tanner/spaceport
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add API route to get backup URL

Browse Source
This commit is contained in:
Tanner Collin 2020-02-16 04:59:02 +00:00
parent dcfc16d20d
commit 8b9486fc5f
3 changed files with 34 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apiserver/apiserver/api/permissions.py
View File

@ -5,7 +5,16 @@ class AllowMetadata(BasePermission):
return request.method in ['OPTIONS', 'HEAD'] return request.method in ['OPTIONS', 'HEAD']
def is_admin_director(user): def is_admin_director(user):
return bool(user.is_staff or user.member.is_director or user.member.is_staff) if user.is_staff:
return True
if hasattr(user, 'member'):
if user.member.is_director:
return True
if user.member.is_staff:
return True
return False
class IsObjOwnerOrAdmin(BasePermission): class IsObjOwnerOrAdmin(BasePermission):
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):

25
apiserver/apiserver/api/views.py
View File

@ -1,7 +1,7 @@
from django.contrib.auth.models import User, Group from django.contrib.auth.models import User, Group
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404, redirect
from django.db.models import Max from django.db.models import Max
from django.http import HttpResponse from django.http import HttpResponse, Http404
from django.core.files.base import File from django.core.files.base import File
from django.core.cache import cache from django.core.cache import cache
from rest_framework import viewsets, views, mixins, generics, exceptions from rest_framework import viewsets, views, mixins, generics, exceptions
@ -26,6 +26,7 @@ from .permissions import (
IsAdminOrReadOnly, IsAdminOrReadOnly,
IsInstructorOrReadOnly IsInstructorOrReadOnly
) )
from .. import settings
# define some shortcuts # define some shortcuts
Base = viewsets.GenericViewSet Base = viewsets.GenericViewSet
@ -331,6 +332,26 @@ class StatsView(views.APIView):
return Response(stats) return Response(stats)
class BackupView(views.APIView):
def get(self, request):
if not is_admin_director(self.request.user):
raise exceptions.PermissionDenied()
backup_path = cache.get('backup_path')
backup_url = 'https://static.{}/backups/{}'.format(
settings.PRODUCTION_HOST,
backup_path,
)
if not backup_path:
raise Http404
if request.META['HTTP_USER_AGENT'].lower().startswith('wget'):
return redirect(backup_url)
else:
return Response(dict(url=backup_url))
class RegistrationView(RegisterView): class RegistrationView(RegisterView):
serializer_class = serializers.MyRegisterSerializer serializer_class = serializers.MyRegisterSerializer

1
apiserver/apiserver/urls.py
View File

@ -30,5 +30,6 @@ urlpatterns = [
url(r'^user/', views.UserView.as_view(), name='user'), url(r'^user/', views.UserView.as_view(), name='user'),
url(r'^ping/', views.PingView.as_view(), name='ping'), url(r'^ping/', views.PingView.as_view(), name='ping'),
url(r'^stats/', views.StatsView.as_view(), name='stats'), url(r'^stats/', views.StatsView.as_view(), name='stats'),
url(r'^backup/', views.BackupView.as_view(), name='backup'),
url(IPN_ROUTE, views.IpnView.as_view(), name='ipn'), url(IPN_ROUTE, views.IpnView.as_view(), name='ipn'),
] ]