homework - permissions/model constraints

b240772e · Bodor Máté · b0267579 · b0267579 · b240772e · b240772e
Commit b240772e authored 7 years ago by Bodor Máté
--- a/src/homework/migrations/0001_initial.py
+++ b/src/homework/migrations/0001_initial.py
-# -*- coding: utf-8 -*-
-# Generated by Django 1.11.5 on 2017-11-11 14:39
-from __future__ import unicode_literals
-from django.conf import settings
-from django.db import migrations, models
-import django.db.models.deletion
-class Migration(migrations.Migration):
-    initial = True
-    dependencies = [
-        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
-    ]
-    operations = [
-        migrations.CreateModel(
-            name='Solution',
-            fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('date', models.DateTimeField()),
-                ('ready', models.BooleanField()),
-                ('files', models.FileField(upload_to='')),
-            ],
-        ),
-        migrations.CreateModel(
-            name='Student',
-            fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('homework', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='homework.Solution')),
-                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
-            ],
-        ),
-        migrations.CreateModel(
-            name='Task',
-            fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('title', models.CharField(max_length=150)),
-                ('date', models.DateTimeField()),
-                ('deadline', models.DateTimeField()),
-                ('text', models.TextField()),
-                ('files', models.FileField(upload_to='')),
-                ('author', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
-            ],
-        ),
-        migrations.AddField(
-            model_name='solution',
-            name='task',
-            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='homework.Task'),
-        ),
-    ]
--- a/src/homework/models.py
+++ b/src/homework/models.py
 from django.db import models
 from django.contrib.auth.models import User
+from django.core.exceptions import ValidationError
+from django.utils.translation import ugettext_lazy as _
+from django.utils import timezone
+from django.core import validators
+from . import  myfields
+# 5MB - 5242880
+MAX_UPLOAD_SIZE = 5242880
+def validate_deadline(date):
+    if date <= timezone.now():
+        raise ValidationError(_('Date must be greater than now'), code='invalid')
+# def validate_file_size(file):
+#     if file._size > MAX_UPLOAD_SIZE:
+#         raise ValidationError(_('Please keep filesize under' + MAX_UPLOAD_SIZE))
 class Task(models.Model):
    title = models.CharField(max_length=150)
-    date = models.DateTimeField()
+    date = models.DateTimeField(auto_now_add=True, editable=False)
-    deadline = models.DateTimeField()
+    deadline = models.DateTimeField(validators=[validate_deadline])
    text = models.TextField()
-    author = models.OneToOneField(User)
+    created_by = models.ForeignKey(User)
-    files = models.FileField()
+    files = models.FileField(validators=[validators.FileExtensionValidator('image/png', 'image/jpeg', 'application/zip')],
+                             blank=True,
+    )
+    # files = myfields.RestrictedFileField(
+    #     content_types=['image/png', 'image/jpeg', 'application/zip'],
+    #     max_upload_size=MAX_UPLOAD_SIZE,
+    #     blank=True,
+    #     null=True,
+    # )
+#    solution_file = models.BooleanField()
+#
+#
+   # def deadline_clean(self):
+   #     if self.deadline <= timezone.now():
+   #         raise ValidationError(_('Invalid date'), code='invalid')
-# Normálisabb angol nevet adni ér!!
 class Solution(models.Model):
-    task = models.ForeignKey(Task, on_delete=models.CASCADE)
+    task = models.ForeignKey(Task, on_delete=models.CASCADE,)
-    date = models.DateTimeField()
+    date = models.DateTimeField(auto_now_add=True, editable=False)
    ready = models.BooleanField()
-    files = models.FileField()
+    files = models.FileField(validators=[
+        validators.FileExtensionValidator('image/png', 'image/jpeg', 'application/zip')],
+        blank=True,
+    )
+    created_by = models.ForeignKey(User)
+    # files = myfields.RestrictedFileField(
+    #     content_types=['image/png', 'image/jpeg', 'application/zip'],
+    #     max_upload_size=MAX_UPLOAD_SIZE,
+    #     blank=True,
+    # )
 class Student(models.Model):

--- a/src/homework/myfields.py
+++ b/src/homework/myfields.py
+from django import forms
+from django.template.defaultfilters import filesizeformat
+from django.utils.translation import ugettext_lazy as _
+from django.core.exceptions import ValidationError
+class RestrictedFileField(forms.FileField):
+    """
+    Same as FileField, but you can specify:
+    * content_types - list containing allowed content_types. Example: ['application/pdf', 'image/jpeg']
+    * max_upload_size - a number indicating the maximum file size allowed for upload.
+        2.5MB - 2621440
+        5MB - 5242880
+        10MB - 10485760
+        20MB - 20971520
+        50MB - 5242880
+        100MB - 104857600
+        250MB - 214958080
+        500MB - 429916160
+"""
+    def __init__(self, *args, **kwargs):
+        self.content_types = kwargs.pop("content_types")
+        self.max_upload_size = kwargs.pop("max_upload_size")
+        super().__init__(*args, **kwargs)
+    def clean(self, data, initial=None):
+        file = super().clean(data, initial)
+        try:
+            content_type = file.content_type
+            if content_type in self.content_types:
+                if file._size > self.max_upload_size:
+                    raise ValidationError(_('Please keep filesize under %s. Current filesize %s') % (
+                        filesizeformat(self.max_upload_size), filesizeformat(file._size)))
+            else:
+                raise ValidationError(_('Filetype not supported.'))
+        except AttributeError:
+            pass
+        return data
--- a/src/homework/permissions.py
+++ b/src/homework/permissions.py
+from rest_framework.permissions import BasePermission
+from rest_framework.permissions import SAFE_METHODS
+class IsStaffOrReadOnly(BasePermission):
+    """
+    The request is authenticated as a staff, or is a read-only request.
+    """
+    def has_permission(self, request, view):
+        return (
+            request.method in SAFE_METHODS or
+            request.user and
+            request.user.is_staff
+        )
+class IsAuthenticatedOrReadOnly(BasePermission):
+    """
+    The request is authenticated as a user, or is a read-only request.
+    """
+    def has_permission(self, request, view):
+        return (
+            request.method in SAFE_METHODS or
+            request.user and
+            request.user.is_authenticated
+        )
--- a/src/homework/serializers.py
+++ b/src/homework/serializers.py
@@ -6,12 +6,16 @@ class TaskSerializer(serializers.ModelSerializer):
    class Meta:
        model = models.Task
        fields = '__all__'
+        read_only_fields = ('created_by', 'date')
+        extra_kwargs = {'created_by': {'default': serializers.CurrentUserDefault()}}
 class SolutionSerializer(serializers.ModelSerializer):
    class Meta:
        model = models.Solution
        fields = '__all__'
+        read_only_fields = ('created_by', 'date')
+        extra_kwargs = {'created_by': {'default': serializers.CurrentUserDefault()}}
 class StudentSerializer(serializers.ModelSerializer):

--- a/src/homework/views.py
+++ b/src/homework/views.py
 from rest_framework import viewsets
 from . import serializers
 from . import models
+from . import permissions
 class TasksViewSet(viewsets.ModelViewSet):
    serializer_class = serializers.TaskSerializer
    queryset = models.Task.objects.all()
+    permission_classes = (permissions.IsStaffOrReadOnly,)
 class SolutionViewSet(viewsets.ModelViewSet):
    serializer_class = serializers.SolutionSerializer
    queryset = models.Solution.objects.all()
+    #permission_classes = ()
 class StudentViewSet(viewsets.ModelViewSet):
    serializer_class = serializers.StudentSerializer
    queryset = models.Student.objects.all()