You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2020/09/17 22:00:25 UTC
[airavata-django-portal] 02/02: AIRAVATA-3319 Initial REST API to
user information
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch AIRAVATA-3319-handle-missing-name-and-email-attributes-from-cilo
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
commit a8a8557d6ae3be1f412e91fc10217081983ecd6c
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Thu Sep 17 17:59:10 2020 -0400
AIRAVATA-3319 Initial REST API to user information
---
django_airavata/apps/auth/serializers.py | 8 ++++++++
django_airavata/apps/auth/urls.py | 6 +++++-
django_airavata/apps/auth/views.py | 29 ++++++++++++++++++++++++++++-
3 files changed, 41 insertions(+), 2 deletions(-)
diff --git a/django_airavata/apps/auth/serializers.py b/django_airavata/apps/auth/serializers.py
new file mode 100644
index 0000000..cb46a9c
--- /dev/null
+++ b/django_airavata/apps/auth/serializers.py
@@ -0,0 +1,8 @@
+from django.contrib.auth import get_user_model
+from rest_framework import serializers
+
+
+class UserSerializer(serializers.ModelSerializer):
+ class Meta:
+ model = get_user_model()
+ fields = ['id', 'username', 'first_name', 'last_name', 'email']
diff --git a/django_airavata/apps/auth/urls.py b/django_airavata/apps/auth/urls.py
index b5d874d..04f1e9e 100644
--- a/django_airavata/apps/auth/urls.py
+++ b/django_airavata/apps/auth/urls.py
@@ -1,10 +1,14 @@
-from django.conf.urls import url
+from django.conf.urls import include, url
+from rest_framework import routers
from . import views
+router = routers.DefaultRouter()
+router.register(r'users', views.UserViewSet, base_name='user')
app_name = 'django_airavata_auth'
urlpatterns = [
+ url(r'^', include(router.urls)),
url(r'^login$', views.start_login, name='login'),
url(r'^login-password$', views.start_username_password_login,
name='login_with_password'),
diff --git a/django_airavata/apps/auth/views.py b/django_airavata/apps/auth/views.py
index 568d6a9..3464d49 100644
--- a/django_airavata/apps/auth/views.py
+++ b/django_airavata/apps/auth/views.py
@@ -5,7 +5,7 @@ from urllib.parse import quote, urlencode
from django.conf import settings
from django.contrib import messages
-from django.contrib.auth import authenticate, login, logout
+from django.contrib.auth import authenticate, get_user_model, login, logout
from django.core.exceptions import ObjectDoesNotExist
from django.forms import ValidationError
from django.http import HttpResponseBadRequest, JsonResponse
@@ -14,6 +14,9 @@ from django.template import Context
from django.urls import reverse
from django.views.decorators.debug import sensitive_variables
from requests_oauthlib import OAuth2Session
+from rest_framework import permissions, viewsets
+
+from django_airavata.apps.auth import serializers
from . import forms, iam_admin_client, models, utils
@@ -498,3 +501,27 @@ def _create_login_desktop_failed_response(request, idp_alias=None):
params['username'] = request.POST['username']
return redirect(reverse('django_airavata_auth:login_desktop') +
"?" + urlencode(params))
+
+
+class IsUserOrReadOnlyForSuperuser(permissions.BasePermission):
+ def has_permission(self, request, view):
+ return request.user.is_authenticated
+
+ def has_object_permission(self, request, view, obj):
+ if (request.method in permissions.SAFE_METHODS and
+ request.user.is_superuser):
+ return True
+ return obj == request.user
+
+
+class UserViewSet(viewsets.ModelViewSet):
+ serializer_class = serializers.UserSerializer
+ queryset = get_user_model().objects.all()
+ permission_classes = [IsUserOrReadOnlyForSuperuser]
+
+ def get_queryset(self):
+ user = self.request.user
+ if user.is_superuser:
+ return get_user_model().objects.all()
+ else:
+ return get_user_model().objects.get(pk=user.pk)