WIP Convert ingest endpoints to ninja

isic/core/api/collection.py

@@ -1,7 +1,7 @@
 from django.contrib import messages
 from django.http.response import JsonResponse
 from django.shortcuts import get_object_or_404
-from ninja import ModelSchema, Router, Schema
+from ninja import Field, ModelSchema, Router, Schema
 from ninja.pagination import paginate
 from pydantic.types import conlist, constr
 
@@ -24,11 +24,7 @@ class Config:
         model = Collection
         model_fields = ["id", "name", "description", "public", "pinned", "locked", "doi"]
 
-    doi_url: str | None
-
-    @staticmethod
-    def resolve_doi_url(obj: Collection):
-        return obj.doi_url
+    doi_url: str | None = Field(alias="doi_url")
 
 
 @router.get("/", response=list[CollectionOut], summary="Return a list of collections.")

isic/core/permissions.py

@@ -10,11 +10,21 @@
 from django.db.models import Model
 from django.db.models.base import ModelBase
 from django.db.models.query import QuerySet
+from django.http.request import HttpRequest
 from django.shortcuts import get_object_or_404, resolve_url
 from django.utils.functional import wraps
+from ninja.security.session import SessionAuth
 from rest_framework.filters import BaseFilterBackend
 
 
+class SessionAuthStaffUser(SessionAuth):
+    def authenticate(self, request: HttpRequest, key: str | None) -> User | None:
+        if request.user.is_staff:
+            return request.user
+
+        return None
+
+
 class UserPermissions:
     model = User
     perms = ["view_staff"]

isic/core/tests/test_api_cohort.py

@@ -16,35 +16,35 @@ def cohorts(cohort, other_cohort):
 
 @pytest.mark.django_db
 @pytest.mark.parametrize(
-    "client,cohorts_,num_visible",
+    "client_,cohorts_,num_visible",
     [
-        [lazy_fixture("api_client"), lazy_fixture("cohorts"), 0],
-        [lazy_fixture("authenticated_api_client"), lazy_fixture("cohorts"), 1],
-        [lazy_fixture("staff_api_client"), lazy_fixture("cohorts"), 2],
+        [lazy_fixture("client"), lazy_fixture("cohorts"), 0],
+        [lazy_fixture("authenticated_client"), lazy_fixture("cohorts"), 1],
+        [lazy_fixture("staff_client"), lazy_fixture("cohorts"), 2],
     ],
     ids=[
         "guest",
         "user",
         "staff",
     ],
 )
-def test_core_api_cohort_list_permissions(client, cohorts_, num_visible):
-    r = client.get("/api/v2/cohorts/")
+def test_core_api_cohort_list_permissions(client_, cohorts_, num_visible):
+    r = client_.get("/api/v2/cohorts/")
 
-    assert r.status_code == 200, r.data
-    assert r.data["count"] == num_visible
+    assert r.status_code == 200, r.json()
+    assert r.json()["count"] == num_visible
 
 
 @pytest.mark.django_db
 @pytest.mark.parametrize(
-    "client,cohort_,visible",
+    "client_,cohort_,visible",
     [
-        [lazy_fixture("api_client"), lazy_fixture("cohort"), False],
-        [lazy_fixture("api_client"), lazy_fixture("other_cohort"), False],
-        [lazy_fixture("authenticated_api_client"), lazy_fixture("cohort"), True],
-        [lazy_fixture("authenticated_api_client"), lazy_fixture("other_cohort"), False],
-        [lazy_fixture("staff_api_client"), lazy_fixture("cohort"), True],
-        [lazy_fixture("staff_api_client"), lazy_fixture("other_cohort"), True],
+        [lazy_fixture("client"), lazy_fixture("cohort"), False],
+        [lazy_fixture("client"), lazy_fixture("other_cohort"), False],
+        [lazy_fixture("authenticated_client"), lazy_fixture("cohort"), True],
+        [lazy_fixture("authenticated_client"), lazy_fixture("other_cohort"), False],
+        [lazy_fixture("staff_client"), lazy_fixture("cohort"), True],
+        [lazy_fixture("staff_client"), lazy_fixture("other_cohort"), True],
     ],
     ids=[
         "guest-cohort-1-invisible",
@@ -55,11 +55,11 @@ def test_core_api_cohort_list_permissions(client, cohorts_, num_visible):
         "staff-cohort-2-visible",
     ],
 )
-def test_core_api_cohort_detail_permissions(client, cohort_, visible):
-    r = client.get(f"/api/v2/cohorts/{cohort_.pk}/")
+def test_core_api_cohort_detail_permissions(client_, cohort_, visible):
+    r = client_.get(f"/api/v2/cohorts/{cohort_.pk}/")
 
