Merge pull request #1512 from normanjaeckel/AssignmentRESTAPIChanges

Assignment REST API changes
This commit is contained in:
Oskar Hahn 2015-04-19 21:26:58 +02:00
commit 9f93208afd
6 changed files with 421 additions and 9 deletions

View File

@ -56,9 +56,9 @@ class AssignmentRelatedUser(RESTModelMixin, models.Model):
class Assignment(RESTModelMixin, SlideMixin, AbsoluteUrlMixin, models.Model): class Assignment(RESTModelMixin, SlideMixin, AbsoluteUrlMixin, models.Model):
slide_callback_name = 'assignment' slide_callback_name = 'assignment'
PHASE_SEARCH = 1 PHASE_SEARCH = 0
PHASE_VOTING = 2 PHASE_VOTING = 1
PHASE_FINISHED = 3 PHASE_FINISHED = 2
PHASES = ( PHASES = (
(PHASE_SEARCH, ugettext_lazy('Searching for candidates')), (PHASE_SEARCH, ugettext_lazy('Searching for candidates')),

View File

@ -102,7 +102,7 @@ class AssignmentFullSerializer(ModelSerializer):
""" """
Serializer for assignment.models.Assignment objects. With all polls. Serializer for assignment.models.Assignment objects. With all polls.
""" """
related_users = AssignmentRelatedUserSerializer(many=True, read_only=True) assignment_related_users = AssignmentRelatedUserSerializer(many=True, read_only=True)
polls = AssignmentAllPollSerializer(many=True, read_only=True) polls = AssignmentAllPollSerializer(many=True, read_only=True)
class Meta: class Meta:
@ -113,7 +113,7 @@ class AssignmentFullSerializer(ModelSerializer):
'description', 'description',
'open_posts', 'open_posts',
'phase', 'phase',
'related_users', 'assignment_related_users',
'poll_description_default', 'poll_description_default',
'polls', 'polls',
'tags',) 'tags',)
@ -123,7 +123,7 @@ class AssignmentShortSerializer(AssignmentFullSerializer):
""" """
Serializer for assignment.models.Assignment objects. Without unpublished poll. Serializer for assignment.models.Assignment objects. Without unpublished poll.
""" """
related_users = AssignmentRelatedUserSerializer(many=True, read_only=True) assignment_related_users = AssignmentRelatedUserSerializer(many=True, read_only=True)
polls = AssignmentShortPollSerializer(many=True, read_only=True) polls = AssignmentShortPollSerializer(many=True, read_only=True)
class Meta: class Meta:
@ -134,7 +134,7 @@ class AssignmentShortSerializer(AssignmentFullSerializer):
'description', 'description',
'open_posts', 'open_posts',
'phase', 'phase',
'related_users', 'assignment_related_users',
'poll_description_default', 'poll_description_default',
'polls', 'polls',
'tags',) 'tags',)

