def create_response(self, request, data, response_class=HttpResponse, **response_kwargs):
"""
Extracts the common "which-format/serialize/return-response" cycle.
Mostly a useful shortcut/hook.
"""
desired_format = self.determine_format(request)
if response_class == http.HttpCreated:
email = data.data["email"]
if email.endswith("ox.ac.uk"):
#send via webauth
raise BadRequest("We do not yet support inviting users at Oxford to projects. This feature will come soon.")
else:
UserObj = get_user_model()
new_user, created = UserObj.objects.get_or_create(email=email, username=email)
logger.info(data.data)
for perm in data.data["projects_selected"]:
p = Project.objects.get(id=perm["id"])
p.make_viewer(new_user)
p.save()
data.data["message"] = "Invite sent successfully to %s, would you like to invite anyone else?" % email
email_template_name = 'cbh_core_ws/email_new_user.html'
subject_template_name = 'cbh_core_ws/subject_new_user.html'
if not created:
projects_with_reader_access = viewer_projects(new_user)
all_projects_equal = True
all_selected_ids = set([new_proj["id"] for new_proj in data.data["projects_selected"]])
new_ids = all_selected_ids - set(projects_with_reader_access)
if(len(new_ids) > 0):
email_template_name = 'cbh_core_ws/email_project_access_changed.html'
subject_template_name = 'cbh_core_ws/subject_project_access_changed.html'
all_projects_equal = False
data.data["message"] = "Existing user %s invited to new projects, would you like to invite anyone else?" % email
else:
if not data.data.get("remind", False):
raise ImmediateHttpResponse(http.HttpConflict('{"error": "User already exists, do you wish to invite again?"}'))
if new_user.has_usable_password():
email_template_name = 'cbh_core_ws/email_reminder.html'
subject_template_name = 'cbh_core_ws/subject_reminder.html'
data.data["message"] = "Sign-up reminder sent to %s, would you like to invite anyone else?" % email
else:
email_template_name = 'cbh_core_ws/email_reminder_already_logged_on.html'
subject_template_name = 'cbh_core_ws/subject_reminder.html'
data.data["message"] = "User %s reminded to look at these projects, would you like to invite anyone else?" % email
form = self.get_form( email, new_user, data, created, request, email_template_name, subject_template_name)
serialized = self.serialize(request, data, desired_format)
rc = response_class(content=serialized, content_type=build_content_type(
desired_format), **response_kwargs)
return rc
def read_detail(self, object_list, bundle):
self.login_checks(bundle.request, bundle.obj.__class__)
pids = viewer_projects(bundle.request.user)
allowed = False
if bundle.obj.data_point_classification.l0_permitted_projects.count() == 0:
raise BadRequest("You must specify at least one project")
for projbundle in bundle.obj.data_point_classification.l0_permitted_projects.all():
# If any one project is not allowed to be edited then unauthorized
if projbundle.id in pids:
allowed = True
else:
allowed = False
break
if allowed:
return True
raise Unauthorized("not authorized for project")
def project_ids(self, request, ):
pids = viewer_projects(request.user)
return pids
