8 |
8 |
from django.views.decorators.vary import vary_on_headers
|
9 |
9 |
from django.views.decorators.cache import cache_control
|
10 |
10 |
|
11 |
|
from django_rbac.utils import get_ou_model
|
|
11 |
from django_rbac.utils import get_ou_model, get_role_model
|
12 |
12 |
|
13 |
13 |
from rest_framework import serializers
|
14 |
|
from rest_framework.generics import GenericAPIView
|
|
14 |
from rest_framework.views import APIView
|
|
15 |
from rest_framework.generics import GenericAPIView
|
15 |
16 |
from rest_framework.response import Response
|
16 |
17 |
from rest_framework import authentication, permissions, status
|
17 |
18 |
from rest_framework.exceptions import PermissionDenied
|
... | ... | |
202 |
203 |
if request.user.is_anonymous():
|
203 |
204 |
return {}
|
204 |
205 |
return request.user.to_json()
|
|
206 |
|
|
207 |
|
|
208 |
|
|
209 |
class RoleSerializer(serializers.Serializer):
|
|
210 |
|
|
211 |
role = serializers.CharField(required=True, allow_null=True)
|
|
212 |
member = serializers.CharField(required=True, allow_null=True)
|
|
213 |
|
|
214 |
def validate(self, data):
|
|
215 |
|
|
216 |
Role = get_role_model()
|
|
217 |
try:
|
|
218 |
role = Role.objects.get(uuid=data['role'])
|
|
219 |
except Role.DoesNotExist:
|
|
220 |
raise serializers.ValidationError(_('Role does not exist'))
|
|
221 |
|
|
222 |
User = get_user_model()
|
|
223 |
try:
|
|
224 |
member = User.objects.get(uuid=data['member'])
|
|
225 |
except User.DoesNotExist:
|
|
226 |
raise serializer.ValidationError(_('User does not exist'))
|
|
227 |
|
|
228 |
self.instance = role
|
|
229 |
data = {'role': role, 'member': member}
|
|
230 |
return data
|
|
231 |
|
|
232 |
def add_member(self, ):
|
|
233 |
"""Add member to role
|
|
234 |
"""
|
|
235 |
self.instance.members.add(self.validated_data['member'])
|
|
236 |
self.instance.save()
|
|
237 |
return self.instance
|
|
238 |
|
|
239 |
def remove_member(self,):
|
|
240 |
"""Remove member from role
|
|
241 |
"""
|
|
242 |
self.instance.members.remove(self.validated_data['member'])
|
|
243 |
self.instance.save()
|
|
244 |
return self.instance
|
|
245 |
|
|
246 |
|
|
247 |
class AddUserToRole(APIView):
|
|
248 |
|
|
249 |
serializer_class = RoleSerializer
|
|
250 |
|
|
251 |
def post(self, request, role=None, member=None):
|
|
252 |
|
|
253 |
role_serializer = RoleSerializer(data=request.POST)
|
|
254 |
if role_serializer.is_valid():
|
|
255 |
role_serializer.add_member()
|
|
256 |
|
|
257 |
return Response({'message': _('user added to role'.format())}, status.HTTP_201_CREATED)
|
|
258 |
|
|
259 |
return Response({'message': _('Invalid Data')}, status.HTTP_404_NOT_FOUND)
|
|
260 |
|
|
261 |
def delete(self, request, role, member):
|
|
262 |
|
|
263 |
data = {'role': role, 'member': member}
|
|
264 |
role_serializer = RoleSerializer(data=data)
|
|
265 |
if role_serializer.is_valid():
|
|
266 |
role_serializer.remove_member()
|
|
267 |
|
|
268 |
return Response({'message': _('user removed from role')}, status.HTTP_200_OK)
|
|
269 |
|
|
270 |
return Response()
|
|
271 |
|
|
272 |
|
|
273 |
roles_add_member = AddUserToRole.as_view()
|