github/plane
0
0
Fork 1
mirror of https://github.com/makeplane/plane synced 2024-06-14 14:31:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: backend code cleanup (#177)

Browse Source 
* refactor: segregate urls in urls.py

* refactor: remove all people endpoint

* refactor: update file asset endpoint with slug and remove unused imports in issue

* fix: remove people endpoint from __init__

* refactor: update permission logic to handle GET requests

* feat: add url for sign up endpoint in urls

* refactor: update the permission layer
This commit is contained in:
pablohashescobar 2023-01-17 01:34:58 +05:30 committed by GitHub
parent 1f1472b00c
commit f12b7ef923
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 88 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
apiserver/plane/api/permissions/project.py
View File

@ -13,16 +13,24 @@ class ProjectBasePermission(BasePermission):
## Safe Methods -> Handle the filtering logic in queryset ## Safe Methods -> Handle the filtering logic in queryset
if request.method in SAFE_METHODS: if request.method in SAFE_METHODS:
return True return WorkspaceMember.objects.filter(
workspace__slug=view.workspace_slug, member=request.user
).exists()
## Only workspace owners or admins can create the projects ## Only workspace owners or admins can create the projects
if request.method == "POST": if request.method == "POST":
return WorkspaceMember.objects.filter( return WorkspaceMember.objects.filter(
workspace=view.workspace, member=request.user, role__in=[15, 20] workspace__slug=view.workspace_slug,
member=request.user,
role__in=[15, 20],
).exists() ).exists()
## Only Project Admins can update project attributes ## Only Project Admins can update project attributes
return ProjectMember.objects.filter( return ProjectMember.objects.filter(
workspace=view.workspace, member=request.user, role=20 workspace__slug=view.workspace_slug,
member=request.user,
role=20,
project_id=view.project_id,
).exists() ).exists()
@ -34,16 +42,23 @@ class ProjectMemberPermission(BasePermission):
## Safe Methods -> Handle the filtering logic in queryset ## Safe Methods -> Handle the filtering logic in queryset
if request.method in SAFE_METHODS: if request.method in SAFE_METHODS:
return True return ProjectMember.objects.filter(
workspace=view.workspace, member=request.user
).exists()
## Only workspace owners or admins can create the projects ## Only workspace owners or admins can create the projects
if request.method == "POST": if request.method == "POST":
return WorkspaceMember.objects.filter( return WorkspaceMember.objects.filter(
workspace=view.workspace, member=request.user, role__in=[15, 20] workspace__slug=view.workspace_slug,
member=request.user,
role__in=[15, 20],
).exists() ).exists()
## Only Project Admins can update project attributes ## Only Project Admins can update project attributes
return ProjectMember.objects.filter( return ProjectMember.objects.filter(
workspace=view.workspace, member=request.user, role__in=[15, 20] workspace__slug=view.workspace_slug,
member=request.user,
role__in=[15, 20],
project_id=view.project_id,
).exists() ).exists()
@ -55,9 +70,16 @@ class ProjectEntityPermission(BasePermission):
## Safe Methods -> Handle the filtering logic in queryset ## Safe Methods -> Handle the filtering logic in queryset
if request.method in SAFE_METHODS: if request.method in SAFE_METHODS:
return True
## Only workspace owners or admins can create the projects
return ProjectMember.objects.filter( return ProjectMember.objects.filter(
workspace=view.workspace, member=request.user, role__in=[15, 20] workspace=view.workspace,
member=request.user,
project_id=view.project_id,
).exists()
## Only project members or admins can create and edit the project attributes
return ProjectMember.objects.filter(
workspace__slug=view.workspace_slug,
member=request.user,
role__in=[15, 20],
project_id=view.project_id,
).exists() ).exists()

