Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • djangoldp-packages/djangoldp
  • decentral1se/djangoldp
  • femmefaytale/djangoldp
  • jvtrudel/djangoldp
4 results
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 1032 additions and 12267 deletions
djangoldp/migrations/0015_auto_20210125_1847.py 0 → 100644
View file @ e97d33ad
# Generated by Django 2.2.17 on 2021-01-25 18:47
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('djangoldp', '0014_auto_20200909_2206'),
]
operations = [
migrations.AlterModelOptions(
name='activity',
options={'default_permissions': ['add', 'change', 'delete', 'view', 'control']},
),
migrations.AlterModelOptions(
name='follower',
options={'default_permissions': ['add', 'change', 'delete', 'view', 'control']},
),
migrations.AlterModelOptions(
name='ldpsource',
options={'default_permissions': ['add', 'change', 'delete', 'view', 'control'], 'ordering': ('federation',)},
),
migrations.AlterModelOptions(
name='scheduledactivity',
options={'default_permissions': ['add', 'change', 'delete', 'view', 'control']},
),
]
djangoldp/migrations/0016_alter_activity_options_alter_follower_options_and_more.py 0 → 100644
View file @ e97d33ad
# Generated by Django 4.2.3 on 2023-08-31 15:27
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('djangoldp', '0015_auto_20210125_1847'),
]
operations = [
migrations.AlterModelOptions(
name='activity',
options={'default_permissions': {'delete', 'change', 'view', 'add', 'control'}},
),
migrations.AlterModelOptions(
name='follower',
options={'default_permissions': {'delete', 'change', 'view', 'add', 'control'}},
),
migrations.AlterModelOptions(
name='ldpsource',
options={'default_permissions': {'delete', 'change', 'view', 'add', 'control'}, 'ordering': ('federation',)},
),
migrations.AlterModelOptions(
name='scheduledactivity',
options={'default_permissions': {'delete', 'change', 'view', 'add', 'control'}},
),
]
djangoldp/migrations/0017_alter_activity_urlid_alter_follower_urlid_and_more.py 0 → 100644
View file @ e97d33ad
# Generated by Django 4.2.3 on 2023-09-03 20:26
from django.db import migrations
import djangoldp.fields
class Migration(migrations.Migration):
dependencies = [
('djangoldp', '0016_alter_activity_options_alter_follower_options_and_more'),
]
operations = [
migrations.AlterField(
model_name='activity',
name='urlid',
field=djangoldp.fields.LDPUrlField(blank=True, db_index=True, null=True, unique=True),
),
migrations.AlterField(
model_name='follower',
name='urlid',
field=djangoldp.fields.LDPUrlField(blank=True, db_index=True, null=True, unique=True),
),
migrations.AlterField(
model_name='ldpsource',
name='urlid',
field=djangoldp.fields.LDPUrlField(blank=True, db_index=True, null=True, unique=True),
),
]
djangoldp/migrations/0018_alter_activity_payload_alter_activity_response_body.py 0 → 100644
View file @ e97d33ad
# Generated by Django 4.2.3 on 2023-10-17 19:25
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('djangoldp', '0017_alter_activity_urlid_alter_follower_urlid_and_more'),
]
operations = [
migrations.AlterField(
model_name='activity',
name='payload',
field=models.TextField(),
),
migrations.AlterField(
model_name='activity',
name='response_body',
field=models.TextField(null=True),
),
]
djangoldp/models.py
View file @ e97d33ad
import json
import logging
import uuid
from urllib.parse import urlparse
from django.conf import settings
from django.contrib.auth.models import User, AbstractUser
from django.core.exceptions import ObjectDoesNotExist, ValidationError
from django.contrib.auth import get_user_model
from django.contrib.auth.models import Group
from django.core.exceptions import ObjectDoesNotExist, ValidationError, FieldDoesNotExist
from django.db import models
from django.db.models import BinaryField, DateField
from django.db.models.base import ModelBase
from django.db.models.signals import post_save
from django.db.models.signals import post_save, pre_save, pre_delete, m2m_changed
from django.dispatch import receiver
from django.urls import reverse_lazy, get_resolver
from django.urls import get_resolver
from django.utils.datastructures import MultiValueDictKeyError
from django.utils.decorators import classonlymethod
from guardian.models import UserObjectPermissionBase
from guardian.shortcuts import assign_perm
from rest_framework.utils import model_meta
from djangoldp.fields import LDPUrlField
from djangoldp.permissions import LDPPermissions
import logging
from djangoldp.permissions import DEFAULT_DJANGOLDP_PERMISSIONS, OwnerPermissions, InheritPermissions, ReadOnly
logger = logging.getLogger('djangoldp')
Group._meta.serializer_fields = ['name', 'user_set']
Group._meta.rdf_type = 'foaf:Group'
# Group._meta.rdf_context = {'user_set': 'foaf:member'}
Group._meta.permission_classes = [(OwnerPermissions&ReadOnly)|InheritPermissions]
Group._meta.owner_field = 'user'
Group._meta.inherit_permissions = []
class LDPModelManager(models.Manager):
def local(self):
......@@ -31,44 +34,21 @@ class LDPModelManager(models.Manager):
internal_ids = [x.pk for x in queryset if not Model.is_external(x)]
return queryset.filter(pk__in=internal_ids)
def nested_fields(self):
'''parses the relations on the model, and returns a list of nested field names'''
nested_fields = set()
# include all many-to-many relations
for field_name, relation_info in model_meta.get_field_info(self.model).relations.items():
if relation_info.to_many:
if field_name is not None:
nested_fields.add(field_name)
# include all nested fields explicitly included on the model
nested_fields.update(set(Model.get_meta(self.model, 'nested_fields', set())))
# exclude anything marked explicitly to be excluded
nested_fields = nested_fields.difference(set(Model.get_meta(self.model, 'nested_fields_exclude', set())))
return list(nested_fields)
def fields(self):
return self.nested_fields()
class Model(models.Model):
urlid = LDPUrlField(blank=True, null=True, unique=True)
urlid = LDPUrlField(blank=True, null=True, unique=True, db_index=True)
is_backlink = models.BooleanField(default=False, help_text='set automatically to indicate the Model is a backlink')
allow_create_backlink = models.BooleanField(default=True,
help_text='set to False to disable backlink creation after Model save')
objects = LDPModelManager()
nested = LDPModelManager()
class Meta:
default_permissions = DEFAULT_DJANGOLDP_PERMISSIONS
abstract = True
depth = 0
def __init__(self, *args, **kwargs):
super(Model, self).__init__(*args, **kwargs)
@classmethod
def get_view_set(cls):
'''returns the view_set defined in the model Meta or the LDPViewSet class'''
view_set = getattr(cls._meta, 'view_set', getattr(cls.Meta, 'view_set', None))
if view_set is None:
from djangoldp.views import LDPViewSet
view_set = LDPViewSet
return view_set
@classmethod
def get_container_path(cls):
'''returns the url path which is used to access actions on this model (e.g. /users/)'''
......@@ -83,7 +63,7 @@ class Model(models.Model):
@classonlymethod
def absolute_url(cls, instance_or_model):
if isinstance(instance_or_model, ModelBase) or instance_or_model.urlid is None or instance_or_model.urlid == '':
if isinstance(instance_or_model, ModelBase) or not instance_or_model.urlid:
return '{}{}'.format(settings.SITE_URL, Model.resource(instance_or_model))
else:
return instance_or_model.urlid
......@@ -106,16 +86,24 @@ class Model(models.Model):
@classonlymethod
def slug_field(cls, instance_or_model):
if isinstance(instance_or_model, ModelBase):
object_name = instance_or_model.__name__.lower()
model = instance_or_model
else:
object_name = instance_or_model._meta.object_name.lower()
model = type(instance_or_model)
# Use cached value if present
if hasattr(model, "_slug_field"):
return model._slug_field
object_name = model.__name__.lower()
view_name = '{}-detail'.format(object_name)
try:
slug_field = '/{}'.format(get_resolver().reverse_dict[view_name][0][0][1][0])
except MultiValueDictKeyError:
slug_field = Model.get_meta(instance_or_model, 'lookup_field', 'pk')
slug_field = getattr(model._meta, 'lookup_field', 'pk')
if slug_field.startswith('/'):
slug_field = slug_field[1:]
model._slug_field = slug_field
return slug_field
@classonlymethod
......@@ -130,11 +118,6 @@ class Model(models.Model):
return path
class Meta:
default_permissions = ('add', 'change', 'delete', 'view', 'control')
abstract = True
depth = 0
@classonlymethod
def resolve_id(cls, id):
'''
......@@ -154,7 +137,7 @@ class Model(models.Model):
@classonlymethod
def resolve_parent(cls, path):
split = path.strip('/').split('/')
parent_path = "/".join(split[0:len(split) - 1])
parent_path = "/".join(split[:-1])
return Model.resolve_id(parent_path)
@classonlymethod
......@@ -171,8 +154,8 @@ class Model(models.Model):
:param path: a URL path to check
:return: the container model and resolved id in a tuple
'''
if settings.BASE_URL in path:
path = path[len(settings.BASE_URL):]
if path.startswith(settings.BASE_URL):
path = path.replace(settings.BASE_URL, '')
container = cls.resolve_container(path)
try:
resolve_id = cls.resolve_id(path)
......@@ -200,7 +183,6 @@ class Model(models.Model):
:raises Exception: if the object does not exist, but the data passed is invalid
'''
try:
logger.debug('[get_or_create] ' + str(model) + ' backlink ' + str(urlid))
rval = model.objects.get(urlid=urlid)
if update:
for field in field_tuples.keys():
......@@ -208,7 +190,6 @@ class Model(models.Model):
rval.save()
return rval
except ObjectDoesNotExist:
logger.debug('[get_or_create] creating..')
if model is get_user_model():
field_tuples['username'] = str(uuid.uuid4())
return model.objects.create(urlid=urlid, is_backlink=True, **field_tuples)
......@@ -223,46 +204,19 @@ class Model(models.Model):
raise ObjectDoesNotExist
return Model.get_or_create(model, urlid, **kwargs)
@classonlymethod
def get_model_rdf_type(cls, model):
if model is get_user_model():
return "foaf:user"
else:
return Model.get_meta(model, "rdf_type")
@classonlymethod
def get_subclass_with_rdf_type(cls, type):
#TODO: deprecate
'''returns Model subclass with Meta.rdf_type matching parameterised type, or None'''
if type == 'foaf:user':
return get_user_model()
for subcls in Model.__subclasses__():
if Model.get_meta(subcls, 'rdf_type') == type:
if getattr(subcls._meta, "rdf_type", None) == type:
return subcls
return None
@classonlymethod
def get_permission_classes(cls, related_model, default_permissions_classes):
'''returns the permission_classes set in the models Meta class'''
return cls.get_meta(related_model, 'permission_classes', default_permissions_classes)
@classonlymethod
def get_meta(cls, model_class, meta_name, default=None):
'''returns the models Meta class'''
if hasattr(model_class, 'Meta'):
meta = getattr(model_class.Meta, meta_name, default)
else:
meta = default
return getattr(model_class._meta, meta_name, meta)
@staticmethod
def get_permissions(obj_or_model, user_or_group, filter):
permissions = filter
for permission_class in Model.get_permission_classes(obj_or_model, [LDPPermissions]):
permissions = permission_class().filter_user_perms(user_or_group, obj_or_model, permissions)
return [{'mode': {'@type': name.split('_')[0]}} for name in permissions]
@classmethod
def is_external(cls, value):
'''
......@@ -270,19 +224,24 @@ class Model(models.Model):
:return: True if the urlid is external to the server, False otherwise
'''
try:
if not value:
return False
if not isinstance(value, str):
value = value.urlid
return value is not None and not value.startswith(settings.SITE_URL)
# This expects all @ids to start with http which mlight not be universal. Maybe needs a fix.
return value.startswith('http') and not value.startswith(settings.SITE_URL)
except:
return False
#TODO: this breaks the serializer, which probably assumes that traditional models don't have a urlid.
# models.Model.urlid = property(lambda self: '{}{}'.format(settings.SITE_URL, Model.resource(self)))
class LDPSource(Model):
federation = models.CharField(max_length=255)
class Meta(Model.Meta):
rdf_type = 'ldp:Container'
rdf_type = 'sib:federatedContainer'
ordering = ('federation',)
container_path = 'sources'
lookup_field = 'federation'
......@@ -293,17 +252,41 @@ class LDPSource(Model):
class Activity(Model):
'''Models an ActivityStreams Activity'''
aid = LDPUrlField(null=True) # activity id
local_id = LDPUrlField() # /inbox or /outbox full url
payload = BinaryField()
created_at = DateField(auto_now_add=True)
local_id = LDPUrlField(help_text='/inbox or /outbox url (local - this server)') # /inbox or /outbox full url
external_id = LDPUrlField(null=True, help_text='the /inbox or /outbox url (from the sender or receiver)')
payload = models.TextField()
response_location = LDPUrlField(null=True, blank=True, help_text='Location saved activity can be found')
response_code = models.CharField(null=True, blank=True, help_text='Response code sent by receiver', max_length=8)
response_body = models.TextField(null=True)
type = models.CharField(null=True, blank=True, help_text='the ActivityStreams type of the Activity',
max_length=64)
is_finished = models.BooleanField(default=True)
created_at = models.DateTimeField(auto_now_add=True)
success = models.BooleanField(default=False, help_text='set to True when an Activity is successfully delivered')
class Meta(Model.Meta):
container_path = "activities"
rdf_type = 'as:Activity'
disable_url = True
def to_activitystream(self):
return json.loads(self.payload.tobytes())
return json.loads(self.payload)
def response_to_json(self):
return self.to_activitystream()
# temporary database-side storage used for scheduled tasks in the ActivityQueue
class ScheduledActivity(Activity):
failed_attempts = models.PositiveIntegerField(default=0,
help_text='a log of how many failed retries have been made sending the activity')
def save(self, *args, **kwargs):
self.is_finished = False
super(ScheduledActivity, self).save(*args, **kwargs)
class Meta(Model.Meta):
disable_url = True
class Follower(Model):
......@@ -315,37 +298,74 @@ class Follower(Model):
def __str__(self):
return 'Inbox ' + str(self.inbox) + ' on ' + str(self.object)
def save(self, *args, **kwargs):
if self.pk is None:
logger.debug('[Follower] saving Follower ' + self.__str__())
super(Follower, self).save(*args, **kwargs)
class Meta(Model.Meta):
disable_url = True
class DynamicNestedField:
'''
Used to define a method as a nested_field.
Usage:
LDPUser.circles = lambda self: Circle.objects.filter(members__user=self)
LDPUser.circles.field = DynamicNestedField(Circle, 'circles')
'''
related_query_name = None
one_to_many = False
many_to_many = True
many_to_one = False
one_to_one = False
read_only = True
name = ''
def __init__(self, model:models.Model|None, remote_name:str, name:str='', remote:object|None=None) -> None:
self.model = model
self.name = name
if remote:
self.remote_field = remote
else:
self.remote_field = DynamicNestedField(None, '', remote_name, self)
@receiver([post_save])
def auto_urlid(sender, instance, **kwargs):
if isinstance(instance, Model):
changed = False
if getattr(instance, Model.slug_field(instance), None) is None:
setattr(instance, Model.slug_field(instance), instance.pk)
instance.save()
if (instance.urlid is None or instance.urlid == '' or 'None' in instance.urlid):
changed = True
if (not instance.urlid or 'None' in instance.urlid):
instance.urlid = instance.get_absolute_url()
changed = True
if changed:
instance.save()
@receiver(post_save)
def create_role_groups(sender, instance, created, **kwargs):
if created:
for name, params in getattr(instance._meta, 'permission_roles', {}).items():
group, x = Group.objects.get_or_create(name=f'LDP_{instance._meta.model_name}_{name}_{instance.id}')
setattr(instance, name, group)
instance.save()
if params.get('add_author'):
assert hasattr(instance._meta, 'auto_author'), "add_author requires to also define auto_author"
author = getattr(instance, instance._meta.auto_author)
if author:
group.user_set.add(author)
for permission in params.get('perms', []):
assign_perm(f'{permission}_{instance._meta.model_name}', group, instance)
if 'djangoldp_account' not in settings.DJANGOLDP_PACKAGES:
def webid(self):
# an external user should have urlid set
webid = getattr(self, 'urlid', None)
if webid is not None and urlparse(settings.BASE_URL).netloc != urlparse(webid).netloc:
webid = self.urlid
# local user use user-detail URL with primary key
else:
webid = '{0}{1}'.format(settings.BASE_URL, reverse_lazy('user-detail', kwargs={'pk': self.pk}))
return webid
get_user_model().webid = webid
def invalidate_cache_if_has_entry(entry):
from djangoldp.serializers import GLOBAL_SERIALIZER_CACHE
if GLOBAL_SERIALIZER_CACHE.has(entry):
GLOBAL_SERIALIZER_CACHE.invalidate(entry)
def invalidate_model_cache_if_has_entry(model):
entry = getattr(model._meta, 'label', None)
invalidate_cache_if_has_entry(entry)
@receiver([pre_save, pre_delete])
def invalidate_caches(sender, instance, **kwargs):
invalidate_model_cache_if_has_entry(sender)
@receiver(post_save, sender=User)
def update_perms(sender, instance, created, **kwargs):
LDPPermissions.invalidate_cache()
@receiver([m2m_changed])
def invalidate_caches_m2m(sender, instance, action, *args, **kwargs):
invalidate_model_cache_if_has_entry(kwargs['model'])
\ No newline at end of file
djangoldp/pagination.py
View file @ e97d33ad
from rest_framework.pagination import LimitOffsetPagination
from rest_framework.pagination import PageNumberPagination
from rest_framework.response import Response
class LDPOffsetPagination(LimitOffsetPagination):
def get_paginated_response(self, data):
next_url = self.get_next_link()
previous_url = self.get_previous_link()
links = []
for url, label in ((previous_url, 'prev'), (next_url, 'next')):
if url is not None:
links.append('<{}>; rel="{}"'.format(url, label))
headers = {'Link': ', '.join(links)} if links else {}
return Response(data, headers=headers)
class LDPPagination(PageNumberPagination):
page_query_param = 'p'
page_size_query_param = 'limit'
class LDPPagination(LimitOffsetPagination):
def get_paginated_response(self, data):
next_url = self.get_next_link()
previous_url = self.get_previous_link()
......
djangoldp/permissions.py
View file @ e97d33ad
import time
from django.contrib.auth.models import _user_get_all_permissions
from django.core.exceptions import PermissionDenied
from django.db.models.base import ModelBase
from rest_framework.permissions import DjangoObjectPermissions
class LDPPermissions(DjangoObjectPermissions):
from copy import copy
from django.conf import settings
from django.http import Http404
from rest_framework.permissions import BasePermission, DjangoObjectPermissions, OR, AND
from rest_framework.filters import BaseFilterBackend
from rest_framework_guardian.filters import ObjectPermissionsFilter
from djangoldp.filters import OwnerFilterBackend, NoFilterBackend, PublicFilterBackend, IPFilterBackend, ActiveFilterBackend
from djangoldp.utils import is_anonymous_user, is_authenticated_user, check_client_ip
DEFAULT_DJANGOLDP_PERMISSIONS = {'view', 'add', 'change', 'delete', 'control'}
DEFAULT_RESOURCE_PERMISSIONS = {'view', 'change', 'delete', 'control'}
DEFAULT_CONTAINER_PERMISSIONS = {'view', 'add'}
def join_filter_backends(*permissions_or_filters:BaseFilterBackend|BasePermission, model:object, union:bool=False) -> BaseFilterBackend:
'''Creates a new Filter backend by joining a list of existing backends.
