taiga
/
taiga-back
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Adding by_username endpoint to users API

remotes/origin/enhancement/email-actions
Alejandro Alonso 2015-05-22 09:13:34 +02:00 committed by David Barragán Merino
parent fcaa0f7f3b
commit 955a3a32e2
3 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
taiga/users/api.py
View File

@ -57,10 +57,11 @@ class UsersViewSet(ModelCrudViewSet):
filter_backends = (MembersFilterBackend,) filter_backends = (MembersFilterBackend,)
def get_serializer_class(self): def get_serializer_class(self):
if self.action in ["partial_update", "update", "retrieve"]: if self.action in ["partial_update", "update", "retrieve", "by_username"]:
user = self.get_object() user = self.object
if self.request.user == user: if self.request.user == user:
return self.admin_serializer_class return self.admin_serializer_class
return self.serializer_class return self.serializer_class
def create(self, *args, **kwargs): def create(self, *args, **kwargs):
@ -79,6 +80,17 @@ class UsersViewSet(ModelCrudViewSet):
return response.Ok(serializer.data) return response.Ok(serializer.data)
@list_route(methods=["GET"])
def by_username(self, request, *args, **kwargs):
username = request.QUERY_PARAMS.get("username", None)
return self.retrieve(request, username=username)
def retrieve(self, request, *args, **kwargs):
self.object = get_object_or_404(models.User, **kwargs)
self.check_permissions(request, 'retrieve', self.object)
serializer = self.get_serializer(self.object)
return response.Ok(serializer.data)
@detail_route(methods=["GET"]) @detail_route(methods=["GET"])
def contacts(self, request, *args, **kwargs): def contacts(self, request, *args, **kwargs):
user = self.get_object() user = self.get_object()

3
taiga/users/permissions.py
View File

@ -31,7 +31,8 @@ class IsTheSameUser(PermissionComponent):
class UserPermission(TaigaResourcePermission): class UserPermission(TaigaResourcePermission):
enought_perms = IsSuperUser() enought_perms = IsSuperUser()
global_perms = None global_perms = None
retrieve_perms = IsTheSameUser() retrieve_perms = AllowAny()
by_username_perms = retrieve_perms
update_perms = IsTheSameUser() update_perms = IsTheSameUser()
destroy_perms = IsTheSameUser() destroy_perms = IsTheSameUser()
list_perms = AllowAny() list_perms = AllowAny()

16
tests/integration/resources_permissions/test_users_resources.py
View File

@ -44,7 +44,7 @@ def test_user_retrieve(client, data):
] ]
results = helper_test_http_method(client, 'get', url, None, users) results = helper_test_http_method(client, 'get', url, None, users)
assert results == [401, 200, 403, 200] assert results == [200, 200, 200, 200]
def test_user_me(client, data): def test_user_me(client, data):
@ -59,6 +59,20 @@ def test_user_me(client, data):
assert results == [401, 200] assert results == [401, 200]
def test_user_by_username(client, data):
url = reverse('users-by-username')
users = [
None,
data.registered_user,
data.other_user,
data.superuser,
]
results = helper_test_http_method(client, 'get', "{}?username={}".format(url, data.registered_user.username), None, users)
assert results == [200, 200, 200, 200]
def test_user_update(client, data): def test_user_update(client, data):
url = reverse('users-detail', kwargs={"pk": data.registered_user.pk}) url = reverse('users-detail', kwargs={"pk": data.registered_user.pk})