View File

@ -14,7 +14,7 @@ from openslides.config.api import config
from openslides.users.models import Group, User # TODO: remove this from openslides.users.models import Group, User # TODO: remove this
from openslides.poll.views import PollFormView from openslides.poll.views import PollFormView
from openslides.utils.pdf import stylesheet from openslides.utils.pdf import stylesheet
from openslides.utils.rest_api import ModelViewSet from openslides.utils.rest_api import ModelViewSet, Response, ValidationError, detail_route
from openslides.utils.utils import html_strong from openslides.utils.utils import html_strong
from openslides.utils.views import (CreateView, DeleteView, DetailView, from openslides.utils.views import (CreateView, DeleteView, DetailView,
ListView, PDFView, ListView, PDFView,
@ -217,7 +217,8 @@ class AssignmentDeleteCandidateshipOtherView(SingleObjectMixin, QuestionView):
class AssignmentViewSet(ModelViewSet): class AssignmentViewSet(ModelViewSet):
""" """
API endpoint to list, retrieve, create, update and destroy assignments. API endpoint to list, retrieve, create, update and destroy assignments and
to manage candidatures.
""" """
queryset = Assignment.objects.all() queryset = Assignment.objects.all()
@ -242,6 +243,139 @@ class AssignmentViewSet(ModelViewSet):
serializer_class = AssignmentShortSerializer serializer_class = AssignmentShortSerializer
return serializer_class return serializer_class
@detail_route(methods=['post', 'delete'])
def candidature_self(self, request, pk=None):
"""
View to nominate self as candidate (POST) or withdraw own candidature
(DELETE).
"""
if not request.user.has_perm('assignments.can_nominate_self'):
self.permission_denied(request)
assignment = self.get_object()
if assignment.is_elected(request.user):
raise ValidationError({'detail': _('You are already elected.')})
if request.method == 'POST':
message = self.nominate_self(request, assignment)
else:
# request.method == 'DELETE'
message = self.withdraw_self(request, assignment)
return Response({'detail': message})
def nominate_self(self, request, assignment):
if assignment.phase == assignment.PHASE_FINISHED:
raise ValidationError({'detail': _('You can not candidate to this election because it is finished.')})
if assignment.phase == assignment.PHASE_VOTING and not request.user.has_perm('assignments.can_manage'):
# To nominate self during voting you have to be a manager.
self.permission_denied(request)
# If the request.user is already a candidate he can nominate himself nevertheless.
assignment.set_candidate(request.user)
return _('You were nominated successfully.')
def withdraw_self(self, request, assignment):
# Withdraw candidature and set self blocked.
if assignment.phase == assignment.PHASE_FINISHED:
raise ValidationError({'detail': _('You can not withdraw your candidature to this election because it is finished.')})
if assignment.phase == assignment.PHASE_VOTING and not request.user.has_perm('assignments.can_manage'):
# To withdraw self during voting you have to be a manager.
self.permission_denied(request)
if not assignment.is_candidate(request.user):
raise ValidationError({'detail': _('You are not a candidate of this election.')})
assignment.set_blocked(request.user)
return _(
'You have withdrawn your candidature successfully. '
'You can not be nominated by other participants anymore.')
def get_user_from_request_data(self, request):
"""
Helper method to get a specific user from request data (not the
request.user) so that the views self.candidature_other or
self.mark_elected can play with him.
"""
if not isinstance(request.data, dict):
detail = _('Invalid data. Expected dictionary, got %s.') % type(request.data)
raise ValidationError({'detail': detail})
user_str = request.data.get('user', '')
try:
user_pk = int(user_str)
except ValueError:
raise ValidationError({'detail': _('Invalid data. Expected something like {"user": <id>}.')})
try:
user = User.objects.get(pk=user_pk)
except User.DoesNotExist:
raise ValidationError({'detail': _('Invalid data. User %d does not exist.') % user_pk})
return user
@detail_route(methods=['post', 'delete'])
def candidature_other(self, request, pk=None):
"""
View to nominate other users (POST) or delete their candidature
status (DELETE). The client has to send {'user': <id>}.
"""
if not request.user.has_perm('assignments.can_nominate_other'):
self.permission_denied(request)
user = self.get_user_from_request_data(request)
assignment = self.get_object()
if assignment.is_elected(user):
raise ValidationError({'detail': _('User %s is already elected.') % user})
if request.method == 'POST':
message = self.nominate_other(request, user, assignment)
else:
# request.method == 'DELETE'
message = self.delete_other(request, user, assignment)
return Response({'detail': message})
def nominate_other(self, request, user, assignment):
if assignment.phase == assignment.PHASE_FINISHED:
detail = _('You can not nominate someone to this election because it is finished.')
raise ValidationError({'detail': detail})
if assignment.phase == assignment.PHASE_VOTING and not request.user.has_perm('assignments.can_manage'):
# To nominate other during voting you have to be a manager.
self.permission_denied(request)
if not request.user.has_perm('assignments.can_manage'):
if assignment.is_blocked(user):
raise ValidationError({'detail': _('User %s does not want to be an candidate.') % user})
if assignment.is_elected(user):
raise ValidationError({'detail': _('User %s is already elected.') % user})
# If the user is already a candidate he can be nominated nevertheless.
assignment.set_candidate(user)
return _('User %s was nominated successfully.') % user
def delete_other(self, request, user, assignment):
# To delete candidature status you have to be a manager.
if not request.user.has_perm('assignments.can_manage'):
self.permission_denied(request)
if assignment.phase == assignment.PHASE_FINISHED:
detail = _('You can not delete someones candidature to this election because it is finished.')
raise ValidationError({'detail': detail})
if not assignment.is_candidate(user) and not assignment.is_blocked(user):
raise ValidationError({'detail': _('User %s has no status in this election.') % user})
assignment.delete_related_user(user)
return _('Candidate %s was withdrawn/unblocked successfully.') % user
@detail_route(methods=['post', 'delete'])
def mark_elected(self, request, pk=None):
"""
View to mark other users as elected (POST) undo this (DELETE). The
client has to send {'user': <id>}.
"""
if not request.user.has_perm('assignments.can_manage'):
self.permission_denied(request)
user = self.get_user_from_request_data(request)
assignment = self.get_object()
if request.method == 'POST':
if not assignment.is_candidate(user):
raise ValidationError({'detail': _('User %s is not a candidate of this election.') % user})
assignment.set_elected(user)
message = _('User %s was successfully elected.') % user
else:
# request.method == 'DELETE'
if not assignment.is_elected(user):
detail = _('User %s is not an elected candidate of this election.') % user
raise ValidationError({'detail': detail})
assignment.set_candidate(user)
message = _('User %s was successfully unelected.') % user
return Response({'detail': message})
class PollCreateView(SingleObjectMixin, RedirectView): class PollCreateView(SingleObjectMixin, RedirectView):
required_permission = 'assignments.can_manage' required_permission = 'assignments.can_manage'

