Merge pull request #24 from getty708/feature-core

Feature core + Update Authentication Frame Work + Add importer from CSV
getty708 · Nov 22, 2018 · d39fc51 · d39fc51
2 parents 2f3eaaf + c2564fb
commit d39fc51
Show file tree

Hide file tree

Showing 27 changed files with 1,453 additions and 82 deletions.
diff --git a/django/app/api/admin.py b/django/app/api/admin.py
diff --git a/django/app/api/models.py b/django/app/api/models.py
@@ -1,9 +1,10 @@
-from django.conf import settings
-from django.db.models.signals import post_save
-from django.dispatch import receiver
-from rest_framework.authtoken.models import Token
+# from django.conf import settings
+# from django.db.models.signals import post_save
+# from django.dispatch import receiver
+# from rest_framework.authtoken.models import Token
 
-@receiver(post_save, sender=settings.AUTH_USER_MODEL)
-def create_auth_token(sender, instance=None, created=False, **kwargs):
-    if created:
-        Token.objects.create(user=instance)
+
+# @receiver(post_save, sender=settings.AUTH_USER_MODEL)
+# def create_auth_token(sender, instance=None, created=False, **kwargs):
+#     if created:
+#         Token.objects.create(user=instance)
diff --git a/django/app/api/serializers.py b/django/app/api/serializers.py
@@ -1,4 +1,7 @@
-from django.contrib.auth.models import User, Group
+# from django.contrib.auth.models import User, Group
+import django
+from django.http import  HttpResponseServerError
+from users.models import User
 from rest_framework import serializers
 from django.shortcuts import get_object_or_404
 
@@ -23,7 +26,7 @@ class Meta:
 class AuthorSerializer(serializers.ModelSerializer):
     class Meta:
         model = Author        
-        fields = ('id','name_en', 'name_ja', 'dep_en', 'dep_ja','modified')
+        fields = ('id','name_en', 'name_ja', 'dep_en', 'dep_ja', 'mail', 'modified')
 
 
 class BookSerializer(serializers.ModelSerializer):
@@ -33,53 +36,53 @@ class Meta:
 
 
 class BibtexSerializer(serializers.ModelSerializer):
-    book = BookSerializer(read_only=False)
-
+    book = BookSerializer(read_only=True)
+    book_id = serializers.IntegerField(max_value=None, min_value=None)
+
     class Meta:
         model = Bibtex
         fields = (
             'id','language',
             'pub_date','title_en', 'title_ja',
             "volume","number","page", "pub_date",
-            'book','modified'
+            'book','modified',"book_id",
+            'url','note',
             )
 
     def create(self, validated_data):
-        book = validated_data.pop('book')
-        book = Book.objects.filter(title=book["title"])
-        if len(book) > 0:
-            bibtex = Bibtex.objects.create(book=book[0], **validated_data)        
-        else:
-            bibtex =  Bibtex.objects.create(**validated_data)
+        book_id = validated_data.pop('book_id')
+        book = get_object_or_404(Book, pk=book_id)
+
+        try:
+            bibtex = Bibtex.objects.create(book_id=book.id, **validated_data)
+        except django.db.utils.IntegrityError:
+            raise serializers.ValidationError("DB IntegrityError")
         return bibtex
 
 
 class AuthorOrderSerializer(serializers.ModelSerializer):
-    bibtex = BibtexSerializer()
-    author = AuthorSerializer()
+    bibtex = BibtexSerializer(read_only=True)
+    author = AuthorSerializer(read_only=True)
+    bibtex_id = serializers.IntegerField(max_value=None, min_value=None)
+    author_id = serializers.IntegerField(max_value=None, min_value=None)
 
     class Meta:
         model = AuthorOrder
-        fields = ('id','bibtex','author','order','modified')
+        fields = ('id','bibtex','author','order','modified','bibtex_id','author_id',)
 
