obj): # pylint: disable=no-self-use """ Return a list of users and organizations that have access to the project. """ return get_users(obj, self.context) @check_obj def get_forms(self, obj): # pylint: disable=no-self-use """ Return list of xforms in the project. """ forms = cache.get('{}{}'.format(PROJ_FORMS_CACHE, obj.pk)) if forms: return forms xforms = get_project_xforms(obj) request = self.context.get('request') serializer = ProjectXFormSerializer( xforms, context={'request': request}, many=True) forms = list(serializer.data) cache.set('{}{}'.format(PROJ_FORMS_CACHE, obj.pk), forms) return forms def get_num_datasets(self, obj): # pylint: disable=no-self-use """ Return the number of datasets attached to the project. """ return get_num_datasets(obj) def get_last_submission_date(self, obj): # pylint: disable=no-self-use """ Return the most recent submission date to any of the projects datasets. """ return get_last_submission_date(obj) def get_starred(self, obj): # pylint: disable=no-self-use """ Return True if request user has starred this project. """ return is_starred(obj, self.context['request']) def get_teams(self, obj): # pylint: disable=no-self-use """ Return the teams with access to the project. """ return get_teams(obj) @check_obj def get_data_views(self, obj): """ Return a list of filtered datasets. """ data_views = cache.get('{}{}'.format(PROJECT_LINKED_DATAVIEWS, obj.pk)) if data_views: return data_views data_views_obj = obj.dataview_prefetch if \ hasattr(obj, 'dataview_prefetch') else\ obj.dataview_set.filter(deleted_at__isnull=True) serializer = DataViewMinimalSerializer( data_views_obj, many=True, context=self.context) data_views = list(serializer.data) cache.set('{}{}'.format(PROJECT_LINKED_DATAVIEWS, obj.pk), data_views) return data_views
class DatabaseSerializer(serializers.HyperlinkedModelSerializer): plan = serializers.HyperlinkedRelatedField( source='plan', view_name='plan-detail', queryset=Plan.objects.filter(is_active=True)) replication_topology_id = serializers.Field( source='databaseinfra.plan.replication_topology.id') environment = serializers.HyperlinkedRelatedField( source='environment', view_name='environment-detail', queryset=Environment.objects) team = serializers.HyperlinkedRelatedField(source='team', view_name='team-detail', queryset=Team.objects) endpoint = serializers.Field(source='endpoint') infra_endpoint = serializers.Field(source='databaseinfra.endpoint') quarantine_dt = serializers.Field(source='quarantine_dt') # total_size_in_bytes = serializers.Field(source='total_size') total_size_in_bytes = serializers.SerializerMethodField('get_total_size') credentials = CredentialSerializer(many=True, read_only=True) status = serializers.Field(source='status') # used_size_in_bytes = serializers.Field(source='used_size_in_bytes') used_size_in_bytes = serializers.SerializerMethodField( 'get_used_size_in_bytes') engine = serializers.CharField(source='infra.engine', read_only=True) is_locked = serializers.SerializerMethodField('get_is_locked') class Meta: model = models.Database fields = ('url', 'id', 'name', 'infra_endpoint', 'endpoint', 'plan', 'environment', 'project', 'team', 'quarantine_dt', 'total_size_in_bytes', 'credentials', 'description', 'status', 'used_size_in_bytes', 'subscribe_to_email_events', 'created_at', 'engine', 'replication_topology_id', 'is_locked') read_only = ('credentials', 'status', 'used_size_in_bytes') def __init__(self, *args, **kwargs): super(DatabaseSerializer, self).__init__(*args, **kwargs) request = self.context.get('request', None) if request: creating = request.method == 'POST' self.fields['plan'].read_only = not creating self.fields['environment'].read_only = not creating self.fields['name'].read_only = not creating self.fields['credentials'].read_only = True def _get_or_none_if_error(self, database, prop_name): try: val = getattr(database, prop_name) except Exception as e: LOG.error("Error get {} of database with id {}, error: {}".format( prop_name, database.id, e)) return return val def get_total_size(self, database): return self._get_or_none_if_error(database, 'total_size') def get_used_size_in_bytes(self, database): return self._get_or_none_if_error(database, 'used_size_in_bytes') def get_is_locked(self, database): return bool(database.current_locked_task)
class CustomerSerializer(serializers.HyperlinkedModelSerializer): images = serializers.HyperlinkedRelatedField(many=True, view_name='image-detail', read_only=True) owner = serializers.ReadOnlyField(source='owner.username') class Meta: model = Customer fields = ['url', 'id', 'first_name', 'last_name', 'email', 'images', 'owner']
class AdjudicatorSerializer(serializers.ModelSerializer): class LinksSerializer(serializers.Serializer): checkin = fields.TournamentHyperlinkedIdentityField( view_name='api-adjudicator-checkin') url = fields.TournamentHyperlinkedIdentityField( view_name='api-adjudicator-detail') institution = serializers.HyperlinkedRelatedField( allow_null=True, view_name='api-global-institution-detail', queryset=Institution.objects.all(), ) institution_conflicts = serializers.HyperlinkedRelatedField( many=True, view_name='api-global-institution-detail', queryset=Institution.objects.all(), ) team_conflicts = fields.TournamentHyperlinkedRelatedField( many=True, view_name='api-team-detail', queryset=Team.objects.all(), ) adjudicator_conflicts = fields.TournamentHyperlinkedRelatedField( many=True, view_name='api-adjudicator-detail', queryset=Adjudicator.objects.all(), ) _links = LinksSerializer(source='*', read_only=True) def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) # Remove private fields in the public endpoint if needed if not kwargs['context']['request'].user.is_staff: self.fields.pop('institution_conflicts') self.fields.pop('team_conflicts') self.fields.pop('adjudicator_conflicts') t = kwargs['context']['tournament'] if not t.pref('show_adjudicator_institutions'): self.fields.pop('institution') if not t.pref('public_breaking_adjs'): self.fields.pop('breaking') self.fields.pop('base_score') self.fields.pop('trainee') self.fields.pop('gender') self.fields.pop('email') self.fields.pop('phone') self.fields.pop('pronoun') self.fields.pop('anonymous') self.fields.pop('url_key') class Meta: model = Adjudicator exclude = ('tournament', ) def create(self, validated_data): url_key = validated_data.pop('url_key', None) if url_key is not None and len( url_key ) != 0: # Let an empty string be null for the uniqueness constraint validated_data['url_key'] = url_key adj = super().create(validated_data) if url_key is None: # If explicitly null (and not just an empty string) populate_url_keys([adj]) if adj.institution is not None: adj.adjudicatorinstitutionconflict_set.get_or_create( institution=adj.institution) return adj
class CreatedModifiedModelSerializer(serializers.ModelSerializer): creado_por = serializers.HyperlinkedRelatedField( read_only=True, view_name='usuario-detail') modificado_por = serializers.HyperlinkedRelatedField( read_only=True, view_name='usuario-detail')