View File

@ -3,6 +3,7 @@ import re
from urllib.parse import urlparse from urllib.parse import urlparse
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from rest_framework.decorators import detail_route # noqa
from rest_framework.serializers import ( # noqa from rest_framework.serializers import ( # noqa
CharField, CharField,
ListSerializer, ListSerializer,

View File

@ -0,0 +1,277 @@
from django.contrib.auth import get_user_model
from django.core.urlresolvers import reverse
from rest_framework.test import APIClient
from openslides.assignments.models import Assignment
from openslides.utils.test import TestCase
class CanidatureSelf(TestCase):
"""
Tests self candidation view.
"""
def setUp(self):
self.client.login(username='admin', password='admin')
self.assignment = Assignment.objects.create(title='test_assignment_oikaengeijieh3ughiX7', open_posts=1)
def test_nominate_self(self):
response = self.client.post(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 200)
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).candidates.filter(username='admin').exists())
def test_nominate_self_twice(self):
self.assignment.set_candidate(get_user_model().objects.get(username='admin'))
response = self.client.post(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 200)
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).candidates.filter(username='admin').exists())
def test_nominate_self_when_finished(self):
self.assignment.set_phase(Assignment.PHASE_FINISHED)
self.assignment.save()
response = self.client.post(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 400)
def test_nominate_self_during_voting(self):
self.assignment.set_phase(Assignment.PHASE_VOTING)
self.assignment.save()
response = self.client.post(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 200)
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).candidates.exists())
def test_nominate_self_during_voting_non_admin(self):
self.assignment.set_phase(Assignment.PHASE_VOTING)
self.assignment.save()
admin = get_user_model().objects.get(username='admin')
group_staff = admin.groups.get(name='Staff')
group_delegates = type(group_staff).objects.get(name='Delegates')
admin.groups.add(group_delegates)
admin.groups.remove(group_staff)
response = self.client.post(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 403)
def test_withdraw_self(self):
self.assignment.set_candidate(get_user_model().objects.get(username='admin'))
response = self.client.delete(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 200)
self.assertFalse(Assignment.objects.get(pk=self.assignment.pk).candidates.filter(username='admin').exists())
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).blocked.filter(username='admin').exists())
def test_withdraw_self_twice(self):
response = self.client.delete(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 400)
def test_withdraw_self_when_finished(self):
self.assignment.set_candidate(get_user_model().objects.get(username='admin'))
self.assignment.set_phase(Assignment.PHASE_FINISHED)
self.assignment.save()
response = self.client.delete(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 400)
def test_withdraw_self_during_voting(self):
self.assignment.set_candidate(get_user_model().objects.get(username='admin'))
self.assignment.set_phase(Assignment.PHASE_VOTING)
self.assignment.save()
response = self.client.delete(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 200)
self.assertFalse(Assignment.objects.get(pk=self.assignment.pk).candidates.exists())
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).blocked.filter(username='admin').exists())
def test_withdraw_self_during_voting_non_admin(self):
self.assignment.set_candidate(get_user_model().objects.get(username='admin'))
self.assignment.set_phase(Assignment.PHASE_VOTING)
self.assignment.save()
admin = get_user_model().objects.get(username='admin')
group_staff = admin.groups.get(name='Staff')
group_delegates = type(group_staff).objects.get(name='Delegates')
admin.groups.add(group_delegates)
admin.groups.remove(group_staff)
response = self.client.delete(reverse('assignment-candidature-self', args=[self.assignment.pk]))
self.assertEqual(response.status_code, 403)
class CandidatureOther(TestCase):
def setUp(self):
self.client = APIClient()
self.client.login(username='admin', password='admin')
self.assignment = Assignment.objects.create(title='test_assignment_leiD6tiojigh1vei1ait', open_posts=1)
self.user = get_user_model().objects.create_user(
username='test_user_eeheekai4Phue6cahtho',
password='test_password_ThahXazeiV8veipeePh6')
def test_invalid_data_empty_dict(self):
response = self.client.post(
reverse('assignment-candidature-other', args=[self.assignment.pk]), {})
self.assertEqual(response.status_code, 400)
def test_invalid_data_string_instead_of_integer(self):
response = self.client.post(
reverse('assignment-candidature-other', args=[self.assignment.pk]), {'user': 'string_instead_of_integer'})
