GroupMemberViewSet - Code Metrics - Inspection of "Implement PUT /group-member/{pk}/rank and DELETE /..." - ProjetSigma/backend - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#22)

unknown

created 2016-02-02 14:38 UTC

GroupMemberViewSet A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	87
Duplicated Lines	0 %

Metric	Value
dl	0
loc	87
rs	10
wmc	20

4 Methods

Rating	Name	Size	Complexity
A	create()	7	2
F	rank()	35	11
A	destroy()	19	4
A	accept_join_request()	17	3

from django.http import Http404

from rest_framework import viewsets, decorators, status, mixins
from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated
from dry_rest_permissions.generics import DRYPermissions

from sigma_core.models.user import User
from sigma_core.models.group_member import GroupMember
from sigma_core.serializers.user import BasicUserWithPermsSerializer, DetailedUserWithPermsSerializer, DetailedUserSerializer
from sigma_core.serializers.group_member import GroupMemberSerializer

class GroupMemberViewSet(viewsets.ModelViewSet):
    queryset = GroupMember.objects.select_related('group', 'user')
    serializer_class = GroupMemberSerializer
    permission_classes = [IsAuthenticated, DRYPermissions, ]
    filter_fields = ('user', 'group', )

    def create(self, request):
        serializer = GroupMemberSerializer(data=request.data)
        if not serializer.is_valid():
            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

        mem = serializer.save()
        return Response(serializer.data, status=status.HTTP_201_CREATED)

    def destroy(self, request, pk=None):
        from sigma_core.models.group import Group
        try:
            modified_mship = GroupMember.objects.all().select_related('group').get(pk=pk)
            group = modified_mship.group
            my_mship = GroupMember.objects.all().get(group=group, user=request.user)
        except GroupMember.DoesNotExist:
            raise Http404()

        # Can modify someone higher than you
        if my_mship.perm_rank <= modified_mship.perm_rank:
            return Response(status=status.HTTP_403_FORBIDDEN)

        # Check permission
        if group.req_rank_kick > my_mship.perm_rank:
            return Response(status=status.HTTP_403_FORBIDDEN)

        modified_mship.delete()
        return Response(status=status.HTTP_204_NO_CONTENT)

    @decorators.detail_route(methods=['put'])
    def rank(self, request, pk=None):
        from sigma_core.models.group import Group
        try:
            modified_mship = GroupMember.objects.all().select_related('group').get(pk=pk)
            group = modified_mship.group
            my_mship = GroupMember.objects.all().get(group=group, user=request.user)
        except GroupMember.DoesNotExist:
            raise Http404()

        perm_rank_new = request.data.get('perm_rank', None)

        try:
            if perm_rank_new > Group.ADMINISTRATOR_RANK or perm_rank_new < 1 or perm_rank_new == modified_mship.perm_rank:
                return Response(status=status.HTTP_400_BAD_REQUEST)
        except TypeError:
            return Response(status=status.HTTP_400_BAD_REQUEST)

        # Can modify someone higher than you, or set rank to higher than you
        if my_mship.perm_rank <= modified_mship.perm_rank or my_mship.perm_rank <= perm_rank_new:
            return Response(status=status.HTTP_403_FORBIDDEN)

        # promote
        if perm_rank_new > modified_mship.perm_rank:
            if group.req_rank_promote > my_mship.perm_rank:
                return Response(status=status.HTTP_403_FORBIDDEN)
        # demote
        else:
            if group.req_rank_demote > my_mship.perm_rank:
                return Response(status=status.HTTP_403_FORBIDDEN)

        modified_mship.perm_rank = perm_rank_new
        modified_mship.save()

        return Response(status=status.HTTP_200_OK)

    @decorators.detail_route(methods=['put'])
    def accept_join_request(self, request, pk=None):
        try:
            gm = GroupMember.objects.select_related('group').get(pk=pk)
        except GroupMember.DoesNotExist:
            raise Http404()

        if not request.user.can_accept_join_requests(gm.group):
            return Response(status=status.HTTP_403_FORBIDDEN)

        gm.perm_rank = 1 # default_perm_rank should be 0, so validation is to set perm_rank to 1
        gm.save()

        # TODO: notify user of that change

        s = GroupMemberSerializer(gm)
        return Response(s.data, status=status.HTTP_200_OK)


