GroupMemberViewSet - Code Metrics - Inspection of "Implement PUT /group-member/{pk}/rank and DELETE /..." - ProjetSigma/backend - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#22)

unknown

created 2016-02-02 14:23 UTC

GroupMemberViewSet A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	89
Duplicated Lines	0 %

Metric	Value
dl	0
loc	89
rs	10
wmc	20

4 Methods

Rating	Name	Size	Complexity
A	create()	7	2
F	rank()	36	11
A	destroy()	20	4
A	accept_join_request()	17	3

from django.http import Http404

from rest_framework import viewsets, decorators, status, mixins
from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated
from dry_rest_permissions.generics import DRYPermissions

from sigma_core.models.user import User
from sigma_core.models.group_member import GroupMember
from sigma_core.serializers.user import BasicUserWithPermsSerializer, DetailedUserWithPermsSerializer, DetailedUserSerializer
from sigma_core.serializers.group_member import GroupMemberSerializer

class GroupMemberViewSet(viewsets.ModelViewSet):
    queryset = GroupMember.objects.select_related('group', 'user')
    serializer_class = GroupMemberSerializer
    permission_classes = [IsAuthenticated, DRYPermissions, ]
    filter_fields = ('user', 'group', )

    def create(self, request):
        serializer = GroupMemberSerializer(data=request.data)
        if not serializer.is_valid():
            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

        mem = serializer.save()
        return Response(serializer.data, status=status.HTTP_201_CREATED)

    def destroy(self, request, pk=None):
        from sigma_core.models.group import Group
        try:
            modified_mship = GroupMember.objects.all().select_related('group').get(pk=pk)
            group_id = modified_mship.group.id;
            group = modified_mship.group
            my_mship = GroupMember.objects.all().get(group=group_id, user=request.user.id)
        except GroupMember.DoesNotExist:
            raise Http404()

        # Can modify someone higher than you
        if my_mship.perm_rank <= modified_mship.perm_rank:
            return Response(status=status.HTTP_403_FORBIDDEN)

        # Check permission
        if group.req_rank_kick > my_mship.perm_rank:
            return Response(status=status.HTTP_403_FORBIDDEN)

        modified_mship.delete()
        return Response(status=status.HTTP_204_NO_CONTENT)

    @decorators.detail_route(methods=['put'])
    def rank(self, request, pk=None):
        from sigma_core.models.group import Group
        try:
            modified_mship = GroupMember.objects.all().select_related('group').get(pk=pk)
            group_id = modified_mship.group.id;
            group = modified_mship.group
            my_mship = GroupMember.objects.all().get(group=group_id, user=request.user.id)
        except GroupMember.DoesNotExist:
            raise Http404()

        perm_rank_new = request.data.get('perm_rank', None)

        try:
            if perm_rank_new > Group.ADMINISTRATOR_RANK or perm_rank_new < 1 or perm_rank_new == modified_mship.perm_rank:
                return Response(status=status.HTTP_400_BAD_REQUEST)
        except TypeError:
            return Response(status=status.HTTP_400_BAD_REQUEST)

        # Can modify someone higher than you, or set rank to higher than you
        if my_mship.perm_rank <= modified_mship.perm_rank or my_mship.perm_rank <= perm_rank_new:
            return Response(status=status.HTTP_403_FORBIDDEN)

        # promote
        if perm_rank_new > modified_mship.perm_rank:
            if group.req_rank_promote > my_mship.perm_rank:
                return Response(status=status.HTTP_403_FORBIDDEN)
        # demote
        else:
            if group.req_rank_demote > my_mship.perm_rank:
                return Response(status=status.HTTP_403_FORBIDDEN)

        modified_mship.perm_rank = perm_rank_new
        modified_mship.save()

        return Response(status=status.HTTP_200_OK)

    @decorators.detail_route(methods=['put'])
    def accept_join_request(self, request, pk=None):
        try:
            gm = GroupMember.objects.select_related('group').get(pk=pk)
        except GroupMember.DoesNotExist:
            raise Http404()

        if not request.user.can_accept_join_requests(gm.group):
            return Response(status=status.HTTP_403_FORBIDDEN)

        gm.perm_rank = 1 # default_perm_rank should be 0, so validation is to set perm_rank to 1
        gm.save()

        # TODO: notify user of that change

        s = GroupMemberSerializer(gm)
        return Response(s.data, status=status.HTTP_200_OK)


1			from django.http import Http404
2
3			from rest_framework import viewsets, decorators, status, mixins
4			from rest_framework.response import Response
5			from rest_framework.permissions import IsAuthenticated
6			from dry_rest_permissions.generics import DRYPermissions
7
8			from sigma_core.models.user import User
9			from sigma_core.models.group_member import GroupMember
10			from sigma_core.serializers.user import BasicUserWithPermsSerializer, DetailedUserWithPermsSerializer, DetailedUserSerializer
11			from sigma_core.serializers.group_member import GroupMemberSerializer
12
13			class GroupMemberViewSet(viewsets.ModelViewSet):
14			queryset = GroupMember.objects.select_related('group', 'user')
15			serializer_class = GroupMemberSerializer
16			permission_classes = [IsAuthenticated, DRYPermissions, ]
17			filter_fields = ('user', 'group', )
18
19			def create(self, request):
20			serializer = GroupMemberSerializer(data=request.data)
21			if not serializer.is_valid():
22			return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
23
24			mem = serializer.save()
25			return Response(serializer.data, status=status.HTTP_201_CREATED)
26
27			def destroy(self, request, pk=None):
28			from sigma_core.models.group import Group
29			try:
30			modified_mship = GroupMember.objects.all().select_related('group').get(pk=pk)
31			group_id = modified_mship.group.id;
32			group = modified_mship.group
33			my_mship = GroupMember.objects.all().get(group=group_id, user=request.user.id)
34			except GroupMember.DoesNotExist:
35			raise Http404()
36
37			# Can modify someone higher than you
38			if my_mship.perm_rank <= modified_mship.perm_rank:
39			return Response(status=status.HTTP_403_FORBIDDEN)
40
41			# Check permission
42			if group.req_rank_kick > my_mship.perm_rank:
43			return Response(status=status.HTTP_403_FORBIDDEN)
44
45			modified_mship.delete()
46			return Response(status=status.HTTP_204_NO_CONTENT)
47
48			@decorators.detail_route(methods=['put'])
49			def rank(self, request, pk=None):
50			from sigma_core.models.group import Group
51			try:
52			modified_mship = GroupMember.objects.all().select_related('group').get(pk=pk)
53			group_id = modified_mship.group.id;
54			group = modified_mship.group
55			my_mship = GroupMember.objects.all().get(group=group_id, user=request.user.id)
56			except GroupMember.DoesNotExist:
57			raise Http404()
58
59			perm_rank_new = request.data.get('perm_rank', None)
60
61			try:
62			if perm_rank_new > Group.ADMINISTRATOR_RANK or perm_rank_new < 1 or perm_rank_new == modified_mship.perm_rank:
63			return Response(status=status.HTTP_400_BAD_REQUEST)
64			except TypeError:
65			return Response(status=status.HTTP_400_BAD_REQUEST)
66
67			# Can modify someone higher than you, or set rank to higher than you
68			if my_mship.perm_rank <= modified_mship.perm_rank or my_mship.perm_rank <= perm_rank_new:
69			return Response(status=status.HTTP_403_FORBIDDEN)
70
71			# promote
72			if perm_rank_new > modified_mship.perm_rank:
73			if group.req_rank_promote > my_mship.perm_rank:
74			return Response(status=status.HTTP_403_FORBIDDEN)
75			# demote
76			else:
77			if group.req_rank_demote > my_mship.perm_rank:
78			return Response(status=status.HTTP_403_FORBIDDEN)
79
80			modified_mship.perm_rank = perm_rank_new
81			modified_mship.save()
82
83			return Response(status=status.HTTP_200_OK)
84
85			@decorators.detail_route(methods=['put'])
86			def accept_join_request(self, request, pk=None):
87			try:
88			gm = GroupMember.objects.select_related('group').get(pk=pk)
89			except GroupMember.DoesNotExist:
90			raise Http404()
91
92			if not request.user.can_accept_join_requests(gm.group):
93			return Response(status=status.HTTP_403_FORBIDDEN)
94
95			gm.perm_rank = 1 # default_perm_rank should be 0, so validation is to set perm_rank to 1
96			gm.save()
97
98			# TODO: notify user of that change
99
100			s = GroupMemberSerializer(gm)
101			return Response(s.data, status=status.HTTP_200_OK)
102

ProjetSigma / backend

Pull Request — master (#22)

GroupMemberViewSet A

Complexity

Size/Duplication

4 Methods

Duplication Side-by-Side

Filter issues like