2015-02-12 20:57:05 +01:00
|
|
|
from django.contrib.auth.hashers import make_password
|
|
|
|
from django.utils.translation import ugettext as _, ugettext_lazy
|
2015-01-06 00:11:22 +01:00
|
|
|
|
2015-02-12 20:57:05 +01:00
|
|
|
from openslides.utils.rest_api import ModelSerializer, PrimaryKeyRelatedField, RelatedField, ValidationError
|
|
|
|
|
2015-02-17 00:45:53 +01:00
|
|
|
from .models import Group, Permission, User
|
2015-01-06 00:11:22 +01:00
|
|
|
|
|
|
|
|
2015-02-12 18:48:14 +01:00
|
|
|
class UserShortSerializer(ModelSerializer):
|
2015-01-06 00:11:22 +01:00
|
|
|
"""
|
2015-01-17 14:25:05 +01:00
|
|
|
Serializer for users.models.User objects.
|
|
|
|
|
|
|
|
Serializes only name fields.
|
2015-01-06 00:11:22 +01:00
|
|
|
"""
|
|
|
|
class Meta:
|
|
|
|
model = User
|
|
|
|
fields = (
|
2015-02-04 00:08:38 +01:00
|
|
|
'id',
|
2015-01-06 00:11:22 +01:00
|
|
|
'username',
|
2015-01-17 14:25:05 +01:00
|
|
|
'title',
|
2015-01-06 00:11:22 +01:00
|
|
|
'first_name',
|
2015-01-17 14:25:05 +01:00
|
|
|
'last_name',
|
2015-02-04 00:08:38 +01:00
|
|
|
'structure_level',
|
|
|
|
'groups',)
|
2015-01-17 14:25:05 +01:00
|
|
|
|
|
|
|
|
2015-02-12 18:48:14 +01:00
|
|
|
class UserFullSerializer(ModelSerializer):
|
2015-01-17 14:25:05 +01:00
|
|
|
"""
|
2015-01-17 14:25:05 +01:00
|
|
|
Serializer for users.models.User objects.
|
|
|
|
|
|
|
|
Serializes all relevant fields.
|
2015-01-17 14:25:05 +01:00
|
|
|
"""
|
2015-02-12 20:57:05 +01:00
|
|
|
groups = PrimaryKeyRelatedField(
|
|
|
|
many=True,
|
|
|
|
queryset=Group.objects.exclude(pk__in=(1, 2)),
|
|
|
|
help_text=ugettext_lazy('The groups this user belongs to. A user will '
|
|
|
|
'get all permissions granted to each of '
|
|
|
|
'his/her groups.'))
|
|
|
|
|
|
|
|
class Meta:
|
|
|
|
model = User
|
|
|
|
fields = (
|
2015-02-25 16:17:00 +01:00
|
|
|
'id',
|
2015-02-12 20:57:05 +01:00
|
|
|
'is_present',
|
|
|
|
'username',
|
|
|
|
'title',
|
|
|
|
'first_name',
|
|
|
|
'last_name',
|
|
|
|
'structure_level',
|
|
|
|
'about_me',
|
|
|
|
'comment',
|
|
|
|
'groups',
|
|
|
|
'default_password',
|
|
|
|
'is_active',)
|
|
|
|
|
|
|
|
def validate(self, data):
|
|
|
|
"""
|
|
|
|
Checks that first_name or last_name is given.
|
2015-05-05 10:42:31 +02:00
|
|
|
|
|
|
|
Generates the username if it is empty.
|
2015-02-12 20:57:05 +01:00
|
|
|
"""
|
|
|
|
if not (data.get('username') or data.get('first_name') or data.get('last_name')):
|
|
|
|
raise ValidationError(_('Username, first name and last name can not all be empty.'))
|
2015-05-05 10:42:31 +02:00
|
|
|
|
|
|
|
# Generate username. But only if it is not set and the serializer is not
|
|
|
|
# called in a patch-context.
|
|
|
|
try:
|
|
|
|
action = self.context['view'].action
|
|
|
|
except (KeyError, AttributeError):
|
|
|
|
action = None
|
|
|
|
|
|
|
|
if not data.get('username') and action != 'partial_update':
|
|
|
|
data['username'] = User.objects.generate_username(
|
|
|
|
data.get('first_name', ''),
|
|
|
|
data.get('last_name', ''))
|
2015-02-12 20:57:05 +01:00
|
|
|
return data
|
|
|
|
|
|
|
|
def create(self, validated_data):
|
|
|
|
"""
|
2015-05-05 10:42:31 +02:00
|
|
|
Creates the user. Sets the default_password. Adds the new user to the
|
|
|
|
registered group.
|
2015-02-12 20:57:05 +01:00
|
|
|
"""
|
|
|
|
# Prepare setup password.
|
|
|
|
if not validated_data.get('default_password'):
|
|
|
|
validated_data['default_password'] = User.objects.generate_password()
|
|
|
|
validated_data['password'] = make_password(validated_data['default_password'], '', 'md5')
|
|
|
|
# Perform creation in the database and return new user.
|
|
|
|
return super().create(validated_data)
|
|
|
|
|
|
|
|
|
2015-02-12 18:48:14 +01:00
|
|
|
class PermissionRelatedField(RelatedField):
|
2015-02-04 00:08:38 +01:00
|
|
|
"""
|
|
|
|
A custom field to use for the permission relationship.
|
|
|
|
"""
|
2015-02-17 00:45:53 +01:00
|
|
|
default_error_messages = {
|
|
|
|
'incorrect_value': ugettext_lazy('Incorrect value "{value}". Expected app_label.codename string.'),
|
|
|
|
'does_not_exist': ugettext_lazy('Invalid permission "{value}". Object does not exist.')}
|
|
|
|
|
2015-02-04 00:08:38 +01:00
|
|
|
def to_representation(self, value):
|
|
|
|
"""
|
2015-02-17 00:45:53 +01:00
|
|
|
Returns the permission code string (app_label.codename).
|
2015-02-04 00:08:38 +01:00
|
|
|
"""
|
|
|
|
return '.'.join((value.content_type.app_label, value.codename,))
|
|
|
|
|
2015-02-17 00:45:53 +01:00
|
|
|
def to_internal_value(self, data):
|
|
|
|
"""
|
|
|
|
Returns the permission object represented by data. The argument data is
|
|
|
|
what is sent by the client. This method expects permission code strings
|
|
|
|
(app_label.codename) like to_representation() returns.
|
|
|
|
"""
|
|
|
|
try:
|
|
|
|
app_label, codename = data.split('.')
|
|
|
|
except ValueError:
|
|
|
|
self.fail('incorrect_value', value=data)
|
|
|
|
try:
|
|
|
|
permission = Permission.objects.get(content_type__app_label=app_label, codename=codename)
|
|
|
|
except Permission.DoesNotExist:
|
|
|
|
self.fail('does_not_exist', value=data)
|
|
|
|
return permission
|
|
|
|
|
2015-02-04 00:08:38 +01:00
|
|
|
|
2015-02-12 18:48:14 +01:00
|
|
|
class GroupSerializer(ModelSerializer):
|
2015-02-04 00:08:38 +01:00
|
|
|
"""
|
|
|
|
Serializer for django.contrib.auth.models.Group objects.
|
|
|
|
"""
|
2015-02-17 00:45:53 +01:00
|
|
|
permissions = PermissionRelatedField(
|
|
|
|
many=True,
|
|
|
|
queryset=Permission.objects.all())
|
2015-02-04 00:08:38 +01:00
|
|
|
|
|
|
|
class Meta:
|
|
|
|
model = Group
|
|
|
|
fields = (
|
|
|
|
'id',
|
|
|
|
'name',
|
|
|
|
'permissions',)
|