django-nativemojo 0.1.10__py3-none-any.whl → 0.1.15__py3-none-any.whl

mojo/middleware/logging.py

@@ -44,7 +44,7 @@ class LoggerMiddleware:
         if LOGIT_DB_ALL:
             request.request_log = Log.logit(request, request.DATA.to_json(as_string=True), "request")
         if LOGIT_FILE_ALL:
-            LOGGER.info(f"REQUEST - {request.method} - {request.ip} - {request.path}", request.body)
+            LOGGER.info(f"REQUEST - {request.method} - {request.ip} - {request.path}", request._raw_body)
 
     def log_response(self, request, response):
         if not self.can_log(request):

mojo/middleware/mojo.py

@@ -1,6 +1,7 @@
 from mojo.helpers import request as rhelper
 import time
 from objict import objict
+from mojo.helpers.settings import settings
 
 ANONYMOUS_USER = objict(is_authenticated=False)
 
@@ -17,5 +18,9 @@ class MojoMiddleware:
         request.ip = rhelper.get_remote_ip(request)
         request.user_agent = rhelper.get_user_agent(request)
         request.duid = rhelper.get_device_id(request)
+        if settings.LOGIT_REQUEST_BODY:
+            request._raw_body = str(request.body)
+        else:
+            request._raw_body = None
         request.DATA = rhelper.parse_request_data(request)
         return self.get_response(request)

mojo/models/rest.py

@@ -1,6 +1,7 @@
 # from django.http import JsonResponse
 from mojo.helpers.response import JsonResponse
-from mojo.serializers.models import GraphSerializer
+from mojo.serializers.simple import GraphSerializer
+from mojo.serializers.manager import get_serializer_manager
 from mojo.helpers import modules
 from mojo.helpers.settings import settings
 from django.core.exceptions import ObjectDoesNotExist
@@ -22,6 +23,13 @@ class MojoModel:
         """Returns the active request being processed."""
         return ACTIVE_REQUEST
 
+    @property
+    def active_user(self):
+        """Returns the active user being processed."""
+        if ACTIVE_REQUEST:
+            return ACTIVE_REQUEST.user
+        return None
+
     @classmethod
     def get_rest_meta_prop(cls, name, default=None):
         """
@@ -116,7 +124,7 @@ class MojoModel:
     @classmethod
     def rest_check_permission(cls, request, permission_keys, instance=None):
         """
-        Check permissions for a given request.
+        Check permissions for a given request. Reports granular denied feedback to incident/event system.
 
         Args:
             request: Django HTTP request object.
@@ -129,20 +137,69 @@ class MojoModel:
         perms = cls.get_rest_meta_prop(permission_keys, [])
         if perms is None or len(perms) == 0:
             return True
+
         if "all" not in perms:
             if request.user is None or not request.user.is_authenticated:
+                cls.class_report_incident(
+                    details="Permission denied: unauthenticated user",
+                    event_type="unauthenticated",
+                    request=request,
+                    perms=perms,
+                    permission_keys=permission_keys,
+                    branch="unauthenticated",
+                    instance=repr(instance) if instance else None,
+                    request_path=getattr(request, "path", None),
+                )
                 return False
+
         if instance is not None:
             if hasattr(instance, "check_edit_permission"):
-                return instance.check_edit_permission(perms, request)
+                allowed = instance.check_edit_permission(perms, request)
+                if not allowed:
+                    cls.class_report_incident(
+                        details="Permission denied: edit_permission_denied",
+                        event_type="edit_permission_denied",
+                        request=request,
+                        perms=perms,
+                        permission_keys=permission_keys,
+                        branch="instance.check_edit_permission",
+                        instance=repr(instance),
+                        request_path=getattr(request, "path", None),
+                    )
+                return allowed
             if "owner" in perms and getattr(instance, "user", None) is not None:
                 if instance.user.id == request.user.id:
                     return True
+
         if request.group and hasattr(cls, "group"):
-            # lets check our group member permissions
-            # this will now force any queries to include the group
-            return request.group.member_has_permission(request.user, perms)
-        return request.user.has_permission(perms)
+            allowed = request.group.member_has_permission(request.user, perms)
+            if not allowed:
+                cls.class_report_incident(
+                    details="Permission denied: group_member_permission_denied",
+                    event_type="group_member_permission_denied",
+                    request=request,
+                    perms=perms,
+                    permission_keys=permission_keys,
+                    group=getattr(request, "group", None),
+                    branch="group.member_has_permission",
+                    instance=repr(instance) if instance else None,
+                    request_path=getattr(request, "path", None),
+                )
+            return allowed
+
+        allowed = request.user.has_permission(perms)
+        if not allowed:
+            cls.class_report_incident(
+                details="Permission denied: user_permission_denied",
+                event_type="user_permission_denied",
+                request=request,
+                perms=perms,
+                permission_keys=permission_keys,
+                branch="user.has_permission",
+                instance=repr(instance) if instance else None,
+                request_path=getattr(request, "path", None),
+            )
+        return allowed
 
