awx/lib/main/base_views.py

from django.http import HttpResponse
from django.views.decorators.csrf import csrf_exempt
from lib.main.models import *
from django.contrib.auth.models import User
from lib.main.serializers import *
from lib.main.rbac import *
from django.core.exceptions import PermissionDenied
from rest_framework import mixins
from rest_framework import generics
from rest_framework import permissions
from rest_framework.response import Response
from rest_framework import status
import exceptions
import datetime

# FIXME: machinery for auto-adding audit trail logs to all CREATE/EDITS

class BaseList(generics.ListCreateAPIView):
  
    def list_permissions_check(self, request, obj=None):
        ''' determines some early yes/no access decisions, pre-filtering '''
        if request.method == 'GET':
             return True
        if request.method == 'POST':
             return False
        raise exceptions.NotImplementedError
   
    def get_queryset(self):
        return self._get_queryset().filter(active=True)

class BaseDetail(generics.RetrieveUpdateDestroyAPIView):

    def pre_save(self, obj):
       obj.created_by = owner = self.request.user

    def destroy(self, request, *args, **kwargs):
        # somewhat lame that delete has to call it's own permissions check
        obj = self.model.objects.get(pk=kwargs['pk'])
        if not request.user.is_superuser and not self.delete_permissions_check(request, obj):
            raise PermissionDenied()
        obj.name   = "_deleted_%s_%s" % (str(datetime.time()), obj.name)
        obj.active = False
        obj.save()
        return HttpResponse(status=204)

    def delete_permissions_check(self, request, obj):
        raise exceptions.NotImplementedError()

    def item_permissions_check(self, request, obj):

        if request.method == 'GET':
            return self.__class__.model.can_user_read(request.user, obj)
        elif request.method in [ 'PUT' ]:
            return self.__class__.model.can_user_administrate(request.user, obj)
        return False
Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00			`from django.http import HttpResponse`
			`from django.views.decorators.csrf import csrf_exempt`
			`from lib.main.models import *`
			`from django.contrib.auth.models import User`
			`from lib.main.serializers import *`
			`from lib.main.rbac import *`
			`from django.core.exceptions import PermissionDenied`
			`from rest_framework import mixins`
			`from rest_framework import generics`
			`from rest_framework import permissions`
			`from rest_framework.response import Response`
			`from rest_framework import status`
			`import exceptions`
			`import datetime`

			`# FIXME: machinery for auto-adding audit trail logs to all CREATE/EDITS`

			`class BaseList(generics.ListCreateAPIView):`

			`def list_permissions_check(self, request, obj=None):`
			`''' determines some early yes/no access decisions, pre-filtering '''`
			`if request.method == 'GET':`
			`return True`
			`if request.method == 'POST':`
			`return False`
			`raise exceptions.NotImplementedError`

			`def get_queryset(self):`
			`return self._get_queryset().filter(active=True)`

			`class BaseDetail(generics.RetrieveUpdateDestroyAPIView):`

			`def pre_save(self, obj):`
			`obj.created_by = owner = self.request.user`

			`def destroy(self, request, args, *kwargs):`
			`# somewhat lame that delete has to call it's own permissions check`
			`obj = self.model.objects.get(pk=kwargs['pk'])`
			`if not request.user.is_superuser and not self.delete_permissions_check(request, obj):`
			`raise PermissionDenied()`
			`obj.name = "_deleted_%s_%s" % (str(datetime.time()), obj.name)`
			`obj.active = False`
			`obj.save()`
			`return HttpResponse(status=204)`

Starting to defer some business logic to the model classes and out of the views. 2013-03-22 23:36:59 +04:00			`def delete_permissions_check(self, request, obj):`
			`raise exceptions.NotImplementedError()`

Moving more logic into the models, more view cleanup 2013-03-22 23:44:32 +04:00			`def item_permissions_check(self, request, obj):`

			`if request.method == 'GET':`
			`return self.__class__.model.can_user_read(request.user, obj)`
			`elif request.method in [ 'PUT' ]:`
			`return self.__class__.model.can_user_administrate(request.user, obj)`
			`return False`

Starting to defer some business logic to the model classes and out of the views. 2013-03-22 23:36:59 +04:00