     if visible:
-        assert r.status_code == 200, r.data
-        assert r.data["id"] == cohort_.id
+        assert r.status_code == 200, r.json()
+        assert r.json()["id"] == cohort_.id
     else:
-        assert r.status_code == 404, r.data
+        assert r.status_code == 404, r.json()

isic/core/tests/test_api_contributor.py

@@ -4,39 +4,39 @@
 
 @pytest.mark.django_db
 @pytest.mark.parametrize(
-    "client,contributors_,num_visible",
+    "client_,contributors_,num_visible",
     [
-        [lazy_fixture("api_client"), lazy_fixture("contributors"), 0],
+        [lazy_fixture("client"), lazy_fixture("contributors"), 0],
         [
-            lazy_fixture("authenticated_api_client"),
+            lazy_fixture("authenticated_client"),
             lazy_fixture("contributors"),
             1,
         ],
-        [lazy_fixture("staff_api_client"), lazy_fixture("contributors"), 2],
+        [lazy_fixture("staff_client"), lazy_fixture("contributors"), 2],
     ],
     ids=[
         "guest",
         "user",
         "staff",
     ],
 )
-def test_core_api_contributor_list_permissions(client, contributors_, num_visible):
-    r = client.get("/api/v2/contributors/")
+def test_core_api_contributor_list_permissions(client_, contributors_, num_visible):
+    r = client_.get("/api/v2/contributors/")
 
-    assert r.status_code == 200, r.data
-    assert r.data["count"] == num_visible
+    assert r.status_code == 200, r.json()
+    assert r.json()["count"] == num_visible
 
 
 @pytest.mark.django_db
 @pytest.mark.parametrize(
-    "client,contributor_,visible",
+    "client_,contributor_,visible",
     [
-        [lazy_fixture("api_client"), lazy_fixture("contributor"), False],
-        [lazy_fixture("api_client"), lazy_fixture("other_contributor"), False],
-        [lazy_fixture("authenticated_api_client"), lazy_fixture("contributor"), True],
-        [lazy_fixture("authenticated_api_client"), lazy_fixture("other_contributor"), False],
-        [lazy_fixture("staff_api_client"), lazy_fixture("contributor"), True],
-        [lazy_fixture("staff_api_client"), lazy_fixture("other_contributor"), True],
+        [lazy_fixture("client"), lazy_fixture("contributor"), False],
+        [lazy_fixture("client"), lazy_fixture("other_contributor"), False],
+        [lazy_fixture("authenticated_client"), lazy_fixture("contributor"), True],
+        [lazy_fixture("authenticated_client"), lazy_fixture("other_contributor"), False],
+        [lazy_fixture("staff_client"), lazy_fixture("contributor"), True],
+        [lazy_fixture("staff_client"), lazy_fixture("other_contributor"), True],
     ],
     ids=[
         "guest-contributor-1-invisible",
@@ -47,19 +47,19 @@ def test_core_api_contributor_list_permissions(client, contributors_, num_visibl
         "staff-contributor-2-visible",
     ],
 )
-def test_core_api_contributor_detail_permissions(client, contributor_, visible):
-    r = client.get(f"/api/v2/contributors/{contributor_.pk}/")
+def test_core_api_contributor_detail_permissions(client_, contributor_, visible):
+    r = client_.get(f"/api/v2/contributors/{contributor_.pk}/")
 
     if visible:
-        assert r.status_code == 200, r.data
-        assert r.data["id"] == contributor_.id
+        assert r.status_code == 200, r.json()
+        assert r.json()["id"] == contributor_.id
     else:
-        assert r.status_code == 404, r.data
+        assert r.status_code == 404, r.json()
 
 
 @pytest.mark.django_db
-def test_core_api_contributor_create(authenticated_api_client, user):
-    r = authenticated_api_client.post(
+def test_core_api_contributor_create(authenticated_client, user):
+    r = authenticated_client.post(
         "/api/v2/contributors/",
         data={
             "institution_name": "string",
@@ -68,7 +68,8 @@ def test_core_api_contributor_create(authenticated_api_client, user):
             "default_copyright_license": "CC-0",
             "default_attribution": "string",
         },
+        content_type="application/json",
     )
-    assert r.status_code == 201, r.data
-    assert r.data["creator"] == user.pk
-    assert r.data["owners"] == [user.pk]
+    assert r.status_code == 201, r.json()
+    assert r.json()["creator"] == user.pk
+    assert r.json()["owners"] == [user.pk]