     @classmethod
     def on_rest_handle_get(cls, request, instance):
@@ -206,6 +263,7 @@ class MojoModel:
         Returns:
             JsonResponse representing the list of resources.
         """
+        cls.debug("on_rest_handle_list")
         if cls.rest_check_permission(request, "VIEW_PERMS"):
             return cls.on_rest_list(request)
         return cls.rest_error_response(request, 403, error=f"GET permission denied: {cls.__name__}")
@@ -223,7 +281,9 @@ class MojoModel:
         """
         if cls.rest_check_permission(request, ["SAVE_PERMS", "VIEW_PERMS"]):
             instance = cls()
-            return instance.on_rest_save_and_respond(request)
+            instance.on_rest_save(request, request.DATA)
+            instance.on_rest_created()
+            return instance.on_rest_get(request)
         return cls.rest_error_response(request, 403, error=f"CREATE permission denied: {cls.__name__}")
 
     @classmethod
@@ -254,6 +314,7 @@ class MojoModel:
         Returns:
             JsonResponse representing the paginated and serialized list of objects.
         """
+        cls.debug("on_rest_list:start")
         if queryset is None:
             queryset = cls.objects.all()
         if request.group is not None and hasattr(cls, "group"):
@@ -263,6 +324,7 @@ class MojoModel:
         queryset = cls.on_rest_list_filter(request, queryset)
         queryset = cls.on_rest_list_date_range_filter(request, queryset)
         queryset = cls.on_rest_list_sort(request, queryset)
+        cls.debug("on_rest_list:end")
         return cls.on_rest_list_response(request, queryset)
 
     @classmethod
@@ -273,7 +335,9 @@ class MojoModel:
         page_end = page_start+page_size
         paged_queryset = queryset[page_start:page_end]
         graph = request.DATA.get("graph", "list")
-        serializer = GraphSerializer(paged_queryset, graph=graph, many=True)
+        # Use serializer manager for optimal performance
+        manager = get_serializer_manager()
+        serializer = manager.get_serializer(paged_queryset, graph=graph, many=True)
         return serializer.to_response(request, count=queryset.count(), start=page_start, size=page_size)
 
     @classmethod
@@ -333,7 +397,7 @@ class MojoModel:
     @classmethod
     def on_rest_list_search(cls, request, queryset):
         """
-        Search queryset based on 'q' param in the request for fields defined in 'SEARCH_FIELDS'.
+        Search queryset based on 'search' param in the request for fields defined in 'SEARCH_FIELDS'.
 
         Args:
             request: Django HTTP request object.
@@ -342,7 +406,7 @@ class MojoModel:
         Returns:
             The filtered queryset based on the search criteria.
         """
-        search_query = request.GET.get('q', None)
+        search_query = request.GET.get('search', None)
         if not search_query:
             return queryset
 
@@ -397,8 +461,7 @@ class MojoModel:
             }
         return JsonResponse(response_payload)
 
-    @classmethod
-    def on_rest_create(cls, request):
+    def on_rest_created(self):
         """
         Handle the creation of an object.
 
@@ -406,12 +469,38 @@ class MojoModel:
             request: Django HTTP request object.
 
         Returns:
-            JsonResponse representing the newly created object.
+            None
         """
-        instance = cls()
-        return instance.on_rest_save_and_respond(request)
+        # Perform any additional actions after object creation
+        pass
 
-    def on_rest_get(self, request):
+    def on_rest_pre_save(self, changed_fields, created):
+        """
+        Handle the pre-save of an object.
+
+        Args:
+            created: Boolean indicating whether the object is being created.
+            changed_fields: Dictionary of fields that have changed.
+        Returns:
+            None
+        """
+        # Perform any additional actions before object save
+        pass
+
+    def on_rest_saved(self, changed_fields, created):
+        """
+        Handle the saving of an object.
+
+        Args:
+            created: Boolean indicating whether the object is being created.
+            changed_fields: Dictionary of fields that have changed.
+        Returns:
+            None
+        """
+        # Perform any additional actions after object creation
+        pass
+
+    def on_rest_get(self, request, graph="default"):
         """
         Handle the retrieval of a single object.
 
