Skip to content

Commit

Permalink
changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@gromdimon
gromdimon committed Feb 2, 2023
1 parent 3fed1d7 commit 4260437
Show file tree
Hide file tree
Showing 5 changed files with 41 additions and 147 deletions.
3 changes: 3 additions & 0 deletions timeline/rules.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,3 +44,6 @@

# Allow viewing classified site-wide event
rules.add_perm('timeline.view_classified_site_event', rules.is_superuser)

# Allow viewing status extra data
rules.add_perm('timeline.view_status_extra', rules.is_authenticated)
100 changes: 8 additions & 92 deletions timeline/tests/test_permissions_ajax.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -271,92 +271,11 @@ def test_extra_data_site_classified_anon(self):
)
self.assert_response(url, self.anonymous, 403)

def test_status_extra_data_project(self):
"""Test ProjectEventExtraDataAjaxView permissions"""
url = reverse(
'timeline:ajax_extra_status_project',
kwargs={
'projectevent': self.event.sodar_uuid,
'eventstatus': self.event_status.sodar_uuid,
},
)
good_users = [
self.superuser,
self.owner_as.user,
self.delegate_as.user,
self.contributor_as.user,
self.guest_as.user,
]
bad_users = [
self.user_no_roles,
self.anonymous,
]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 403)
self.project.set_public()
self.assert_response(url, self.anonymous, 403)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_status_extra_data_project_anon(self):
"""Test SiteEventDetailAjaxView permissions with anonymous access"""
url = reverse(
'timeline:ajax_extra_status_site',
kwargs={
'projectevent': self.site_event.sodar_uuid,
'eventstatus': self.site_event_status.sodar_uuid,
},
)
self.assert_response(url, self.anonymous, 403)

def test_status_extra_data_project_classified(self):
"""Test ProjectEventExtraDataAjaxView permissions with classified event"""
self.event.classified = True
self.event.save()
url = reverse(
'timeline:ajax_extra_status_project',
kwargs={
'projectevent': self.event.sodar_uuid,
'eventstatus': self.event_status.sodar_uuid,
},
)
good_users = [
self.superuser,
self.owner_as.user,
self.delegate_as.user,
]
bad_users = [
self.contributor_as.user,
self.guest_as.user,
self.user_no_roles,
self.anonymous,
]
self.assert_response(url, good_users, 200)
self.assert_response(url, bad_users, 403)
self.project.set_public()
self.assert_response(url, self.anonymous, 403)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_status_extra_data_project_classified_anon(self):
"""Test ProjectEventExtraDataAjaxView permissions with classified event and anonymous access"""
self.event.classified = True
self.event.save()
url = reverse(
'timeline:ajax_extra_status_project',
kwargs={
'projectevent': self.event.sodar_uuid,
'eventstatus': self.event_status.sodar_uuid,
},
)
self.assert_response(url, self.anonymous, 403)
self.project.set_public()
self.assert_response(url, self.anonymous, 403)

def test_status_extra_data_site(self):
def test_status_extra_data(self):
"""Test SiteEventExtraDataAjaxView permissions"""
url = reverse(
'timeline:ajax_extra_status_site',
'timeline:ajax_extra_status',
kwargs={
'projectevent': self.site_event.sodar_uuid,
'eventstatus': self.site_event_status.sodar_uuid,
},
)
Expand All @@ -368,25 +287,23 @@ def test_status_extra_data_site(self):
self.assert_response(url, self.anonymous, 403)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_status_extra_data_site_anon(self):
def test_status_extra_data_anon(self):
"""Test SiteEventDetailAjaxView permissions with anonymous access"""
url = reverse(
'timeline:ajax_extra_status_site',
'timeline:ajax_extra_status',
kwargs={
'projectevent': self.site_event.sodar_uuid,
'eventstatus': self.site_event_status.sodar_uuid,
},
)
self.assert_response(url, self.anonymous, 403)

def test_status_extra_data_site_classified(self):
def test_status_extra_data_classified(self):
"""Test SiteEventExtraDataAjaxView permissions with classified event"""
self.event.classified = True
self.event.save()
url = reverse(
'timeline:ajax_extra_status_site',
'timeline:ajax_extra_status',
kwargs={
'projectevent': self.site_event.sodar_uuid,
'eventstatus': self.site_event_status.sodar_uuid,
},
)
Expand All @@ -398,14 +315,13 @@ def test_status_extra_data_site_classified(self):
self.assert_response(url, self.anonymous, 403)

