technicie/MarietjeDjango
1
0
Fork 0
mirror of https://gitlab.science.ru.nl/technicie/MarietjeDjango.git synced 2025-12-10 11:32:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

Change player to OAuth protocol

Browse Source
This commit is contained in:
Lars van Rhijn
2023-11-12 09:33:19 +01:00
parent 66ac1076d3
commit d55ff6c8c6
16 changed files with 206 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

121
marietje/queues/api/v1/views.py
View File

@ -1,4 +1,13 @@
from rest_framework.generics import ListAPIView, RetrieveAPIView, get_object_or_404, CreateAPIView, DestroyAPIView
from oauth2_provider.views.mixins import ClientProtectedResourceMixin
from rest_framework import status, mixins
from rest_framework.generics import (
ListAPIView,
RetrieveAPIView,
get_object_or_404,
CreateAPIView,
DestroyAPIView,
UpdateAPIView,
)
from rest_framework.views import APIView
from rest_framework.response import Response
@ -6,9 +15,14 @@ from marietje.api.openapi import CustomAutoSchema
from marietje.api.permissions import IsAuthenticatedOrTokenHasScopeForMethod
from django.http import Http404
from queues.api.v1.serializers import PlaylistSerializer, QueueSerializer, PlaylistSongSerializer
from queues.api.v1.serializers import (
PlaylistSerializer,
QueueSerializer,
PlaylistSongSerializer,
QueueCommandSerializer,
)
from queues.exceptions import RequestException
from queues.models import Playlist, PlaylistSong, QueueCommand
from queues.models import Playlist, PlaylistSong, QueueCommand, Queue
from queues.services import get_user_or_default_queue
from songs.counters import request_counter
from songs.models import Song
@ -47,13 +61,58 @@ class QueueAPIView(APIView):
}
)
def get(self, request, **kwargs):
queue = get_user_or_default_queue(request)
def get_object(self):
queue = get_user_or_default_queue(self.request)
if queue is None:
raise Http404()
return queue
def get(self, request, **kwargs):
queue = self.get_object()
return Response(status=200, data=self.serializer_class(queue).data)
class QueueUpdateAPIView(ClientProtectedResourceMixin, UpdateAPIView):
serializer_class = QueueSerializer
queryset = Queue.objects.all()
permission_classes = [IsAuthenticatedOrTokenHasScopeForMethod]
required_scopes_for_method = {"PUT": ["write"], "PATCH": ["write"]}
schema = CustomAutoSchema(
response_schema={
"type": "object",
"properties": {
"id": {"type": "int", "example": 1},
"name": {"type": "string", "example": "string"},
"playlist": {"type": "int", "example": 1},
"random_playlist": {"type": "int", "example": 1},
"current_song": {"$ref": "#/components/schemas/PlaylistSong"},
"queue": {"type": "array", "items": {"$ref": "#/components/schemas/PlaylistSong"}},
"started_at": {"type": "string", "format": "date-time", "nullable": True},
},
}
)
def put(self, request, **kwargs):
queue = self.get_object()
if queue.oauth_client is None or queue.oauth_client != request.auth.application:
return Response(
{"detail": "Unauthorized"},
status=status.HTTP_401_UNAUTHORIZED,
)
else:
return super(QueueUpdateAPIView, self).put(request, **kwargs)
def patch(self, request, **kwargs):
queue = self.get_object()
if queue.oauth_client is None or queue.oauth_client != request.auth.application:
return Response(
{"detail": "Unauthorized"},
status=status.HTTP_401_UNAUTHORIZED,
)
else:
return super(QueueUpdateAPIView, self).patch(request, **kwargs)
class QueueSkipAPIView(APIView):
serializer_class = QueueSerializer
permission_classes = [IsAuthenticatedOrTokenHasScopeForMethod]
@ -80,12 +139,14 @@ class QueueSkipAPIView(APIView):
if queue is None:
return Response(status=404)
playlist_song = request.user.queue.current_song()
if (
request.user is not None
and playlist_song.user != request.user
and not request.user.has_perm("queues.can_skip")
):
playlist_song = queue.current_song()
if request.user is not None:
if playlist_song.user != request.user and not request.user.has_perm("queues.can_skip"):
return Response(status=403)
elif request.auth is not None:
if queue.oauth_client is None or request.auth.application != queue.oauth_client:
return Response(status=403)
else:
return Response(status=403)
playlist_song.state = 2
@ -260,3 +321,41 @@ class QueueMuteAPIView(APIView):
return Response(status=403)
QueueCommand.objects.create(queue=queue, command="mute")
return Response(status=200, data=self.serializer_class(queue).data)
class QueueCommandListAPIView(ClientProtectedResourceMixin, ListAPIView):
serializer_class = QueueCommandSerializer
queryset = QueueCommand.objects.all()
permission_classes = [IsAuthenticatedOrTokenHasScopeForMethod]
required_scopes_for_method = {"GET": ["read"]}
def get_queryset(self):
queue = get_object_or_404(Queue, pk=self.kwargs.get("pk"))
self.queryset.filter(queue=queue)
def get(self, request, **kwargs):
queue = get_object_or_404(Queue, pk=kwargs.get("pk"))
if queue.oauth_client is None or queue.oauth_client != request.auth.application:
return Response(
{"detail": "Unauthorized"},
status=status.HTTP_401_UNAUTHORIZED,
)
else:
return super(QueueCommandListAPIView, self).get(request, **kwargs)
class QueueCommandDestroyAPIView(ClientProtectedResourceMixin, DestroyAPIView):
serializer_class = QueueCommandSerializer
queryset = QueueCommand.objects.all()
permission_classes = [IsAuthenticatedOrTokenHasScopeForMethod]
required_scopes_for_method = {"DELETE": ["write"]}
def delete(self, request, **kwargs):
queue_command = self.get_object()
if queue_command.queue.oauth_client is None or queue_command.queue.oauth_client != request.auth.application:
return Response(
{"detail": "Unauthorized"},
status=status.HTTP_401_UNAUTHORIZED,
)
else:
return super(QueueCommandDestroyAPIView, self).delete(request, **kwargs)