@@ -421,34 +510,93 @@ class MojoModel:
         Returns:
             JsonResponse representing the object.
         """
-        graph = request.GET.get("graph", "default")
-        serializer = GraphSerializer(self, graph=graph)
+        graph = request.GET.get("graph", graph)
+        # Use serializer manager for optimal performance
+        manager = get_serializer_manager()
+        serializer = manager.get_serializer(self, graph=graph)
         return serializer.to_response(request)
 
+    def _set_field_change(self, key, old_value=None, new_value=None):
+        if not hasattr(self, "__changed_fields__"):
+            self.__changed_fields__ = objict.objict()
+        if old_value != new_value:
+            self.__changed_fields__[key] = old_value
+
+    def has_field_changed(self, key):
+        return key in self.__changed_fields__
+
     def on_rest_save(self, request, data_dict):
         """
         Create a model instance from a dictionary.
 
         Args:
             request: Django HTTP request object.
+            data_dict: Dictionary containing the data to save.
 
         Returns:
             None
         """
-        for field in self._meta.get_fields():
-            field_name = field.name
-            if field_name in data_dict:
-                field_value = data_dict[field_name]
-                set_field_method = getattr(self, f'set_{field_name}', None)
-                if callable(set_field_method):
-                    set_field_method(field_value, request)
-                elif field.is_relation and hasattr(field, 'related_model'):
-                    self.on_rest_save_related_field(field, field_value, request)
-                elif field.get_internal_type() == "JSONField":
-                    self.on_rest_update_jsonfield(field_name, field_value)
-                else:
-                    setattr(self, field_name, field_value)
+        self.__changed_fields__ = objict.objict()
+        # Get fields that should not be saved
+        no_save_fields = self.get_rest_meta_prop("NO_SAVE_FIELDS", ["id", "pk", "created", "uuid"])
+
+        # Iterate through data_dict keys instead of model fields
+        for key, value in data_dict.items():
+            # Skip fields that shouldn't be saved
+            if key in no_save_fields:
+                continue
+
+            # First check for custom setter method
+            set_field_method = getattr(self, f'set_{key}', None)
+            if callable(set_field_method):
+                old_value = getattr(self, key, None)
+                set_field_method(value)
+                new_value = getattr(self, key, None)
+                self._set_field_change(key, old_value, new_value)
+                continue
+
+            # Check if this is a model field
+            field = self.get_model_field(key)
+            if field is None:
+                continue
+            if field.get_internal_type() == "ForeignKey":
+                self.on_rest_save_related_field(field, value, request)
+            elif field.get_internal_type() == "JSONField":
+                self.on_rest_update_jsonfield(key, value)
+            else:
+                self._set_field_change(key, getattr(self, key), value)
+                setattr(self, key, value)
+
+        created = self.pk is None
+        if created:
+            if request.user.is_authenticated and self.get_model_field("user"):
+                if getattr(self, "user", None) is None:
+                    self.user = request.user
+            if request.group and self.get_model_field("group"):
+                if getattr(self, "group", None) is None:
+                    self.group = request.group
+        self.on_rest_pre_save(self.__changed_fields__, created)
+        if "files" in data_dict:
+            self.on_rest_save_files(data_dict["files"])
         self.atomic_save()
+        self.on_rest_saved(self.__changed_fields__, created)
+
+    def on_rest_save_files(self, files):
+        for name, file in files.items():
+            self.on_rest_save_file(name, file)
+
+    def on_rest_save_file(self, name, file):
+        # Implement file saving logic here
+        self.debug("Finding file for field: %s", name)
+        field = self.get_model_field(name)
+        if field is None:
+            return
+        self.debug("Saving file for field: %s", name)
+        if field.related_model and hasattr(field.related_model, "create_from_file"):
+            self.debug("Found file for field: %s", name)
+            related_model = field.related_model
+            instance = related_model.create_from_file(file, name)
+            setattr(self, name, instance)
 