90
apiserver/plane/api/urls.py
View File

@ -4,73 +4,94 @@ from django.urls import path
# Create your urls here. # Create your urls here.
from plane.api.views import ( from plane.api.views import (
# Authentication
SignUpEndpoint,
SignInEndpoint, SignInEndpoint,
SignOutEndpoint, SignOutEndpoint,
MagicSignInEndpoint, MagicSignInEndpoint,
MagicSignInGenerateEndpoint, MagicSignInGenerateEndpoint,
OauthEndpoint,
## End Authentication
# Auth Extended
ForgotPasswordEndpoint, ForgotPasswordEndpoint,
PeopleEndpoint,
UserEndpoint,
VerifyEmailEndpoint, VerifyEmailEndpoint,
ResetPasswordEndpoint, ResetPasswordEndpoint,
RequestEmailVerificationEndpoint, RequestEmailVerificationEndpoint,
OauthEndpoint,
ChangePasswordEndpoint, ChangePasswordEndpoint,
) ## End Auth Extender
# User
from plane.api.views import ( UserEndpoint,
UserWorkspaceInvitationsEndpoint, UpdateUserOnBoardedEndpoint,
## End User
# Workspaces
WorkSpaceViewSet, WorkSpaceViewSet,
UserWorkspaceInvitationsEndpoint,
UserWorkSpacesEndpoint, UserWorkSpacesEndpoint,
InviteWorkspaceEndpoint, InviteWorkspaceEndpoint,
JoinWorkspaceEndpoint, JoinWorkspaceEndpoint,
WorkSpaceMemberViewSet, WorkSpaceMemberViewSet,
WorkspaceInvitationsViewset, WorkspaceInvitationsViewset,
UserWorkspaceInvitationsEndpoint, UserWorkspaceInvitationsEndpoint,
WorkspaceMemberUserEndpoint,
WorkspaceMemberUserViewsEndpoint,
WorkSpaceAvailabilityCheckEndpoint,
TeamMemberViewSet,
AddTeamToProjectEndpoint,
UserLastProjectWithWorkspaceEndpoint,
UserWorkspaceInvitationEndpoint,
## End Workspaces
# File Assets
FileAssetEndpoint,
## End File Assets
# Projects
ProjectViewSet, ProjectViewSet,
InviteProjectEndpoint, InviteProjectEndpoint,
ProjectMemberViewSet, ProjectMemberViewSet,
ProjectMemberInvitationsViewset, ProjectMemberInvitationsViewset,
StateViewSet, ProjectMemberUserEndpoint,
ShortCutViewSet, AddMemberToProjectEndpoint,
ViewViewSet, ProjectJoinEndpoint,
CycleViewSet, UserProjectInvitationsViewset,
FileAssetEndpoint, ProjectIdentifierEndpoint,
## End Projects
# Issues
IssueViewSet, IssueViewSet,
WorkSpaceIssuesEndpoint, WorkSpaceIssuesEndpoint,
IssueActivityEndpoint, IssueActivityEndpoint,
IssueCommentViewSet, IssueCommentViewSet,
TeamMemberViewSet, UserWorkSpaceIssues,
TimeLineIssueViewSet,
CycleIssueViewSet,
IssuePropertyViewSet,
UpdateUserOnBoardedEndpoint,
UserWorkspaceInvitationEndpoint,
UserProjectInvitationsViewset,
ProjectIdentifierEndpoint,
LabelViewSet,
AddMemberToProjectEndpoint,
ProjectJoinEndpoint,
BulkDeleteIssuesEndpoint, BulkDeleteIssuesEndpoint,
ProjectUserViewsEndpoint, ProjectUserViewsEndpoint,
TimeLineIssueViewSet,
IssuePropertyViewSet,
LabelViewSet,
## End Issues
# States
StateViewSet,
## End States
# Shortcuts
ShortCutViewSet,
## End Shortcuts
# Views
ViewViewSet,
## End Views
# Cycles
CycleViewSet,
CycleIssueViewSet,
## End Cycles
# Modules
ModuleViewSet, ModuleViewSet,
ModuleIssueViewSet, ModuleIssueViewSet,
UserLastProjectWithWorkspaceEndpoint, ## End Modules
UserWorkSpaceIssues,
ProjectMemberUserEndpoint,
WorkspaceMemberUserEndpoint,
WorkspaceMemberUserViewsEndpoint,
WorkSpaceAvailabilityCheckEndpoint,
) )
from plane.api.views.project import AddTeamToProjectEndpoint
urlpatterns = [ urlpatterns = [
# Social Auth # Social Auth
path("social-auth/", OauthEndpoint.as_view(), name="oauth"), path("social-auth/", OauthEndpoint.as_view(), name="oauth"),
# Auth # Auth
path("sign-in/", SignInEndpoint.as_view(), name="sign-in"), path("sign-in/", SignInEndpoint.as_view(), name="sign-in"),
path("sign-up/", SignUpEndpoint.as_view(), name="sign-up"),
path("sign-out/", SignOutEndpoint.as_view(), name="sign-out"), path("sign-out/", SignOutEndpoint.as_view(), name="sign-out"),
# Magic Sign In/Up # Magic Sign In/Up
path( path(
@ -95,8 +116,6 @@ urlpatterns = [
ForgotPasswordEndpoint.as_view(), ForgotPasswordEndpoint.as_view(),
name="forgot-password", name="forgot-password",
), ),
# List Users
path("users/", PeopleEndpoint.as_view()),
# User Profile # User Profile
path( path(
"users/me/", "users/me/",
@ -654,9 +673,4 @@ urlpatterns = [
name="project-module-issues", name="project-module-issues",
), ),
## End Modules ## End Modules
# path(
# "issues/<int:pk>/all/",
# IssueViewSet.as_view({"get": "list_issue_history_comments"}),
# name="Issue history and comments",
# ),
] ]

