def list_users(self, request, *args, **kwargs): self.check_permissions(request, "list_users", None) token = request.DATA.get('token', None) project_id = request.DATA.get('project', None) if not project_id: raise exc.WrongArguments(_("The project param is needed")) importer = AsanaImporter(request.user, token) try: users = importer.list_users(project_id) except exceptions.InvalidRequest: raise exc.BadRequest(_('Invalid Asana API request')) except exceptions.FailedRequest: raise exc.BadRequest(_('Failed to make the request to Asana API')) for user in users: if user['detected_user']: user['user'] = { 'id': user['detected_user'].id, 'full_name': user['detected_user'].get_full_name(), 'gravatar_id': get_user_gravatar_id(user['detected_user']), 'photo': get_user_photo_url(user['detected_user']), } del (user['detected_user']) return response.Ok(users)
def post_save(self, obj, created=False): if not created: # Let's reorder the related stuff after edit the element orders_updated = {} updated = self._reorder_if_needed(obj, self._old_backlog_order_key, self._backlog_order_key(obj), "backlog_order", obj.project) orders_updated.update(updated) updated = self._reorder_if_needed(obj, self._old_kanban_order_key, self._kanban_order_key(obj), "kanban_order", obj.project, status=obj.status) orders_updated.update(updated) updated = self._reorder_if_needed(obj, self._old_sprint_order_key, self._sprint_order_key(obj), "sprint_order", obj.project, milestone=obj.milestone) orders_updated.update(updated) self.headers["Tuesmon-Info-Order-Updated"] = json.dumps( orders_updated) # Code related to the hack of pre_save method. # Rather, this is the continuation of it. if self._role_points: Points = apps.get_model("projects", "Points") RolePoints = apps.get_model("userstories", "RolePoints") for role_id, points_id in self._role_points.items(): try: role_points = RolePoints.objects.get(role__id=role_id, user_story_id=obj.pk, role__computable=True) except (ValueError, RolePoints.DoesNotExist): raise exc.BadRequest({ "points": _("Invalid role id '{role_id}'").format( role_id=role_id) }) try: role_points.points = Points.objects.get( id=points_id, project_id=obj.project_id) except (ValueError, Points.DoesNotExist): raise exc.BadRequest({ "points": _("Invalid points id '{points_id}'").format( points_id=points_id) }) role_points.save() super().post_save(obj, created)
def list_projects(self, request, *args, **kwargs): self.check_permissions(request, "list_projects", None) token = request.DATA.get('token', None) importer = AsanaImporter(request.user, token) try: projects = importer.list_projects() except exceptions.InvalidRequest: raise exc.BadRequest(_('Invalid Asana API request')) except exceptions.FailedRequest: raise exc.BadRequest(_('Failed to make the request to Asana API')) return response.Ok(projects)
def _public_register(self, request): if not settings.PUBLIC_REGISTER_ENABLED: raise exc.BadRequest(_("Public register is disabled.")) try: data = parse_public_register_data(request.DATA) user = public_register(**data) except exc.IntegrityError as e: raise exc.BadRequest(e.detail) data = make_auth_response_data(user) return response.Created(data)
def register(self, request, **kwargs): accepted_terms = request.DATA.get("accepted_terms", None) if accepted_terms in (None, False): raise exc.BadRequest( _("You must accept our terms of service and privacy policy")) self.check_permissions(request, 'register', None) type = request.DATA.get("type", None) if type == "public": return self._public_register(request) elif type == "private": return self._private_register(request) raise exc.BadRequest(_("invalid register type"))
def _transform_value(value): try: return int(value) except: if value in self._special_values_dict: return self._special_values_dict[value] raise exc.BadRequest()
def create_default(self, request, **kwargs): context = {"request": request} validator = validators.DueDatesCreationValidator(data=request.DATA, context=context) if not validator.is_valid(): return response.BadRequest(validator.errors) project_id = request.DATA.get('project_id') project = models.Project.objects.get(id=project_id) if project.issue_duedates.all(): raise exc.BadRequest(_("Project already have issue due dates")) project_template = models.ProjectTemplate.objects.get( id=project.creation_template.id) for issue_duedate in project_template.issue_duedates: models.IssueDueDate.objects.create( name=issue_duedate["name"], by_default=issue_duedate["by_default"], color=issue_duedate["color"], days_to_due=issue_duedate["days_to_due"], order=issue_duedate["order"], project=project) project.save() serializer = self.get_serializer(project.issue_duedates.all(), many=True) return response.Ok(serializer.data)
