Sign upLogin

svthalia/concrexit

View on GitHub
Star
website/photos/api/v1/viewsets.py

Summary

Maintainability
B
5 hrs
Test Coverage
from rest_framework import filters, permissions
from rest_framework.exceptions import PermissionDenied
from rest_framework.mixins import CreateModelMixin, UpdateModelMixin
from rest_framework.viewsets import GenericViewSet, ModelViewSet

from photos import services
from photos.api.v1 import serializers
from photos.models import Album, Photo


class AlbumsViewSet(ModelViewSet):
    """ViewSet class for an Album object."""

    permission_classes = (permissions.IsAuthenticated,)
    queryset = Album.objects.all()
    filter_backends = (filters.SearchFilter,)
    search_fields = ("title", "date", "slug")

    def get_queryset(self):
        """Return albums that are annotated to be accessible by the request user."""
        return services.get_annotated_accessible_albums(
            self.request, Album.objects.all()
        )

    def create(self, request, *args, **kwargs):
        """Create album if the request user is allowed to."""
        if self.request.user.has_perm("photos.create_album"):
            return super().create(request, *args, **kwargs)
        raise PermissionDenied

    def update(self, request, *args, **kwargs):
        """Create album if the request user is allowed to."""
        if self.request.user.has_perm("photos.change_album"):
            return super().update(request, *args, **kwargs)
        raise PermissionDenied

    def get_serializer_class(self):
        """Return AlbumListSerializer if the current action is list else return AlbumSerializer."""
        if self.action == "list":
            return serializers.AlbumListSerializer
        return serializers.AlbumSerializer


class PhotosViewSet(GenericViewSet, CreateModelMixin, UpdateModelMixin):
    """ViewSet class for a Photo object."""

    queryset = Photo.objects.all()
    permission_classes = (permissions.IsAuthenticated,)
    serializer_class = serializers.PhotoCreateSerializer

    def create(self, request, *args, **kwargs):
        """Create photo if the request user is allowed to."""
        if self.request.user.has_perm("photos.create_photo"):
            return super().create(request, *args, **kwargs)
        raise PermissionDenied

    def update(self, request, *args, **kwargs):
        """Update photo if the request user is allowed to."""
        if self.request.user.has_perm("photos.change_photo"):
            return super().update(request, *args, **kwargs)
        raise PermissionDenied