myapp.views module¶
-
myapp.views.
REQUIRED_SCOPES_ALTS
= {'DELETE': [['auth-columbia', 'demo-netphone-admin', 'delete'], ['auth-none', 'demo-netphone-admin', 'delete']], 'GET': [['auth-columbia', 'read'], ['auth-none', 'read']], 'HEAD': [['read']], 'OPTIONS': [['read']], 'PATCH': [['auth-columbia', 'demo-netphone-admin', 'update'], ['auth-none', 'demo-netphone-admin', 'update']], 'POST': [['auth-columbia', 'demo-netphone-admin', 'create'], ['auth-none', 'demo-netphone-admin', 'create']]}¶ For a given HTTP method, a list of valid alternative required scopes. For instance, GET will be allowed if “auth-columbia read” OR “auth-none read” scopes are provided. Note that even HEAD and OPTIONS require the client to be authorized with at least “read” scope.
-
class
myapp.views.
MyDjangoModelPermissions
[source]¶ Bases:
rest_framework.permissions.DjangoModelPermissions
Override DjangoModelPermissions to require view permission as well: The default allows view by anybody.
-
perms_map
= {'DELETE': ['%(app_label)s.delete_%(model_name)s'], 'GET': ['%(app_label)s.view_%(model_name)s'], 'HEAD': ['%(app_label)s.view_%(model_name)s'], 'OPTIONS': ['%(app_label)s.view_%(model_name)s'], 'PATCH': ['%(app_label)s.change_%(model_name)s'], 'POST': ['%(app_label)s.add_%(model_name)s']}¶ the usual permissions map plus GET. Also, we omit PUT since we only use PATCH with {json:api}.
-
-
class
myapp.views.
AuthnAuthzMixIn
[source]¶ Bases:
object
Common Authn/Authz mixin for all View and ViewSet-derived classes:
-
authentication_classes
= (<class 'rest_framework.authentication.BasicAuthentication'>, <class 'rest_framework.authentication.SessionAuthentication'>, <class 'oauth2_provider.contrib.rest_framework.authentication.OAuth2Authentication'>)¶ In production Oauth2 is preferred; Allow Basic and Session for testing and browseable API.
-
permission_classes
= [<rest_condition.permissions.Condition object>]¶ Either use Scope-based OAuth 2.0 token checking OR authenticated user w/Model Permissions.
-
required_alternate_scopes
= {'DELETE': [['auth-columbia', 'demo-netphone-admin', 'delete'], ['auth-none', 'demo-netphone-admin', 'delete']], 'GET': [['auth-columbia', 'read'], ['auth-none', 'read']], 'HEAD': [['read']], 'OPTIONS': [['read']], 'PATCH': [['auth-columbia', 'demo-netphone-admin', 'update'], ['auth-none', 'demo-netphone-admin', 'update']], 'POST': [['auth-columbia', 'demo-netphone-admin', 'create'], ['auth-none', 'demo-netphone-admin', 'create']]}¶ list of alternatives for required scopes
-
-
class
myapp.views.
CourseBaseViewSet
(**kwargs)[source]¶ Bases:
myapp.views.AuthnAuthzMixIn
,rest_framework_json_api.views.ModelViewSet
Base ViewSet for all our ViewSets:
- Adds Authn/Authz
-
class
myapp.views.
CourseViewSet
(**kwargs)[source]¶ Bases:
myapp.views.CourseBaseViewSet
A course of instruction. e.g. COMSW1002 Computing in Context
-
serializer_class
¶ alias of
myapp.serializers.CourseSerializer
-
filterset_fields
= {'course_description': ('icontains', 'iexact', 'contains', 'exact', 'lt', 'gt', 'gte', 'lte', 'in'), 'course_identifier': ('icontains', 'iexact', 'contains', 'exact', 'lt', 'gt', 'gte', 'lte', 'in'), 'course_name': ('exact', 'icontains', 'iexact', 'contains'), 'course_number': ('exact',), 'course_terms__term_identifier': ('exact', 'lt', 'gt', 'gte', 'lte', 'in'), 'id': ('exact', 'lt', 'gt', 'gte', 'lte', 'in'), 'school_bulletin_prefix_code': ('exact', 'regex'), 'subject_area_code': ('exact', 'lt', 'gt', 'gte', 'lte', 'in')}¶ See https://docs.djangoproject.com/en/stable/ref/models/querysets/#field-lookups for all the possible filters.
-
search_fields
= ('course_name', 'course_description', 'course_identifier', 'course_number')¶ Keyword searches are across these fields.
-
-
class
myapp.views.
CourseTermViewSet
(**kwargs)[source]¶ Bases:
myapp.views.CourseBaseViewSet
A specific course term (year+semester) instance. e.g. 20183COMSW1002
-
serializer_class
¶
-
filterset_fields
= {'audit_permitted_code': ['exact'], 'course__id': ('exact', 'lt', 'gt', 'gte', 'lte', 'in'), 'exam_credit_flag': ['exact'], 'id': ('exact', 'lt', 'gt', 'gte', 'lte', 'in'), 'term_identifier': ('exact', 'lt', 'gt', 'gte', 'lte', 'in')}¶ defined filter[] names
-
search_fields
= ('term_identifier',)¶ Keyword searches are just this one field.
-
-
class
myapp.views.
PersonViewSet
(**kwargs)[source]¶ Bases:
myapp.views.CourseBaseViewSet
A person.
-
serializer_class
¶ alias of
myapp.serializers.PersonSerializer
-
class
Meta
[source]¶ Bases:
object
In addition to specific filters defined above, also generate some automatic filters.
-
model
¶ alias of
myapp.models.Person
-
-
-
class
myapp.views.
InstructorFilterSet
(data=None, queryset=None, *, request=None, prefix=None)[source]¶ Bases:
django_filters.rest_framework.filterset.FilterSet
Extend
django_filters.rest_framework.FilterSet
for the Instructor modelIncludes a filter “alias” for a chained search from instructor->course_term->course
-
course_name
= None¶ filter[course_name] is an alias for the path course_terms.course.course_name
-
course_name__gt
= None¶ filter[course_name_gt] for greater-than, etc.
-
name
= None¶ filter[name] is an alias for the path course_terms.instructor.person.name
-
name__gt
= None¶ filter[name_gt] for greater-than, etc.
-
class
Meta
[source]¶ Bases:
object
In addition to specific filters defined above, also generate some automatic filters.
-
model
¶ alias of
myapp.models.Instructor
-
-
-
class
myapp.views.
InstructorViewSet
(**kwargs)[source]¶ Bases:
myapp.views.CourseBaseViewSet
An instructor.
-
serializer_class
¶
-
filterset_class
¶ alias of
InstructorFilterSet
-
-
class
myapp.views.
CourseRelationshipView
(**kwargs)[source]¶ Bases:
myapp.views.AuthnAuthzMixIn
,rest_framework_json_api.views.RelationshipView
View for courses.relationships
-
class
myapp.views.
CourseTermRelationshipView
(**kwargs)[source]¶ Bases:
myapp.views.AuthnAuthzMixIn
,rest_framework_json_api.views.RelationshipView
View for course_terms.relationships
-
class
myapp.views.
InstructorRelationshipView
(**kwargs)[source]¶ Bases:
myapp.views.AuthnAuthzMixIn
,rest_framework_json_api.views.RelationshipView
View for instructors.relationships
-
class
myapp.views.
PersonRelationshipView
(**kwargs)[source]¶ Bases:
myapp.views.AuthnAuthzMixIn
,rest_framework_json_api.views.RelationshipView
View for people.relationships