def filter_queryset(self, request, queryset, view): query_params = {} if not hasattr(view, "filter_fields"): return queryset for field in view.filter_fields: if isinstance(field, (tuple, list)): param_name, field_name = field else: param_name, field_name = field, field if param_name in request.QUERY_PARAMS: field_data = request.QUERY_PARAMS[param_name] if field_data in self._special_values_dict: query_params[field_name] = self._special_values_dict[ field_data] else: query_params[field_name] = field_data if query_params: try: queryset = queryset.filter(**query_params) except ValueError: raise exc.BadRequest(_("Error in filter params types.")) return queryset
def auth_url(self, request, *args, **kwargs): self.check_permissions(request, "auth_url", None) jira_url = request.QUERY_PARAMS.get('url', None) if not jira_url: raise exc.WrongArguments(_("The url param is needed")) try: (oauth_token, oauth_secret, url) = JiraNormalImporter.get_auth_url( jira_url, settings.IMPORTERS.get('jira', {}).get('consumer_key', None), settings.IMPORTERS.get('jira', {}).get('cert', None), True) except exceptions.InvalidServiceConfiguration: raise exc.BadRequest(_("Invalid Jira server configuration.")) (auth_data, created) = AuthData.objects.get_or_create(user=request.user, key="jira-oauth", defaults={ "value": uuid.uuid4().hex, "extra": {}, }) auth_data.extra = { "oauth_token": oauth_token, "oauth_secret": oauth_secret, "url": jira_url, } auth_data.save() return response.Ok({"url": url})
def authorize(self, request, *args, **kwargs): self.check_permissions(request, "authorize", None) code = request.DATA.get('code', None) if code is None: raise exc.BadRequest(_("Code param needed")) try: token = GithubImporter.get_access_token( settings.IMPORTERS.get('github', {}).get('client_id', None), settings.IMPORTERS.get('github', {}).get('client_secret', None), code) return response.Ok({"token": token}) except exceptions.InvalidAuthResult: raise exc.BadRequest(_("Invalid auth data")) except exceptions.FailedRequest: raise exc.BadRequest(_("Third party service failing"))
def create(self, *args, **kwargs): key = self.request.DATA.get("key", None) if (key and self.request.user.is_authenticated() and self.request.user.storage_entries.filter(key=key).exists()): raise exc.BadRequest( _("Duplicate key value violates unique constraint. " "Key '{}' already exists.").format(key)) return super().create(*args, **kwargs)
def filter_queryset(self, request, queryset, view): project_id = None project = None qs = queryset.filter(is_active=True) if "project" in request.QUERY_PARAMS: try: project_id = int(request.QUERY_PARAMS["project"]) except: logger.error( "Filtering project diferent value than an integer: {}". format(request.QUERY_PARAMS["project"])) raise exc.BadRequest(_("'project' must be an integer value.")) if project_id: Project = apps.get_model('projects', 'Project') project = get_object_or_404(Project, pk=project_id) if request.user.is_authenticated() and request.user.is_superuser: qs = qs elif request.user.is_authenticated(): Membership = apps.get_model('projects', 'Membership') memberships_qs = Membership.objects.filter(user=request.user) if project_id: memberships_qs = memberships_qs.filter(project_id=project_id) memberships_qs = memberships_qs.filter( Q(role__permissions__contains=[self.permission]) | Q(is_admin=True)) projects_list = [ membership.project_id for membership in memberships_qs ] if project: is_member = project.id in projects_list has_project_public_view_permission = "view_project" in project.public_permissions if not is_member and not has_project_public_view_permission: qs = qs.none() q = Q(memberships__project_id__in=projects_list) | Q( id=request.user.id) # If there is no selected project we want access to users from public projects if not project: q = q | Q(memberships__project__public_permissions__contains=[ self.permission ]) qs = qs.filter(q) else: if project and "view_project" not in project.anon_permissions: qs = qs.none() qs = qs.filter(memberships__project__anon_permissions__contains=[ self.permission ]) return qs.distinct()