+
     def create(self, validated_data):
         # Bib
-        bib = validated_data.pop('bibtex')
-        if bib["language"] == "EN":
-            bib = Bibtex.objects.filter(title_en=bib["title_en"])
-        else:
-            bib = Bibtex.objects.filter(title_ja=bib["title_ja"])
-
+        bib_id = validated_data.pop('bibtex_id')
+        bib = get_object_or_404(Bibtex, pk=bib_id)
         # Author
-        author = validated_data.pop('author')
-        author = Author.objects.filter(name_en=author["name_en"])
-        if len(author) == 0:
-            author = Auhtor.objects.filter(name_ja=author["name_ja"])                    
-        if len(bib) > 0 and len(author) > 0:
-            author_order = AuthorOrder.objects.create(
-                bibtex=bib[0],author=author[0],**validated_data)        
-        else:
-            author_order =  AuthorOrder.objects.create(**validated_data)
+        author_id = validated_data.pop('author_id')
+        author    = get_object_or_404(Author, pk=author_id)
+        # Create New
+        try:
+            author_order = AuthorOrder.objects.create(bibtex=bib,author=author,**validated_data)
+        except django.db.utils.IntegrityError:
+            raise serializers.ValidationError("DB IntegrityError")
         return author_order
 
 

diff --git a/django/app/api/urls.py b/django/app/api/urls.py
@@ -30,5 +30,5 @@
     # REST API
     path('rest/', include((router.urls,'api')),name="rest"),
     # path('rest/api-auth/', include('rest_framework.urls', namespace='rest_framework')),
-    path('rest/api-token-auth/', views_rest_auth.obtain_auth_token, name="get_token"),    
+    path('rest/api-token-auth/', views_rest_auth.obtain_auth_token, name="get_token"),
 ]
diff --git a/django/app/api/views_rest.py b/django/app/api/views_rest.py
@@ -1,6 +1,7 @@
-from django.contrib.auth.models import User, Group
+# from django.contrib.auth.models import User, Grou
+from django.contrib.auth.decorators import user_passes_test
 from rest_framework import viewsets, permissions, filters
-
+from users.models import User
 
 # Import Serializers
 from api import serializers
@@ -9,15 +10,32 @@
 from core.models import Author, AuthorOrder, Bibtex, Book
 from rest_framework.authentication import SessionAuthentication, BasicAuthentication, TokenAuthentication
 
+
+# -------------------------------------------------------------------
+class IsAdminOrReadOnly(permissions.BasePermission):
+    """
+    Object-level permission to only allow owners of an object to edit it.
+    Assumes the model instance has an `owner` attribute.
+    """
+    def has_permission(self, request, view):
+        # Read permissions are allowed to any request,
+        # so we'll always allow GET, HEAD or OPTIONS requests.        
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        # Instance must have an attribute named `owner`.
+        return request.user.is_superuser
+
+
 # User
-# ------------------------------------------------------------------- 
+# -------------------------------------------------------------------
 class UserViewSet(viewsets.ModelViewSet):
     """
     API endpoint that allows users to be viewed or edited.
     """
     queryset = User.objects.all().order_by('-date_joined')
     serializer_class = serializers.UserSerializer
-    authentication_classes = (SessionAuthentication, BasicAuthentication,)    
+    # permission_classes = (IsAdminOrReadOnly,)
+    authentication_classes = (SessionAuthentication, BasicAuthentication,)
 
 
 # -------------------------------------------------------------------
@@ -27,19 +45,19 @@ class AuthorViewSet(viewsets.ModelViewSet):
     """
     queryset = Author.objects.all().order_by('name_en')
     serializer_class = serializers.AuthorSerializer
-    permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
+    permission_classes = (IsAdminOrReadOnly,)
     authentication_classes = (SessionAuthentication,TokenAuthentication,)
     filter_backends = (filters.SearchFilter,)
     search_fields = ('name_en','name_ja',)
 
-    
+
 class AuthorOrderViewSet(viewsets.ModelViewSet):
     """
     API endpoint that allows users to be viewed or edited.
     """
     queryset = AuthorOrder.objects.all().order_by('bibtex','order')
     serializer_class = serializers.AuthorOrderSerializer
-    permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
+    permission_classes = (IsAdminOrReadOnly,)    
     authentication_classes = (SessionAuthentication, TokenAuthentication,)
 