It chains the filterings or joins them, depending on the argument union'''
backends = []
for permission_or_filter in permissions_or_filters:
if hasattr(permission_or_filter, 'get_filter_backend'):
backends.append(permission_or_filter.get_filter_backend(model))
elif isinstance(permission_or_filter, type) and issubclass(permission_or_filter, BaseFilterBackend):
backends.append(permission_or_filter)
class JointFilterBackend(BaseFilterBackend):
def __init__(self) -> None:
self.filters = []
for backend in backends:
if backend:
self.filters.append(backend())
def filter_queryset(self, request:object, queryset:object, view:object) -> object:
if union:
result = queryset.none() #starts with empty for union
else:
result = queryset
for filter in self.filters:
if union:
result = result | filter.filter_queryset(request, queryset, view)
else:
result = filter.filter_queryset(request, result, view)
return result
return JointFilterBackend
permission_map ={
'GET': ['%(app_label)s.view_%(model_name)s'],
'OPTIONS': [],
'HEAD': ['%(app_label)s.view_%(model_name)s'],
'POST': ['%(app_label)s.add_%(model_name)s'],
'PUT': ['%(app_label)s.change_%(model_name)s'],
'PATCH': ['%(app_label)s.change_%(model_name)s'],
'DELETE': ['%(app_label)s.delete_%(model_name)s'],
}
# Patch of OR and AND classes to enable chaining of LDPBasePermission
def OR_get_permissions(self, user, model, obj=None):
perms1 = self.op1.get_permissions(user, model, obj) if hasattr(self.op1, 'get_permissions') else set()
perms2 = self.op2.get_permissions(user, model, obj) if hasattr(self.op2, 'get_permissions') else set()
return set.union(perms1, perms2)
OR.get_permissions = OR_get_permissions
def OR_get_filter_backend(self, model):
return join_filter_backends(self.op1, self.op2, model=model, union=True)
OR.get_filter_backend = OR_get_filter_backend
OR.__repr__ = lambda self: f"{self.op1}|{self.op2}"
def AND_get_permissions(self, user, model, obj=None):
perms1 = self.op1.get_permissions(user, model, obj) if hasattr(self.op1, 'get_permissions') else set()
perms2 = self.op2.get_permissions(user, model, obj) if hasattr(self.op2, 'get_permissions') else set()
return set.intersection(perms1, perms2)
AND.get_permissions = AND_get_permissions
def AND_get_filter_backend(self, model):
return join_filter_backends(self.op1, self.op2, model=model, union=False)
AND.get_filter_backend = AND_get_filter_backend
AND.__repr__ = lambda self: f"{self.op1}&{self.op2}"
class LDPBasePermission(BasePermission):
"""
Default permissions
Anon: None
Auth: None but inherit from Anon
Owner: None but inherit from Auth
A base class from which all permission classes should inherit.
Extends the DRF permissions class to include the concept of model-permissions, separate from the view, and to
change to a system of outputting permissions sets for the serialization of WebACLs
"""
anonymous_perms = ['view']
authenticated_perms = ['inherit']
owner_perms = ['inherit']
perms_cache = {
'time': time.time()
}
with_cache = True
@classmethod
def invalidate_cache(cls):
cls.perms_cache = {
'time': time.time()
}
# filter backends associated with the permissions class. This will be used to filter queryset in the (auto-generated)
# view for a model, and in the serializing nested fields
filter_backend = ActiveFilterBackend
# by default, all permissions
permissions = getattr(settings, 'DJANGOLDP_PERMISSIONS', DEFAULT_DJANGOLDP_PERMISSIONS)
# perms_map defines the permissions required for different methods
perms_map = permission_map
@classmethod
def refresh_cache(cls):
if time.time() - cls.perms_cache['time'] > 5:
cls.invalidate_cache()
def user_permissions(self, user, obj_or_model, obj=None):
"""
Filter user permissions for a model class
"""
# this may be a permission for the model class, or an instance
self.refresh_cache()
if isinstance(obj_or_model, ModelBase):
model = obj_or_model
def get_filter_backend(cls, model):
'''returns the Filter backend associated with this permission class'''
return cls.filter_backend
def check_all_permissions(self, required_permissions):
'''returns True if the all the permissions are included in the permissions of the class'''
return all([permission.split('.')[1].split('_')[0] in self.permissions for permission in required_permissions])
def get_allowed_methods(self):
'''returns the list of methods allowed for the permissions of the class, depending on the permission map'''
return [method for method, permissions in self.perms_map.items() if self.check_all_permissions(permissions)]
def has_permission(self, request, view):
'''checks if the request is allowed at all, based on its method and the permissions of the class'''
return request.method in self.get_allowed_methods()
def has_object_permission(self, request, view, obj=None):
'''checks if the access to the object is allowed,'''
return self.has_permission(request, view)
def get_permissions(self, user, model, obj=None):
'''returns the permissions the user has on a given model or on a given object'''
return self.permissions.intersection(DEFAULT_RESOURCE_PERMISSIONS if obj else DEFAULT_CONTAINER_PERMISSIONS)
class AnonymousReadOnly(LDPBasePermission):
"""Anonymous users can only view, no check for others"""
permissions = {'view'}
def has_permission(self, request, view):
return super().has_permission(request, view) or is_authenticated_user(request.user)
def get_permissions(self, user, model, obj=None):
if is_anonymous_user(user):
return self.permissions
else:
obj = obj_or_model
model = obj_or_model.__class__
return super().permissions #all permissions
model_name = model._meta.model_name
user_key = 'None' if user is None else user.id
obj_key = 'None' if obj is None else obj.id
perms_cache_key = 'User{}{}{}'.format(user_key, model_name, obj_key)
if self.with_cache and perms_cache_key in self.perms_cache:
return self.perms_cache[perms_cache_key]
# Get Anonymous permissions from Model's Meta. If not found use default
anonymous_perms = getattr(model._meta, 'anonymous_perms', self.anonymous_perms)
# Get Auth permissions from Model's Meta. If not found use default
authenticated_perms = getattr(model._meta, 'authenticated_perms', self.authenticated_perms)
# Extend Auth if inherit is given
if 'inherit' in authenticated_perms:
authenticated_perms = authenticated_perms + list(set(anonymous_perms) - set(authenticated_perms))
# Get Owner permissions from Model's Meta. If not found use default
owner_perms = getattr(model._meta, 'owner_perms', self.owner_perms)
# Extend Owner if inherit is given
if 'inherit' in owner_perms:
owner_perms = owner_perms + list(set(authenticated_perms) - set(owner_perms))
# return permissions - using set to avoid duplicates
# apply Django-Guardian (object-level) permissions
perms = set()
class AuthenticatedOnly(LDPBasePermission):
"""Only authenticated users have permissions"""
def has_permission(self, request, view):
return request.method=='OPTIONS' or is_authenticated_user(request.user)
if obj is not None and not user.is_anonymous:
# get permissions from all backends and then remove model name from the permissions
model_name = model._meta.model_name
forbidden_string = "_" + model_name
perms = set([p.replace(forbidden_string, '') for p in _user_get_all_permissions(user, obj)])
class ReadOnly(LDPBasePermission):
"""Users can only view"""
permissions = {'view'}
# apply anon, owner and auth permissions
if user.is_anonymous:
perms = perms.union(set(anonymous_perms))
class ReadAndCreate(LDPBasePermission):
"""Users can only view and create"""
permissions = {'view', 'add'}
else:
if obj and hasattr(model._meta, 'owner_field') and (
getattr(obj, getattr(model._meta, 'owner_field')) == user
or (hasattr(user, 'urlid') and getattr(obj, getattr(model._meta, 'owner_field')) == user.urlid)
or getattr(obj, getattr(model._meta, 'owner_field')) == user.id):
perms = perms.union(set(owner_perms))
class CreateOnly(LDPBasePermission):
"""Users can only view and create"""
permissions = {'add'}
else:
perms = perms.union(set(authenticated_perms))
self.perms_cache[perms_cache_key] = list(perms)
class ACLPermissions(DjangoObjectPermissions, LDPBasePermission):
"""Permissions based on the rights given in db, on model for container requests or on object for resource requests"""
filter_backend = ObjectPermissionsFilter
perms_map = permission_map
def has_permission(self, request, view):
if view.action in ('list', 'create'): # The container permission only apply to containers requests
return super().has_permission(request, view)
return True
return self.perms_cache[perms_cache_key]
# return list(perms)
def get_permissions(self, user, model, obj=None):
model_name = model._meta.model_name
app_label = model._meta.app_label
if obj:
return {perm.replace('_'+model_name, '') for perm in user.get_all_permissions(obj)}
permissions = set(filter(lambda perm: perm.startswith(app_label) and perm.endswith(model_name), user.get_all_permissions()))
return {perm.replace(app_label+'.', '').replace('_'+model_name, '') for perm in permissions}
class OwnerPermissions(LDPBasePermission):
"""Gives all permissions to the owner of the object"""
filter_backend = OwnerFilterBackend
def check_permission(self, user, model, obj):
if user.is_superuser:
return True
if getattr(model._meta, 'owner_field', None):
field = model._meta.get_field(model._meta.owner_field)
if field.many_to_many or field.one_to_many:
return user in getattr(obj, field.get_accessor_name()).all()
else:
return user == getattr(obj, model._meta.owner_field)
if getattr(model._meta, 'owner_urlid_field', None) is not None:
return is_authenticated_user(user) and user.urlid == getattr(obj, model._meta.owner_urlid_field)
return True
def filter_user_perms(self, user, obj_or_model, permissions):
# Only used on Model.get_permissions to translate permissions to LDP
return [perm for perm in permissions if perm in self.user_permissions(user, obj_or_model)]
def has_object_permission(self, request, view, obj=None):
return self.check_permission(request.user, view.model, obj)
def get_permissions(self, user, model, obj=None):
if not obj or self.check_permission(user, model, obj):
return self.permissions
return set()
class OwnerCreatePermission(LDPBasePermission):
'''only accepts the creation of new resources if the owner of the created resource is the user of the request'''
def check_patch(self, first, second, user):
diff = first - second
return diff == set() or diff == {user.urlid}
def has_permission(self, request:object, view:object) -> bool:
if request.method != 'POST':
return super().has_permission(request, view)
if is_anonymous_user(request.user):
return False
owner = None
if getattr(view.model._meta, 'owner_field', None):
field = view.model._meta.get_field(view.model._meta.owner_field)
if field.many_to_many or field.one_to_many:
owner = request.data[field.get_accessor_name()]
else:
owner = request.data[view.model._meta.owner_field]
if getattr(view.model._meta, 'owner_urlid_field', None):
owner = request.data[view.model._meta.owner_urlid_field]
return not owner or owner['@id'] == request.user.urlid
class PublicPermission(LDPBasePermission):
"""Gives read-only access to resources which have a public flag to True"""
filter_backend = PublicFilterBackend
permissions = {'view', 'add'}
def has_object_permission(self, request, view, obj=None):
assert hasattr(view.model._meta, 'public_field'), \
f'Model {view.model} has PublicPermission applied without "public_field" defined'
public_field = view.model._meta.public_field
if getattr(obj, public_field, False):
return super().has_object_permission(request, view, obj)
return False
class JoinMembersPermission(LDPBasePermission):
filter_backend = None
def has_permission(self, request:object, view:object) -> bool:
if is_anonymous_user(request.user):
return False
return request.method == 'PATCH'
def check_patch(self, first, second, user):
diff = first - second
return diff == set() or diff == {user.urlid}
def has_object_permission(self, request:object, view:object, obj:object) -> bool:
'''only accept patch request, only if the only difference on the user_set is the user'''
if not self.has_permission(request, view) or not obj or not 'user_set' in request.data:
return False
new_members = request.data['user_set']
if not isinstance(new_members, list):
new_members = [new_members]
new_ids = {user['@id'] for user in new_members}
old_ids = {user.urlid for user in obj.members.user_set.all()}
return self.check_patch(new_ids, old_ids, request.user) and self.check_patch(old_ids, new_ids, request.user)
def get_permissions(self, user, model, obj=None):
return set()
class IPOpenPermissions(LDPBasePermission):
filter_backend = IPFilterBackend
def has_permission(self, request, view):
return check_client_ip(request)
# perms_map defines the permissions required for different methods
perms_map = {
'GET': ['%(app_label)s.view_%(model_name)s'],
'OPTIONS': [],
'HEAD': ['%(app_label)s.view_%(model_name)s'],
'POST': ['%(app_label)s.add_%(model_name)s'],
'PUT': ['%(app_label)s.change_%(model_name)s'],
'PATCH': ['%(app_label)s.change_%(model_name)s'],
'DELETE': ['%(app_label)s.delete_%(model_name)s'],
}
def get_permissions(self, method, obj):
"""
Translate perms_map to request
"""
kwargs = {
'app_label': obj._meta.app_label,
'model_name': obj._meta.model_name
}
# Only allows methods that are on perms_map
if method not in self.perms_map:
raise PermissionDenied
return [perm % kwargs for perm in self.perms_map[method]]
def has_object_permission(self, request, view, obj):
return check_client_ip(request)
def has_permission(self, request, view):
"""
Access to containers
"""
from djangoldp.models import Model
if self.is_a_container(request._request.path):
try:
obj = Model.resolve_parent(request.path)
model = view.parent_model
except:
obj = None
model = view.model
else:
obj = Model.resolve_id(request._request.path)
model = view.model
def get_permissions(self, user, model, obj=None):
#Will always say there is no migrations, not taking the IP into accounts
return set()
# get permissions required
perms = self.get_permissions(request.method, model)
user_perms = self.user_permissions(request.user, model, obj)
# compare them with the permissions I have
for perm in perms:
if not perm.split('.')[-1].split('_')[0] in user_perms:
return False
class InheritPermissions(LDPBasePermission):
"""Gets the permissions from a related objects"""
@classmethod
def get_parent_fields(cls, model: object) -> list:
'''checks that the model is adequately configured and returns the associated model'''
assert hasattr(model._meta, 'inherit_permissions') and isinstance(model._meta.inherit_permissions, list), \
f'Model {model} has InheritPermissions applied without "inherit_permissions" defined as a list'
return True
return model._meta.inherit_permissions
def is_a_container(self, path):
from djangoldp.models import Model
container, id = Model.resolve(path)
return id is None
@classmethod
def get_parent_model(cls, model:object, field_name:str) -> object:
parent_model = model._meta.get_field(field_name).related_model
assert hasattr(parent_model._meta, 'permission_classes'), \
f'Related model {parent_model} has no "permission_classes" defined'
return parent_model
def get_parent_objects(self, obj:object, field_name:str) -> list:
'''gets the parent object'''
if obj is None:
return []
field = obj._meta.get_field(field_name)
if field.many_to_many or field.one_to_many:
return getattr(obj, field.get_accessor_name()).all()
parent = getattr(obj, field_name, None)
return [parent] if parent else []
@classmethod
def clone_with_model(self, request:object, view:object, model:object) -> tuple:
'''changes the model on the argument, so that they can be called on the parent model'''
# For some reason if we copy the request itself, we go into an infinite loop, so take the native request instead
_request = copy(request._request)
_request.model = model
_request.data = request.data #because the data is not present on the native request
_request._request = _request #so that it can be nested
_view = copy(view)
_view.queryset = None #to make sure the model is taken into account
_view.model = model
return _request, _view
def has_object_permission(self, request, view, obj):
"""
Access to objects
User have permission on request: Continue
User does not have permission: 403
"""
# get permissions required
perms = self.get_permissions(request.method, obj)
model = obj
user_perms = self.user_permissions(request.user, model, obj)
# compare them with the permissions I have
for perm in perms:
if not perm.split('.')[-1].split('_')[0] in user_perms:
return False
@classmethod
def generate_filter_backend(cls, parent:object, field_name:str) -> BaseFilterBackend:
'''returns a new Filter backend that applies all filters of the parent model'''
filter_arg = f'{field_name}__in'
backends = {perm().get_filter_backend(parent) for perm in parent._meta.permission_classes}
class InheritFilterBackend(BaseFilterBackend):
def __init__(self) -> None:
self.filters = []
for backend in backends:
if backend:
self.filters.append(backend())
def filter_queryset(self, request:object, queryset:object, view:object) -> object:
request, view = InheritPermissions.clone_with_model(request, view, parent)
for filter in self.filters:
allowed_parents = filter.filter_queryset(request, parent.objects.all(), view)
queryset = queryset.filter(**{filter_arg: allowed_parents})
return queryset
return InheritFilterBackend
@classmethod
def generate_filter_backend_for_none(cls, fields) -> BaseFilterBackend:
'''returns a new Filter backend that checks that none of the parent fields are set'''
class InheritNoneFilterBackend(BaseFilterBackend):
def filter_queryset(self, request:object, queryset:object, view:object) -> object:
return queryset.filter(**{field: None for field in fields})
return InheritNoneFilterBackend
@classmethod
def get_filter_backend(cls, model:object) -> BaseFilterBackend:
'''Returns a union filter backend of all filter backends of parents'''
fields = cls.get_parent_fields(model)
backends = [cls.generate_filter_backend(cls.get_parent_model(model, field), field) for field in fields]
backend_none = cls.generate_filter_backend_for_none(fields)
return join_filter_backends(*backends, backend_none, model=model, union=True)
def has_permission(self, request:object, view:object) -> bool:
'''Returns True unless we're trying to create a resource with a link to a parent we're not allowed to change'''
if request.method == 'POST':
for field in InheritPermissions.get_parent_fields(view.model):
if field in request.data:
model = InheritPermissions.get_parent_model(view.model, field)
parent = model.objects.get(urlid=request.data[field]['@id'])
_request, _view = InheritPermissions.clone_with_model(request, view, model)
if not all([perm().has_object_permission(_request, _view, parent) for perm in model._meta.permission_classes]):
return False
return True
def has_object_permission(self, request:object, view:object, obj:object) -> bool:
'''Returns True if at least one inheriting object has permission'''
if not obj:
return super().has_object_permission(request, view, obj)
parents = []
for field in InheritPermissions.get_parent_fields(view.model):
model = InheritPermissions.get_parent_model(view.model, field)
parent_request, parent_view = InheritPermissions.clone_with_model(request, view, model)
for parent_object in self.get_parent_objects(obj, field):
parents.append(parent_object)
try:
if all([perm().has_object_permission(parent_request, parent_view, parent_object) for perm in model._meta.permission_classes]):
return True
except Http404:
#keep trying
pass
# return False if there were parent resources but none accepted
return False if parents else True
def get_permissions(self, user:object, model:object, obj:object=None) -> set:
'''returns a union of all inheriting linked permissions'''
perms = set()
parents = []
for field in InheritPermissions.get_parent_fields(model):
parent_model = InheritPermissions.get_parent_model(model, field)
for parent_object in self.get_parent_objects(obj, field):
parents.append(parent_object)
perms = perms.union(set.intersection(*[perm().get_permissions(user, parent_model, parent_object)
for perm in parent_model._meta.permission_classes]))
if parents:
return perms
return super().get_permissions(user, model, obj)
\ No newline at end of file
djangoldp/related.py 0 → 100644
View file @ e97d33ad
from rest_framework.utils import model_meta
def get_prefetch_fields(model, serializer, depth, prepend_string=''):
'''
This method should then be used with queryset.prefetch_related, to auto-fetch joined resources (to speed up nested serialization)
This can speed up ModelViewSet and LDPViewSet alike by as high a factor as 2
:param model: the model to be analysed
:param serializer: an LDPSerializer instance. Used to extract the fields for each nested model
:param depth: the depth at which to stop the recursion (should be set to the configured depth of the ViewSet)
:param prepend_string: should be set to the default. Used in recursive calls
:return: set of strings to prefetch for a given model. Including serialized nested fields and foreign keys recursively
called on many-to-many fields until configured depth reached
'''
# the objective is to build a list of fields and nested fields which should be prefetched for the optimisation
# of database queries
fields = set()
# get a list of all fields which would be serialized on this model
# TODO: dynamically generating serializer fields is necessary to retrieve many-to-many fields at depth > 0,
# but the _all_ default has issues detecting reverse many-to-many fields
# meta_args = {'model': model, 'depth': 0, 'fields': getattr(model._meta, 'serializer_fields', '__all__')}
# meta_class = type('Meta', (), meta_args)
# serializer = (type(LDPSerializer)('TestSerializer', (LDPSerializer,), {'Meta': meta_class}))()
serializer_fields = set([f for f in serializer.get_fields()])
empty_containers = getattr(model._meta, 'empty_containers', [])
# we are only interested in foreign keys (and many-to-many relationships)
model_relations = model_meta.get_field_info(model).relations
for field_name, relation_info in model_relations.items():
# foreign keys can be added without fuss
if not relation_info.to_many:
fields.add((prepend_string + field_name))
continue
# nested fields should be added if serialized
if field_name in serializer_fields and field_name not in empty_containers:
fields.add((prepend_string + field_name))
# and they should also have their immediate foreign keys prefetched if depth not reached
if depth >= 0:
new_prepend_str = prepend_string + field_name + '__'
fields = fields.union(get_prefetch_fields(relation_info.related_model, serializer, depth - 1, new_prepend_str))
return fields
djangoldp/serializers.py
View file @ e97d33ad
import time
import uuid
from collections import OrderedDict, Mapping, Iterable
import json
from collections import OrderedDict
from collections.abc import Mapping, Iterable
from copy import copy
from typing import Any
from urllib import parse
......@@ -8,60 +10,114 @@ from django.conf import settings
from django.contrib.auth import get_user_model
from django.core.exceptions import ImproperlyConfigured
from django.core.exceptions import ValidationError as DjangoValidationError
from django.db import transaction
from django.db.models import QuerySet
from django.urls import resolve, Resolver404, get_script_prefix
from django.urls.resolvers import get_resolver
from django.db.models import QuerySet
from django.utils.datastructures import MultiValueDictKeyError
from django.utils.encoding import uri_to_iri
from django.utils.functional import cached_property
from rest_framework.exceptions import ValidationError
from rest_framework.fields import SkipField, empty, ReadOnlyField
from rest_framework.fields import get_error_detail, set_value
from rest_framework.relations import HyperlinkedRelatedField, ManyRelatedField, MANY_RELATION_KWARGS, Hyperlink
from rest_framework.relations import HyperlinkedRelatedField, ManyRelatedField, Hyperlink, MANY_RELATION_KWARGS
from rest_framework.serializers import HyperlinkedModelSerializer, ListSerializer, ModelSerializer, LIST_SERIALIZER_KWARGS
from rest_framework.settings import api_settings
from rest_framework.utils import model_meta
from rest_framework.utils.field_mapping import get_nested_relation_kwargs
from rest_framework.utils.serializer_helpers import ReturnDict
from rest_framework.utils.serializer_helpers import ReturnDict, BindingDict
from djangoldp.fields import LDPUrlField, IdURLField
from djangoldp.models import Model
from djangoldp.permissions import LDPPermissions
from djangoldp.permissions import DEFAULT_DJANGOLDP_PERMISSIONS
# defaults for various DjangoLDP settings (see documentation)
MAX_RECORDS_SERIALIZER_CACHE = getattr(settings, 'MAX_RECORDS_SERIALIZER_CACHE', 10000)
class InMemoryCache:
def __init__(self):
self.cache = {
'time': time.time()
}
def invalidate_cache(self):
def reset(self):
self.cache = {
'time': time.time()
}
def refresh_cache(self):
if time.time() - self.cache['time'] > 5:
self.invalidate_cache()
def has(self, cache_key, container_urlid=None, vary=None):
return cache_key in self.cache and \
(container_urlid is None or container_urlid in self.cache[cache_key]) and \
(vary is None or vary in self.cache[cache_key][container_urlid])
def has(self, cache_key):
return cache_key in self.cache
def get(self, cache_key):
return self.cache[cache_key]
def set(self, cache_key, value):
self.cache[cache_key] = value
def get(self, cache_key, container_urlid, vary):
if self.has(cache_key, container_urlid, vary):
return self.cache[cache_key][container_urlid][vary]['value']
else:
return None
def set(self, cache_key, container_urlid, vary, value):
if len(self.cache.keys()) > MAX_RECORDS_SERIALIZER_CACHE:
self.reset()
if cache_key not in self.cache:
self.cache[cache_key] = {}
if container_urlid not in self.cache[cache_key]:
self.cache[cache_key][container_urlid] = {}
self.cache[cache_key][container_urlid][vary] = {'value': value}
def invalidate(self, cache_key, container_urlid=None, vary=None):
# can clear cache_key -> container_urlid -> vary, cache_key -> container_urlid or cache_key
if container_urlid is not None:
if vary is not None:
self.cache[cache_key][container_urlid].pop(vary, None)
else:
self.cache[cache_key].pop(container_urlid, None)
else:
self.cache.pop(cache_key, None)
GLOBAL_SERIALIZER_CACHE = InMemoryCache()
class RDFSerializerMixin:
def add_permissions(self, data, user, model, obj=None):
'''takes a set or list of permissions and returns them in the JSON-LD format'''
if self.parent and not settings.LDP_INCLUDE_INNER_PERMS: #Don't serialize permissions on nested objects
return data
if user.is_superuser:
data['permissions'] = getattr(settings, 'DJANGOLDP_PERMISSIONS', DEFAULT_DJANGOLDP_PERMISSIONS)
return data
permission_classes = getattr(model._meta, 'permission_classes', [])
if not permission_classes:
return data
# The permissions must be given by all permission classes to be granted
permissions = set.intersection(*[permission().get_permissions(user, model, obj) for permission in permission_classes])
# Don't grant delete permissions on containers
if not obj and 'delete' in permissions:
permissions.remove('delete')
data['permissions'] = permissions
return data
def serialize_rdf_fields(self, obj, data, include_context=False):
'''adds the @type and the @context to the data'''
rdf_type = getattr(obj._meta, 'rdf_type', None)
rdf_context = getattr(obj._meta, 'rdf_context', None)
if rdf_type:
data['@type'] = rdf_type
if include_context and rdf_context:
data['@context'] = rdf_context
return data
def serialize_container(self, data, id, user, model, obj=None):
'''turns a list into a container representation'''
return self.add_permissions({'@id': id, '@type': 'ldp:Container', 'ldp:contains': data}, user, model, obj)
class LDListMixin:
class LDListMixin(RDFSerializerMixin):
'''A Mixin for serializing containers into JSONLD format'''
child_attr = 'child'
with_cache = getattr(settings, 'SERIALIZER_CACHE', True)
with_cache = True
to_representation_cache = InMemoryCache()
def get_child(self):
return getattr(self, self.child_attr)
# converts primitive data representation to the representation used within our application
def to_internal_value(self, data):
try:
......@@ -77,7 +133,51 @@ class LDListMixin:
if isinstance(data, str) and data.startswith("http"):
data = [{'@id': data}]
return [getattr(self, self.child_attr).to_internal_value(item) for item in data]
return [self.get_child().to_internal_value(item) for item in data]