@override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
def test_status_extra_data_site_classified_anon(self):
def test_status_extra_data_classified_anon(self):
"""Test SiteEventExtraDataAjaxView permissions with classified event and anonymous access"""
self.event.classified = True
self.event.save()
url = reverse(
'timeline:ajax_extra_status_site',
'timeline:ajax_extra_status',
kwargs={
'projectevent': self.site_event.sodar_uuid,
'eventstatus': self.site_event_status.sodar_uuid,
},
)
Expand Down
12 changes: 4 additions & 8 deletions timeline/tests/test_views_ajax.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,9 +86,8 @@ def test_get(self):
self.event_status_ok.timestamp
),
'extra_status_link': reverse(
'timeline:ajax_extra_status_project',
'timeline:ajax_extra_status',
kwargs={
'projectevent': self.event.sodar_uuid,
'eventstatus': self.event_status_ok.sodar_uuid,
},
),
Expand Down Expand Up @@ -214,9 +213,8 @@ def test_get(self):
self.event_status_ok.timestamp
),
'extra_status_link': reverse(
'timeline:ajax_extra_status_site',
'timeline:ajax_extra_status',
kwargs={
'projectevent': self.event.sodar_uuid,
'eventstatus': self.event_status_ok.sodar_uuid,
},
),
Expand Down Expand Up @@ -303,9 +301,8 @@ def test_get(self):
with self.login(self.user):
response = self.client.get(
reverse(
'timeline:ajax_extra_status_project',
'timeline:ajax_extra_status',
kwargs={
'projectevent': self.event.sodar_uuid,
'eventstatus': self.event_status_init.sodar_uuid,
},
),
Expand All @@ -326,9 +323,8 @@ def test_get_site(self):
with self.login(self.user):
response = self.client.get(
reverse(
'timeline:ajax_extra_status_site',
'timeline:ajax_extra_status',
kwargs={
'projectevent': self.event_site.sodar_uuid,
'eventstatus': self.event_site_status_init.sodar_uuid,
},
),
Expand Down
11 changes: 3 additions & 8 deletions timeline/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,14 +60,9 @@
name='ajax_extra_site',
),
url(
regex=r'^ajax/extra/(?P<projectevent>[0-9a-f-]+)/(?P<eventstatus>[0-9-a-f-]+)$',
view=views_ajax.ProjectEventExtraAjaxView.as_view(),
name='ajax_extra_status_project',
),
url(
regex=r'^ajax/extra/site/(?P<projectevent>[0-9a-f-]+)/(?P<eventstatus>[0-9-a-f-]+)$',
view=views_ajax.SiteEventExtraAjaxView.as_view(),
name='ajax_extra_status_site',
regex=r'^ajax/extra/status/(?P<eventstatus>[0-9-a-f-]+)$',
view=views_ajax.EventStatusExtraAjaxView.as_view(),
name='ajax_extra_status',
),
]

Expand Down
62 changes: 23 additions & 39 deletions timeline/views_ajax.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,30 +13,21 @@
SODARBasePermissionAjaxView,
)

from timeline.models import ProjectEvent
from timeline.models import ProjectEvent, ProjectEventStatus
from timeline.templatetags.timeline_tags import get_status_style


class EventDetailMixin:
"""Mixin for event detail retrieval helpers"""

def form_status_extra_url(self, event, status, idx):
def form_status_extra_url(self, status):
"""Return URL for extra status data"""
if status.extra_data == {}:
return None
if event.project:
return reverse(
'timeline:ajax_extra_status_project',
kwargs={
'projectevent': event.sodar_uuid,
'eventstatus': status.sodar_uuid,
},
)
else:
return reverse(
'timeline:ajax_extra_status_site',
'timeline:ajax_extra_status',
kwargs={
'projectevent': event.sodar_uuid,
'eventstatus': status.sodar_uuid,
},
)
Expand Down Expand Up @@ -67,9 +58,7 @@ def get_event_details(self, event):
'description': s.description,
'type': s.status_type,
'class': get_status_style(s),
'extra_status_link': self.form_status_extra_url(
event, s, idx
),
'extra_status_link': self.form_status_extra_url(s),
}
)
return ret
Expand Down Expand Up @@ -206,18 +195,8 @@ def get(self, request, *args, **kwargs):
'timeline.view_classified_event', event.project
):
return HttpResponseForbidden()
if 'eventstatus' in self.kwargs:
status = (
event.get_status_changes()
.filter(sodar_uuid=self.kwargs['eventstatus'])
.first()
)
return Response(
self.get_event_extra(event, status),
status=200,
)
else:
return Response(self.get_event_extra(event), status=200)

return Response(self.get_event_extra(event), status=200)


class SiteEventDetailAjaxView(EventDetailMixin, SODARBasePermissionAjaxView):
Expand Down Expand Up @@ -249,16 +228,21 @@ def get(self, request, *args, **kwargs):
'timeline.view_classified_site_event'
):
return HttpResponseForbidden()
return Response(self.get_event_extra(event), status=200)

if 'eventstatus' in self.kwargs:
status = (
event.get_status_changes()
.filter(sodar_uuid=self.kwargs['eventstatus'])
.first()
)
return Response(
self.get_event_extra(event, status),
status=200,
)
else:
return Response(self.get_event_extra(event), status=200)

class EventStatusExtraAjaxView(
EventExtraDataMixin, SODARBasePermissionAjaxView
):
"""Ajax view for retrieving event status extra data for events"""

permission_required = 'timeline.view_status_extra'

def get(self, request, *args, **kwargs):
status = ProjectEventStatus.objects.filter(
sodar_uuid=self.kwargs['eventstatus']
).first()
return Response(
self.get_event_extra(status.event, status),
status=200,
)

0 comments on commit 4260437

Please sign in to comment.