From 94932edebef2b2c0b53b0516a312b6be55aa0af3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timoth=C3=A9e=20Floure?= Date: Sat, 18 Apr 2020 15:11:02 +0200 Subject: [PATCH] Add user admin endpoint, import from LDAP --- uncloud_django_based/uncloud/uncloud/urls.py | 3 +- .../uncloud/uncloud_auth/serializers.py | 9 ++-- .../uncloud/uncloud_auth/views.py | 42 +++++++++++++++---- 3 files changed, 39 insertions(+), 15 deletions(-) diff --git a/uncloud_django_based/uncloud/uncloud/urls.py b/uncloud_django_based/uncloud/uncloud/urls.py index 14a87e8..4d0ada1 100644 --- a/uncloud_django_based/uncloud/uncloud/urls.py +++ b/uncloud_django_based/uncloud/uncloud/urls.py @@ -67,12 +67,11 @@ router.register(r'admin/order', payviews.AdminOrderViewSet, basename='admin/orde router.register(r'admin/vmhost', vmviews.VMHostViewSet) router.register(r'admin/vmcluster', vmviews.VMClusterViewSet) router.register(r'admin/vpnpool', netviews.VPNPoolViewSet) - router.register(r'admin/opennebula', oneviews.VMViewSet, basename='opennebula') # User/Account router.register(r'user', authviews.UserViewSet, basename='user') - +router.register(r'admin/user', authviews.AdminUserViewSet, basename='useradmin') urlpatterns = [ path('', include(router.urls)), diff --git a/uncloud_django_based/uncloud/uncloud_auth/serializers.py b/uncloud_django_based/uncloud/uncloud_auth/serializers.py index de369c3..71aeb03 100644 --- a/uncloud_django_based/uncloud/uncloud_auth/serializers.py +++ b/uncloud_django_based/uncloud/uncloud_auth/serializers.py @@ -5,11 +5,12 @@ from uncloud import AMOUNT_DECIMALS, AMOUNT_MAX_DIGITS class UserSerializer(serializers.ModelSerializer): + balance = serializers.DecimalField(max_digits=AMOUNT_MAX_DIGITS, + decimal_places=AMOUNT_DECIMALS) + class Meta: model = get_user_model() fields = ['username', 'email', 'balance', 'maximum_credit' ] - - - balance = serializers.DecimalField(max_digits=AMOUNT_MAX_DIGITS, - decimal_places=AMOUNT_DECIMALS) +class ImportUserSerializer(serializers.Serializer): + username = serializers.CharField() diff --git a/uncloud_django_based/uncloud/uncloud_auth/views.py b/uncloud_django_based/uncloud/uncloud_auth/views.py index 2f78e1f..9c5bd1f 100644 --- a/uncloud_django_based/uncloud/uncloud_auth/views.py +++ b/uncloud_django_based/uncloud/uncloud_auth/views.py @@ -1,17 +1,41 @@ from rest_framework import viewsets, permissions, status from .serializers import * +from django_auth_ldap.backend import LDAPBackend +from rest_framework.decorators import action +from rest_framework.response import Response +from rest_framework import mixins -class UserViewSet(viewsets.ReadOnlyModelViewSet): +class UserViewSet(mixins.ListModelMixin, viewsets.GenericViewSet): + permission_classes = [permissions.IsAuthenticated] serializer_class = UserSerializer + + def list(self, request, format=None): + # This is a bit stupid: we have a user, we create a queryset by + # matching on the username. But I don't know a "nicer" way. + # Nico, 2020-03-18 + user = get_user_model().objects.get( + username=self.request.user.username) + serializer = self.get_serializer(user, context = {'request': request}) + return Response(serializer.data) + +class AdminUserViewSet(viewsets.ReadOnlyModelViewSet): + # FIXME: make this admin permission_classes = [permissions.IsAuthenticated] - def get_queryset(self): - if self.request.user.is_superuser: - obj = get_user_model().objects.all() + def get_serializer_class(self): + if self.action == 'import_from_ldap': + return ImportUserSerializer else: - # This is a bit stupid: we have a user, we create a queryset by - # matching on the username. But I don't know a "nicer" way. - # Nico, 2020-03-18 - obj = get_user_model().objects.filter(username=self.request.user.username) + return UserSerializer - return obj + def get_queryset(self): + return get_user_model().objects.all() + + @action(detail=False, methods=['post'], url_path='import_from_ldap') + def import_from_ldap(self, request, pk=None): + serializer = self.get_serializer(data=request.data) + serializer.is_valid(raise_exception=True) + ldap_username = serializer.validated_data.pop("username") + user = LDAPBackend().populate_user(ldap_username) + + return Response(UserSerializer(user, context = {'request': request}).data)