From df0f60cd61afef809f852de10feb2a58d19500fe Mon Sep 17 00:00:00 2001 From: Jorge Date: Thu, 17 Jul 2025 16:49:14 -0400 Subject: [PATCH 1/2] Make is_staff user attribute read-only --- chris_backend/users/serializers.py | 1 + 1 file changed, 1 insertion(+) diff --git a/chris_backend/users/serializers.py b/chris_backend/users/serializers.py index 46133814..0171d4c7 100644 --- a/chris_backend/users/serializers.py +++ b/chris_backend/users/serializers.py @@ -14,6 +14,7 @@ class UserSerializer(serializers.HyperlinkedModelSerializer): validators=[UniqueValidator( queryset=User.objects.all())]) password = serializers.CharField(min_length=8, max_length=100, write_only=True) + is_staff = serializers.ReadOnlyField() groups = serializers.HyperlinkedIdentityField(view_name='user-group-list') class Meta: From 3331b3acf4e5660de844bb129b38b7036d63cb47 Mon Sep 17 00:00:00 2001 From: Jorge Date: Thu, 17 Jul 2025 16:51:39 -0400 Subject: [PATCH 2/2] Delete leftover file in storage when an exception is raise while saving a file --- chris_backend/core/models.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/chris_backend/core/models.py b/chris_backend/core/models.py index c75495ec..49d1d0b9 100644 --- a/chris_backend/core/models.py +++ b/chris_backend/core/models.py @@ -581,12 +581,19 @@ def __str__(self): def save(self, *args, **kwargs): """ - Overriden to ensure file paths never start or end with slashes. + Overriden to ensure file paths never start or end with slashes. Also, to delete + a leftover file in storage if any error happens when saving the file. """ path = self.fname.name if path.startswith('/') or path.endswith('/'): raise ValueError('Paths starting or ending with slashes are not allowed.') - super(ChrisFile, self).save(*args, **kwargs) + try: + super(ChrisFile, self).save(*args, **kwargs) + except Exception: + storage_manager = connect_storage(settings) + if storage_manager.obj_exists(path): + storage_manager.delete_obj(path) + raise def move(self, new_path): """