Core

Embedded resources

VosaeUserSettings

class core.models.embedded.VosaeUserSettings(*args, **kwargs)

Settings related to a VosaeUser.

class core.api.resources.embedded.VosaeUserSettingsResource(api_name=None)

VosaePermissions

class core.models.embedded.VosaePermissions(*args, **kwargs)

Permissions on Vosae.

by_module(module)

List VosaePermissions module per module.

merge_group(permissions)

Merge a group VosaePermissions object into the current one.

merge_groups(groups)

Recursively process merging of groups permissions.

merge_groups_and_user(groups, user)

Merge group and user perms into the current one.

merge_user(specific_permissions)

Merge a user VosaePermissions object into the current one.

refresh_acquired()

Refresh the acquired list, based on current permissions

ReportSettings

class core.models.embedded.ReportSettings(*args, **kwargs)

ReportSettings stores various informations used to customize reports

class core.api.resources.embedded.ReportSettingsResource(api_name=None)

RegistrationInfo

class core.models.embedded.RegistrationInfo(*args, **kwargs)

Registration info base class composed by informations common to every country such as:

  • Business entity (Inc., Ltd., GmBh, SA, etc.)
  • Share capital
class core.api.resources.embedded.RegistrationInfoResource(api_name=None)

Localized RegistrationInfo

class core.models.embedded.BERegistrationInfo(*args, **kwargs)

Belgium registration infos

class core.api.resources.embedded.BERegistrationInfoResource(api_name=None)

class core.models.embedded.CHRegistrationInfo(*args, **kwargs)

Switzerland registration infos Currently adds:

  • VAT number (since Switzerland is not compound by EURegistrationInfoMixin)
class core.api.resources.embedded.CHRegistrationInfoResource(api_name=None)

class core.models.embedded.FRRegistrationInfo(*args, **kwargs)

France registration infos

Currently adds:

  • SIRET number
  • RCS number
class core.api.resources.embedded.FRRegistrationInfoResource(api_name=None)

class core.models.embedded.GBRegistrationInfo(*args, **kwargs)

Great Britain registration infos

class core.api.resources.embedded.GBRegistrationInfoResource(api_name=None)

class core.models.embedded.LURegistrationInfo(*args, **kwargs)

Luxembourg registration infos

class core.api.resources.embedded.LURegistrationInfoResource(api_name=None)

class core.models.embedded.USRegistrationInfo(*args, **kwargs)

United States registration infos

class core.api.resources.embedded.USRegistrationInfoResource(api_name=None)

class core.models.embedded.BERegistrationInfo(*args, **kwargs)

Belgium registration infos

class core.api.resources.embedded.BERegistrationInfoResource(api_name=None)

Main resources

VosaeCustomer

class core.models.VosaeCustomer(*args, **values)

The VosaeCustomer represent the customer organization in the Vosae’s SaaS environnement.

class Address(*args, **kwargs)

An address wrapper which can be embedded in any object.

static concat_fields(field1, field2)

Method used in the get_formatted() method to concatenate fields like state and country.

get_formatted()

Returns a concatenated list of Address attributes:

  • Street address
  • Extended address, post office box
  • Postal code, City
  • State, Country
VosaeCustomer.delete(force=False, cascade=True, *args, **kwargs)

Secure hook to delete customers.

Parameters:
  • force – security, must explicitely set force to True to confirm deletion
  • cascade – also deletes all linked documents, default to True
classmethod VosaeCustomer.post_save(sender, document, created, **kwargs)

If created, the VosaeCustomer should be initialized.

classmethod VosaeCustomer.pre_save(sender, document, **kwargs)

If the slug does not exists (eg. on creation), it is generated.

classmethod VosaeCustomer.pre_save_post_validation(sender, document, **kwargs)

The VosaeCustomer is associated to a Django group. If the group doesn’t exist, it is created.

class core.api.resources.VosaeCustomerResource(api_name=None)
full_hydrate(bundle)

Handle specific fields (supported_currencies/default_currency) on creation

get_object_list(request)

Filters associated customers

obj_create(bundle, **kwargs)

Some mandatory actions shoud be synchrounous after VosaeCustomer creation but before returning the response and should not be in post_save hooks since issuer is required (got from request).

These actions are:

  • Adding the creator to the Django group (represents the VosaeCustomer)
  • Creation of the VosaeUser linked to the customer
  • Initial data filling

VosaeGroup

class core.models.VosaeGroup(*args, **values)

A group to organize VosaeCustomer‘s permissions.

delete(force=False, *args, **kwargs)

Prevent deletion of the “admin” group. It is immutable by default.

classmethod post_delete(sender, document, **kwargs)

Post delete hook handler

  • De-index group from elasticsearch
classmethod post_save(sender, document, **kwargs)

Post save hook handler

  • Refresh all related VosaeUser permissions. Occurs in a delayed task.
  • Index group in elasticsearch
classmethod pre_save(sender, document, **kwargs)

Pre save hook handler

  • Refresh group’s permissions cache
save(force=False, *args, **kwargs)

Prevent save of the “admin” group. It is immutable by default.

class core.api.resources.VosaeGroupResource(api_name=None)
dehydrate_permissions(bundle)

Returns the list of acquired permissions

full_hydrate(bundle)

Set the creator on POST

hydrate_permissions(bundle)

Hydrate the permissions dict from a simple list of granted permissions

VosaeUser

class core.models.VosaeUser(*args, **values)

A user class linking VosaeCustomer to Django’s user in our SaaS environnement.

get_full_name()

Return the VosaeUser full name, based on the Django user.

has_perm(perm)

True if the VosaeUser has the specified permission and if the VosaeCustomer has the corresponding subscription active.

photo_uri

Return the photo URI (if available).

classmethod post_delete(sender, document, **kwargs)

Post delete hook handler

  • Removes the django user from the django group
  • De-index user from elasticsearch
classmethod post_save(sender, document, created, **kwargs)

Post save hook handler

  • Initialize user on creation
  • Index user in elasticsearch
classmethod pre_save(sender, document, **kwargs)

Merge groups and own permissions and refresh cache

classmethod pre_save_post_validation(sender, document, **kwargs)

When creating a VosaeUser we check for the django user corresponding mail.