2
apiserver/plane/api/views/__init__.py
View File

@ -13,7 +13,6 @@ from .project import (
ProjectMemberUserEndpoint, ProjectMemberUserEndpoint,
) )
from .people import ( from .people import (
PeopleEndpoint,
UserEndpoint, UserEndpoint,
UpdateUserOnBoardedEndpoint, UpdateUserOnBoardedEndpoint,
) )
@ -64,6 +63,7 @@ from .auth_extended import (
from .authentication import ( from .authentication import (
SignUpEndpoint,
SignInEndpoint, SignInEndpoint,
SignOutEndpoint, SignOutEndpoint,
MagicSignInEndpoint, MagicSignInEndpoint,

6
apiserver/plane/api/views/asset.py
View File

@ -6,7 +6,7 @@ from sentry_sdk import capture_exception
# Module imports # Module imports
from .base import BaseAPIView from .base import BaseAPIView
from plane.db.models import FileAsset, Workspace from plane.db.models import FileAsset
from plane.api.serializers import FileAssetSerializer from plane.api.serializers import FileAssetSerializer
@ -18,8 +18,8 @@ class FileAssetEndpoint(BaseAPIView):
A viewset for viewing and editing task instances. A viewset for viewing and editing task instances.
""" """
def get(self, request): def get(self, request, slug):
files = FileAsset.objects.all() files = FileAsset.objects.filter(workspace__slug=slug)
serializer = FileAssetSerializer(files, context={"request": request}, many=True) serializer = FileAssetSerializer(files, context={"request": request}, many=True)
return Response(serializer.data) return Response(serializer.data)

1
apiserver/plane/api/views/issue.py
View File

@ -4,7 +4,6 @@ from itertools import groupby, chain
# Django imports # Django imports
from django.db.models import Prefetch from django.db.models import Prefetch
from django.db.models import Count, Sum
from django.core.serializers.json import DjangoJSONEncoder from django.core.serializers.json import DjangoJSONEncoder
# Third Party imports # Third Party imports

37
apiserver/plane/api/views/people.py
View File

@ -7,48 +7,11 @@ from sentry_sdk import capture_exception
# Module imports # Module imports
from plane.api.serializers import ( from plane.api.serializers import (
UserSerializer, UserSerializer,
WorkSpaceSerializer,
) )
from plane.api.views.base import BaseViewSet, BaseAPIView from plane.api.views.base import BaseViewSet, BaseAPIView
from plane.db.models import User, Workspace from plane.db.models import User, Workspace
class PeopleEndpoint(BaseAPIView):
filterset_fields = ("date_joined",)
search_fields = (
"^first_name",
"^last_name",
"^email",
"^username",
)
def get(self, request):
try:
users = User.objects.all().order_by("-date_joined")
if (
request.GET.get("search", None) is not None
and len(request.GET.get("search")) < 3
):
return Response(
{"message": "Search term must be at least 3 characters long"},
status=status.HTTP_400_BAD_REQUEST,
)
return self.paginate(
request=request,
queryset=self.filter_queryset(users),
on_results=lambda data: UserSerializer(data, many=True).data,
)
except Exception as e:
capture_exception(e)
return Response(
{"message": "Something went wrong please try again later"},
status=status.HTTP_400_BAD_REQUEST,
)
class UserEndpoint(BaseViewSet): class UserEndpoint(BaseViewSet):
serializer_class = UserSerializer serializer_class = UserSerializer
model = User model = User