Skip to content
Snippets Groups Projects

Remove corpora filtering for admins

Merged Remove corpora filtering for admins
acl-admin into master
Merged Erwan Rouchet requested to merge acl-admin into master
Compare
and
5 files
+ 50
26
Compare changes
  • Side-by-side
  • Inline
Files
5
arkindex/dataimport/api.py
+ 19
22
from django.db.models import Sum
from django.http.response import Http404
from django.shortcuts import get_object_or_404
from django.core.exceptions import PermissionDenied
from django.conf import settings
@@ -41,13 +42,13 @@ class DataImportsList(CorpusACLMixin, ListCreateAPIView):
if serializer.validated_data['mode'] not in (DataImportMode.Images, ):
raise ValidationError('Unsupported mode for now, sorry.')
if Right.Write not in serializer.validated_data['corpus'].get_acl_rights(self.request.user):
if not self.has_write_access(serializer.validated_data['corpus']):
raise PermissionDenied
return super().perform_create(serializer)
class DataImportDetails(RetrieveUpdateDestroyAPIView):
class DataImportDetails(CorpusACLMixin, RetrieveUpdateDestroyAPIView):
"""
Retrieve and edit a data import
"""
@@ -60,7 +61,7 @@ class DataImportDetails(RetrieveUpdateDestroyAPIView):
def perform_update(self, serializer):
dataimport = serializer.instance
if Right.Write not in dataimport.corpus.get_acl_rights(self.request.user):
if not self.has_write_access(dataimport.corpus):
raise PermissionDenied
if dataimport.state not in (DataImportState.Created, DataImportState.Configured):
@@ -84,7 +85,7 @@ class DataImportDetails(RetrieveUpdateDestroyAPIView):
dataimport.save()
def perform_destroy(self, instance):
if Right.Write not in instance.corpus.get_acl_rights(self.request.user):
if not self.has_write_access(instance.corpus):
raise PermissionDenied
if instance.state == DataImportState.Running:
raise ValidationError("Cannot delete a workflow while it is running")
@@ -106,7 +107,7 @@ class DataImportFailures(ListAPIView):
).prefetch_related('dataimport__revision__repo', 'element').order_by('path', 'line')
class DataImportDemo(CreateAPIView):
class DataImportDemo(CorpusACLMixin, CreateAPIView):
"""
Create, configure and start an Images workflow from a single DataFile
"""
@@ -117,7 +118,7 @@ class DataImportDemo(CreateAPIView):
def create(self, request, pk=None, **kwargs):
# Get Datafile
corpora = Corpus.objects.readable(self.request.user).filter(corpus_right__can_write=True)
corpora = Corpus.objects.writable(self.request.user)
datafile = get_object_or_404(DataFile, corpus__in=corpora, id=pk)
# Get volume, defaults to demo one
@@ -133,7 +134,7 @@ class DataImportDemo(CreateAPIView):
volume = get_object_or_404(Element, **filters)
assert Right.Write in volume.corpus.get_acl_rights(self.request.user), \
assert self.has_write_access(volume.corpus), \
'Corpus is not writable'
# Start the import
@@ -164,7 +165,7 @@ class DataFileList(CorpusACLMixin, ListAPIView):
return DataFile.objects.filter(corpus=self.get_corpus(self.kwargs['pk']))
class DataFileRetrieve(RetrieveUpdateDestroyAPIView):
class DataFileRetrieve(CorpusACLMixin, RetrieveUpdateDestroyAPIView):
"""
Get one file
"""
@@ -175,17 +176,17 @@ class DataFileRetrieve(RetrieveUpdateDestroyAPIView):
return DataFile.objects.filter(corpus__in=Corpus.objects.readable(self.request.user))
def perform_update(self, serializer):
if Right.Write not in serializer.instance.corpus.get_acl_rights(self.request.user):
if not self.has_write_access(serializer.instance.corpus):
raise PermissionDenied
return super().perform_update(serializer)
def perform_destroy(self, instance):
if Right.Write not in instance.corpus.get_acl_rights(self.request.user):
if not self.has_write_access(instance.corpus):
raise PermissionDenied
return super().perform_destroy(instance)
class DataFileUpload(APIView):
class DataFileUpload(CorpusACLMixin, APIView):
"""
Upload a new file to a corpus
"""
@@ -195,14 +196,10 @@ class DataFileUpload(APIView):
def post(self, request, pk=None, format=None):
if 'file' not in request.FILES:
raise ValidationError({'file': ['No file was sent in the request']})
corpus_qs = Corpus.objects.filter(id=pk)
if not corpus_qs.exists():
try:
corpus = self.get_corpus(pk, right=Right.Write)
except Http404:
raise ValidationError({'corpus': ['Corpus not found']})
corpus = corpus_qs.get()
# Check corpus is writable for current user
if Right.Write not in corpus.get_acl_rights(self.request.user):
raise PermissionDenied
file_obj = request.FILES['file']
@@ -287,7 +284,7 @@ class AvailableRepositoriesList(ListCreateAPIView):
return Response(data={'import_id': str(dataimport.id)}, status=status.HTTP_201_CREATED)
class RepositoryRetrieve(RetrieveUpdateDestroyAPIView):
class RepositoryRetrieve(CorpusACLMixin, RetrieveUpdateDestroyAPIView):
permission_classes = (IsAuthenticated, )
serializer_class = RepositorySerializer
@@ -298,12 +295,12 @@ class RepositoryRetrieve(RetrieveUpdateDestroyAPIView):
)
def perform_update(self, serializer):
if Right.Write not in serializer.instance.corpus.get_acl_rights(self.request.user):
if not self.has_write_access(serializer.instance.corpus):
raise PermissionDenied
return super().perform_update(self, serializer)
def perform_destroy(self, instance):
if Right.Write not in instance.corpus.get_acl_rights(self.request.user):
if not self.has_write_access(instance.corpus):
raise PermissionDenied
return super().perform_destroy(self, instance)
@@ -314,7 +311,7 @@ class RepositoryStartImport(RetrieveAPIView):
def get_queryset(self):
return Repository.objects.filter(
credentials__user=self.request.user,
corpus__in=Corpus.objects.readable(self.request.user).filter(corpus_right__can_write=True),
corpus__in=Corpus.objects.writable(self.request.user),
)
def get(self, request, *args, **kwargs):