From 718556387e3cae356e6d90773ec27c1b399ce088 Mon Sep 17 00:00:00 2001 From: Paul Marillonnet Date: Fri, 12 Jan 2018 11:27:12 +0100 Subject: [PATCH] add role-creation API (#20706) --- src/authentic2/api_views.py | 23 +++++++++++++++++++++++ tests/test_api.py | 46 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+) diff --git a/src/authentic2/api_views.py b/src/authentic2/api_views.py index 95fb99ee..e95b122e 100644 --- a/src/authentic2/api_views.py +++ b/src/authentic2/api_views.py @@ -444,6 +444,18 @@ class BaseUserSerializer(serializers.ModelSerializer): exclude = ('date_joined', 'user_permissions', 'groups', 'last_login') +class RoleSerializer(serializers.ModelSerializer): + ou = serializers.SlugRelatedField( + many=False, + required=True, + queryset=get_ou_model().objects.all(), + slug_field='slug') + + class Meta: + model = get_role_model() + exclude = ('service', 'admin_scope_id', 'admin_scope_ct',) + + class UsersFilter(FilterSet): class Meta: model = get_user_model() @@ -576,6 +588,16 @@ class UsersAPI(HookMixin, ExceptionHandlerMixin, ModelViewSet): return Response({'result': 1}) +class RolesAPI(ExceptionHandlerMixin, ModelViewSet): + permission_classes = (permissions.IsAuthenticated,) + serializer_class = RoleSerializer + lookup_field = 'slug' + + def get_queryset(self): + Role = get_role_model() + return Role.objects.all() + + class RoleMembershipsAPI(ExceptionHandlerMixin, APIView): permission_classes = (permissions.IsAuthenticated,) @@ -620,6 +642,7 @@ class OrganizationalUnitAPI(ExceptionHandlerMixin, ModelViewSet): router = SimpleRouter() router.register(r'users', UsersAPI, base_name='a2-api-users') router.register(r'ous', OrganizationalUnitAPI, base_name='a2-api-ous') +router.register(r'roles', RolesAPI, base_name='a2-api-roles') class CheckPasswordSerializer(serializers.Serializer): diff --git a/tests/test_api.py b/tests/test_api.py index 96085590..c7952245 100644 --- a/tests/test_api.py +++ b/tests/test_api.py @@ -30,6 +30,52 @@ def test_api_user_simple(logged_app): assert 'username' in resp.json +def test_api_post_role_simple(app, user): + app.authorization = ('Basic', (user.username, user.username)) + + role_data = { + 'slug': 'coffee-manager', + 'uuid': 'RhFactor001', + 'name': 'Coffee Manager', + 'ou': 'ou1' + } + + resp = app.post_json('/api/roles/', params=role_data) + assert isinstance(resp.json, dict) + Role = get_role_model() + + # Check attribute values against the server's response: + for key, value in role_data.items(): + assert key in resp.json.keys() + assert value in resp.json.values() + + # Check attributes values against the DB: + posted_role = Role.objects.get(slug='coffee-manager') + assert posted_role.slug == role_data['slug'] + assert posted_role.uuid == role_data['uuid'] + assert posted_role.name == role_data['name'] + assert posted_role.ou.slug == 'ou1' + + +def test_api_get_role_description(app, user): + app.authorization = ('Basic', (user.username, user.username)) + resp = app.get('/api/roles/rando/') + + assert resp.json['slug'] == 'rando' + assert resp.json['ou'] == 'ou_rando' + + +def test_api_get_role_list(app, user): + app.authorization = ('Basic', (user.username, user.username)) + resp = app.get('/api/roles/') + + role_fields = ['slug', 'uuid', 'name', 'ou'] + + for role_dict in resp.json['results']: + for field in role_fields: + assert field in role_dict + + def test_api_user(client): # create an user, an ou role, a service and a service role ou = get_default_ou() -- 2.11.0