From ef7ab45d3515debaf91efda294ef375afac3c413 Mon Sep 17 00:00:00 2001 From: Paul Marillonnet Date: Thu, 30 Aug 2018 14:51:56 +0200 Subject: [PATCH] include roles in users api (#25645) --- src/authentic2/api_views.py | 7 +++++ tests/test_api.py | 55 ++++++++++++++++++++++++++++++++++++- 2 files changed, 61 insertions(+), 1 deletion(-) diff --git a/src/authentic2/api_views.py b/src/authentic2/api_views.py index 46074d88..5fdb1b5e 100644 --- a/src/authentic2/api_views.py +++ b/src/authentic2/api_views.py @@ -326,6 +326,8 @@ class BaseUserSerializer(serializers.ModelSerializer): def __init__(self, *args, **kwargs): super(BaseUserSerializer, self).__init__(*args, **kwargs) + self.fields['roles'] = RoleCustomField(many=True, read_only=True) + for at in Attribute.objects.all(): if at.name in self.fields: self.fields[at.name].required = at.required @@ -494,6 +496,11 @@ class RoleSerializer(serializers.ModelSerializer): extra_kwargs = {'uuid': {'read_only': True}} +class RoleCustomField(RoleSerializer): + class Meta(RoleSerializer.Meta): + fields = ('uuid', 'name', 'slug',) + + class UsersFilter(FilterSet): class Meta: model = get_user_model() diff --git a/tests/test_api.py b/tests/test_api.py index f1c82e16..d7ce4fd3 100644 --- a/tests/test_api.py +++ b/tests/test_api.py @@ -241,7 +241,7 @@ def test_api_users_create(settings, app, api_user): if api_user.is_superuser or api_user.roles.exists(): assert set(['ou', 'id', 'uuid', 'is_staff', 'is_superuser', 'first_name', 'last_name', 'date_joined', 'last_login', 'username', 'password', 'email', 'is_active', - 'title', 'modified', 'email_verified']) == set(resp.json.keys()) + 'title', 'modified', 'email_verified', 'roles']) == set(resp.json.keys()) assert resp.json['first_name'] == payload['first_name'] assert resp.json['last_name'] == payload['last_name'] assert resp.json['email'] == payload['email'] @@ -934,3 +934,56 @@ def test_validate_password_regex(app, settings): assert response.json['checks'][3]['result'] is True assert response.json['checks'][4]['label'] == 'must contain "ok"' assert response.json['checks'][4]['result'] is True + + +def test_roles_in_users_api(app, admin): + + User = get_user_model() + user1 = User(username='john.doe', email='john.doe@example.com') + user1.set_password('password') + user1.save() + user2 = User(username='bob.smith', email='bob.smith@example.com') + user2.set_password('password') + user2.save() + + Role = get_role_model() + role1 = Role.objects.create(name='Role1') + role1.members.add(user1) + role2 = Role.objects.create(name='Role2') + role2.members.add(user1) + role2.members.add(user2) + role3 = Role.objects.create(name='Role3') + role3.members.add(user2) + + app.authorization = ('Basic', (admin.username, admin.username)) + response = app.get(u'/api/users/', status=200) + assert len(response.json['results']) == 3 + for user in response.json['results']: + assert user['roles'] + for role in user['roles']: + keys = ['slug', 'name', 'uuid'] + for key, value in role.items(): + assert key in keys + assert value + keys.remove(key) + + url = u'/api/users/%s/' % admin.uuid + response = app.get(url, status=200) + assert len(response.json['roles']) == 1 + assert response.json['roles'][0]['slug'] == '_a2-manager' + + url = u'/api/users/%s/' % user1.uuid + response = app.get(url, status=200) + assert len(response.json['roles']) == 2 + user_roles = ['Role1', 'Role2'] + for role in response.json['roles']: + assert role['name'] in user_roles + user_roles.remove(role['name']) + + url = u'/api/users/%s/' % user2.uuid + response = app.get(url, status=200) + assert len(response.json['roles']) == 2 + user_roles = ['Role2', 'Role3'] + for role in response.json['roles']: + assert role['name'] in user_roles + user_roles.remove(role['name']) -- 2.19.0