def filter_queryset(self, queryset, child_model):
'''Applies the permission of the child model to the child queryset'''
view = copy(self.context['view'])
view.model = child_model
filter_backends = list({perm_class().get_filter_backend(child_model) for perm_class in
getattr(child_model._meta, 'permission_classes', []) if hasattr(perm_class(), 'get_filter_backend')})
for backend in filter_backends:
if backend:
queryset = backend().filter_queryset(self.context['request'], queryset, view)
return queryset
def compute_id(self, value):
'''generates the @id of the container'''
if not hasattr(self, 'parent_instance'):
#This is a container
return f"{settings.BASE_URL}{self.context['request'].path}"
return f"{settings.BASE_URL}{Model.resource_id(self.parent_instance)}{self.field_name}/"
def get_attribute(self, instance):
# save the parent object for nested field url
self.parent_instance = instance
return super().get_attribute(instance)
def check_cache(self, value, id, model, cache_vary):
'''Auxiliary function to avoid code duplication - checks cache and returns from it if it has entry'''
parent_meta = getattr(self.get_child(), 'Meta', getattr(self.parent, 'Meta', None))
depth = max(getattr(parent_meta, "depth", 0), 0) if parent_meta else 1
if depth:
# if the depth is greater than 0, we don't hit the cache, because a nested container might be outdated
# this Mixin may not have access to the depth of the parent serializer, e.g. if it's a ManyRelatedField
# in these cases we assume the depth is 0 and so we hit the cache
return None
cache_key = getattr(model._meta, 'label', None)
if self.with_cache and GLOBAL_SERIALIZER_CACHE.has(cache_key, id, cache_vary):
cache_value = GLOBAL_SERIALIZER_CACHE.get(cache_key, id, cache_vary)
# this check is to handle the situation where the cache has been invalidated by something we don't check
# namely if my permissions are upgraded then I may have access to view more objects
cache_under_value = cache_value['ldp:contains'] if 'ldp:contains' in cache_value else cache_value
if not hasattr(cache_under_value, '__len__') or not hasattr(value, '__len__') or (len(cache_under_value) == len(value)):
return cache_value
return False
def to_representation(self, value):
'''
......@@ -87,65 +187,35 @@ class LDListMixin:
- Can Add if add permission on contained object's type
- Can view the container is view permission on container model : container obj are filtered by view permission
'''
self.to_representation_cache.refresh_cache()
try:
child_model = getattr(self, self.child_attr).Meta.model
child_model = self.get_child().Meta.model
except AttributeError:
child_model = value.model
parent_model = None
if isinstance(value, QuerySet):
value = list(value)
if not isinstance(value, Iterable):
if not self.id.startswith('http'):
self.id = '{}{}{}'.format(settings.BASE_URL, Model.resource(parent_model), self.id)
cache_key = self.id
if self.with_cache and self.to_representation_cache.has(cache_key):
return self.to_representation_cache.get(cache_key)
filtered_values = value
container_permissions = Model.get_permissions(child_model, self.context['request'].user, ['view', 'add'])
else:
# this is a container. Parent model is the containing object, child the model contained
try:
parent_model = Model.resolve_parent(self.context['request'].path)
except:
parent_model = child_model
if not self.id.startswith('http'):
self.id = '{}{}{}'.format(settings.BASE_URL, Model.resource(parent_model), self.id)
cache_key = self.id
if self.with_cache and self.to_representation_cache.has(cache_key):
return self.to_representation_cache.get(cache_key)
# remove objects from the list which I don't have permission to view
filtered_values = list(
filter(lambda v: Model.get_permission_classes(v, [LDPPermissions])[0]().has_object_permission(
self.context['request'], self.context['view'], v), value))
container_permissions = Model.get_permissions(child_model, self.context['request'].user, ['add'])
container_permissions.extend(
Model.get_permissions(parent_model, self.context['request'].user,
['view']))
self.to_representation_cache.set(self.id, {'@id': self.id,
'@type': 'ldp:Container',
'ldp:contains': super().to_representation(filtered_values),
'permissions': container_permissions
})
return self.to_representation_cache.get(self.id)
def get_attribute(self, instance):
parent_id_field = self.parent.fields[self.parent.url_field_name]
context = self.parent.context
parent_id = parent_id_field.get_url(instance, parent_id_field.view_name, context['request'], context['format'])
self.id = parent_id + self.field_name + "/"
return super().get_attribute(instance)
user = self.context['request'].user
id = self.compute_id(value)
is_container = True
if getattr(self, 'parent', None): #If we're in a nested container
if isinstance(value, QuerySet) and getattr(self, 'parent', None):
value = self.filter_queryset(value, child_model)
if getattr(self, 'field_name', None) is not None:
if self.field_name in getattr(self.parent.Meta.model._meta, 'empty_containers', []):
return {'@id': id}
if not self.field_name in getattr(self.parent.Meta.model._meta, 'nested_fields', []):
is_container = False
cache_vary = str(user)
cache_result = self.check_cache(value, id, child_model, cache_vary)
if cache_result:
return cache_result
data = super().to_representation(value)
if is_container:
data = self.serialize_container(data, id, user, child_model)
GLOBAL_SERIALIZER_CACHE.set(getattr(child_model._meta, 'label'), id, cache_vary, data)
return GLOBAL_SERIALIZER_CACHE.get(getattr(child_model._meta, 'label'), id, cache_vary)
def get_value(self, dictionary):
try:
......@@ -201,31 +271,38 @@ class LDListMixin:
return obj
class IdentityFieldMixin:
def to_internal_value(self, data):
'''Gives the @id as a representation if present'''
try:
return super().to_internal_value(data[self.parent.url_field_name])
except (KeyError, TypeError):
return super().to_internal_value(data)
class ContainerSerializer(LDListMixin, ListSerializer):
class ContainerSerializer(LDListMixin, ListSerializer, IdentityFieldMixin):
id = ''
@property
def data(self):
return ReturnDict(super(ListSerializer, self).data, serializer=self)
def to_internal_value(self, data):
try:
return super().to_internal_value(data[self.parent.url_field_name])
except (KeyError, TypeError):
return super().to_internal_value(data)
class ManyJsonLdRelatedField(LDListMixin, ManyRelatedField):
child_attr = 'child_relation'
url_field_name = "@id"
class JsonLdField(HyperlinkedRelatedField):
class JsonLdField(HyperlinkedRelatedField, IdentityFieldMixin):
def __init__(self, view_name=None, **kwargs):
super().__init__(view_name, **kwargs)
self.get_lookup_args()
def get_url(self, obj, view_name, request, format):
'''Overridden from DRF to shortcut on urlid-holding objects'''
if hasattr(obj, 'urlid') and obj.urlid not in (None, ''):
return obj.urlid
return super().get_url(obj, view_name, request, format)
def get_lookup_args(self):
try:
lookup_field = get_resolver().reverse_dict[self.view_name][0][0][1][0]
......@@ -234,26 +311,25 @@ class JsonLdField(HyperlinkedRelatedField):
except MultiValueDictKeyError:
pass
class JsonLdRelatedField(JsonLdField, RDFSerializerMixin):
def use_pk_only_optimization(self):
return False
class JsonLdRelatedField(JsonLdField):
def to_representation(self, value):
try:
include_context = False
if Model.is_external(value):
return {'@id': value.urlid}
data = {'@id': value.urlid}
else:
return {'@id': super().to_representation(value)}
include_context = True
data = {'@id': super().to_representation(value)}
return self.serialize_rdf_fields(value, data, include_context=include_context)
except ImproperlyConfigured:
return value.pk
def to_internal_value(self, data):
try:
return super().to_internal_value(data[self.parent.url_field_name])
except (KeyError, TypeError):
return super().to_internal_value(data)
@classmethod
def many_init(cls, *args, **kwargs):
list_kwargs = {'child_relation': cls(*args, **kwargs)}
list_kwargs = {'child_relation': cls(*args, **kwargs),}
for key in kwargs:
if key in MANY_RELATION_KWARGS:
list_kwargs[key] = kwargs[key]
......@@ -270,13 +346,6 @@ class JsonLdIdentityField(JsonLdField):
def use_pk_only_optimization(self):
return False
def to_internal_value(self, data):
'''tells serializer how to write identity field'''
try:
return super().to_internal_value(data[self.parent.url_field_name])
except KeyError:
return super().to_internal_value(data)
def to_representation(self, value: Any) -> Any:
'''returns hyperlink representation of identity field'''
try:
......@@ -285,7 +354,7 @@ class JsonLdIdentityField(JsonLdField):
return Hyperlink(value, value)
# expecting a user instance. Compute the webid and return this in hyperlink format
else:
return Hyperlink(value.webid(), value)
return Hyperlink(value.urlid, value)
except AttributeError:
return super().to_representation(value)
......@@ -298,15 +367,39 @@ class JsonLdIdentityField(JsonLdField):
return super().get_attribute(instance)
class LDPSerializer(HyperlinkedModelSerializer):
class LDPSerializer(HyperlinkedModelSerializer, RDFSerializerMixin):
url_field_name = "@id"
serializer_related_field = JsonLdRelatedField
serializer_url_field = JsonLdIdentityField
ModelSerializer.serializer_field_mapping[LDPUrlField] = IdURLField
with_cache = True
# The default serializer repr ends in infinite loop. Overloading it prevents that.
def __repr__(self):
return self.__class__.__name__
@cached_property
def fields(self):
"""
A dictionary of {field_name: field_instance}.
"""
# `fields` is evaluated lazily. We do this to ensure that we don't
# have issues importing modules that use ModelSerializers as fields,
# even if Django's app-loading stage has not yet run.
fields = BindingDict(self)
# we allow the request object to specify a subset of fields which should be serialized
model_fields = self.get_fields()
req_header_accept_shape = self.context['request'].META.get('HTTP_ACCEPT_MODEL_FIELDS') if 'request' in self.context else None
try:
allowed_fields = list(set(json.loads(req_header_accept_shape)).intersection(model_fields.keys())) if req_header_accept_shape is not None else model_fields.keys()
except json.decoder.JSONDecodeError:
raise ValidationError("Please send the HTTP header Accept-Model-Fields as an array of strings")
to_representation_cache = InMemoryCache()
for key, value in model_fields.items():
if key in allowed_fields:
fields[key] = value
return fields
def get_default_field_names(self, declared_fields, model_info):
try:
......@@ -316,19 +409,12 @@ class LDPSerializer(HyperlinkedModelSerializer):
return fields + list(getattr(self.Meta, 'extra_fields', []))
def to_representation(self, obj):
# external Models should only be returned with an id (on GET)
self.to_representation_cache.refresh_cache()
if self.context['request'].method == 'GET' and Model.is_external(obj):
return {'@id': obj.urlid}
if self.with_cache and hasattr(obj, 'urlid'):
if self.to_representation_cache.has(obj.urlid):
data = self.to_representation_cache.get(obj.urlid)
else:
data = super().to_representation(obj)
self.to_representation_cache.set(obj.urlid, data)
else:
data = super().to_representation(obj)
# external Models should only be returned with rdf values
if Model.is_external(obj):
data = {'@id': obj.urlid}
return self.serialize_rdf_fields(obj, data)
data = super().to_representation(obj)
slug_field = Model.slug_field(obj)
for field in data:
......@@ -339,61 +425,45 @@ class LDPSerializer(HyperlinkedModelSerializer):
data['@id'] = data.pop('urlid')['@id']
if not '@id' in data:
data['@id'] = '{}{}'.format(settings.SITE_URL, Model.resource(obj))
rdf_type = Model.get_meta(obj, 'rdf_type', None)
rdf_context = Model.get_meta(obj, 'rdf_context', None)
if rdf_type is not None:
data['@type'] = rdf_type
if rdf_context is not None:
data['@context'] = rdf_context
data['permissions'] = Model.get_permissions(obj, self.context['request'].user,
['view', 'change', 'control', 'delete'])
data = self.serialize_rdf_fields(obj, data, include_context=True)
data = self.add_permissions(data, self.context['request'].user, type(obj), obj=obj)
return data
def build_property_field(self, field_name, model_class):
class JSonLDPropertyField(ReadOnlyField):
def to_representation(self, instance):
from djangoldp.views import LDPViewSet
if isinstance(instance, QuerySet) or isinstance(instance, Model):
try:
model_class = instance.model
except:
model_class = instance.__class__
serializer_generator = LDPViewSet(model=model_class,
lookup_field=Model.get_meta(model_class, 'lookup_field', 'pk'),
permission_classes=Model.get_meta(model_class,
'permission_classes',
[LDPPermissions]),
fields=Model.get_meta(model_class, 'serializer_fields', []),
nested_fields=model_class.nested.nested_fields())
parent_depth = max(getattr(self.parent.Meta, "depth", 0) - 1, 0)
serializer_generator.depth = parent_depth
serializer = serializer_generator.build_read_serializer()(context=self.parent.context)
if parent_depth is 0:
serializer.Meta.fields = ["@id"]
if isinstance(instance, QuerySet):
data = list(instance)
return {'@id': '{}{}{}/'.format(settings.SITE_URL, '{}{}/', self.source),
'@type': 'ldp:Container',
'ldp:contains': [serializer.to_representation(item) if item is not None else None for
item
in data],
'permissions': Model.get_permissions(self.parent.Meta.model,
self.context['request'].user,
['view', 'add'])
}
else:
return serializer.to_representation(instance)
if isinstance(instance, QuerySet):
model = instance.model
elif isinstance(instance, Model):
model = type(instance)
else:
return instance
depth = max(getattr(self.parent.Meta, "depth", 0) - 1, 0)
fields = ["@id"] if depth==0 else getattr(model._meta, 'serializer_fields', [])
serializer_generator = LDPViewSet(model=model, fields=fields, depth=depth,
lookup_field=getattr(model._meta, 'lookup_field', 'pk'),
permission_classes=getattr(model._meta, 'permission_classes', []),
nested_fields=getattr(model._meta, 'nested_fields', []))
serializer = serializer_generator.get_serializer_class()(context=self.parent.context)
if isinstance(instance, QuerySet):
id = '{}{}{}/'.format(settings.SITE_URL, '{}{}/', self.source)
children = [serializer.to_representation(item) for item in instance]
return self.parent.serialize_container(children, id, self.parent.context['request'].user, model)
else:
return serializer.to_representation(instance)
field_class = JSonLDPropertyField
field_kwargs = {}
return JSonLDPropertyField, {}
return field_class, field_kwargs
def handle_value_object(self, value):
'''
In JSON-LD value-objects can be passed in, which store some context on the field passed. By overriding this
function you can react to this context on a field without overriding build_standard_field
'''
return value['@value']
def build_standard_field(self, field_name, model_field):
class JSonLDStandardField:
......@@ -424,6 +494,10 @@ class LDPSerializer(HyperlinkedModelSerializer):
if self.field_name == '@id' and value == './':
self.field_name = 'urlid'
return None
if isinstance(value, dict) and '@value' in value:
value = self.parent.handle_value_object(value)
return self.manage_empty(value)
def manage_empty(self, value):
......@@ -442,9 +516,7 @@ class LDPSerializer(HyperlinkedModelSerializer):
return type(field_class.__name__ + 'Valued', (JSonLDStandardField, field_class), {}), field_kwargs
def build_nested_field(self, field_name, relation_info, nested_depth):
class NestedLDPSerializer(self.__class__):
class Meta:
model = relation_info.related_model
depth = nested_depth - 1
......@@ -454,11 +526,8 @@ class LDPSerializer(HyperlinkedModelSerializer):
fields = '__all__'
def to_internal_value(self, data):
if data is '':
if data == '':
return ''
# workaround for Hubl app - 293
if 'username' in data and not self.url_field_name in data:
data[self.url_field_name] = './'
if self.url_field_name in data:
if not isinstance(data, Mapping):
message = self.error_messages['invalid'].format(
......@@ -473,7 +542,6 @@ class LDPSerializer(HyperlinkedModelSerializer):
# validate fields passed in the data
fields = list(filter(lambda x: x.field_name in data, self._writable_fields))
for field in fields:
validate_method = getattr(self, 'validate_' + field.field_name, None)
primitive_value = field.get_value(data)
......@@ -493,23 +561,26 @@ class LDPSerializer(HyperlinkedModelSerializer):
if errors:
raise ValidationError(errors)
# resolve path of the resource
# if it's a local resource - use the path to resolve the slug_field on the model
uri = data[self.url_field_name]
http_prefix = uri.startswith(('http:', 'https:'))
if not Model.is_external(uri):
http_prefix = uri.startswith(('http:', 'https:'))
if http_prefix:
uri = parse.urlparse(uri).path
prefix = get_script_prefix()
if uri.startswith(prefix):
uri = '/' + uri[len(prefix):]
if http_prefix:
uri = parse.urlparse(uri).path
prefix = get_script_prefix()
if uri.startswith(prefix):
uri = '/' + uri[len(prefix):]
try:
match = resolve(uri_to_iri(uri))
slug_field = Model.slug_field(self.__class__.Meta.model)
ret[slug_field] = match.kwargs[slug_field]
except Resolver404:
if 'urlid' in data:
ret['urlid'] = data['urlid']
try:
match = resolve(uri_to_iri(uri))
slug_field = Model.slug_field(self.__class__.Meta.model)
ret[slug_field] = match.kwargs[slug_field]
except Resolver404:
pass
if 'urlid' in data:
ret['urlid'] = data['urlid']
else:
ret = super().to_internal_value(data)
......@@ -542,15 +613,16 @@ class LDPSerializer(HyperlinkedModelSerializer):
list_serializer_class = getattr(meta, 'list_serializer_class', ContainerSerializer)
serializer = list_serializer_class(*args, **list_kwargs)
if 'context' in kwargs and getattr(kwargs['context']['view'], 'nested_field', None) is not None:
serializer.id = '{}{}/'.format(serializer.id, kwargs['context']['view'].nested_field)
elif 'context' in kwargs:
serializer.id = '{}{}'.format(settings.BASE_URL, kwargs['context']['view'].request.path)
# if the child serializer has disabled the cache, really it means disable it on the container
if hasattr(child_serializer, 'with_cache'):
serializer.with_cache = child_serializer.with_cache
return serializer
def to_internal_value(self, data):
is_user_and_external = self.Meta.model is get_user_model() and '@id' in data and not data['@id'].startswith(
settings.BASE_URL)
#TODO: This hack is needed because external users don't pass validation.
# Objects require all fields to be optional to be created as external, and username is required.
is_user_and_external = self.Meta.model is get_user_model() and '@id' in data and Model.is_external(data['@id'])
if is_user_and_external:
data['username'] = 'external'
ret = super().to_internal_value(data)
......@@ -589,9 +661,9 @@ class LDPSerializer(HyperlinkedModelSerializer):
return super().get_value(dictionary)
def create(self, validated_data):
instance = self.internal_create(validated_data, model=self.Meta.model)
self.attach_related_object(instance, validated_data)
with transaction.atomic():
instance = self.internal_create(validated_data, model=self.Meta.model)
self.attach_related_object(instance, validated_data)
return instance
......@@ -610,7 +682,7 @@ class LDPSerializer(HyperlinkedModelSerializer):
def internal_create(self, validated_data, model):
validated_data = self.resolve_fk_instances(model, validated_data, True)
# build tuples list of nested_field keys and their values
# build tuples list of nested_field keys and their values. All list values are considered nested fields
nested_fields = []
nested_list_fields_name = list(filter(lambda key: isinstance(validated_data[key], list), validated_data))
for field_name in nested_list_fields_name:
......@@ -618,10 +690,13 @@ class LDPSerializer(HyperlinkedModelSerializer):
info = model_meta.get_field_info(model)
many_to_many = []
one_to_one = {}
for field_name, relation_info in info.relations.items():
if relation_info.to_many and relation_info.reverse and (
field_name in validated_data) and not field_name is None:
many_to_many.append((field_name, validated_data.pop(field_name)))
elif relation_info.reverse and (field_name in validated_data) and not field_name is None:
one_to_one[field_name] = validated_data[field_name]
validated_data = self.remove_empty_value(validated_data)
if model is get_user_model() and not 'username' in validated_data:
......@@ -631,6 +706,11 @@ class LDPSerializer(HyperlinkedModelSerializer):
for field_name, value in many_to_many:
validated_data[field_name] = value
if one_to_one:
for field_name, value in one_to_one.items():
setattr(instance, field_name, value)
value.save()
self.save_or_update_nested_list(instance, nested_fields)
return instance
......@@ -638,13 +718,12 @@ class LDPSerializer(HyperlinkedModelSerializer):
def remove_empty_value(self, validated_data):
'''sets any empty strings in the validated_data to None'''
for attr, value in validated_data.items():
if value is '':
if value == '':
validated_data[attr] = None
return validated_data
def update(self, instance, validated_data):
model = self.Meta.model
nested_fields = []
nested_fields_name = list(filter(lambda key: isinstance(validated_data[key], list), validated_data))
for field_name in nested_fields_name:
......@@ -653,7 +732,7 @@ class LDPSerializer(HyperlinkedModelSerializer):
for attr, value in validated_data.items():
if isinstance(value, dict):
value = self.update_dict_value(attr, instance, value)
if value is '' and not isinstance(getattr(instance, attr), str):
if value == '' and not isinstance(getattr(instance, attr), str):
setattr(instance, attr, None)
else:
setattr(instance, attr, value)
......@@ -708,14 +787,16 @@ class LDPSerializer(HyperlinkedModelSerializer):
def update_dict_value(self, attr, instance, value):
info = model_meta.get_field_info(instance)
slug_field = Model.slug_field(instance)
relation_info = info.relations.get(attr)
if slug_field in value :
slug_field = Model.slug_field(relation_info.related_model)
if slug_field in value:
value = self.update_dict_value_when_id_is_provided(attr, instance, relation_info, slug_field, value)
else:
if 'urlid' in value:
if parse.urlparse(settings.BASE_URL).netloc == parse.urlparse(value['urlid']).netloc:
model, value = Model.resolve(value['urlid'])
model, oldObj = Model.resolve(value['urlid'])
value = self.update(instance=oldObj, validated_data=value)
elif hasattr(relation_info.related_model, 'urlid'):
value = Model.get_or_create_external(relation_info.related_model, value['urlid'])
else:
......@@ -748,7 +829,8 @@ class LDPSerializer(HyperlinkedModelSerializer):
