Add imagegallery endpoints

webkom · Aug 31, 2023 · 8379438 · 8379438
1 parent 05204f6
commit 8379438
Show file tree

Hide file tree

Showing 11 changed files with 170 additions and 51 deletions.
diff --git a/().py b/().py
diff --git a/lego/api/v1.py b/lego/api/v1.py
@@ -127,7 +127,7 @@
 )
 router.register(r"feed-personal", PersonalFeedViewSet, basename="feed-personal")
 router.register(r"feed-user/(?P<user_pk>\d+)", UserFeedViewSet, basename="feed-user")
-router.register(r"files", FileViewSet)
+router.register(r"files", FileViewSet, basename="files")
 router.register(r"followers-company", FollowCompanyViewSet)
 router.register(r"followers-event", FollowEventViewSet)
 router.register(r"followers-user", FollowUserViewSet)

diff --git a/lego/apps/events/constants.py b/lego/apps/events/constants.py
@@ -10,7 +10,6 @@
 SOCIAL = "social"
 OTHER = "other"
 EVENT = "event"
-IMAGE = "image"
 
 EVENT_TYPES = (
     (COMPANY_PRESENTATION, COMPANY_PRESENTATION),

diff --git a/lego/apps/events/serializers/events.py b/lego/apps/events/serializers/events.py
@@ -198,6 +198,9 @@ def get_attended_count(self, event):
 
 class ImageGallerySerializer(BasisModelSerializer):
     cover = ImageField(source="key", required=True, options={"height": 500})
+    cover_placeholder = ImageField(
+        source="key", required=False, options={"height": 50, "filters": ["blur(20)"]}
+    )
 
     class Meta:
         model = File
@@ -209,6 +212,7 @@ class Meta:
             "save_for_use",
             "cover",
             "token",
+            "cover_placeholder",
         )
         read_only = True
 

diff --git a/lego/apps/events/views.py b/lego/apps/events/views.py
@@ -67,6 +67,7 @@
     save_and_notify_payment,
 )
 from lego.apps.events.websockets import notify_event_registration
+from lego.apps.files.constants import IMAGE
 from lego.apps.files.models import File
 from lego.apps.permissions.api.filters import LegoPermissionFilter
 from lego.apps.permissions.api.views import AllowedPermissionsMixin
@@ -352,10 +353,11 @@ def upcoming(self, request):
         serializer_class=ImageGallerySerializer,
         permission_classes=[permissions.IsAuthenticated],
     )
-    def imagegallery(self, request):
+    def cover_image_gallery(self, request):
+        if request.user.has_perm(EDIT, Event) is False:
+            raise PermissionDenied()
         queryset = File.objects.filter(
-            file_type=constants.IMAGE,
-            public=True,
+            file_type=IMAGE,
             save_for_use=True,
         )
         serializer = self.get_serializer(queryset, many=True)

diff --git a/lego/apps/files/fixtures/test_files.yaml b/lego/apps/files/fixtures/test_files.yaml
@@ -6,6 +6,7 @@
     token: token
     user: 1
     public: true
+    save_for_use: false
 
 - pk: abakus1.png
   model: files.File
@@ -15,6 +16,7 @@
     token: token
     user: 1
     public: true
+    save_for_use: false
 
 - pk: abakus2.png
   model: files.File
@@ -24,15 +26,17 @@
     token: token
     user: 1
     public: true
+    save_for_use: false
 
 - pk: default_male_avatar.png
   model: files.File
   fields:
     state: ready
     file_type: image
-    token: token
+    token: token4
     user: 1
     public: true
+    save_for_use: false
 
 - pk: default_female_avatar.png
   model: files.File
@@ -42,3 +46,4 @@
     token: token
     user: 1
     public: true
+    save_for_use: false
diff --git a/lego/apps/files/migrations/0005_file_save_for_use.py b/lego/apps/files/migrations/0005_file_save_for_use.py
@@ -4,7 +4,6 @@
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("files", "0004_auto_20200907_2209"),
     ]

diff --git a/lego/apps/files/serializers.py b/lego/apps/files/serializers.py
@@ -1,6 +1,6 @@
 from rest_framework import serializers
+from rest_framework.exceptions import PermissionDenied, ValidationError
 
-from lego.apps.files.fields import ImageField
 from lego.apps.files.models import File
 
 from .validators import KEY_REGEX
@@ -11,34 +11,19 @@ class FileUploadSerializer(serializers.Serializer):
     public = serializers.BooleanField(required=True)
 
 
-class ImageGalleryCoverSerializer(serializers.ModelSerializer):
-
-    file = ImageField(
-        source="self", required=False, options={"height": 700, "smart": True}
-    )
-
-    thumbnail = ImageField(
-        source="self",
-        read_only=True,
-        options={"height": 300, "width": 300, "smart": True},
-    )
-
-    class Meta:
-        model = File
-        fields = (
-            "thumbnail",
-            "id",
-            "key",
-        )
-
-
 class FileSaveForUseSerializer(serializers.ModelSerializer):
     class Meta:
         model = File
-
         save_for_use = serializers.BooleanField(required=True)
 
         fields = (
             "token",
             "save_for_use",
         )
+
+    def validate(self, data):
+        if self.instance.token != data["token"]:
+            raise PermissionDenied()
+        if "save_for_use" not in data:
+            raise ValidationError()
+        return data
diff --git a/lego/apps/files/tests/test_api.py b/lego/apps/files/tests/test_api.py
@@ -1,8 +1,9 @@
 from unittest import mock
 
 from rest_framework import status
+from rest_framework.reverse import reverse
 
-from lego.apps.users.models import User
+from lego.apps.users.models import AbakusGroup, User
 from lego.utils.test_utils import BaseAPITestCase
 
