Merge pull request #479 from hinashi/feature/entry_api_v2

Added entry API v2(create, update, delete)
dmm-com · May 2, 2022 · 3cba997 · 3cba997
2 parents 8fb1db4 + 86a4785
commit 3cba997
Show file tree

Hide file tree

Showing 38 changed files with 3,137 additions and 918 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,7 +7,8 @@
   Contributed by @hinashi
 * Added custom processing when after delete entry
   Contributed by @hinashi
-
+* Added create, update, delete, restore entry api in APIv2
+  Contributed by @hinashi
 ### Changed
 
 ### Fixed

diff --git a/entity/api_v2/serializers.py b/entity/api_v2/serializers.py
@@ -8,6 +8,12 @@
 
 
 class EntitySerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Entity
+        fields = ["id", "name"]
+
+
+class EntityWithAttrSerializer(EntitySerializer):
     is_toplevel = serializers.SerializerMethodField(method_name="get_is_toplevel")
     attrs = serializers.SerializerMethodField(method_name="get_attrs")
 

diff --git a/entity/api_v2/urls.py b/entity/api_v2/urls.py
@@ -1,9 +1,19 @@
 from django.conf.urls import url
+from django.urls import path
 
 from . import views
 
 urlpatterns = [
     url(r"^history/(\d+)$", views.history, name="history"),
     url(r"^entities$", views.EntityAPI.as_view({"get": "list"})),
     url(r"^entities/(?P<pk>\d+)$", views.EntityAPI.as_view({"get": "retrieve"})),
+    path(
+        "<int:entity_id>/entries/",
+        views.EntityEntryAPI.as_view(
+            {
+                "get": "list",
+                "post": "create",
+            }
+        ),
+    ),
 ]
diff --git a/entity/api_v2/views.py b/entity/api_v2/views.py
@@ -2,16 +2,20 @@
 from django.db.models import F
 from drf_spectacular.types import OpenApiTypes
 from drf_spectacular.utils import extend_schema, OpenApiParameter
-from rest_framework import viewsets
-from rest_framework.pagination import LimitOffsetPagination
-
-from entity.api_v2.serializers import EntitySerializer
-from user.models import History
-from airone.lib.http import http_get
-
+from rest_framework import filters, viewsets
+from rest_framework.permissions import BasePermission, IsAuthenticated
+from rest_framework.pagination import PageNumberPagination, LimitOffsetPagination
+from django.http import Http404
 from django.http.response import JsonResponse, HttpResponse
+from django_filters.rest_framework import DjangoFilterBackend
 
+from airone.lib.acl import ACLType
+from airone.lib.http import http_get
+from entity.api_v2.serializers import EntityWithAttrSerializer
 from entity.models import Entity
+from entry.api_v2.serializers import EntryBaseSerializer, EntryCreateSerializer
+from entry.models import Entry
+from user.models import History, User
 
 
 @http_get
@@ -48,14 +52,31 @@ def history(request, entity_id):
     )
 
 
+class EntityPermission(BasePermission):
+    def has_permission(self, request, view):
+        permisson = {
+            "list": ACLType.Readable,
+            "create": ACLType.Writable,
+        }
+
+        user: User = User.objects.get(id=request.user.id)
+        entity = Entity.objects.filter(id=view.kwargs.get("entity_id"), is_active=True).first()
+
+        if entity and not user.has_permission(entity, permisson.get(view.action)):
+            return False
+
+        view.entity = entity
+        return True
+
+
 @extend_schema(
     parameters=[
         OpenApiParameter("query", OpenApiTypes.STR, OpenApiParameter.QUERY),
         OpenApiParameter("is_top_level", OpenApiTypes.BOOL, OpenApiParameter.QUERY),
     ],
 )
 class EntityAPI(viewsets.ReadOnlyModelViewSet):
-    serializer_class = EntitySerializer
+    serializer_class = EntityWithAttrSerializer
     pagination_class = LimitOffsetPagination
 
     def get_queryset(self):
@@ -74,3 +95,29 @@ def get_queryset(self):
                 exclude_condition["status"] = F("status").bitor(Entity.STATUS_TOP_LEVEL)
 
         return Entity.objects.filter(**filter_condition).exclude(**exclude_condition).order_by("id")
+
+
+class EntityEntryAPI(viewsets.ModelViewSet):
+    queryset = Entry.objects.all()
+    pagination_class = PageNumberPagination
+    permission_classes = [IsAuthenticated & EntityPermission]
+    filter_backends = [DjangoFilterBackend, filters.OrderingFilter, filters.SearchFilter]
+    filterset_fields = ["is_active"]
+    ordering_fields = ["name"]
+    search_fields = ["name"]
+
+    def get_serializer_class(self):
+        serializer = {
+            "create": EntryCreateSerializer,
+        }
+        return serializer.get(self.action, EntryBaseSerializer)
+
+    def get_queryset(self):
+        entity = Entity.objects.filter(id=self.kwargs.get("entity_id"), is_active=True).first()
+        if not entity:
+            raise Http404
+        return self.queryset.filter(schema=entity)
+
+    def create(self, request, entity_id):
+        request.data["schema"] = entity_id
+        return super().create(request)