81 lines
2.9 KiB
Python
81 lines
2.9 KiB
Python
from django.core.exceptions import ObjectDoesNotExist
|
|
from rest_framework.exceptions import NotFound
|
|
from rest_framework.permissions import IsAuthenticated
|
|
from rest_framework.viewsets import ModelViewSet
|
|
|
|
from apps.alerts.models import CustomButton
|
|
from apps.api.permissions import MODIFY_ACTIONS, READ_ACTIONS, ActionPermission, AnyRole, IsAdmin
|
|
from apps.api.serializers.custom_button import CustomButtonSerializer
|
|
from apps.auth_token.auth import PluginAuthentication
|
|
from common.api_helpers.mixins import PublicPrimaryKeyMixin, TeamFilteringMixin
|
|
from common.insight_log import EntityEvent, write_resource_insight_log
|
|
|
|
|
|
class CustomButtonView(TeamFilteringMixin, PublicPrimaryKeyMixin, ModelViewSet):
|
|
authentication_classes = (PluginAuthentication,)
|
|
permission_classes = (IsAuthenticated, ActionPermission)
|
|
action_permissions = {
|
|
IsAdmin: MODIFY_ACTIONS,
|
|
AnyRole: READ_ACTIONS,
|
|
}
|
|
|
|
model = CustomButton
|
|
serializer_class = CustomButtonSerializer
|
|
|
|
def get_queryset(self):
|
|
queryset = CustomButton.objects.filter(
|
|
organization=self.request.auth.organization,
|
|
team=self.request.user.current_team,
|
|
)
|
|
return queryset
|
|
|
|
def get_object(self):
|
|
# get the object from the whole organization if there is a flag `get_from_organization=true`
|
|
# otherwise get the object from the current team
|
|
get_from_organization = self.request.query_params.get("from_organization", "false") == "true"
|
|
if get_from_organization:
|
|
return self.get_object_from_organization()
|
|
return super().get_object()
|
|
|
|
def get_object_from_organization(self):
|
|
# use this method to get the object from the whole organization instead of the current team
|
|
pk = self.kwargs["pk"]
|
|
organization = self.request.auth.organization
|
|
|
|
try:
|
|
obj = organization.custom_buttons.get(public_primary_key=pk)
|
|
except ObjectDoesNotExist:
|
|
raise NotFound
|
|
|
|
# May raise a permission denied
|
|
self.check_object_permissions(self.request, obj)
|
|
|
|
return obj
|
|
|
|
def perform_create(self, serializer):
|
|
serializer.save()
|
|
write_resource_insight_log(
|
|
instance=serializer.instance,
|
|
author=self.request.user,
|
|
event=EntityEvent.CREATED,
|
|
)
|
|
|
|
def perform_update(self, serializer):
|
|
prev_state = serializer.instance.insight_logs_serialized
|
|
serializer.save()
|
|
new_state = serializer.instance.insight_logs_serialized
|
|
write_resource_insight_log(
|
|
instance=serializer.instance,
|
|
author=self.request.user,
|
|
event=EntityEvent.UPDATED,
|
|
prev_state=prev_state,
|
|
new_state=new_state,
|
|
)
|
|
|
|
def perform_destroy(self, instance):
|
|
write_resource_insight_log(
|
|
instance=instance,
|
|
author=self.request.user,
|
|
event=EntityEvent.DELETED,
|
|
)
|
|
instance.delete()
|