def build_query_from_field(self, field_name, operation): if field_name == 'author_name': if operation['op'] != 'eq': raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq']) return Q(author_name__icontains=operation['value']) if field_name == 'meeting_category': if operation['op'] != 'eq': raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq']) return Q(meeting_category__icontains=operation['value']) return super(MeetingSubmissionList, self).build_query_from_field(field_name, operation)
def _validate_operator(self, field, field_name, op): """ Check that the operator and field combination is valid :raises InvalidFilterComparisonType: If the query contains comparisons against non-date or non-numeric fields :raises InvalidFilterMatchType: If the query contains comparisons against non-string or non-list fields :raises InvalidFilterOperator: If the filter operator is not a member of self.COMPARISON_OPERATORS """ if op not in set(self.MATCH_OPERATORS + self.COMPARISON_OPERATORS + self.DEFAULT_OPERATORS): valid_operators = self._get_valid_operators(field) raise InvalidFilterOperator(value=op, valid_operators=valid_operators) if op in self.COMPARISON_OPERATORS: if not isinstance(field, self.COMPARABLE_FIELDS): raise InvalidFilterComparisonType( parameter='filter', detail= "Field '{0}' does not support comparison operators in a filter." .format(field_name)) if op in self.MATCH_OPERATORS: if not isinstance(field, self.MATCHABLE_FIELDS): raise InvalidFilterMatchType( parameter='filter', detail= "Field '{0}' does not support match operators in a filter." .format(field_name))
def build_query_from_field(self, field_name, operation): if field_name == 'permission': if operation['op'] != 'eq': raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq']) # operation['value'] should be 'admin', 'write', or 'read' query_val = operation['value'].lower().strip() if query_val not in API_CONTRIBUTOR_PERMISSIONS: raise InvalidFilterValue(value=operation['value']) # This endpoint should only be returning *contributors* not group members resource = self.get_resource() if query_val == READ: # If read, return all contributors return Q(user_id__in=resource.contributors.values_list( 'id', flat=True)) elif query_val == WRITE: # If write, return members of write and admin groups, both groups have write perms return Q(user_id__in=(resource.get_group( WRITE).user_set.values_list('id', flat=True) | resource.get_group(ADMIN).user_set. values_list('id', flat=True))) elif query_val == ADMIN: # If admin, return only members of admin group return Q(user_id__in=resource.get_group( ADMIN).user_set.values_list('id', flat=True)) return super(BaseContributorList, self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation): if field_name == 'permission': if operation['op'] != 'eq': raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq']) # operation['value'] should be 'admin', 'write', or 'read' if operation['value'].lower().strip() not in PERMISSIONS: raise InvalidFilterValue(value=operation['value']) return Q(**{operation['value'].lower().strip(): True}) return super(BaseContributorList, self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation): if field_name == 'permission': if operation['op'] != 'eq': raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq']) # operation['value'] should be 'admin', 'write', or 'read' query_val = operation['value'].lower().strip() if query_val not in PERMISSIONS: raise InvalidFilterValue(value=operation['value']) return Q(user__in=self.get_resource().get_group( query_val).user_set.all()) return super(PreprintContributorsList, self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation): if field_name == 'parent': if operation['op'] == 'eq': if operation['value']: # filter[parent]=<nid> parent = utils.get_object_or_error(AbstractNode, operation['value'], self.request, display_name='parent') node_ids = NodeRelation.objects.filter( parent=parent, is_node_link=False).values_list('child_id', flat=True) return Q(id__in=node_ids) elif operation['op'] == 'ne': if not operation['value']: # filter[parent][ne]=null child_ids = (NodeRelation.objects.filter( is_node_link=False, child___contributors=self.get_user(), ).exclude(parent__type='osf.collection').exclude( child__is_deleted=True).values_list('child_id', flat=True)) return Q(id__in=set(child_ids)) # TODO: support this case in the future: # else filter[parent][ne]=<nid> raise InvalidFilterValue( detail= 'Only "null" is accepted as valid input to "filter[parent][ne]"' ) else: # filter[parent][gte]='' raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq', 'ne']) if field_name == 'root': if None in operation['value']: raise InvalidFilterValue(value=operation['value']) with_as_root_query = Q(root__guids___id__in=operation['value']) return ~with_as_root_query if operation[ 'op'] == 'ne' else with_as_root_query if field_name == 'preprint': not_preprint_query = (Q(preprint_file=None) | Q(_is_preprint_orphan=True) | Q(_has_abandoned_preprint=True)) return ~not_preprint_query if utils.is_truthy( operation['value']) else not_preprint_query return super(NodesFilterMixin, self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation): if field_name == 'role': if operation['op'] != 'eq': raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq']) # operation['value'] should be 'member' or 'manager' role = operation['value'].lower().strip() if role not in GROUP_ROLES: raise InvalidFilterValue(value=operation['value']) group = self.get_osf_group(check_object_permissions=False) return Q(id__in=group.managers if role == MANAGER else group.members_only) return super(GroupMembersList, self).build_query_from_field(field_name, operation)
def build_query_from_field(self, field_name, operation): if field_name == 'permissions': if operation['op'] != 'eq': raise InvalidFilterOperator(value=operation['op'], valid_operators=['eq']) auth = get_user_auth(self.request) auth_user = getattr(auth, 'user', None) if not auth_user: raise NotAuthenticated() value = operation['value'].lstrip('[').rstrip(']') permissions = [v.strip() for v in value.split(',')] if any(p not in PERMISSIONS for p in permissions): valid_permissions = ', '.join(PERMISSIONS.keys()) raise InvalidFilterValue('Invalid permission! Valid values are: {}'.format(valid_permissions)) return Q(id__in=get_objects_for_user(auth_user, permissions, PreprintProvider, any_perm=True)) return super(PreprintProviderList, self).build_query_from_field(field_name, operation)