VladislavOstapov/arka-api
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

исправлена внутренняя ошибка связанная с рефакторингом (access_token.owner -> access_token.user)

Browse Source
This commit is contained in:
VladislavOstapov 2023-03-28 16:52:47 +03:00
parent 1c766a17ec
commit 2cb3af88b8
1 changed files with 21 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
api/api_methods.py
View File

@ -1,12 +1,8 @@
import random
from django.core.exceptions import ValidationError
from django.http import HttpResponse, HttpResponseBadRequest
from .api_utils import *
from .api_params import *
from .models import *
from .api_media_utils import *
import time
from django.core.exceptions import ValidationError
from .api_media_utils import *
from .api_utils import *
from .models import *
def _make_model_validation_errors(validation_error: ValidationError, api_err=API_ERROR_OBJECT_VALIDATION):
@ -147,7 +143,7 @@ class ApiAccount:
params=[ApiParamAccessToken()],
returns="Стандартный ответ успеха, в случае успеха")
async def delete(access_token):
user = access_token.owner
user = access_token.user
await sync_to_async(user.delete)()
return api_make_response({})
@ -163,9 +159,9 @@ class ApiAccount:
returns="Поля пользователя (name, surname, email, phone и прочие).")
async def get(access_token, user_id):
if user_id is None:
user = access_token.owner
user = access_token.user
else:
user = await access_token.owner.get_by_id(user_id)
user = await access_token.user.get_by_id(user_id)
if user is None:
return make_error_object(Exception(API_ERROR_NOT_FOUND, {"user": user_id}))
@ -193,7 +189,7 @@ class ApiAccount:
],
returns="Вернет основную информацию о пользователе, иначе ошибки")
async def edit(access_token, name, surname, about, executor_type, executor_inn, city):
user = access_token.owner
user = access_token.user
executor_need_save, need_save = False, False
if name is not None:
@ -268,7 +264,7 @@ class ApiAccount:
],
returns="Вернет стандартный объект успеха")
async def change_phone(access_token, password, phone, code):
user = access_token.owner
user = access_token.user
if not user.check_password(password):
raise Exception(API_ERROR_INVALID_PASSWORD)
@ -331,7 +327,7 @@ class ApiSecurity:
async def list_sessions(access_token, password):
sessions = await access_token.list_sessions()
if not access_token.owner.check_password(password):
if not access_token.user.check_password(password):
raise Exception(API_ERROR_INVALID_PASSWORD)
return api_make_response({
@ -357,7 +353,7 @@ class ApiSecurity:
],
returns="Вернет sessions: [{id: int, name: str, created: unix_timestamp}]")
async def remove_other_sessions(access_token, password):
if not access_token.owner.check_password(password):
if not access_token.user.check_password(password):
raise Exception(API_ERROR_INVALID_PASSWORD)
sessions = await access_token.list_sessions()
@ -389,7 +385,7 @@ class ApiSecurity:
],
returns="Вернет стандартный отъект в случае успеха")
async def remove_session(access_token, password, session):
if not access_token.owner.check_password(password):
if not access_token.user.check_password(password):
raise Exception(API_ERROR_INVALID_PASSWORD)
await access_token.delete_session(session)
@ -406,7 +402,7 @@ class ApiSecurity:
],
returns="Вернет стандартный объект успеха")
async def change_password(access_token, old_password, password):
user = access_token.owner
user = access_token.user
if not user.check_password(old_password):
raise Exception(API_ERROR_INVALID_PASSWORD, "old_password")
@ -563,7 +559,7 @@ class ApiOrder:
ApiOrder._check_write_permissions(access_token)
try:
order = await Order.objects.acreate(owner=access_token.owner, **kwargs)
order = await Order.objects.acreate(owner=access_token.user, **kwargs)
return api_make_response({"order_id": order.id})
except ValidationError as ve:
return _make_model_validation_errors(ve, API_ERROR_USER_MODIFY)
@ -581,7 +577,7 @@ class ApiOrder:
ApiOrder._check_write_permissions(access_token)
query = Order.objects.filter(id=order_id)
order = await query.afirst()
if order.owner_id != access_token.owner.id:
if order.owner_id != access_token.user.id:
raise Exception(API_ERROR_ACCESS_DENIED, 'edit operation allowed only for owner')
await query.aupdate(published=value)
@ -619,13 +615,13 @@ class ApiOrder:
if order_id is not None:
res = await query.aget(id=order_id)
if user_id is not None:
if access_token.owner.id == res.owner_id or (res.published and res.moderated):
if access_token.user.id == res.owner_id or (res.published and res.moderated):
return api_make_response([ApiOrder._order_to_json(res)])
else:
raise Exception(API_ERROR_NOT_ALLOWED, 'attempt access to closed order')
if user_id is not None:
user = await access_token.owner.get_by_id(user_id)
user = await access_token.user.get_by_id(user_id)
if user is None:
raise Exception(API_ERROR_NOT_FOUND, 'user')
if user.role != Account.ROLE_CUSTOMER:
@ -639,9 +635,9 @@ class ApiOrder:
@staticmethod
def _check_write_permissions(access_token):
if not access_token.owner.is_completed():
if not access_token.user.is_completed():
raise Exception(API_ERROR_NEED_COMPLETED_ACCOUNT)
if access_token.owner.role != Account.ROLE_CUSTOMER:
if access_token.user.role != Account.ROLE_CUSTOMER:
raise Exception(API_ERROR_NOT_ALLOWED, 'you must be a customer')
@ -696,11 +692,11 @@ class ApiMedia:
return make_error_object(Exception(API_ERROR_INVALID_REQUEST, "unsupported file extension"))
try:
storage_name = Media.generate_storage_name(filename, datetime.now(), access_token.owner)
storage_name = Media.generate_storage_name(filename, datetime.now(), access_token.user)
await sync_to_async(s3_upload_from_buffer)(storage_name, request.FILES['file'].read())
m = await Media.objects.acreate(user=access_token.owner, original_name=filename,
m = await Media.objects.acreate(user=access_token.user, original_name=filename,
extension=ext, storage_name=storage_name)
return api_make_response({'media_id': m.id})
except Exception: