Support for draft projects & private draft permissions

ami/base/models.py

@@ -1,19 +1,154 @@
 from django.contrib.auth.models import AbstractUser, AnonymousUser
 from django.db import models
+from django.db.models import Q, QuerySet
 from guardian.shortcuts import get_perms
 
 import ami.tasks
+from ami.users.models import User
+
+
+def has_one_to_many_project_relation(model: type[models.Model]) -> bool:
+    """
+    Returns True if the model has any ForeignKey or OneToOneField relationship to Project.
+    """
+    from ami.main.models import Project
+
+    for field in model._meta.get_fields():
+        if isinstance(field, (models.ForeignKey, models.OneToOneField)) and field.related_model == Project:
+            return True
+
+    return False
+
+
+def has_many_to_many_project_relation(model: type[models.Model]) -> bool:
+    """
+    Returns True if the model has any forward or reverse ManyToMany relationship to Project.
+    """
+    from ami.main.models import Project
+
+    # Forward M2M
+    for field in model._meta.get_fields():
+        if isinstance(field, models.ManyToManyField) and field.related_model == Project:
+            return True
+
+    # Reverse M2M
+    for rel in Project._meta.related_objects:  # type: ignore
+        if rel.related_model == model and rel.many_to_many:
+            return True
+
+    return False
+
+
+class BaseQuerySet(QuerySet):
+    def visible_for_user(self, user: User | AnonymousUser) -> QuerySet:
+        """
+        Filter queryset to include only objects whose related draft projects
+        are visible to the given user. Only superusers, project owners,
+        or members are allowed to view draft projects and their related objects.
+        """
+        from ami.main.models import Project
+
+        # Superusers can see everything
+        if user.is_superuser:
+            return self
+
+        # Anonymous users can only see non-draft projects/objects
+        is_anonymous = isinstance(user, AnonymousUser)
+
+        model = self.model
+
+        # Handle Project model directly
+        if model == Project:
+            # Create a base filter condition for non-draft projects
+            filter_condition = Q(draft=False)
+
+            # If user is logged in, also include projects they own or are members of
+            if not is_anonymous:
+                filter_condition |= Q(owner=user) | Q(members=user)
+
+            return self.filter(filter_condition).distinct()
+
+        # For models related to Project
+        project_accessor = model.get_project_accessor()
+
+        # No project relationship: return unfiltered
+        if project_accessor is None:
+            return self
+
+        # Get project field path with trailing double underscore
+        project_field = f"{project_accessor}__"
+
+        # Create a base filter condition for objects related to non-draft projects
+        filter_condition = Q(**{f"{project_field}draft": False})
+
+        # If user is logged in, also include objects related to projects they own or are members of
+        if not is_anonymous:
+            filter_condition |= Q(**{f"{project_field}owner": user}) | Q(**{f"{project_field}members": user})
+
+        return self.filter(filter_condition).distinct()
 
 
 class BaseModel(models.Model):
     """ """
 
     created_at = models.DateTimeField(auto_now_add=True)
     updated_at = models.DateTimeField(auto_now=True)
+    objects = BaseQuerySet.as_manager()
+
+    @classmethod
+    def get_project_accessor(cls) -> str | None:
+        """
+        Determines the path to access the related Project from this model.
+
+        This method returns the appropriate accessor path based on the model's relationship to Project:
+
+        1. For direct ForeignKey or OneToOneField relationships to Project (occurrence.project)
+            - Returns "project" automatically (no need to define project_accessor)
+
+        2. For ManyToMany relationships to Project (pipeline.projects)
+            - Returns "projects" automatically (no need to define project_accessor)
+            - Note: Draft filtering will return objects with at least one non-draft project
+            - This is appropriate for global objects (pipelines, taxa, etc.) that can belong to multiple projects
+            - Such objects are never private data, unlike project-specific objects (occurrences, source_images)
+
+        3. For indirect relationships (accessed through other models) (detection.occurrence.project):
+            - Requires explicitly defining a 'project_accessor' class attribute
+            - Uses the Django double underscore convention ("__") to navigate through relationships
+            - Example: "deployment__project" (not "deployment.project")
+                where "deployment" is a field on this model and "project" is a field on Deployment
+
+        4. For the Project model itself:
+            - No project_accessor needed; will be handled by the isinstance check in get_project()
+
+        Returns:
+            str|None: The path to the related project, or None for no relationship or the Project model itself.
+        """
+
+        if has_one_to_many_project_relation(cls):
+            return "project"  # One-to-many or one-to-one relation
+
+        if has_many_to_many_project_relation(cls):
+            return "projects"  # Many-to-many relation
+
+        return getattr(cls, "project_accessor", None)
 
     def get_project(self):
-        """Get the project associated with the model."""
-        return self.project if hasattr(self, "project") else None
+        """Dynamically get the related project using the project_accessor."""
+        from ami.main.models import Project
+
+        if isinstance(self, Project):
+            return self
+
+        accessor = self.get_project_accessor()
+        if accessor == "projects" or accessor is None:
+            return None
+
+        project = self
+        for part in accessor.split("__"):
+            project = getattr(project, part, None)
+            if project is None:
+                break
+        return project
 
