fix user news creation, add NewsMapping class

Author: yakser

news/mapping.py

@@ -0,0 +1,30 @@
+from django.contrib.auth import get_user_model
+
+from partner_programs.models import PartnerProgram
+from projects.models import Project
+
+User = get_user_model()
+
+
+class NewsMapping:
+    """
+    Extracts title and image for news post from content_object
+    """
+
+    @classmethod
+    def get_name(cls, content_object) -> str:
+        if isinstance(content_object, User):
+            f"{content_object.first_name} {content_object.last_name}"
+        if isinstance(content_object, Project) or isinstance(
+            content_object, PartnerProgram
+        ):
+            return content_object.name
+
+    @classmethod
+    def get_image_address(cls, content_object) -> str:
+        if isinstance(content_object, User):
+            return content_object.avatar
+        if isinstance(content_object, Project) or isinstance(
+            content_object, PartnerProgram
+        ):
+            return content_object.image_address

news/permissions.py

@@ -1,8 +1,12 @@
+from django.contrib.auth import get_user_model
 from rest_framework import permissions
 from rest_framework.permissions import SAFE_METHODS
 
+from partner_programs.models import PartnerProgram
 from projects.models import Project
 
+User = get_user_model()
+
 
 class IsNewsCreatorOrReadOnly(permissions.BasePermission):
     def has_object_permission(self, request, view, obj):
@@ -12,12 +16,14 @@ def has_object_permission(self, request, view, obj):
         """
         if request.method in SAFE_METHODS:
             return True
-        if isinstance(obj.content_object, Project):
-            # it's a project
-            if obj.content_object.leader == request.user:
-                return True
-        else:
-            # it's a partner program
+        if (
+            isinstance(obj.content_object, Project)
+            and obj.content_object.leader == request.user
+        ):
+            return True
+        if isinstance(obj.content_object, User) and obj.content_object == request.user:
+            return True
+        if isinstance(obj.content_object, PartnerProgram):
             # TODO: implement
             pass
         return False
@@ -27,19 +33,23 @@ def has_permission(self, request, view):
         Creation permission
         Currently can only be created via admin panel
         """
-        # everybody can read this
         if request.method in SAFE_METHODS:
             return True
 
-        try:
-            # try to judge it as a project
-            project = Project.objects.get(pk=view.kwargs["project_pk"])
-            if request.method in SAFE_METHODS or (request.user == project.leader):
-                return True
-        except Project.DoesNotExist:
-            return False
-        except KeyError:
-            # It's a partner program, currently can only be created via admin
-            # TODO: implement
-            pass
+        if view.kwargs.get("project_pk"):
+            try:
+                project = Project.objects.get(pk=view.kwargs["project_pk"])
+                if request.method in SAFE_METHODS or (request.user == project.leader):
+                    return True
+            except Project.DoesNotExist:
+                return False
+
+        if view.kwargs.get("user_pk"):
+            try:
+                user = User.objects.get(pk=view.kwargs["user_pk"])
+                if request.method in SAFE_METHODS or (request.user == user):
+                    return True
+            except User.DoesNotExist:
+                return False
+
         return False

news/serializers.py

@@ -1,9 +1,13 @@
+from django.contrib.auth import get_user_model
 from rest_framework import serializers
 
 from core.services import is_fan, get_likes_count, get_views_count
 from files.serializers import UserFileSerializer
+from news.mapping import NewsMapping
 from news.models import News
 
+User = get_user_model()
+
 
 class NewsListSerializer(serializers.ModelSerializer):
     views_count = serializers.SerializerMethodField()
@@ -14,10 +18,10 @@ class NewsListSerializer(serializers.ModelSerializer):
     files = UserFileSerializer(many=True)
 
     def get_name(self, obj):
-        return obj.content_object.name
+        return NewsMapping.get_name(obj.content_object)
 
     def get_image_address(self, obj):
-        return obj.content_object.image_address
+        return NewsMapping.get_image_address(obj.content_object)
 
     def get_views_count(self, obj):
         return get_views_count(obj)
@@ -26,7 +30,6 @@ def get_likes_count(self, obj):
         return get_likes_count(obj)
 
     def get_is_user_liked(self, obj):
-        # fixme: move this method to helpers somewhere
         user = self.context.get("user")
         if user:
             return is_fan(obj, user)
@@ -55,10 +58,10 @@ class NewsDetailSerializer(serializers.ModelSerializer):
     is_user_liked = serializers.SerializerMethodField()
 
     def get_name(self, obj):
-        return obj.content_object.name
+        return NewsMapping.get_name(obj.content_object)
 
     def get_image_address(self, obj):
-        return obj.content_object.image_address
+        return NewsMapping.get_image_address(obj.content_object)
 
     def get_views_count(self, obj):
         return get_views_count(obj)

news/views.py

@@ -22,21 +22,25 @@ class NewsList(NewsQuerysetMixin, generics.ListCreateAPIView):
     pagination_class = NewsPagination
 
     def post(self, request, *args, **kwargs):
+        serializer = NewsListSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        data = serializer.validated_data
+
         if kwargs.get("project_pk"):
             project = get_object_or_404(Project, pk=kwargs["project_pk"])
-            news = News.objects.add_news(project, **request.data)
+            news = News.objects.add_news(project, **data)
             return Response(
                 NewsDetailSerializer(news).data, status=status.HTTP_201_CREATED
             )
-        elif kwargs.get("user_pk"):
+        if kwargs.get("user_pk"):
             user = get_object_or_404(User, pk=kwargs["user_pk"])
-            news = News.objects.add_news(user, **request.data)
+            news = News.objects.add_news(user, **data)
             return Response(
                 NewsDetailSerializer(news).data, status=status.HTTP_201_CREATED
             )
-        else:
-            # creating partner program news, not implemented yet, return 400
-            return Response(status=status.HTTP_400_BAD_REQUEST)
+
+        # creating partner program news, not implemented yet, return 400
+        return Response(status=status.HTTP_400_BAD_REQUEST)
 
     def get(self, request, *args, **kwargs):
         news = self.paginate_queryset(self.get_queryset())