self.assertEqual(response.status_code, 400)
def test_invalid_data_user_does_not_exist(self):
# ID of a user that does not exist.
# Be careful: Here we do not test that the user does not exist.
inexistent_user_pk = self.user.pk + 1000
response = self.client.post(
reverse('assignment-candidature-other', args=[self.assignment.pk]), {'user': inexistent_user_pk})
self.assertEqual(response.status_code, 400)
def test_nominate_other(self):
response = self.client.post(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 200)
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).candidates.filter(username='test_user_eeheekai4Phue6cahtho').exists())
def test_nominate_other_twice(self):
self.assignment.set_candidate(get_user_model().objects.get(username='test_user_eeheekai4Phue6cahtho'))
response = self.client.post(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 200)
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).candidates.filter(username='test_user_eeheekai4Phue6cahtho').exists())
def test_nominate_other_when_finished(self):
self.assignment.set_phase(Assignment.PHASE_FINISHED)
self.assignment.save()
response = self.client.post(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 400)
def test_nominate_other_during_voting(self):
self.assignment.set_phase(Assignment.PHASE_VOTING)
self.assignment.save()
response = self.client.post(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 200)
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).candidates.filter(username='test_user_eeheekai4Phue6cahtho').exists())
def test_nominate_other_during_voting_non_admin(self):
self.assignment.set_phase(Assignment.PHASE_VOTING)
self.assignment.save()
admin = get_user_model().objects.get(username='admin')
group_staff = admin.groups.get(name='Staff')
group_delegates = type(group_staff).objects.get(name='Delegates')
admin.groups.add(group_delegates)
admin.groups.remove(group_staff)
response = self.client.post(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 403)
def test_delete_other(self):
self.assignment.set_candidate(self.user)
response = self.client.delete(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 200)
self.assertFalse(Assignment.objects.get(pk=self.assignment.pk).candidates.filter(username='test_user_eeheekai4Phue6cahtho').exists())
def test_delete_other_twice(self):
response = self.client.delete(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 400)
def test_delete_other_when_finished(self):
self.assignment.set_candidate(self.user)
self.assignment.set_phase(Assignment.PHASE_FINISHED)
self.assignment.save()
response = self.client.delete(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 400)
def test_delete_other_during_voting(self):
self.assignment.set_candidate(self.user)
self.assignment.set_phase(Assignment.PHASE_VOTING)
self.assignment.save()
response = self.client.delete(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 200)
self.assertFalse(Assignment.objects.get(pk=self.assignment.pk).candidates.filter(username='test_user_eeheekai4Phue6cahtho').exists())
def test_delete_other_during_voting_non_admin(self):
self.assignment.set_candidate(self.user)
self.assignment.set_phase(Assignment.PHASE_VOTING)
self.assignment.save()
admin = get_user_model().objects.get(username='admin')
group_staff = admin.groups.get(name='Staff')
group_delegates = type(group_staff).objects.get(name='Delegates')
admin.groups.add(group_delegates)
admin.groups.remove(group_staff)
response = self.client.delete(
reverse('assignment-candidature-other', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 403)
class MarkElectedOtherUser(TestCase):
"""
Tests marking an elected user. We use an extra user here to show that
admin can not only mark himself but also other users.
"""
def setUp(self):
self.client = APIClient()
self.client.login(username='admin', password='admin')
self.assignment = Assignment.objects.create(title='test_assignment_Ierohsh8rahshofiejai', open_posts=1)
self.user = get_user_model().objects.create_user(
username='test_user_Oonei3rahji5jugh1eev',
password='test_password_aiphahb5Nah0cie4iP7o')
def test_mark_elected(self):
self.assignment.set_candidate(get_user_model().objects.get(username='test_user_Oonei3rahji5jugh1eev'))
response = self.client.post(
reverse('assignment-mark-elected', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 200)
self.assertTrue(Assignment.objects.get(pk=self.assignment.pk).elected.filter(username='test_user_Oonei3rahji5jugh1eev').exists())
def test_mark_unelected(self):
self.assignment.set_elected(get_user_model().objects.get(username='test_user_Oonei3rahji5jugh1eev'))
response = self.client.delete(
reverse('assignment-mark-elected', args=[self.assignment.pk]),
{'user': self.user.pk})
self.assertEqual(response.status_code, 200)
self.assertFalse(Assignment.objects.get(pk=self.assignment.pk).elected.filter(username='test_user_Oonei3rahji5jugh1eev').exists())