     def __str__(self) -> str:
         """All django models should have this method."""
@@ -52,13 +187,16 @@ def check_permission(self, user: AbstractUser | AnonymousUser, action: str) -> b
         This method is used to determine if the user can perform
         CRUD operations or custom actions on the model instance.
         """
+        from ami.users.roles import BasicMember
+
         project = self.get_project() if hasattr(self, "get_project") else None
         if not project:
             return False
         if action == "retrieve":
-            # Allow view
+            if project.draft:
+                # Allow view permission for members and owners of draft projects
+                return BasicMember.has_role(user, project) or user == project.owner or user.is_superuser
             return True
-
         model = self._meta.model_name
         crud_map = {
             "create": f"create_{model}",

ami/main/admin.py

@@ -87,6 +87,7 @@ def save_related(self, request, form, formsets, change):
                     "description",
                     "priority",
                     "active",
+                    "draft",
                     "feature_flags",
                 )
             },

ami/main/api/serializers.py

@@ -280,6 +280,7 @@ class Meta:
             "created_at",
             "updated_at",
             "image",
+            "draft",
         ]
 
 

ami/main/api/views.py

@@ -24,6 +24,7 @@
 from rest_framework.views import APIView
 
 from ami.base.filters import NullsLastOrderingFilter, ThresholdFilter
+from ami.base.models import BaseQuerySet
 from ami.base.pagination import LimitOffsetPaginationWithPermissions
 from ami.base.permissions import IsActiveStaffOrReadOnly, ObjectPermission
 from ami.base.serializers import FilterParamsSerializer, SingleParamSerializer
@@ -120,6 +121,15 @@ def create(self, request, *args, **kwargs):
         self.perform_create(serializer)
         return Response(serializer.data, status=status.HTTP_201_CREATED)
 
+    def get_queryset(self):
+        qs: QuerySet = super().get_queryset()
+        assert self.queryset is not None
+
+        if isinstance(qs, BaseQuerySet):
+            return qs.visible_for_user(self.request.user)  # type: ignore
+
+        return qs
+
 
 class DefaultReadOnlyViewSet(DefaultViewSetMixin, viewsets.ReadOnlyModelViewSet):
     pass
@@ -1536,28 +1546,40 @@ class SummaryView(GenericAPIView, ProjectMixin):
     @extend_schema(parameters=[project_id_doc_param])
     def get(self, request):
         """
-        Return counts of all models.
+        Return counts of all models, applying visibility filters for draft projects.
         """
+        user = request.user
         project = self.get_active_project()
         if project:
             data = {
-                "projects_count": Project.objects.count(),  # @TODO filter by current user, here and everywhere!
-                "deployments_count": Deployment.objects.filter(project=project).count(),
-                "events_count": Event.objects.filter(deployment__project=project, deployment__isnull=False).count(),
-                "captures_count": SourceImage.objects.filter(deployment__project=project).count(),
-                # "detections_count": Detection.objects.filter(occurrence__project=project).count(),
-                "occurrences_count": Occurrence.objects.valid().filter(project=project).count(),  # type: ignore
-                "taxa_count": Occurrence.objects.all().unique_taxa(project=project).count(),  # type: ignore
+                "projects_count": Project.objects.visible_for_user(user).count(),  # type: ignore
+                "deployments_count": Deployment.objects.visible_for_user(user)  # type: ignore
+                .filter(project=project)
+                .count(),
+                "events_count": Event.objects.visible_for_user(user)  # type: ignore
+                .filter(deployment__project=project, deployment__isnull=False)
+                .count(),
+                "captures_count": SourceImage.objects.visible_for_user(user)  # type: ignore
+                .filter(deployment__project=project)
+                .count(),
+                "occurrences_count": Occurrence.objects.valid()
+                .visible_for_user(user)
+                .filter(project=project)
+                .count(),  # type: ignore
+                "taxa_count": Occurrence.objects.visible_for_user(user)
+                .unique_taxa(project=project)
+                .count(),  # type: ignore
             }
         else:
             data = {
-                "projects_count": Project.objects.count(),
-                "deployments_count": Deployment.objects.count(),
-                "events_count": Event.objects.filter(deployment__isnull=False).count(),
-                "captures_count": SourceImage.objects.count(),
-                # "detections_count": Detection.objects.count(),
-                "occurrences_count": Occurrence.objects.valid().count(),  # type: ignore
-                "taxa_count": Occurrence.objects.all().unique_taxa().count(),  # type: ignore
+                "projects_count": Project.objects.visible_for_user(user).count(),  # type: ignore
+                "deployments_count": Deployment.objects.visible_for_user(user).count(),  # type: ignore
+                "events_count": Event.objects.visible_for_user(user)  # type: ignore
+                .filter(deployment__isnull=False)
+                .count(),
+                "captures_count": SourceImage.objects.visible_for_user(user).count(),  # type: ignore
+                "occurrences_count": Occurrence.objects.valid().visible_for_user(user).count(),  # type: ignore
+                "taxa_count": Occurrence.objects.visible_for_user(user).unique_taxa().count(),  # type: ignore
                 "last_updated": timezone.now(),
             }
 

ami/main/migrations/0072_project_draft.py

@@ -0,0 +1,17 @@
+# Generated by Django 4.2.10 on 2025-09-12 01:00
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("main", "0071_alter_project_options"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="project",
+            name="draft",
+            field=models.BooleanField(default=False, help_text="Indicates whether this project is in draft mode"),
+        ),
+    ]