 
@@ -49,19 +67,19 @@ class BookViewSet(viewsets.ModelViewSet):
     """
     queryset = Book.objects.all().order_by('style', 'title')
     serializer_class = serializers.BookSerializer
-    permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
+    permission_classes = (IsAdminOrReadOnly,)    
     authentication_classes = (SessionAuthentication, TokenAuthentication,)
     filter_backends = (filters.SearchFilter,)
     search_fields = ('title',)
-
 
+
 class BibtexViewSet(viewsets.ModelViewSet):
     """
     API endpoint that allows users to be viewed or edited.
     """
     queryset = Bibtex.objects.all().order_by('title_en','title_ja',)
     serializer_class = serializers.BibtexSerializer
-    permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
+    permission_classes = (IsAdminOrReadOnly,)    
     authentication_classes = (SessionAuthentication, TokenAuthentication,)
     filter_backends = (filters.SearchFilter,)
     search_fields = ('title_en','title_ja')

diff --git a/django/app/app/settings.py b/django/app/app/settings.py
@@ -27,11 +27,15 @@
 
 ALLOWED_HOSTS = ["localhost", "192.168.1.123",]
 
+# User Model
+AUTH_USER_MODEL = 'users.User'
+
 
 # Application definition
 
 INSTALLED_APPS = [
     # My App
+    'users.apps.UsersConfig',    
     'api.apps.ApiConfig',
     'core.apps.CoreConfig',
     'dashboard.apps.DashboardConfig',
@@ -158,20 +162,18 @@
 # REST API Settings
 REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': (
-        'rest_framework.authentication.BasicAuthentication',
         'rest_framework.authentication.SessionAuthentication', 
         'rest_framework.authentication.TokenAuthentication',       
     ),    
     # Use Django's standard `django.contrib.auth` permissions,
     # or allow read-only access for unauthenticated users.
     'DEFAULT_PERMISSION_CLASSES': [
-        # 'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly',
-        'rest_framework.permissions.IsAuthenticated',        
+        'rest_framework.permissions.IsAdminUser', 
     ],
 
     # Paging
     'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
-    'PAGE_SIZE': 500,
+    'PAGE_SIZE': 20,
 
     # Filter
     'DEFAULT_FILTER_BACKENDS': ('django_filters.rest_framework.DjangoFilterBackend',),
@@ -180,6 +182,9 @@
 # enable iframe
 X_FRAME_OPTIONS = 'ALLOWALL'
 
+
 # Login/Logout
 LOGIN_REDIRECT_URL = 'dashboard:index'
 LOGOUT_REDIRECT_URL= 'dashboard:index'
+
+
diff --git a/django/app/core/models.py b/django/app/core/models.py
@@ -1,5 +1,6 @@
 from django.db import models
-from django.contrib.auth.models import User
+# from django.contrib.auth.models import User
+from users.models import User
 
 
 # --------------------------------------------------
@@ -10,6 +11,11 @@ class Bibtex(models.Model):
         ('EN', 'English'),
         ('JA', 'Japanese'),
     )
+    PRIORITY_CHOICES = (
+        ('0', 'Default',),        
+        ('5', 'High',),
+        ('9', 'Super High',),
+    )
 
     """ Fields
     """
@@ -31,13 +37,17 @@ class Bibtex(models.Model):
     chapter = models.IntegerField(null=True,blank=True)
     page = models.CharField(max_length=32, null=True,blank=True)
     edition = models.TextField(max_length=16,null=True,blank=True)
-    pub_date = models.DateField(null=True,blank=True)
+    pub_date = models.DateField(null=True,blank=True,default="1970-01-01")
     use_date_info = models.BooleanField(default=False, blank=True)
     acceptance_rate = models.FloatField(null=True,blank=True)
     impact_factor = models.FloatField(null=True,blank=True)
     url = models.URLField(null=True,blank=True)
     note = models.TextField(null=True,blank=True)
-    memo = models.CharField(max_length=32, null=True,blank=True)
+    memo = models.CharField(max_length=32, null=False,blank=True, default="")
+    priority =  models.CharField(
+        max_length=1,
+        default='0',
+        choices=PRIORITY_CHOICES,)
     abstruct = models.TextField(null=True,blank=True)
     image = models.ImageField(null=True,blank=True, upload_to="api")
     tags = models.ManyToManyField(
@@ -49,11 +59,12 @@ class Bibtex(models.Model):
     created = models.DateTimeField(auto_now_add=True, blank=False)
     modified = models.DateTimeField(auto_now=True, blank=False)    
     owner = models.ForeignKey(
-        'auth.User',
+        'users.User',
         null=True,
         on_delete=models.SET_NULL
     )
 