manager = getattr(instance, attr)
oldObj = manager._meta.model.objects.get(**kwargs)
else:
oldObj = getattr(instance, attr)
related_model = relation_info.related_model
oldObj = related_model.objects.get(**kwargs)
value = self.update(instance=oldObj, validated_data=value)
return value
......@@ -757,22 +839,19 @@ class LDPSerializer(HyperlinkedModelSerializer):
for (field_name, data) in nested_fields:
manager = getattr(instance, field_name)
field_model = manager.model
slug_field = Model.slug_field(manager.model)
slug_field = Model.slug_field(field_model)
try:
item_pk_to_keep = list(map(lambda e: e[slug_field], filter(lambda x: slug_field in x, data)))
item_pk_to_keep = [obj_dict[slug_field] for obj_dict in data if slug_field in obj_dict]
except TypeError:
item_pk_to_keep = list(
map(lambda e: getattr(e, slug_field), filter(lambda x: hasattr(x, slug_field), data)))
item_pk_to_keep = [getattr(obj, slug_field) for obj in data if hasattr(obj, slug_field)]
if getattr(manager, 'through', None) is None:
for item in list(manager.all()):
if not str(getattr(item, slug_field)) in item_pk_to_keep:
item.delete()
else:
if hasattr(manager, 'through'):
manager.clear()
else:
manager.exclude(pk__in=item_pk_to_keep).delete()
for item in data:
if not isinstance(item, dict):
if isinstance(item, Model):
item.save()
saved_item = item
elif slug_field in item:
......@@ -780,7 +859,7 @@ class LDPSerializer(HyperlinkedModelSerializer):
saved_item = self.get_or_create(field_model, item, kwargs)
elif 'urlid' in item:
# has urlid and is a local resource
if parse.urlparse(settings.BASE_URL).netloc == parse.urlparse(item['urlid']).netloc:
if not Model.is_external(item['urlid']):
model, old_obj = Model.resolve(item['urlid'])
if old_obj is not None:
saved_item = self.update(instance=old_obj, validated_data=item)
......@@ -800,7 +879,8 @@ class LDPSerializer(HyperlinkedModelSerializer):
pass
saved_item = self.internal_create(validated_data=item, model=manager.model)
if getattr(manager, 'through', None) is not None and manager.through._meta.auto_created:
if hasattr(manager, 'through') and manager.through._meta.auto_created:
#First remove to avoid duplicates
manager.remove(saved_item)
manager.add(saved_item)
......@@ -810,4 +890,4 @@ class LDPSerializer(HyperlinkedModelSerializer):
saved_item = self.update(instance=old_obj, validated_data=item)
except field_model.DoesNotExist:
saved_item = self.internal_create(validated_data=item, model=field_model)
return saved_item
return saved_item
\ No newline at end of file
djangoldp/templates/swagger-ui.html 0 → 100644
View file @ e97d33ad
<!DOCTYPE html>
<html>
<head>
<title>Swagger</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="https://unpkg.com/swagger-ui-dist@3/swagger-ui.css">
</head>
<body>
<div id="swagger-ui"></div>
<script src="https://unpkg.com/swagger-ui-dist@3/swagger-ui-bundle.js"></script>
<script>
const ui = SwaggerUIBundle({
url: "{% url 'schema' %}",
dom_id: '#swagger-ui',
presets: [
SwaggerUIBundle.presets.apis,
SwaggerUIBundle.SwaggerUIStandalonePreset
],
layout: "BaseLayout",
requestInterceptor: (request) => {
request.headers['X-CSRFToken'] = "{{ csrf_token }}"
return request;
}
})
</script>
</body>
</html>
\ No newline at end of file
djangoldp/tests/djangoldp_settings.py 0 → 100644
View file @ e97d33ad
"""
This module is meant to be used as a testing LDP package.
It contains configuration elements imported by a djangoldp-package
when the django server is setup.
"""
# define an extra variables
MYPACKAGEVAR = 'ok'
USE_I18N = False
# register an extra middleware
MIDDLEWARE = [
'djangoldp.tests.dummy.middleware.DummyMiddleware'
]
# register an extra installed app
INSTALLED_APPS = [
'djangoldp.tests.dummy.apps.DummyConfig'
]
SECRET_KEY = "$r&)p-4k@h5b!1yrft6&q%j)_p$lxqh6#)jeeu0z1iag&y&wdu"
djangoldp/tests/djangoldp_urls.py
View file @ e97d33ad
from django.conf.urls import re_path
from djangoldp.permissions import LDPPermissions
from djangoldp.tests.models import Skill, JobOffer, Message, Conversation, Dummy, PermissionlessDummy, Task, DateModel
from django.urls import path
from djangoldp.tests.models import Message, Conversation, Dummy, PermissionlessDummy, Task, DateModel, LDPDummy
from djangoldp.permissions import ACLPermissions
from djangoldp.views import LDPViewSet
urlpatterns = [
re_path(r'^messages/', LDPViewSet.urls(model=Message, permission_classes=[LDPPermissions], fields=["@id", "text", "conversation"], nested_fields=['conversation'])),
re_path(r'^conversations/', LDPViewSet.urls(model=Conversation, nested_fields=["message_set"], permission_classes=[LDPPermissions])),
re_path(r'^tasks/', LDPViewSet.urls(model=Task, permission_classes=[LDPPermissions])),
re_path(r'^dates/', LDPViewSet.urls(model=DateModel, permission_classes=[LDPPermissions])),
re_path(r'^dummys/', LDPViewSet.urls(model=Dummy, permission_classes=[LDPPermissions], lookup_field='slug',)),
re_path(r'^permissionless-dummys/', LDPViewSet.urls(model=PermissionlessDummy, permission_classes=[LDPPermissions], lookup_field='slug',)),
path('messages/', LDPViewSet.urls(model=Message, fields=["@id", "text", "conversation"], nested_fields=['conversation'])),
path('tasks/', LDPViewSet.urls(model=Task)),
path('conversations/', LDPViewSet.urls(model=Conversation, nested_fields=["message_set", "observers"])),
path('dummys/', LDPViewSet.urls(model=Dummy, lookup_field='slug',)),
path('permissionless-dummys/', LDPViewSet.urls(model=PermissionlessDummy, lookup_field='slug', permission_classes=[ACLPermissions])),
]
djangoldp/tests/dummy/__init__.py 0 → 100644
View file @ e97d33ad
djangoldp/tests/dummy/apps.py 0 → 100644
View file @ e97d33ad
"""This module contains apps for testing."""
from django.apps import AppConfig
class DummyConfig(AppConfig):
# 'djangoldp.tests' is already registered as an installed app (it simulates a LDP package)
name = 'djangoldp.tests.dummy'
djangoldp/tests/dummy/middleware.py 0 → 100644
View file @ e97d33ad
"""This module contains a dummy middleware for djangoldp testing."""
class DummyMiddleware(object):
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
return self.get_response(request)
djangoldp/tests/fixtures/inbox.json 0 → 100644
View file @ e97d33ad
[{"model": "djangoldp_notification.notification", "pk": 100, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 101, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 102, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 103, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 104, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 105, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 106, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 107, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 108, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 109, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 110, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 111, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 112, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 113, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 114, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 115, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 116, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 117, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 118, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 119, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 120, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 121, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 122, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 123, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 124, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 125, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 126, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 127, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 128, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 129, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 130, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 131, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 132, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 133, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 134, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 135, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 136, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 137, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 138, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 139, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 140, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 141, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 142, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 143, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 144, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 145, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 146, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 147, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 148, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 149, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 150, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 151, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 152, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 153, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 154, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 155, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 156, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 157, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 158, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 159, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 160, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 161, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 162, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 163, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 164, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 165, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 166, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 167, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 168, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 169, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 170, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 171, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 172, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 173, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 174, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 175, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 176, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 177, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 178, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 179, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 180, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 181, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 182, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 183, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 184, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 185, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 186, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 187, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 188, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 189, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 190, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 191, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 192, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 193, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 194, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 195, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 196, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 197, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 198, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 199, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}, {"model": "djangoldp_notification.notification", "pk": 200, "fields": {"user": "1", "author": "Test", "object": "http://localhost:8000/users/admin/", "type": "Update", "summary": "Test", "date": "2020-11-26"}}]
\ No newline at end of file
djangoldp/tests/fixtures/live.json 0 → 100644
View file @ e97d33ad
source diff could not be displayed: it is too large. Options to address this: view the blob.
djangoldp/tests/fixtures/test.json
View file @ e97d33ad
source diff could not be displayed: it is too large. Options to address this: view the blob.
djangoldp/tests/fixtures/test_1000.json deleted 100644 → 0
View file @ 58ae8934
source diff could not be displayed: it is too large. Options to address this: view the blob.
djangoldp/tests/fixtures/test_ten_1000.json deleted 100644 → 0
View file @ 58ae8934
source diff could not be displayed: it is too large. Options to address this: view the blob.