Replace 'isSuperUser' with specific roles required for frontend

Author: margaretmeehan

app/api/models.py

@@ -4,6 +4,7 @@
 from django.dispatch import receiver
 from django.db.models.signals import post_save, pre_save, pre_delete
 from django.urls import reverse
+from django.conf import settings
 from django.contrib.auth.models import User
 from django.contrib.staticfiles.storage import staticfiles_storage
 from django.core.exceptions import ValidationError
@@ -270,15 +271,44 @@ class Meta:
 
 @receiver(post_save, sender=RoleMapping)
 def add_linked_project(sender, instance, created, **kwargs):
+    if not created:
+        return
     userInstance = instance.user
     projectInstance = instance.project
-    if created and userInstance and projectInstance:
+    if userInstance and projectInstance:
         user = User.objects.get(pk=userInstance.pk)
         project = Project.objects.get(pk=projectInstance.pk)
         user.projects.add(project)
         user.save()
 
 
+@receiver(post_save)
+def add_superusers_to_project(sender, instance, created, **kwargs):
+    if not created:
+        return
+    if sender not in Project.__subclasses__():
+        return
+    superusers = User.objects.filter(is_superuser=True)
+    admin_role = Role.objects.filter(name=settings.ROLE_PROJECT_ADMIN).first()
+    if superusers and admin_role:
+        RoleMapping.objects.bulk_create(
+            [RoleMapping(role_id=admin_role.id, user_id=superuser.id, project_id=instance.id)
+             for superuser in superusers]
+        )
+
+
+@receiver(post_save, sender=User)
+def add_new_superuser_to_projects(sender, instance, created, **kwargs):
+    if created and instance.is_superuser:
+        admin_role = Role.objects.filter(name=settings.ROLE_PROJECT_ADMIN).first()
+        projects = Project.objects.all()
+        if admin_role and projects:
+            RoleMapping.objects.bulk_create(
+                [RoleMapping(role_id=admin_role.id, user_id=instance.id, project_id=project.id)
+                 for project in projects]
+            )
+
+
 @receiver(pre_delete, sender=RoleMapping)
 def delete_linked_project(sender, instance, using, **kwargs):
     userInstance = instance.user

app/api/permissions.py

@@ -12,13 +12,6 @@ def get_project_id(self, request, view):
         return view.kwargs.get('project_id') or request.query_params.get('project_id')
 
 
-class IsProjectUser(ProjectMixin, BasePermission):
-
-    def has_permission(self, request, view):
-        project = get_object_or_404(Project, pk=self.get_project_id(request, view))
-        return user in project.users.all()
-
-
 class IsAdminUserAndWriteOnly(BasePermission):
 
     def has_permission(self, request, view):
@@ -74,19 +67,20 @@ class IsProjectAdmin(RolePermission):
     role_name = settings.ROLE_PROJECT_ADMIN
 
 
-class IsAnnotatorAndCreator(RolePermission):
-    unsafe_methods_check = False
+class IsAnnotatorAndReadOnly(RolePermission):
     role_name = settings.ROLE_ANNOTATOR
 
-
 class IsAnnotator(RolePermission):
+    unsafe_methods_check = False
     role_name = settings.ROLE_ANNOTATOR
 
+class IsAnnotationApproverAndReadOnly(RolePermission):
+    role_name = settings.ROLE_ANNOTATION_APPROVER
 
 class IsAnnotationApprover(RolePermission):
+    unsafe_methods_check = False
     role_name = settings.ROLE_ANNOTATION_APPROVER
 
-
 def is_in_role(role_name, user_id, project_id):
     return RoleMapping.objects.filter(
         user_id=user_id,

app/api/serializers.py

@@ -1,4 +1,6 @@
+from django.conf import settings
 from django.contrib.auth import get_user_model
+from django.shortcuts import get_object_or_404
 from rest_framework import serializers
 from rest_polymorphic.serializers import PolymorphicSerializer
 from rest_framework.exceptions import ValidationError
@@ -77,39 +79,56 @@ class Meta:
 
 
 class ProjectSerializer(serializers.ModelSerializer):
+    current_users_role = serializers.SerializerMethodField()
+
+    def get_current_users_role(self, instance):
+        role_abstractor = {
+            "is_project_admin": settings.ROLE_PROJECT_ADMIN,
+            "is_annotator": settings.ROLE_ANNOTATOR,
+            "is_annotation_approver": settings.ROLE_ANNOTATION_APPROVER,
+        }
+        queryset = RoleMapping.objects.values("role_id__name")
+        if queryset:
+            users_role = get_object_or_404(
+                queryset, project=instance.id, user=self.context.get("request").user.id
+            )
+            for key, val in role_abstractor.items():
+                role_abstractor[key] = users_role["role_id__name"] == val
+        return role_abstractor
 
     class Meta:
         model = Project
-        fields = ('id', 'name', 'description', 'guideline', 'users', 'project_type', 'image', 'updated_at',
-                  'randomize_document_order', 'collaborative_annotation')
-        read_only_fields = ('image', 'updated_at')
+        fields = ('id', 'name', 'description', 'guideline', 'users', 'current_users_role', 'project_type', 'image',
+                  'updated_at', 'randomize_document_order', 'collaborative_annotation')
+        read_only_fields = ('image', 'updated_at', 'current_users_role')
 
 
-class TextClassificationProjectSerializer(serializers.ModelSerializer):
+class TextClassificationProjectSerializer(ProjectSerializer):
 
     class Meta:
         model = TextClassificationProject
-        fields = ('id', 'name', 'description', 'guideline', 'users', 'project_type', 'image', 'updated_at',
-                  'randomize_document_order')
-        read_only_fields = ('image', 'updated_at', 'users')
+        fields = ('id', 'name', 'description', 'guideline', 'users', 'current_users_role', 'project_type', 'image',
+                  'updated_at', 'randomize_document_order')
+        read_only_fields = ('image', 'updated_at', 'users', 'current_users_role')
 
 
-class SequenceLabelingProjectSerializer(serializers.ModelSerializer):
+class SequenceLabelingProjectSerializer(ProjectSerializer):
+
 
     class Meta:
         model = SequenceLabelingProject
-        fields = ('id', 'name', 'description', 'guideline', 'users', 'project_type', 'image', 'updated_at',
-                  'randomize_document_order')
-        read_only_fields = ('image', 'updated_at', 'users')
+        fields = ('id', 'name', 'description', 'guideline', 'users', 'current_users_role', 'project_type', 'image',
+                  'updated_at', 'randomize_document_order')
+        read_only_fields = ('image', 'updated_at', 'users', 'current_users_role')
 
 
-class Seq2seqProjectSerializer(serializers.ModelSerializer):
+class Seq2seqProjectSerializer(ProjectSerializer):
 
     class Meta:
         model = Seq2seqProject
-        fields = ('id', 'name', 'description', 'guideline', 'users', 'project_type', 'image', 'updated_at',
-                  'randomize_document_order')
-        read_only_fields = ('image', 'updated_at', 'users')
+        fields = ('id', 'name', 'description', 'guideline', 'users', 'current_users_role', 'project_type', 'image',
+                  'updated_at', 'randomize_document_order')
+        read_only_fields = ('image', 'updated_at', 'users', 'current_users_role')
 
 
 class ProjectPolymorphicSerializer(PolymorphicSerializer):