ramon
/
vbv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix permissions, refactor upload code

This commit is contained in:
Christian Cueni 2022-12-29 19:25:06 +01:00
parent fc017961ab
commit d65d786f4f
3 changed files with 23 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
client/src/services/files.ts
View File

@ -16,11 +16,11 @@ function uploadFile(fileData, file: File) {
if (fileData.fields) { if (fileData.fields) {
return s3Upload(fileData, file); return s3Upload(fileData, file);
} else { } else {
return djUpload(fileData, file); return directUpload(fileData, file);
} }
} }
function djUpload(fileData, file: File) { function directUpload(fileData, file: File) {
const formData = new FormData(); const formData = new FormData();
formData.append("file", file); formData.append("file", file);
@ -36,11 +36,7 @@ function djUpload(fileData, file: File) {
// @ts-ignore // @ts-ignore
options.headers["X-CSRFToken"] = getCookieValue("csrftoken"); options.headers["X-CSRFToken"] = getCookieValue("csrftoken");
return itFetch(fileData.url, options).then((response) => { handleUpload(fileData.url, options);
return response.json().catch(() => {
return Promise.resolve(null);
});
});
} }
function s3Upload(fileData, file: File) { function s3Upload(fileData, file: File) {
@ -50,13 +46,17 @@ function s3Upload(fileData, file: File) {
} }
formData.append("file", file); formData.append("file", file);
console.log("fetch", formData);
const options = Object.assign({ const options = Object.assign({
method: "POST", method: "POST",
body: formData, body: formData,
}); });
return itFetch(fileData.url, options).then((response) => { return handleUpload(fileData.url, options);
}
function handleUpload(url: string, options) {
return itFetch(url, options).then((response) => {
return response.json().catch(() => { return response.json().catch(() => {
return Promise.resolve(null); return Promise.resolve(null);
}); });

21
server/vbv_lernwelt/course/permissions.py
View File

@ -32,17 +32,20 @@ def is_circle_expert(user, learning_sequence, course) -> bool:
return True return True
try: try:
ls = LearningSequence.objects.get(id=learning_sequence) learning_sequence = LearningSequence.objects.get(id=learning_sequence)
except LearningSequence.DoesNotExist: except LearningSequence.DoesNotExist:
return False return False
if not CourseSession.objects.filter( circle_id = learning_sequence.get_parent().circle.id
id=course, coursesessionuser__user=user
).exists(): try:
CourseSessionUser.objects.get(
course_session__id=course,
user_id=user.id,
role=CourseSessionUser.Role.EXPERT,
expert__id=circle_id,
)
except CourseSessionUser.DoesNotExist:
return False return False
for expert in ls.get_parent().circle.experts.raw_data: return True
if expert["value"]["email"] == user.email:
return True
return False

3
server/vbv_lernwelt/course/tests/test_document_uploads.py
View File

@ -6,7 +6,7 @@ from vbv_lernwelt.course.consts import COURSE_TEST_ID
from vbv_lernwelt.course.creators.test_course import create_test_course from vbv_lernwelt.course.creators.test_course import create_test_course
from vbv_lernwelt.course.models import CircleDocument, CourseSession, CourseSessionUser from vbv_lernwelt.course.models import CircleDocument, CourseSession, CourseSessionUser
from vbv_lernwelt.files.models import File from vbv_lernwelt.files.models import File
from vbv_lernwelt.learnpath.models import LearningSequence from vbv_lernwelt.learnpath.models import Circle, LearningSequence
class DocumentUploadApiTestCase(APITestCase): class DocumentUploadApiTestCase(APITestCase):
@ -29,6 +29,7 @@ class DocumentUploadApiTestCase(APITestCase):
user=User.objects.get(username="patrizia.huggel@eiger-versicherungen.ch"), user=User.objects.get(username="patrizia.huggel@eiger-versicherungen.ch"),
role=CourseSessionUser.Role.EXPERT, role=CourseSessionUser.Role.EXPERT,
) )
csu.expert.add(Circle.objects.get(slug="test-lehrgang-lp-circle-analyse"))
self.test_data = { self.test_data = {
"file_name": "test.pdf", "file_name": "test.pdf",