+
     class Meta:
         unique_together = (
             ("title_en", "book", "pub_date","memo",),
@@ -127,7 +138,7 @@ class Author(models.Model):
     created = models.DateTimeField(auto_now_add=True, blank=False)
     modified = models.DateTimeField(auto_now=True, blank=False)    
     owner = models.ForeignKey(
-        'auth.User',
+        'users.User',
         null=True,blank=False,
         on_delete=models.SET_NULL
     )
@@ -185,7 +196,7 @@ class Book(models.Model):
     created = models.DateTimeField(auto_now_add=True, blank=False)
     modified = models.DateTimeField(auto_now=True, blank=False)    
     owner = models.ForeignKey(
-        'auth.User',
+        'users.User',
         null=True,
         on_delete=models.SET_NULL
     )
@@ -214,7 +225,7 @@ class Tag(models.Model):
     created = models.DateTimeField(auto_now_add=True, blank=False)
     modified = models.DateTimeField(auto_now=True, blank=False)    
     owner = models.ForeignKey(
-        'auth.User',
+        'users.User',
         null=True,
         on_delete=models.SET_NULL,
     )
@@ -247,7 +258,7 @@ class AuthorOrder(models.Model):
     created = models.DateTimeField(auto_now_add=True, blank=False)
     modified = models.DateTimeField(auto_now=True, blank=False)    
     owner = models.ForeignKey(
-        'auth.User',
+        'users.User',
         null=True,
         on_delete=models.SET_NULL
     )
@@ -285,7 +296,7 @@ class TagChain(models.Model):
     created = models.DateTimeField(auto_now_add=True, blank=False)
     modified = models.DateTimeField(auto_now=True, blank=False)    
     owner = models.ForeignKey(
-        'auth.User',
+        'users.User',
         null=True,
         on_delete=models.SET_NULL
     )

diff --git a/django/app/dashboard/admin.py b/django/app/dashboard/admin.py
diff --git a/django/app/dashboard/forms.py b/django/app/dashboard/forms.py
@@ -155,7 +155,7 @@ class Meta:
             'language','title_en','title_ja',
             'book','volume','number','chapter','page','edition','pub_date','use_date_info',
             'acceptance_rate','impact_factor','url','note',
-            'abstruct','image','is_published',
+            'abstruct','image','is_published','priority',
         ]
         widgets = {
             'book': autocomplete.ListSelect2(

diff --git a/django/app/dashboard/models.py b/django/app/dashboard/models.py
diff --git a/django/app/dashboard/templates/base.html b/django/app/dashboard/templates/base.html
@@ -39,10 +39,12 @@
 								<div class="navbar-nav">
 										{% if user.is_authenticated %}
 										<li class="nav-item dropdown border border-white rounded">
-												<a class="nav-link dropdown-toggle text-white" data-toggle="dropdown" href="#" role="button" aria-haspopup="true" aria-expanded="false">Hello, <span class="font-weight-bold" >{{ user }}</span></a>
+												<a class="nav-link dropdown-toggle text-white" data-toggle="dropdown" href="#" role="button" aria-haspopup="true" aria-expanded="false">Hello, <span class="font-weight-bold" >{{ user.get_full_name }}</span></a>
 												<div class="dropdown-menu dropdown-menu-right">	
 														<a class="dropdown-item" href="{% url 'dashboard:index' %}">My Page</a>
+														{% if user.is_staff %}
 														<a class="dropdown-item" href="{% url 'admin:index' %}">Admin Page</a>
+														{% endif %}
 														<div class="dropdown-divider"></div>
 														<a class="dropdown-item" href="/accounts/logout">Log out</a>
 												</div>