 
@@ -44,3 +45,132 @@ def test_post_create_file_call(self, mock_create_file):
         except Exception:
             pass
         mock_create_file.assert_called_with(key, self.user, False)
+
+
+def _get_detail_url(key):
+    return reverse("api:v1:files-imagegallery", kwargs={"key": key})
+
+
+class SetSaveForUserTest(BaseAPITestCase):
+    fixtures = ["test_users.yaml", "test_files.yaml", "test_abakus_groups.yaml"]
+    key = "abakus.png"
+    token = "token"
+    url = _get_detail_url(key)
+
+    def setUp(self):
+        self.webkom_user = User.objects.get(pk=9)
+        self.user_no_perms = User.objects.get(pk=1)
+        self.bedkom_user = User.objects.get(pk=2)
+        AbakusGroup.objects.get(name="Webkom").add_user(self.webkom_user)
+        AbakusGroup.objects.get(name="Bedkom").add_user(self.bedkom_user)
+
+    def test_update_file_no_auth(self):
+        res = self.client.patch(f"{self.url}", data={})
+        self.assertEqual(res.status_code, status.HTTP_401_UNAUTHORIZED)
+
+    def test_update_file_no_token(self):
+        self.client.force_authenticate(self.webkom_user)
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "save_for_use": True,
+                "token": "wrgon_token",
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN)
+
+    def test_update_file_success(self):
+        self.client.force_authenticate(self.webkom_user)
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "save_for_use": True,
+                "token": self.token,
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_200_OK)
+
+    def test_update_file_success_bedkom(self):
+        self.client.force_authenticate(self.bedkom_user)
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "save_for_use": True,
+                "token": self.token,
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_200_OK)
+
+    def test_update_file_bedkom_no_value(self):
+        self.client.force_authenticate(self.bedkom_user)
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "token": self.token,
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST)
+
+    def test_update_file_bedkom_bad_value(self):
+        self.client.force_authenticate(self.bedkom_user)
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "save_for_use": "1",
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST)
+
+    def test_update_file_bad_url(self):
+        self.client.force_authenticate(self.webkom_user)
+        res = self.client.patch(
+            "/api/v1/files/error.png/set_save_for_use/",
+            data={
+                "token": self.token,
+                "save_for_use": True,
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_404_NOT_FOUND)
+
+    def test_update_file_no_event_perm(self):
+        self.client.force_authenticate(self.user_no_perms)
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "save_for_use": True,
+                "token": self.token,
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN)
+
+    def test_update_file_no_event_perm_no_token(self):
+        self.client.force_authenticate(self.user_no_perms)
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "save_for_use": True,
+                "token": "wrong_token",
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN)
+
+    def test_update_file_no_auth_correct_token(self):
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "save_for_use": True,
+                "token": self.token,
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_401_UNAUTHORIZED)
+
+    def test_update_file_set_false_bedkom(self):
+        self.client.force_authenticate(self.bedkom_user)
+        res = self.client.patch(
+            f"{self.url}",
+            data={
+                "save_for_use": False,
+                "token": self.token,
+            },
+        )
+        self.assertEqual(res.status_code, status.HTTP_200_OK)
diff --git a/lego/apps/files/views.py b/lego/apps/files/views.py
@@ -6,9 +6,12 @@
     status,
     viewsets,
 )
+from rest_framework.exceptions import PermissionDenied
 from rest_framework.response import Response
 
+from lego.apps.events.models import Event
 from lego.apps.files.exceptions import UnknownFileType
+from lego.apps.permissions.constants import EDIT
 
 from .models import File
 from .serializers import FileSaveForUseSerializer, FileUploadSerializer
@@ -46,14 +49,19 @@ def create(self, request, *args, **kwargs):
             status=status.HTTP_201_CREATED,
         )
 
-    @decorators.action(detail=True, methods=["PATCH"])
-    def set_save_for_use(self, request, *args, **kwargs):
+    @decorators.action(
+        detail=True,
+        methods=["PATCH"],
+        permission_classes=[permissions.IsAuthenticated],
+    )
+    def imagegallery(self, request, *args, **kwargs):
+        if request.user.has_perm(EDIT, Event) is False:
+            raise PermissionDenied()
         file = self.get_object()
-        serializer = FileSaveForUseSerializer(data=request.data)
-        if serializer.is_valid():
-            file.save_for_use = serializer.validated_data["save_for_use"]
-            file.save()
-            return Response({"Success"})
+        serializer = FileSaveForUseSerializer(file, data=request.data)
+        if serializer.is_valid(raise_exception=True):
+            serializer.save()
+            return Response(data=serializer.data, status=status.HTTP_200_OK)
         else:
             return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
 

diff --git a/start.sh b/start.sh