def bulk_update_order(self, request, **kwargs): bulk_data = request.DATA.get(self.bulk_update_param, None) if bulk_data is None: raise exc.BadRequest(_("'{param}' parameter is mandatory".format(param=self.bulk_update_param))) project_id = request.DATA.get('project', None) if project_id is None: raise exc.BadRequest(_("'project' parameter is mandatory")) project = get_object_or_404(Project, id=project_id) self.check_permissions(request, 'bulk_update_order', project) if project.blocked_code is not None: raise exc.Blocked(_("Blocked element")) self.__class__.bulk_update_order_action(project, request.user, bulk_data) return response.NoContent(data=None)
def authorize(self, request, *args, **kwargs): self.check_permissions(request, "authorize", None) code = request.DATA.get('code', None) if code is None: raise exc.BadRequest(_("Code param needed")) try: asana_token = AsanaImporter.get_access_token( code, settings.IMPORTERS.get('asana', {}).get('app_id', None), settings.IMPORTERS.get('asana', {}).get('app_secret', None), settings.IMPORTERS.get('asana', {}).get('callback_url', None)) except exceptions.InvalidRequest: raise exc.BadRequest(_('Invalid Asana API request')) except exceptions.FailedRequest: raise exc.BadRequest(_('Failed to make the request to Asana API')) return response.Ok({"token": asana_token})
def wiki_link(self, request, *args, **kwargs): project = self.get_object_or_none() self.check_permissions(request, 'import_item', project) wiki_link = services.store.store_wiki_link(project, request.DATA.copy()) errors = services.store.get_errors() if errors: raise exc.BadRequest(errors) data = serializers.WikiLinkExportSerializer(wiki_link.object).data headers = self.get_success_headers(data) return response.Created(data, headers=headers)
def create(self, request, **kwargs): self.check_permissions(request, 'create', None) auth_plugins = get_auth_plugins() login_type = request.DATA.get("type", None) invitation_token = request.DATA.get("invitation_token", None) if login_type in auth_plugins: data = auth_plugins[login_type]['login_func'](request) if invitation_token: accept_invitation_by_existing_user(invitation_token, data['id']) return response.Ok(data) raise exc.BadRequest(_("invalid login type"))
def create(self, request, *args, **kwargs): project = self._get_project(request) if not project: raise exc.BadRequest(_("The project doesn't exist")) if not self._validate_signature(project, request): raise exc.BadRequest(_("Bad signature")) if project.blocked_code is not None: raise exc.Blocked(_("Blocked element")) event_name = self._get_event_name(request) payload = self._get_payload(request) event_hook_class = self.event_hook_classes.get(event_name, None) if event_hook_class is not None: event_hook = event_hook_class(project, payload) try: event_hook.process_event() except ActionSyntaxException as e: raise exc.BadRequest(e) return response.NoContent()
def filter_queryset(self, request, queryset, view): project_id = None if "project" in request.QUERY_PARAMS: try: project_id = int(request.QUERY_PARAMS["project"]) except ValueError: logger.error( "Filtering project different value tpphan an integer: {}". format(request.QUERY_PARAMS["project"])) raise exc.BadRequest(_("'project' must be an integer value.")) if project_id: queryset = queryset.filter(status__project_id=project_id) return super().filter_queryset(request, queryset, view)
def issue(self, request, *args, **kwargs): project = self.get_object_or_none() self.check_permissions(request, 'import_item', project) signals.pre_save.disconnect(sender=Issue, dispatch_uid="set_finished_date_when_edit_issue") issue = services.store.store_issue(project, request.DATA.copy()) errors = services.store.get_errors() if errors: raise exc.BadRequest(errors) data = serializers.IssueExportSerializer(issue.object).data headers = self.get_success_headers(data) return response.Created(data, headers=headers)
def filter_queryset(self, request, queryset, view): query_watchers = self._get_watchers_queryparams(request.QUERY_PARAMS) if query_watchers: WatchedModel = apps.get_model("notifications", "Watched") watched_type = ContentType.objects.get_for_model(queryset.model) try: watched_ids = (WatchedModel.objects.filter( content_type=watched_type, user__id__in=query_watchers).values_list("object_id", flat=True)) queryset = queryset.filter(id__in=watched_ids) except ValueError: raise exc.BadRequest(_("Error in filter params types.")) return super().filter_queryset(request, queryset, view)
