def get_object_or_error(model_cls, query_or_pk, request, display_name=None):
obj = query = None
select_for_update = check_select_for_update(request)
if isinstance(query_or_pk, basestring):
# they passed a 5-char guid as a string
if issubclass(model_cls, GuidMixin):
# if it's a subclass of GuidMixin we know it's primary_identifier_name
query = {'guids___id': query_or_pk}
else:
if hasattr(model_cls, 'primary_identifier_name'):
# primary_identifier_name gives us the natural key for the model
query = {model_cls.primary_identifier_name: query_or_pk}
else:
# fall back to modmcompatiblity's load method since we don't know their PIN
obj = model_cls.load(query_or_pk,
select_for_update=select_for_update)
else:
# they passed a query
try:
obj = model_cls.objects.filter(query_or_pk).select_for_update(
).get() if select_for_update else model_cls.objects.get(
query_or_pk)
except model_cls.DoesNotExist:
raise NotFound
if not obj:
if not query:
# if we don't have a query or an object throw 404
raise NotFound
try:
# TODO This could be added onto with eager on the queryset and the embedded fields of the api
if isinstance(query, dict):
obj = model_cls.objects.get(
**query
) if not select_for_update else model_cls.objects.filter(
**query).select_for_update().get()
else:
obj = model_cls.objects.get(
query
) if not select_for_update else model_cls.objects.filter(
query).select_for_update().get()
except ObjectDoesNotExist:
raise NotFound
# For objects that have been disabled (is_active is False), return a 410.
# The User model is an exception because we still want to allow
# users who are unconfirmed or unregistered, but not users who have been
# disabled.
if model_cls is OSFUser and obj.is_disabled:
raise UserGone(user=obj)
elif model_cls is not OSFUser and not getattr(
obj, 'is_active', True) or getattr(
obj, 'is_deleted', False) or getattr(obj, 'deleted', False):
if display_name is None:
raise Gone
else:
raise Gone(
detail='The requested {name} is no longer available.'.format(
name=display_name))
return obj
def get_user(self, check_permissions=True):
key = self.kwargs[self.user_lookup_url_kwarg]
# If Contributor is in self.request.parents,
# then this view is getting called due to an embedded request (contributor embedding user)
# We prefer to access the user from the contributor object and take advantage
# of the query cache
if hasattr(self.request, 'parents') and len(self.request.parents.get(Contributor, {})) == 1:
# We expect one parent contributor view, so index into the first item
contrib_id, contrib = self.request.parents[Contributor].items()[0]
user = contrib.user
if user.is_disabled:
raise UserGone(user=user)
# Make sure that the contributor ID is correct
if user._id == key:
if check_permissions:
self.check_object_permissions(self.request, user)
return user
if self.kwargs.get('is_embedded') is True:
if key in self.request.parents[OSFUser]:
return self.request.parents[key]
current_user = self.request.user
if key == 'me':
if isinstance(current_user, AnonymousUser):
raise NotAuthenticated
else:
return self.request.user
obj = get_object_or_error(OSFUser, key, self.request, 'user')
if check_permissions:
# May raise a permission denied
self.check_object_permissions(self.request, obj)
return obj
def get_user(self, check_permissions=True):
key = self.kwargs[self.user_lookup_url_kwarg]
# If Contributor is in self.request.parents,
# then this view is getting called due to an embedded request (contributor embedding user)
# We prefer to access the user from the contributor object and take advantage
# of the query cache
if hasattr(self.request, 'parents') and len(
self.request.parents.get(Contributor, {})) == 1:
# We expect one parent contributor view, so index into the first item
contrib_id, contrib = list(
self.request.parents[Contributor].items())[0]
user = contrib.user
if user.is_disabled:
raise UserGone(user=user)
# Make sure that the contributor ID is correct
if user._id == key:
if check_permissions:
self.check_object_permissions(self.request, user)
return get_object_or_error(
OSFUser.objects.filter(id=user.id).
annotate(default_region=F(
'addons_osfstorage_user_settings__default_region___id')
).exclude(default_region=None),
request=self.request,
display_name='user',
)
if self.kwargs.get('is_embedded') is True:
if key in self.request.parents[OSFUser]:
return self.request.parents[OSFUser].get(key)
current_user = self.request.user
if isinstance(current_user, AnonymousUser):
if key == 'me':
raise NotAuthenticated
elif key == 'me' or key == current_user._id:
return get_object_or_error(
OSFUser.objects.filter(id=current_user.id).annotate(
default_region=F(
'addons_osfstorage_user_settings__default_region___id')
).exclude(default_region=None),
request=self.request,
display_name='user',
)
obj = get_object_or_error(OSFUser, key, self.request, 'user')
if check_permissions:
# May raise a permission denied
self.check_object_permissions(self.request, obj)
return obj