     def on_rest_save_and_respond(self, request):
         self.on_rest_save(request, request.DATA)
@@ -466,11 +614,21 @@ class MojoModel:
                 if field.related_model.rest_check_permission(request, ["SAVE_PERMS", "VIEW_PERMS"], related_instance):
                     related_instance.on_rest_save(request, field_value)
             return
-        try:
+        if hasattr(field.related_model, "on_rest_related_save"):
+            related_instance = getattr(self, field.name)
+            field.related_model.on_rest_related_save(self, field.name, field_value, related_instance)
+        elif isinstance(field_value, int) or (isinstance(field_value, str)):
+            # self.debug(f"Related Model: {field.related_model.__name__}, Field Value: {field_value}")
+            if not bool(field_value):
+                # None, "", 0 will set it to None
+                setattr(self, field.name, None)
+                return
+            field_value = int(field_value)
+            if (self.pk == field_value):
+                self.debug("Skipping self-reference")
+                return
             related_instance = field.related_model.objects.get(pk=field_value)
             setattr(self, field.name, related_instance)
-        except field.related_model.DoesNotExist:
-            pass  # Skip invalid related instances
 
     def on_rest_update_jsonfield(self, field_name, field_value):
         """helper to update jsonfield by merge in changes"""
@@ -487,6 +645,18 @@ class MojoModel:
             setattr(self, field_name, existing_value)
         return existing_value
 
+    def on_rest_pre_delete(self):
+        """
+        Handle the pre-deletion of an object.
+
+        Args:
+            request: Django HTTP request object.
+
+        Returns:
+            JsonResponse representing the result of the pre-delete operation.
+        """
+        pass
+
     def on_rest_delete(self, request):
         """
         Handle the deletion of an object.
@@ -498,20 +668,23 @@ class MojoModel:
             JsonResponse representing the result of the delete operation.
         """
         try:
+            self.on_rest_pre_delete()
             with transaction.atomic():
                 self.delete()
-            return JsonResponse({"status": "deleted"}, status=204)
+            return JsonResponse({"status": "deleted"}, status=200)
         except Exception as e:
             return JsonResponse({"error": str(e)}, status=400)
 
     def to_dict(self, graph="default"):
-        serializer = GraphSerializer(self, graph=graph)
-        return serializer.serialize()
+        # Use serializer manager for optimal performance
+        manager = get_serializer_manager()
+        return manager.serialize(self, graph=graph)
 
     @classmethod
     def queryset_to_dict(cls, qset, graph="default"):
-        serializer = GraphSerializer(qset, graph=graph)
-        return serializer.serialize()
+        # Use serializer manager for optimal performance
+        manager = get_serializer_manager()
+        return manager.serialize(qset, graph=graph, many=True)
 
     def atomic_save(self):
         """
@@ -520,19 +693,61 @@ class MojoModel:
         with transaction.atomic():
             self.save()
 
-    def report_incident(self, description, kind="error", level="critical", **kwargs):
-        self.model_logit(ACTIVE_REQUEST, description, kind=kind, level=level)
-        Event = modules.get_model("incidents", "Event")
-        if Event is None:
-            Event.report(description, kind, **kwargs)
+    def report_incident(self, details, event_type="info", level=1, request=None, **context):
+        """
+        Instance-level audit/event reporting. Automatically includes model+id.
+        """
+        context = dict(context)
+        context.setdefault("model_name", self.__class__.__name__)
+        if hasattr(self, 'id'):
+            context.setdefault("model_id", self.id)
+        self.__class__.class_report_incident(
+            details, event_type=event_type, level=level, request=request, **context
+        )
 
-    def log(self, log, kind="model_log", level="info", **kwargs):
+    @classmethod
+    def class_report_incident(cls, details, event_type="info", level=1, request=None, **context):
+        """
+        Class-level audit/event reporting.
+        details: Human description.
+        event_type: Category/kind (e.g. "permission_denied", "security_alert").
+        level: Numeric severity.
+        request: Optional HTTP request or actor.
+        **context: Any additional context.
+        """
+        from mojo.apps import incident
+        context = dict(context)
+        context.setdefault("model_name", cls.__name__)
+        incident.report_event(
+            details,
+            title=details[:80],
+            category=event_type,
+            level=level,
+            request=request,
+            **context
+        )
+
+    def log(self, log="", kind="model_log", level="info", **kwargs):
         return self.class_logit(ACTIVE_REQUEST, log, kind, self.id, level, **kwargs)
 
     def model_logit(self, request, log, kind="model_log", level="info", **kwargs):
         return self.class_logit(request, log, kind, self.id, level, **kwargs)
 
