(self, request, pk=None)
| 153 | |
| 154 | @action(detail=True, methods=['post']) |
| 155 | def edit(self, request, pk=None): |
| 156 | project = get_and_check_project(request, pk, ('change_project', )) |
| 157 | |
| 158 | try: |
| 159 | with transaction.atomic(): |
| 160 | project.name = request.data.get('name', '') |
| 161 | project.description = request.data.get('description', '') |
| 162 | project.tags = TagsField().to_internal_value(parse_tags_input(request.data.get('tags', []))) |
| 163 | project.save() |
| 164 | |
| 165 | form_perms = request.data.get('permissions') |
| 166 | if form_perms is not None: |
| 167 | # Build perms maps (ignore owners, empty usernames). If groupname is set, it takes precedence. |
| 168 | perms_map = {} |
| 169 | group_perms_map = {} |
| 170 | for perm in form_perms: |
| 171 | if perm.get('groupname'): |
| 172 | group_perms_map[perm['groupname']] = perm['permissions'] |
| 173 | elif not perm.get('owner') and perm.get('username'): |
| 174 | perms_map[perm['username']] = perm['permissions'] |
| 175 | |
| 176 | db_perms = get_users_with_perms(project, attach_perms=True, with_group_users=False) |
| 177 | |
| 178 | # Check users to remove |
| 179 | for user in db_perms: |
| 180 | |
| 181 | # Never modify owner permissions |
| 182 | if project.owner == user: |
| 183 | continue |
| 184 | |
| 185 | if perms_map.get(user.username) is None: |
| 186 | for p in db_perms[user]: |
| 187 | remove_perm(p, user, project) |
| 188 | |
| 189 | # Check users to add/edit |
| 190 | for username in perms_map: |
| 191 | user = User.objects.get(username=username) |
| 192 | for p in ["add", "change", "delete", "view"]: |
| 193 | perm = p + "_project" |
| 194 | |
| 195 | # Skip owners |
| 196 | if project.owner == user: |
| 197 | continue |
| 198 | |
| 199 | # Has permission in database but not in form? |
| 200 | if user.has_perm(perm, project) and not p in perms_map[username]: |
| 201 | remove_perm(perm, user, project) |
| 202 | |
| 203 | # Has permission in form but not in database? |
| 204 | elif p in perms_map[username] and not user.has_perm(perm, project): |
| 205 | assign_perm(perm, user, project) |
| 206 | |
| 207 | db_group_perms = get_groups_with_perms(project, attach_perms=True) |
| 208 | |
| 209 | for group in db_group_perms: |
| 210 | if group_perms_map.get(group.name) is None: |
| 211 | for p in db_group_perms[group]: |
| 212 | remove_perm(p, group, project) |
nothing calls this directly
no test coverage detected