78 lines
2.9 KiB
Python
78 lines
2.9 KiB
Python
from django.db.models import Q
|
|
from rest_framework import status
|
|
from rest_framework.parsers import FormParser, MultiPartParser
|
|
from rest_framework.permissions import IsAuthenticated
|
|
from rest_framework.response import Response
|
|
from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet
|
|
|
|
from apps.accounts.models import Role
|
|
from apps.knowledge.models import RoleRagDocument, TrainingFile
|
|
from apps.knowledge.serializers import RoleRagDocumentSerializer, TrainingFileSerializer
|
|
|
|
|
|
class TrainingFileViewSet(ModelViewSet):
|
|
queryset = TrainingFile.objects.all()
|
|
serializer_class = TrainingFileSerializer
|
|
permission_classes = [IsAuthenticated]
|
|
parser_classes = [MultiPartParser, FormParser]
|
|
lookup_field = 'uuid'
|
|
|
|
def get_queryset(self):
|
|
user = self.request.user
|
|
queryset = TrainingFile.objects.filter(
|
|
Q(role__organization__owner=user) |
|
|
Q(role__organization__members=user)
|
|
).distinct()
|
|
|
|
organization_uuid = self.request.query_params.get('organization_uuid')
|
|
if organization_uuid:
|
|
queryset = queryset.filter(role__organization__uuid=organization_uuid)
|
|
|
|
return queryset
|
|
|
|
def perform_create(self, serializer):
|
|
role_uuid = self.request.data.get('role')
|
|
|
|
try:
|
|
role = Role.objects.get(uuid=role_uuid)
|
|
except Role.DoesNotExist:
|
|
return Response({'error': 'Role not found'}, status=status.HTTP_404_NOT_FOUND)
|
|
|
|
is_owner = role.organization.owner == self.request.user
|
|
is_member = role.organization.members.filter(uuid=self.request.user.uuid).exists()
|
|
|
|
if not (is_owner or is_member):
|
|
return Response({'error': 'Permission denied'}, status=status.HTTP_403_FORBIDDEN)
|
|
|
|
serializer.save(
|
|
uploaded_by=self.request.user,
|
|
role=role,
|
|
file_name=self.request.FILES['file'].name,
|
|
file_size=self.request.FILES['file'].size,
|
|
file_type=self.request.FILES['file'].content_type
|
|
)
|
|
|
|
def destroy(self, request, *args, **kwargs):
|
|
instance = self.get_object()
|
|
|
|
is_uploader = instance.uploaded_by == request.user
|
|
is_org_owner = instance.role.organization.owner == request.user
|
|
|
|
if not (is_uploader or is_org_owner or request.user.is_manager):
|
|
return Response({'error': 'Permission denied'}, status=status.HTTP_403_FORBIDDEN)
|
|
|
|
return super().destroy(request, *args, **kwargs)
|
|
|
|
|
|
class RoleRagDocumentViewSet(ReadOnlyModelViewSet):
|
|
queryset = RoleRagDocument.objects.all()
|
|
serializer_class = RoleRagDocumentSerializer
|
|
permission_classes = [IsAuthenticated]
|
|
lookup_field = 'uuid'
|
|
|
|
def get_queryset(self):
|
|
user = self.request.user
|
|
return RoleRagDocument.objects.filter(
|
|
Q(role__organization__owner=user) |
|
|
Q(role__organization__members=user)
|
|
).distinct()
|