diff --git a/src/authentic2/api_urls.py b/src/authentic2/api_urls.py index 0e470cf..9340771 100644 --- a/src/authentic2/api_urls.py +++ b/src/authentic2/api_urls.py @@ -9,4 +9,12 @@ urlpatterns = patterns('', name='a2-api-password-change'), url(r'^user/$', api_views.user, name='a2-api-user'), + url(r'^roles/(?P[\w+]*)/members/(?P[\w+]*)/$', api_views.roles_add_member, + name='a2-api-role-add-member'), + #url(r'^roles/(?P[\w+]*)/members/(?P[\w+]*)/$', api_views.roles_add_member, + # name='a2-api-role-add-member'), + #url(r'^roles/(?P[\w+]*)/$',api_views.role_uuid, + # name='a2-api-role-uuid'), + #url(r'^roles/(?P[\w+]*)/members/(?P[\w+]*)/$', + # api_views.role_member_uuid, name='a2-api-roles-member-uuid') ) diff --git a/src/authentic2/api_views.py b/src/authentic2/api_views.py index b404837..ee34a87 100644 --- a/src/authentic2/api_views.py +++ b/src/authentic2/api_views.py @@ -8,10 +8,11 @@ from django.utils.translation import ugettext as _ from django.views.decorators.vary import vary_on_headers from django.views.decorators.cache import cache_control -from django_rbac.utils import get_ou_model +from django_rbac.utils import get_ou_model, get_role_model from rest_framework import serializers -from rest_framework.generics import GenericAPIView +from rest_framework.views import APIView +from rest_framework.generics import GenericAPIView from rest_framework.response import Response from rest_framework import authentication, permissions, status from rest_framework.exceptions import PermissionDenied @@ -202,3 +203,71 @@ def user(request): if request.user.is_anonymous(): return {} return request.user.to_json() + + + +class RoleSerializer(serializers.Serializer): + + role = serializers.CharField(required=True, allow_null=True) + member = serializers.CharField(required=True, allow_null=True) + + def validate(self, data): + + Role = get_role_model() + try: + role = Role.objects.get(uuid=data['role']) + except Role.DoesNotExist: + raise serializers.ValidationError(_('Role does not exist')) + + User = get_user_model() + try: + member = User.objects.get(uuid=data['member']) + except User.DoesNotExist: + raise serializer.ValidationError(_('User does not exist')) + + self.instance = role + data = {'role': role, 'member': member} + return data + + def add_member(self, ): + """Add member to role + """ + self.instance.members.add(self.validated_data['member']) + self.instance.save() + return self.instance + + def remove_member(self,): + """Remove member from role + """ + self.instance.members.remove(self.validated_data['member']) + self.instance.save() + return self.instance + + +class AddUserToRole(APIView): + + serializer_class = RoleSerializer + + def post(self, request, role=None, member=None): + + role_serializer = RoleSerializer(data=request.POST) + if role_serializer.is_valid(): + role_serializer.add_member() + + return Response({'message': _('user added to role'.format())}, status.HTTP_201_CREATED) + + return Response({'message': _('Invalid Data')}, status.HTTP_404_NOT_FOUND) + + def delete(self, request, role, member): + + data = {'role': role, 'member': member} + role_serializer = RoleSerializer(data=data) + if role_serializer.is_valid(): + role_serializer.remove_member() + + return Response({'message': _('user removed from role')}, status.HTTP_200_OK) + + return Response() + + +roles_add_member = AddUserToRole.as_view()