+    @classmethod
+    def debug(cls, log, *args):
+        return logger.info(log, *args)
+
     @classmethod
     def class_logit(cls, request, log, kind="cls_log", model_id=0, level="info", **kwargs):
         from mojo.apps.logit.models import Log
         return Log.logit(request, log, kind, cls.__name__, model_id, level, **kwargs)
+
+    @classmethod
+    def get_model_field(cls, field_name):
+        """
+        Get a model field by name.
+        """
+        try:
+            return cls._meta.get_field(field_name)
+        except Exception:
+            return None

mojo/models/secrets.py

@@ -11,12 +11,18 @@ class MojoSecrets(models.Model):
 
     mojo_secrets = models.TextField(blank=True, null=True, default=None)
     _exposed_secrets = None
+    _secrets_changed = False
 
     def set_secrets(self, value):
+        self.debug("Setting secrets", repr(value))
+        if isinstance(value, str):
+            value = objict.from_json(value)
         self._exposed_secrets = merge_dicts(self.secrets, value)
+        self._secrets_changed = True
 
     def set_secret(self, key, value):
         self.secrets[key] = value
+        self._secrets_changed = True
 
     def get_secret(self, key, default=None):
         return self.secrets.get(key, default)
@@ -24,6 +30,7 @@ class MojoSecrets(models.Model):
     def clear_secrets(self):
         self.mojo_secrets = None
         self._exposed_secrets = objict()
+        self._secrets_changed = True
 
     @property
     def secrets(self):
@@ -44,10 +51,12 @@ class MojoSecrets(models.Model):
         return salt
 
     def save_secrets(self):
-        if self._exposed_secrets:
-            self.mojo_secrets = crypto.encrypt( self._exposed_secrets, self._get_secrets_password())
-        else:
-            self.mojo_secrets = None
+        if self._secrets_changed:
+            if self._exposed_secrets:
+                self.mojo_secrets = crypto.encrypt( self._exposed_secrets, self._get_secrets_password())
+            else:
+                self.mojo_secrets = None
+            self._secrets_changed = False
 
     def save(self, *args, **kwargs):
         if self.pk is not None:

mojo/serializers/__init__.py

@@ -0,0 +1,100 @@
+"""
+Django-MOJO Serializers Package
+
+Provides high-performance serialization for Django models with RestMeta.GRAPHS support.
+Includes multiple serializer backends optimized for different use cases:
+
+- OptimizedGraphSerializer: Ultra-fast with intelligent caching (default)
+- GraphSerializer: Simple and reliable fallback
+- AdvancedGraphSerializer: Feature-rich with multiple format support
+
+Usage:
+    from mojo.serializers import serialize, to_json, to_response
+
+    # Quick serialization
+    data = serialize(instance, graph="detail")
+    json_str = to_json(queryset, graph="list")
+    response = to_response(instance, request, graph="default")
+
+    # Direct serializer access
+    from mojo.serializers import OptimizedGraphSerializer
+    serializer = OptimizedGraphSerializer(instance, graph="detail")
+    data = serializer.serialize()
+"""
+
+# Core serializer classes
+from .simple import GraphSerializer
+from .optimized import OptimizedGraphSerializer
+
+# Advanced serializer (optional - may not be available)
+try:
+    from .advanced import AdvancedGraphSerializer
+except ImportError:
+    AdvancedGraphSerializer = None
+
+# Manager and convenience functions
+from .manager import (
+    SerializerManager,
+    get_serializer_manager,
+    register_serializer,
+    set_default_serializer,
+    serialize,
+    to_json,
+    to_response,
+    get_performance_stats,
+    clear_serializer_caches,
+    benchmark_serializers
+)
+
+# Version and metadata
+__version__ = "2.0.0"
+__author__ = "Django-MOJO Team"
+
+# Default exports
+__all__ = [
+    # Core serializer classes
+    'GraphSerializer',
+    'OptimizedGraphSerializer',
+    'AdvancedGraphSerializer',
+
+    # Manager
+    'SerializerManager',
+    'get_serializer_manager',
+
+    # Registration functions
+    'register_serializer',
+    'set_default_serializer',
+
+    # Convenience functions
+    'serialize',
+    'to_json',
+    'to_response',
+
+    # Performance monitoring
+    'get_performance_stats',
+    'clear_serializer_caches',
+    'benchmark_serializers',
+]
+
+# Initialize default manager on import
+_manager = get_serializer_manager()
+
+# Convenience shortcuts at package level
+def get_serializer(instance, graph="default", many=None, serializer_type=None, **kwargs):
+    """Get configured serializer instance."""
+    return _manager.get_serializer(instance, graph, many, serializer_type, **kwargs)
+
+def list_serializers():
+    """List all registered serializers."""
+    return _manager.registry.list_serializers()
+
+def get_default_serializer():
+    """Get the current default serializer name."""
+    return _manager.registry.get_default()
+
+# Add shortcuts to exports
+__all__.extend([
+    'get_serializer',
+    'list_serializers',
+    'get_default_serializer'
+])