Fakultas Ilmu Komputer UI
Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
PMPL
Class Project
Kape
Commits
4d15e63a
Commit
4d15e63a
authored
Mar 28, 2017
by
Zamil Majdy
Browse files
[#140382397]
#11
Update permission and seed
parent
56c05c74
Changes
7
Expand all
Hide whitespace changes
Inline
Side-by-side
core/lib/permissions.py
0 → 100644
View file @
4d15e63a
from
rest_framework
import
permissions
from
rest_framework.exceptions
import
APIException
from
core.models
import
Company
from
core.models
import
Student
from
core.models
import
Supervisor
def
is_admin_or_student
(
user
):
return
user
.
is_superuser
or
hasattr
(
user
,
"student"
)
def
is_admin_or_company
(
user
):
return
user
.
is_superuser
or
hasattr
(
user
,
"company"
)
def
is_admin_or_supervisor
(
user
):
return
user
.
is_superuser
or
hasattr
(
user
,
"supervisor"
)
class
IsAdminOrSelfOrReadOnly
(
permissions
.
BasePermission
):
def
has_object_permission
(
self
,
request
,
view
,
obj
):
if
request
.
method
in
permissions
.
SAFE_METHODS
:
return
True
if
request
.
user
.
is_superuser
:
return
True
# Instance must have an attribute named `user` or be `user`
if
hasattr
(
obj
,
"user"
):
return
obj
.
user
==
request
.
user
return
obj
==
request
.
user
class
IsAdminOrStudent
(
permissions
.
BasePermission
):
def
has_permission
(
self
,
request
,
view
):
return
is_admin_or_student
(
request
.
user
)
def
has_object_permission
(
self
,
request
,
view
,
obj
):
user
=
request
.
user
if
user
.
is_superuser
:
return
True
student
=
None
if
isinstance
(
obj
,
Student
):
student
=
obj
elif
hasattr
(
obj
,
"student"
):
student
=
obj
.
student
else
:
raise
APIException
(
"Checking student permission on object {} not associated with carrier"
.
format
(
type
(
obj
.
__name__
))
)
return
hasattr
(
user
,
"student"
)
and
user
.
student
==
student
class
IsAdminOrSupervisor
(
permissions
.
BasePermission
):
def
has_permission
(
self
,
request
,
view
):
return
is_admin_or_supervisor
(
request
.
user
)
def
has_object_permission
(
self
,
request
,
view
,
obj
):
user
=
request
.
user
if
user
.
is_superuser
:
return
True
supervisor
=
None
if
isinstance
(
obj
,
Supervisor
):
supervisor
=
obj
elif
hasattr
(
obj
,
"supervisor"
):
supervisor
=
obj
.
supervisor
else
:
raise
APIException
(
"Checking supervisor permission on object {} not associated with carrier"
.
format
(
type
(
obj
.
__name__
))
)
return
hasattr
(
user
,
"supervisor"
)
and
user
.
supervisor
==
supervisor
class
IsAdminOrCompany
(
permissions
.
BasePermission
):
def
has_permission
(
self
,
request
,
view
):
return
is_admin_or_company
(
request
.
user
)
def
has_object_permission
(
self
,
request
,
view
,
obj
):
user
=
request
.
user
if
user
.
is_superuser
:
return
True
company
=
None
if
isinstance
(
obj
,
Company
):
company
=
obj
elif
hasattr
(
obj
,
"company"
):
company
=
obj
.
company
else
:
raise
APIException
(
"Checking company permission on object {} not associated with carrier"
.
format
(
type
(
obj
.
__name__
))
)
return
hasattr
(
user
,
"company"
)
and
user
.
company
==
company
core/migrations/0001_initial.py
View file @
4d15e63a
...
...
@@ -42,7 +42,7 @@ class Migration(migrations.Migration):
(
'created'
,
models
.
DateTimeField
(
auto_now_add
=
True
)),
(
'updated'
,
models
.
DateTimeField
(
auto_now
=
True
)),
(
'npm'
,
models
.
IntegerField
(
unique
=
True
,
validators
=
[
django
.
core
.
validators
.
MinValueValidator
(
100000000
),
django
.
core
.
validators
.
MaxValueValidator
(
9999999999
)])),
(
'resume'
,
models
.
FileField
(
blank
=
True
,
null
=
True
,
upload_to
=
core
.
models
.
accounts
.
get_file_path
)),
(
'resume'
,
models
.
FileField
(
blank
=
True
,
null
=
True
,
upload_to
=
core
.
models
.
accounts
.
get_
student_resume_
file_path
)),
(
'phone_number'
,
models
.
CharField
(
blank
=
True
,
db_index
=
True
,
max_length
=
100
)),
],
),
...
...
core/migrations/0007_auto_20170328_0351.py
0 → 100644
View file @
4d15e63a
# -*- coding: utf-8 -*-
# Generated by Django 1.10.5 on 2017-03-27 20:51
from
__future__
import
unicode_literals
import
core.models.accounts
from
django.db
import
migrations
,
models
class
Migration
(
migrations
.
