X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/967eed676fc83d15b26149047f353ac61faa8217..8f031335a8a0dabceec381b89eb0cbbcb2f4b637:/src/catalogue/api/views.py diff --git a/src/catalogue/api/views.py b/src/catalogue/api/views.py index 7c4b88825..0f95f0ace 100644 --- a/src/catalogue/api/views.py +++ b/src/catalogue/api/views.py @@ -1,34 +1,57 @@ -# -*- coding: utf-8 -*- # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later. # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information. # import json +import os.path +from django.conf import settings from django.http import Http404, HttpResponse -from rest_framework.generics import ListAPIView, RetrieveAPIView, get_object_or_404 +from django.utils.decorators import method_decorator +from django.views.decorators.cache import never_cache +from rest_framework.generics import (ListAPIView, RetrieveAPIView, + RetrieveUpdateAPIView, get_object_or_404) from rest_framework.permissions import DjangoModelPermissionsOrAnonReadOnly from rest_framework.response import Response from rest_framework import status -from paypal.permissions import IsSubscribed from api.handlers import read_tags from api.utils import vary_on_auth -from .helpers import books_after, order_books -from . import serializers from catalogue.forms import BookImportForm from catalogue.models import Book, Collection, Tag, Fragment, BookMedia from catalogue.models.tag import prefetch_relations +from club.models import Membership +from club.permissions import IsClubMember from wolnelektury.utils import re_escape +from .helpers import books_after, order_books +from . import serializers book_tag_categories = ['author', 'epoch', 'kind', 'genre'] +class CreateOnPutMixin: + ''' + Creates a new model instance when PUTting a nonexistent resource. + ''' + def get_object(self): + try: + return super().get_object() + except Http404: + if self.request.method == 'PUT': + lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_field + return self.get_queryset().model(**{ + self.lookup_field: self.kwargs[lookup_url_kwarg] + }) + else: + raise + + class CollectionList(ListAPIView): - queryset = Collection.objects.all() + queryset = Collection.objects.filter(listed=True) serializer_class = serializers.CollectionListSerializer @vary_on_auth # Because of 'liked'. -class CollectionDetail(RetrieveAPIView): +class CollectionDetail(CreateOnPutMixin, RetrieveUpdateAPIView): + permission_classes = [DjangoModelPermissionsOrAnonReadOnly] queryset = Collection.objects.all() lookup_field = 'slug' serializer_class = serializers.CollectionSerializer @@ -40,6 +63,16 @@ class BookList(ListAPIView): queryset = Book.objects.none() # Required for DjangoModelPermissions serializer_class = serializers.BookListSerializer + def get(self, request, filename=None, **kwargs): + if filename and not kwargs.get('tags') and 'count' not in request.query_params: + try: + with open(os.path.join(settings.MEDIA_ROOT, 'api', '%s.%s' % (filename, request.accepted_renderer.format)), 'rb') as f: + content = f.read() + return HttpResponse(content, content_type=request.accepted_media_type) + except: + pass + return super().get(request, filename=filename, **kwargs) + def get_queryset(self): try: tags, ancestors = read_tags( @@ -68,8 +101,12 @@ class BookList(ListAPIView): books = Book.tagged.with_all(tags) else: books = Book.objects.all() + books = books.filter(findable=True) books = order_books(books, new_api) + if not Membership.is_active_for(self.request.user): + books = books.exclude(preview=True) + if self.kwargs.get('top_level'): books = books.filter(parent=None) if self.kwargs.get('audiobooks'): @@ -117,6 +154,9 @@ class BookList(ListAPIView): name = request.POST.get('name', '') part_name = request.POST.get('part_name', '') + project_description = request.POST.get('project_description', '') + project_icon = request.POST.get('project_icon', '') + _rest, slug = request.POST['book'].rstrip('/').rsplit('/', 1) book = Book.objects.get(slug=slug) @@ -128,6 +168,8 @@ class BookList(ListAPIView): bm.name = name bm.part_name = part_name bm.index = index + bm.project_description = project_description + bm.project_icon = project_icon bm.file.save(None, request.data['file'], save=False) bm.save(parts_count=parts_count) @@ -141,15 +183,23 @@ class BookDetail(RetrieveAPIView): serializer_class = serializers.BookDetailSerializer +@vary_on_auth # Because of embargo links. class EbookList(BookList): serializer_class = serializers.EbookSerializer -@vary_on_auth # Because of 'liked'. +@method_decorator(never_cache, name='dispatch') class Preview(ListAPIView): - queryset = Book.objects.filter(preview=True) + #queryset = Book.objects.filter(preview=True) serializer_class = serializers.BookPreviewSerializer + def get_queryset(self): + qs = Book.objects.filter(preview=True) + # FIXME: temporary workaround for a problem with iOS app; see #3954. + if 'Darwin' in self.request.META.get('HTTP_USER_AGENT', '') and 'debug' not in self.request.GET: + qs = qs.none() + return qs + @vary_on_auth # Because of 'liked'. class FilterBookList(ListAPIView): @@ -167,11 +217,14 @@ class FilterBookList(ListAPIView): is_lektura = self.parse_bool(self.request.query_params.get('lektura')) is_audiobook = self.parse_bool(self.request.query_params.get('audiobook')) preview = self.parse_bool(self.request.query_params.get('preview')) + if not Membership.is_active_for(self.request.user): + preview = False new_api = self.request.query_params.get('new_api') after = self.request.query_params.get('after') count = int(self.request.query_params.get('count', 50)) books = order_books(Book.objects.distinct(), new_api) + books = books.filter(findable=True) if is_lektura is not None: books = books.filter(has_audience=is_lektura) if is_audiobook is not None: @@ -226,8 +279,9 @@ class FilterBookList(ListAPIView): class EpubView(RetrieveAPIView): queryset = Book.objects.all() lookup_field = 'slug' - permission_classes = [IsSubscribed] + permission_classes = [IsClubMember] + @method_decorator(never_cache) def get(self, *args, **kwargs): return HttpResponse(self.get_object().get_media('epub')) @@ -254,14 +308,44 @@ class TagCategoryView(ListAPIView): class TagView(RetrieveAPIView): + permission_classes = [DjangoModelPermissionsOrAnonReadOnly] serializer_class = serializers.TagDetailSerializer - + queryset = Tag.objects.all() + def get_object(self): - return get_object_or_404( - Tag, - category=self.kwargs['category'], - slug=self.kwargs['slug'] - ) + try: + return get_object_or_404( + Tag, + category=self.kwargs['category'], + slug=self.kwargs['slug'] + ) + except Http404: + if self.request.method == 'POST': + return Tag( + category=self.kwargs['category'], + slug=self.kwargs['slug'] + ) + else: + raise + + def post(self, request, **kwargs): + data = json.loads(request.POST.get('data')) + fields = { + "description_pl": "description_pl", + "plural": "plural", + "is_epoch_specific": "genre_epoch_specific", + "collective_noun": "collective_noun", + "adjective_feminine_singular": "adjective_feminine_singular", + "adjective_nonmasculine_plural": "adjective_nonmasculine_plural", + } + obj = self.get_object() + for data_field, model_field in fields.items(): + setattr(obj, model_field, data.get(data_field, getattr(obj, model_field))) + if obj.pk: + obj.save(update_fields=fields.values(), quick=True) + else: + obj.save() + return Response({}) @vary_on_auth # Because of 'liked'. @@ -277,7 +361,7 @@ class FragmentList(ListAPIView): ) except ValueError: raise Http404 - return Fragment.tagged.with_all(tags).select_related('book') + return Fragment.tagged.with_all(tags).filter(book__findable=True).select_related('book') @vary_on_auth # Because of 'liked'.