Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#4 Create new arguments #217

Merged
merged 18 commits into from
Jun 26, 2024
Merged

#4 Create new arguments #217

Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
7e63978
Added post-new-argument form; Added API base for posting new argument…
Monstarrrr Jun 23, 2024
bc62199
submitButtonLabel fix
Monstarrrr Jun 23, 2024
f65b608
Formatting data
Monstarrrr Jun 23, 2024
b05ff8c
Add arguments & fetch them
Monstarrrr Jun 25, 2024
1da642f
Fix types
Monstarrrr Jun 25, 2024
3046c21
Edited post tests
Monstarrrr Jun 25, 2024
916c103
remove deprecated comments and use camelCase
seporterfield Jun 25, 2024
31ec470
add conventions to CONTRIBUTING.md
seporterfield Jun 25, 2024
2579448
validate against post types from models.py
seporterfield Jun 25, 2024
9f6c1fc
remove redundant verifier
seporterfield Jun 25, 2024
30ca551
added auth for PostViewSet
seporterfield Jun 25, 2024
a7dec91
remove print debugs
seporterfield Jun 25, 2024
4fd2527
add arguments viewset and posts permissions
seporterfield Jun 26, 2024
723c18c
disable basic and session auth
seporterfield Jun 26, 2024
7ef24be
fix: broken/jumbled tests
seporterfield Jun 26, 2024
9e1ecac
fix: missing comma
seporterfield Jun 26, 2024
288b392
fix: IsOwnerOrReadOnly checks for userOwnerId
seporterfield Jun 26, 2024
e058bcb
fix: permission logic
seporterfield Jun 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
added auth for PostViewSet
  • Loading branch information
@seporterfield
seporterfield committed Jun 25, 2024
commit 30ca551cd0a52fc14d57c7ebc1bf7267da620892
44 changes: 43 additions & 1 deletion backend/core/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,18 +10,50 @@
from django.utils.http import urlsafe_base64_encode
from djoser.views import UserViewSet
from rest_framework import viewsets
from rest_framework.permissions import (
SAFE_METHODS,
BasePermission,
IsAdminUser,
IsAuthenticated,
)
from rest_framework.response import Response

from .forms import UserRegisterForm
from .models import Posts, Tags, UserProfile
from .serializers import PostSerializer, TagSerializer, UserProfileSerializer
from .serializers import (
# ArgumentSerializer,
PostSerializer,
TagSerializer,
UserProfileSerializer,
)
from .token import account_activation_token


class IsOwnerOrReadOnly(BasePermission):
"""
Object-level permission to only allow owners of an object to edit it.
Assumes the model instance has an `owner` attribute.
"""

def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request,
# so we'll always allow GET, HEAD or OPTIONS requests.
if request.method in SAFE_METHODS:
return True

# Instance must have an attribute named `owner`.
return obj.owner == request.user


def success(request):
return HttpResponse("", status=200)


"""class ArgumentViewSet(viewsets.ModelViewSet):
queryset = Posts.objects.get(type="argument")
serializer_class = ArgumentSerializer"""


class TagViewSet(viewsets.ModelViewSet):
queryset = Tags.objects.all()
serializer_class = TagSerializer
Expand All @@ -31,6 +63,16 @@ class PostViewSet(viewsets.ModelViewSet):
queryset = Posts.objects.all()
serializer_class = PostSerializer

def get_permissions(self):
if self.action == "create":
print("creating!")
return [IsAuthenticated()]
if self.action == "update" or self.action == "delete":
print("abc")
return [IsOwnerOrReadOnly(), IsAdminUser()]
print("what??")
return []


class UserProfileViewSet(viewsets.ModelViewSet):
queryset = UserProfile.objects.all()
Expand Down
Loading