Development #7862
API to list/search/add users
100%
Description
In Welco we are using authentic as the database of users, this requires API endpoints to list, search, and add users.
Files
Associated revisions
api_views: pep8ness (#7862)
api: new user API (#7862)
You can list/add/change users. Security is enforced by basic authentication,
session authentication and role permissions:
- custom_user.view_user for listing,
- custom_user.add_user for creating,
- custom_user.change_user for updating,
- custom_user.delete_user for deleting.
add new API tests (fixes #7862)
add missing utils.py (fixes #7862)
tests: fix user listing API tests (#7862)
History
Updated by Benjamin Dauvergne over 5 years ago
I would like to implement the SCIM 1.1 protocol, see http://www.simplecloud.info/specs/draft-scim-api-01.html , it seems adapted to our goal and not too complicated.
Updated by Benjamin Dauvergne over 5 years ago
I started designing the thing there; http://git.entrouvert.org/authentic.git/log/?h=wip/scim11
Updated by Frédéric Péters over 5 years ago
Do note I no longer need it. (welco also needs to get some user information from wcs (current forms) so it was easier to go and take everything from wcs).
Updated by Benjamin Dauvergne over 5 years ago
- Assignee set to Benjamin Dauvergne
- Priority changed from Normal to Haut
- Target version changed from future to 2.2.0
Updated by Benjamin Dauvergne over 5 years ago
Started, I need to look security mechanism from django-rest-framework to get something compatible with Publik of doing that (HMAC signature of URLs).
Updated by Benjamin Dauvergne over 5 years ago
- File 0001-api_urls-fix-regexs-7862.patch 0001-api_urls-fix-regexs-7862.patch added
- File 0002-api_views-pep8ness-7862.patch 0002-api_views-pep8ness-7862.patch added
- File 0003-api-new-user-API-7862.patch 0003-api-new-user-API-7862.patch added
- File 0004-add-new-API-tests-fixes-7862.patch 0004-add-new-API-tests-fixes-7862.patch added
- Patch proposed changed from No to Yes
L'API démarre à l'URL /api/users/ on peut y faire un POST du genre:
Content-Type: application/json
{
"ou": "default",
"phone": "97989898",
"password": "joiewjfoiejwfoiewjf",
"first_name": "Benjamin",
"last_name": "Dauvergne"
}
Et on recevra la réponse, pour l'instant le mot de passe est obligatoire, pour un compte "contact" y mettre simplement une chaîne aléatoire.
{
"id": 12,
"ou": "default",
"adresse": "",
"code_postal": "",
"phone": "97989898",
"password": "pbkdf2_sha256$15000$rV8T7ppVFGPz$e+hD9it0M8/acgpxd8xAD6ZXo8Xrjo7EJ3yiWxPzSqE=",
"last_login": "2015-11-13T09:42:19.554696Z",
"is_superuser": false,
"uuid": "365c34d7339d4bd5ba47869465d74705",
"username": null,
"first_name": "Benjamin",
"last_name": "Dauvergne",
"email": "",
"is_staff": false,
"is_active": true,
"date_joined": "2015-11-13T09:42:19.554933Z"
}
La droits d'accès sont les mêmes que dans le /manage, "ou" est le slug de l'entité pas son id, l'authentification géré est pour l'instant HTTP Basic ou Session, l'authentification par signature arrive (ticket ouvert sur hobo).
Updated by Benjamin Dauvergne over 5 years ago
- ne pas créer la classe dérivée d'User dans un contexte global à car elle accède à la base (en mode multitenant ça ne marchera pas)
- poser une limite de pagination par défaut de 10
Updated by Benjamin Dauvergne over 5 years ago
- Status changed from En cours to Résolu (à déployer)
- % Done changed from 0 to 100
Appliqué par commit authentic2|e997338736c0de63d073a1a5dab6d694b1ea177f.
Updated by Benjamin Dauvergne over 5 years ago
Appliqué par commit authentic2|eae49803114a22924887e8463f1f953f627aa9fe.
Updated by Benjamin Dauvergne about 5 years ago
- Status changed from Résolu (à déployer) to Solution déployée
api_urls: fix regexs (#7862)