1			from django.http import Http404
2
3			from rest_framework import viewsets, decorators, status, mixins
4			from rest_framework.response import Response
5			from rest_framework.permissions import IsAuthenticated
6			from dry_rest_permissions.generics import DRYPermissions
7
8			from sigma_core.models.user import User
9			from sigma_core.models.group_member import GroupMember
10			from sigma_core.serializers.user import BasicUserWithPermsSerializer, DetailedUserWithPermsSerializer, DetailedUserSerializer
11			from sigma_core.serializers.group_member import GroupMemberSerializer
12
13			class GroupMemberViewSet(viewsets.ModelViewSet):
14			queryset = GroupMember.objects.select_related('group', 'user')
15			serializer_class = GroupMemberSerializer
16			permission_classes = [IsAuthenticated, DRYPermissions, ]
17			filter_fields = ('user', 'group', )
18
19			def create(self, request):
20			serializer = GroupMemberSerializer(data=request.data)
21			if not serializer.is_valid():
22			return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
23
24			mem = serializer.save()
25			return Response(serializer.data, status=status.HTTP_201_CREATED)
26
27			def destroy(self, request, pk=None):
28			from sigma_core.models.group import Group
29			try:
30			modified_mship = GroupMember.objects.all().select_related('group').get(pk=pk)
31			group = modified_mship.group
32			my_mship = GroupMember.objects.all().get(group=group, user=request.user)
33			except GroupMember.DoesNotExist:
34			raise Http404()
35
36			# Can modify someone higher than you
37			if my_mship.perm_rank <= modified_mship.perm_rank:
38			return Response(status=status.HTTP_403_FORBIDDEN)
39
40			# Check permission
41			if group.req_rank_kick > my_mship.perm_rank:
42			return Response(status=status.HTTP_403_FORBIDDEN)
43
44			modified_mship.delete()
45			return Response(status=status.HTTP_204_NO_CONTENT)
46
47			@decorators.detail_route(methods=['put'])
48			def rank(self, request, pk=None):
49			from sigma_core.models.group import Group
50			try:
51			modified_mship = GroupMember.objects.all().select_related('group').get(pk=pk)
52			group = modified_mship.group
53			my_mship = GroupMember.objects.all().get(group=group, user=request.user)
54			except GroupMember.DoesNotExist:
55			raise Http404()
56
57			perm_rank_new = request.data.get('perm_rank', None)
58
59			try:
60			if perm_rank_new > Group.ADMINISTRATOR_RANK or perm_rank_new < 1 or perm_rank_new == modified_mship.perm_rank:
61			return Response(status=status.HTTP_400_BAD_REQUEST)
62			except TypeError:
63			return Response(status=status.HTTP_400_BAD_REQUEST)
64
65			# Can modify someone higher than you, or set rank to higher than you
66			if my_mship.perm_rank <= modified_mship.perm_rank or my_mship.perm_rank <= perm_rank_new:
67			return Response(status=status.HTTP_403_FORBIDDEN)
68
69			# promote
70			if perm_rank_new > modified_mship.perm_rank:
71			if group.req_rank_promote > my_mship.perm_rank:
72			return Response(status=status.HTTP_403_FORBIDDEN)
73			# demote
74			else:
75			if group.req_rank_demote > my_mship.perm_rank:
76			return Response(status=status.HTTP_403_FORBIDDEN)
77
78			modified_mship.perm_rank = perm_rank_new
79			modified_mship.save()
80
81			return Response(status=status.HTTP_200_OK)
82
83			@decorators.detail_route(methods=['put'])
84			def accept_join_request(self, request, pk=None):
85			try:
86			gm = GroupMember.objects.select_related('group').get(pk=pk)
87			except GroupMember.DoesNotExist:
88			raise Http404()
89
90			if not request.user.can_accept_join_requests(gm.group):
91			return Response(status=status.HTTP_403_FORBIDDEN)
92
93			gm.perm_rank = 1 # default_perm_rank should be 0, so validation is to set perm_rank to 1
94			gm.save()
95
96			# TODO: notify user of that change
97
98			s = GroupMemberSerializer(gm)
99			return Response(s.data, status=status.HTTP_200_OK)
100

ProjetSigma / backend

Pull Request — master (#22)

GroupMemberViewSet A

Complexity

Size/Duplication

4 Methods

Duplication Side-by-Side

Filter issues like