Bases: ModelViewSet
API endpoint that allows users to be viewed or edited.
Source code in backend/reports/views.py
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58 | class ReportViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows users to be viewed or edited.
"""
queryset = Report.objects.all()
serializer_class = ReportSerializer
pagination_class = LimitOffsetPagination
filter_backends = [DjangoFilterBackend, filters.SearchFilter, filters.OrderingFilter]
search_fields = ['notebook']
def perform_create(self, serializer):
serializer.save(dataset_id=self.request.data['dataset'])
instance: Report = serializer.instance
instance.creator = self.request.user
instance.save()
def get_queryset(self):
if self.request.user.is_superuser:
return super().get_queryset()
return super().get_queryset().filter(
Q(creator=self.request.user) | (Q(discoverable=True) & ~Q(share_mode=Report.ShareModes.PRIVATE))
)
def get_permissions(self):
permissions = super().get_permissions()
if self.action in ['update', 'partial_update']:
permissions.append(CanEditReport())
if self.action in ['destroy']:
permissions.append(IsOwner())
if self.action in ['retrieve']:
permissions.append(CanViewReport())
return permissions
|