def filter_queryset(self, request, queryset, view): project_id = None # Filter by filter_fields if (hasattr(view, "filter_fields") and "project" in view.filter_fields and "project" in request.QUERY_PARAMS): try: project_id = int(request.QUERY_PARAMS["project"]) except: logger.error( "Filtering project diferent value than an integer: {}". format(request.QUERY_PARAMS["project"])) raise exc.BadRequest(_("'project' must be an integer value.")) filter_expression = get_filter_expression_can_view_projects( request.user, project_id) qs = queryset.filter(filter_expression) return super().filter_queryset(request, qs, view)
def filter_queryset(self, request, queryset, view): project_id = None if (hasattr(view, "filter_fields") and "project" in view.filter_fields and "project" in request.QUERY_PARAMS): try: project_id = int(request.QUERY_PARAMS["project"]) except: logger.error( "Filtering project diferent value than an integer: {}". format(request.QUERY_PARAMS["project"])) raise exc.BadRequest(_("'project' must be an integer value.")) qs = queryset if request.user.is_authenticated() and request.user.is_superuser: qs = qs elif request.user.is_authenticated(): membership_model = apps.get_model('projects', 'Membership') memberships_qs = membership_model.objects.filter(user=request.user) if project_id: memberships_qs = memberships_qs.filter(project_id=project_id) memberships_qs = memberships_qs.filter( Q(role__permissions__contains=[self.permission]) | Q(is_admin=True)) projects_list = [ membership.project_id for membership in memberships_qs ] qs = qs.filter( Q(project_id__in=projects_list) | Q(project__public_permissions__contains=[self.permission])) else: qs = qs.filter( project__anon_permissions__contains=[self.permission]) return super().filter_queryset(request, qs, view)
def pre_delete(self, obj): if obj.by_default: raise exc.BadRequest( _("You can't delete issue due date by default"))
def _get_payload(self, request): try: payload = json.loads(request.body.decode("utf-8")) except ValueError: raise exc.BadRequest(_("The payload is not a valid json")) return payload
def create(self, request, *args, **kwargs): self.check_permissions(request, 'import_project', None) data = request.DATA.copy() data['owner'] = data.get('owner', request.user.email) # Validate if the project can be imported is_private = data.get('is_private', False) total_memberships = len([m for m in data.get("memberships", []) if m.get("email", None) != data["owner"]]) total_memberships = total_memberships + 1 # 1 is the owner (enough_slots, error_message) = users_services.has_available_slot_for_new_project( self.request.user, is_private, total_memberships ) if not enough_slots: raise exc.NotEnoughSlotsForProject(is_private, total_memberships, error_message) # Create Project project_serialized = services.store.store_project(data) if not project_serialized: raise exc.BadRequest(services.store.get_errors()) # Create roles roles_serialized = None if "roles" in data: roles_serialized = services.store.store_roles(project_serialized.object, data) if not roles_serialized: raise exc.BadRequest(_("We needed at least one role")) # Create memberships if "memberships" in data: services.store.store_memberships(project_serialized.object, data) try: owner_membership = project_serialized.object.memberships.get(user=project_serialized.object.owner) owner_membership.is_admin = True owner_membership.save() except Membership.DoesNotExist: Membership.objects.create( project=project_serialized.object, email=project_serialized.object.owner.email, user=project_serialized.object.owner, role=project_serialized.object.roles.all().first(), is_admin=True ) # Create project values choicess if "points" in data: services.store.store_project_attributes_values(project_serialized.object, data, "points", validators.PointsExportValidator) if "issue_types" in data: services.store.store_project_attributes_values(project_serialized.object, data, "issue_types", validators.IssueTypeExportValidator) if "issue_statuses" in data: services.store.store_project_attributes_values(project_serialized.object, data, "issue_statuses", validators.IssueStatusExportValidator,) if "issue_duedates" in data: services.store.store_project_attributes_values(project_serialized.object, data, "issue_duedates", validators.IssueDueDateExportValidator,) if "us_statuses" in data: services.store.store_project_attributes_values(project_serialized.object, data, "us_statuses", validators.UserStoryStatusExportValidator,) if "us_duedates" in data: services.store.store_project_attributes_values(project_serialized.object, data, "us_duedates", validators.UserStoryDueDateExportValidator,) if "task_statuses" in data: services.store.store_project_attributes_values(project_serialized.object, data, "task_statuses", validators.TaskStatusExportValidator) if "task_duedates" in data: services.store.store_project_attributes_values(project_serialized.object, data, "task_duedates", validators.TaskDueDateExportValidator) if "priorities" in data: services.store.store_project_attributes_values(project_serialized.object, data, "priorities", validators.PriorityExportValidator) if "severities" in data: services.store.store_project_attributes_values(project_serialized.object, data, "severities", validators.SeverityExportValidator) if ("points" in data or "issues_types" in data or "issues_statuses" in data or "us_statuses" in data or "task_statuses" in data or "priorities" in data or "severities" in data): services.store.store_default_project_attributes_values(project_serialized.object, data) # Created custom attributes if "userstorycustomattributes" in data: services.store.store_custom_attributes(project_serialized.object, data, "userstorycustomattributes", validators.UserStoryCustomAttributeExportValidator) if "taskcustomattributes" in data: services.store.store_custom_attributes(project_serialized.object, data, "taskcustomattributes", validators.TaskCustomAttributeExportValidator) if "issuecustomattributes" in data: services.store.store_custom_attributes(project_serialized.object, data, "issuecustomattributes", validators.IssueCustomAttributeExportValidator) # Is there any error? errors = services.store.get_errors() if errors: raise exc.BadRequest(errors) # Importer process is OK response_data = serializers.ProjectExportSerializer(project_serialized.object).data response_data['id'] = project_serialized.object.id headers = self.get_success_headers(response_data) return response.Created(response_data, headers=headers)
def list(self, request, **kwargs): validator = ResolverValidator(data=request.QUERY_PARAMS) if not validator.is_valid(): raise exc.BadRequest(validator.errors) data = validator.data project_model = apps.get_model("projects", "Project") project = get_object_or_404(project_model, slug=data["project"]) self.check_permissions(request, "list", project) result = {"project": project.pk} if data["epic"] and user_has_perm(request.user, "view_epics", project): result["epic"] = get_object_or_404(project.epics.all(), ref=data["epic"]).pk if data["us"] and user_has_perm(request.user, "view_us", project): result["us"] = get_object_or_404(project.user_stories.all(), ref=data["us"]).pk if data["task"] and user_has_perm(request.user, "view_tasks", project): result["task"] = get_object_or_404(project.tasks.all(), ref=data["task"]).pk if data["issue"] and user_has_perm(request.user, "view_issues", project): result["issue"] = get_object_or_404(project.issues.all(), ref=data["issue"]).pk if data["milestone"] and user_has_perm(request.user, "view_milestones", project): result["milestone"] = get_object_or_404(project.milestones.all(), slug=data["milestone"]).pk if data["wikipage"] and user_has_perm(request.user, "view_wiki_pages", project): result["wikipage"] = get_object_or_404(project.wiki_pages.all(), slug=data["wikipage"]).pk if data["ref"]: ref_found = False # No need to continue once one ref is found try: value = int(data["ref"]) if user_has_perm(request.user, "view_epics", project): epic = project.epics.filter(ref=value).first() if epic: result["epic"] = epic.pk ref_found = True if ref_found is False and user_has_perm( request.user, "view_us", project): us = project.user_stories.filter(ref=value).first() if us: result["us"] = us.pk ref_found = True if ref_found is False and user_has_perm( request.user, "view_tasks", project): task = project.tasks.filter(ref=value).first() if task: result["task"] = task.pk ref_found = True if ref_found is False and user_has_perm( request.user, "view_issues", project): issue = project.issues.filter(ref=value).first() if issue: result["issue"] = issue.pk except: value = data["ref"] if user_has_perm(request.user, "view_wiki_pages", project): wiki_page = project.wiki_pages.filter(slug=value).first() if wiki_page: result["wikipage"] = wiki_page.pk return response.Ok(result)
def pre_delete(self, obj): if obj.user is not None and not services.can_user_leave_project( obj.user, obj.project): raise exc.BadRequest( _("The project must have an owner and at least one of the users " "must be an active admin"))