Better method for setting current user to a field. Thank @tizot

ProjetSigma · Feb 15, 2016 · 2582481 · 2582481
1 parent d299860
commit 2582481
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 6 deletions.
diff --git a/sigma_publications/serializers.py b/sigma_publications/serializers.py
@@ -9,7 +9,10 @@ class Meta:
         model = Publication
 
     poster_group = serializers.PrimaryKeyRelatedField(allow_null=True, queryset=Group.objects.all())
-    poster_user = serializers.PrimaryKeyRelatedField(queryset=User.objects.all())
+    poster_user = serializers.PrimaryKeyRelatedField(
+        read_only=True,
+        default=serializers.CurrentUserDefault()
+    )
     text = serializers.CharField()
 
 

diff --git a/sigma_publications/tests.py b/sigma_publications/tests.py
@@ -98,7 +98,9 @@ def test_create_publication_as_group_no_permission(self):
     def test_create_publication_as_someone_else(self):
         self.client.force_authenticate(user=self.users[0])
         response = self.client.post(self.publications_route, self.gen_new_publication(self.users[1], None))
-        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+        self.assertEqual(Publication.objects.filter(poster_user=self.users[0]).count(), 1)
+        self.assertEqual(Publication.objects.filter(poster_user=self.users[1]).count(), 0)
 
     def test_create_publication_as_group_ok(self):
         self.client.force_authenticate(user=self.users[1])

diff --git a/sigma_publications/views/publication.py b/sigma_publications/views/publication.py
@@ -23,16 +23,13 @@ class PublicationViewSet(mixins.CreateModelMixin,    # Everyone can create a pub
     permission_classes = [IsAuthenticated, ]
 
     def create(self, request):
-        serializer = PublicationSerializer(data=request.data)
-
+        serializer = self.get_serializer(data=request.data)
         allowed_groups = Group.objects.filter(memberships__user=request.user,
             memberships__perm_rank__gte=F('req_rank_create_group_publication'))
         serializer.fields['poster_group'] = serializers.PrimaryKeyRelatedField(allow_null=True, queryset=allowed_groups)
 
         if not serializer.is_valid():
             return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
-        if serializer.validated_data.get('poster_user').id != request.user.id:
-            return Response("`poster_user` should be yourself", status=status.HTTP_400_BAD_REQUEST)
 
         serializer.save()
         return Response(serializer.data, status=status.HTTP_201_CREATED)