If user does not exist, it will be created.

class core.api.resources.VosaeUserResource(api_name=None)
dehydrate_permissions(bundle)

Returns the list of acquired permissions

hydrate_email(bundle)

Email can only be used on POST (creation) in order to link the VosaeUser to the Django user.

obj_create(bundle, **kwargs)

Fills initial data (based on request’s language) after VosaeUser creation

VosaeFile

class core.models.VosaeFile(*args, **values)

A wrapper for a file stored through django-storages.

Returns the download link.

Has the ‘attachment’ header, which forces download.

classmethod pre_delete(sender, document, **kwargs)

Pre delete hook handler

  • Process deletion of the GridFS file before the wrapper.
classmethod pre_save(sender, document, **kwargs)

Pre save hook handler.

  • Retrieve uploaded_file. If set on instanciation, present in _data, else present as attribute
  • Compute SHA1 checksum, extract content-type, size, name
  • Saves on storage backend

Returns the stream link.

Mainly used to display images, like Contacts photos.

class core.api.resources.VosaeFileResource(api_name=None)
dehydrate(bundle)

Removes extra fields from the response, if exists

hydrate(bundle)

Handle pipeline operations

API utilities

Authentication

class core.api.utils.VosaeSessionAuthentication(require_active=True)

Session-based authentication handler. Used for webapp auth.

class core.api.utils.VosaeApiKeyAuthentication(require_active=True)

Handles API key auth, in which a user provides a email & API key.

Uses the ApiKey model that ships with tastypie. If you wish to use a different model, override the get_key method to perform the key check as suits your needs.

get_identifier(request)

Provides a unique string identifier for the requestor.

This implementation returns the user’s email.

get_key(user, api_key)

Attempts to find the API key for the user. Uses ApiKey by default but can be overridden.

is_authenticated(request, **kwargs)

Finds the user and checks their API key.

Should return either True if allowed, False if not or an HttpResponse if you need something custom.

Authorization

class core.api.utils.VosaeGenericAuthorization
base_checks(request, model_klass)

Basic authorization checks, such as:

  • Logged-in verification
  • Application access
  • Mandatory permissions granted
class core.api.utils.VosaeUserAuthorization
create_detail(object_list, bundle)

Returns True if creation is possible

create_list(object_list, bundle)

Returns the list if creation is possible

delete_detail(object_list, bundle)

Returns True if deletable

delete_list(object_list, bundle)

Returns the list if deletable

read_detail(object_list, bundle)

Return True id readable or raises Unauthorized exception

read_list(object_list, bundle)

Returns readable objects

update_detail(object_list, bundle)

Returns True if updatable

update_list(object_list, bundle)

Returns the list if updatable

Mixins

class core.api.utils.MultipartMixinResource

Mixin used to handle binary uploads through tastypie

class core.api.utils.VosaeIMEXMixinResource

Mixin for import/export operations

prepend_urls()

Add urls for resources import/export.

class core.api.utils.ZombieMixinResource(api_name=None)

Zombie resources can not be deleted. A special status flag is set. Zombie can still be accessed, but only on a detail request.

get_object_list(request)

Only display non-INACTIVE elements when getting list

class core.api.utils.WakeUpMixinResource

Mixin used to “wake up” (usually re-activate) a resource

class core.api.utils.RemoveFilesOnReplaceMixinResource

Mixin used to ensure that a replaced file is well deleted from its backend

Resources

class core.api.utils.VosaeResource(api_name=None)

Resource for defining embedded documents or not per-tenant documents (eg. Calendar, Currency, etc.)

create_response(request, data, response_class=<class 'django.http.response.HttpResponse'>, **response_kwargs)

Adds the X-RateLimit-* headers to the response

save(bundle, skip_errors=False)

Mix of tastypie and tastypie_mongoengine M2M are processed before main save

save_m2m(bundle)

Same of tastypie_mongoengine but without the part saving the related resources. In our case, done by the main save()

Same of tastypie but without the part saving the related resource. In our case, done by the main save()

throttle_check(request)

Handles checking if the user should be throttled.

Mostly a hook, this uses class assigned to throttle from Resource._meta.

Backported from tastypie

wrap_view(view)

Wraps methods so they can be called in a more functional way as well as handling exceptions better.

Note that if BadRequest or an exception with a response attr are seen, there is special handling to either present a message back to the user or return the response traveling with the exception.

class core.api.utils.VosaeTenantResource(api_name=None)

Resource for defining per-tenant documents

get_object_list(request)

Filters queryset based on the customer

hydrate(bundle)

Automatically set customer to resource object

Throttling

class core.api.utils.VosaeCacheThrottle(throttle_at=150, timeframe=3600, expiration=None)

A throttling mechanism that uses our dedicated API cache.

Backported from tastypie