Migration
):
dependencies
=
[
(
'core'
,
'0006_auto_20170328_0258'
),
]
operations
=
[
migrations
.
AlterField
(
model_name
=
'company'
,
name
=
'logo'
,
field
=
models
.
FileField
(
blank
=
True
,
null
=
True
,
upload_to
=
core
.
models
.
accounts
.
get_company_logo_file_path
),
),
]
core/models/accounts.py
View file @
4d15e63a
...
...
@@ -5,12 +5,19 @@ from django.contrib.auth.models import User
from
django.core.validators
import
MinValueValidator
,
MaxValueValidator
from
django.db
import
models
def
get_file_path
(
instance
,
filename
):
def
get_student_resume_file_path
(
instance
,
filename
):
extension
=
filename
.
split
(
'.'
)[
-
1
].
lower
()
filename
=
"%s.%s"
%
(
uuid
.
uuid4
(),
extension
)
return
os
.
path
.
join
(
"student-resume/"
,
filename
)
def
get_company_logo_file_path
(
instance
,
filename
):
extension
=
filename
.
split
(
'.'
)[
-
1
].
lower
()
filename
=
"%s.%s"
%
(
uuid
.
uuid4
(),
extension
)
return
os
.
path
.
join
(
"company-logo/"
,
filename
)
def
get_display_name
(
user
,
full_name
=
False
):
"""
Return a display name that always works like "Benoit J."
...
...
@@ -39,7 +46,7 @@ class Student(models.Model):
updated
=
models
.
DateTimeField
(
auto_now
=
True
)
user
=
models
.
OneToOneField
(
User
)
npm
=
models
.
IntegerField
(
validators
=
[
MinValueValidator
(
100000000
),
MaxValueValidator
(
9999999999
)],
unique
=
True
)
resume
=
models
.
FileField
(
upload_to
=
get_file_path
,
null
=
True
,
blank
=
True
)
resume
=
models
.
FileField
(
upload_to
=
get_
student_resume_
file_path
,
null
=
True
,
blank
=
True
)
phone_number
=
models
.
CharField
(
max_length
=
100
,
blank
=
True
,
db_index
=
True
)
bookmarked_vacancies
=
models
.
ManyToManyField
(
'core.Vacancy'
,
blank
=
True
)
...
...
@@ -60,7 +67,7 @@ class Company(models.Model):
user
=
models
.
OneToOneField
(
User
)
description
=
models
.
TextField
()
verified
=
models
.
BooleanField
(
default
=
False
)
logo
=
models
.
Char
Field
(
max_length
=
1000
,
blank
=
True
,
null
=
True
)
logo
=
models
.
File
Field
(
upload_to
=
get_company_logo_file_path
,
null
=
True
,
blank
=
True
)
alamat
=
models
.
CharField
(
max_length
=
1000
,
blank
=
True
,
null
=
True
)
@
property
...
...
core/tests/test_studentViewSet.py
View file @
4d15e63a
from
unittest
import
TestCase
from
django.urls
import
reverse
class
TestStudentViewSet
(
TestCase
):
# def setUp(self):
# #c = Client()
# Student.objects.create(user = User.objects.create(username = "farhan"), npm = "1406572321")
#def test_bookmark_vacancies(self):
# url = reverse('bookmarked-vacancies')
# data = {'company_id': 1}
# response = self.client.post(url, data, format='json')
# self.fail()
#
# def test_remove_vacancies(self):
# self.fail()
#
from unittest import TestCase
#
#
from django.urls import reverse
#
#
#
class TestStudentViewSet(TestCase):
#
# def setUp(self):
#
# #c = Client()
#
# Student.objects.create(user = User.objects.create(username = "farhan"), npm = "1406572321")
#
#
#def test_bookmark_vacancies(self):
#
# url = reverse('bookmarked-vacancies')
#
# data = {'company_id': 1}
#
# response = self.client.post(url, data, format='json')
#
# self.fail()
#
#
#
# def test_remove_vacancies(self):
#
# self.fail()
core/views/accounts.py
View file @
4d15e63a
...
...
@@ -29,13 +29,11 @@ class StudentViewSet(viewsets.ModelViewSet):
@
detail_route
(
methods
=
[
'post'
],
url_path
=
'bookmarked-vacancies'
)
def
bookmark_vacancies
(
self
,
request
,
pk
):
user
=
self
.
request
.
user
print
(
"yay1"
)
vacancy
=
get_object_or_404
(
Vacancy
.
objects
.
all
(),
pk
=
request
.
data
[
'vacancy_id'
])
print
(
"yay2"
)
student
=
get_object_or_404
(
Student
.
objects
.
all
(),
pk
=
pk
)
print
(
"yay3"
)
if
student
!=
user
.
student
and
not
user
.
is_staff
:
raise
ValidationError
(
'You must be a student'
)
raise
ValidationError
(
'You must be a student'
)
student
.
bookmarked_vacancies
.
add
(
vacancy
)
return
Response
(
vacancy
,
status
=
status
.
HTTP_200_OK
)
...
...
seeder.json
View file @
4d15e63a
This diff is collapsed.
Click to expand it.
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment