f3f7b4bb7d
Use the new AddRemove View for the Role's group and permissions views as well as the Group's role views. Convert the API to use viewsets. Add more tests. Add role created and edited events. Add event subscription support to roles. Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
140 lines
4.8 KiB
Python
140 lines
4.8 KiB
Python
from __future__ import unicode_literals
|
|
|
|
from django.contrib.auth.models import Group
|
|
from django.utils.translation import ugettext_lazy as _
|
|
|
|
from rest_framework import serializers
|
|
|
|
from mayan.apps.rest_api.mixins import ExternalObjectListSerializerMixin
|
|
from mayan.apps.rest_api.relations import MultiKwargHyperlinkedIdentityField
|
|
from mayan.apps.user_management.permissions import permission_group_edit
|
|
|
|
from .classes import Permission
|
|
from .models import Role, StoredPermission
|
|
|
|
|
|
class PermissionNamespaceSerializer(serializers.Serializer):
|
|
name = serializers.CharField(read_only=True)
|
|
label = serializers.CharField(read_only=True)
|
|
permissions_url = serializers.HyperlinkedIdentityField(
|
|
lookup_field='name',
|
|
lookup_url_kwarg='permission_namespace_name',
|
|
view_name='rest_api:permission_namespace-permission-list'
|
|
)
|
|
url = serializers.HyperlinkedIdentityField(
|
|
lookup_field='name',
|
|
lookup_url_kwarg='permission_namespace_name',
|
|
view_name='rest_api:permission_namespace-detail'
|
|
)
|
|
|
|
|
|
class PermissionSerializer(serializers.Serializer):
|
|
namespace = serializers.CharField(read_only=True)
|
|
pk = serializers.CharField(read_only=True)
|
|
label = serializers.CharField(read_only=True)
|
|
url = MultiKwargHyperlinkedIdentityField(
|
|
view_kwargs=(
|
|
{
|
|
'lookup_field': 'namespace.name', 'lookup_url_kwarg': 'permission_namespace_name',
|
|
},
|
|
{
|
|
'lookup_field': 'pk', 'lookup_url_kwarg': 'permission_name',
|
|
}
|
|
),
|
|
view_name='rest_api:permission-detail'
|
|
)
|
|
|
|
def to_representation(self, instance):
|
|
if isinstance(instance, StoredPermission):
|
|
return super(PermissionSerializer, self).to_representation(
|
|
instance.volatile_permission
|
|
)
|
|
else:
|
|
return super(PermissionSerializer, self).to_representation(
|
|
instance
|
|
)
|
|
|
|
|
|
class RoleGroupAddRemoveSerializer(ExternalObjectListSerializerMixin, serializers.Serializer):
|
|
group_id_list = serializers.CharField(
|
|
help_text=_(
|
|
'Comma separated list of group primary keys that will be added or '
|
|
'removed.'
|
|
), required=False, write_only=True
|
|
)
|
|
|
|
class Meta:
|
|
external_object_list_model = Group
|
|
external_object_list_permission = permission_group_edit
|
|
external_object_list_pk_list_field = 'group_id_list'
|
|
|
|
def groups_add(self, instance):
|
|
instance.groups_add(
|
|
queryset=self.get_external_object_list(),
|
|
_user=self.context['request'].user
|
|
)
|
|
|
|
def groups_remove(self, instance):
|
|
instance.groups_remove(
|
|
queryset=self.get_external_object_list(),
|
|
_user=self.context['request'].user
|
|
)
|
|
|
|
|
|
class RolePermissionAddRemoveSerializer(ExternalObjectListSerializerMixin, serializers.Serializer):
|
|
permission_id_list = serializers.CharField(
|
|
help_text=_(
|
|
'Comma separated list of permission primary keys that will be added or '
|
|
'removed.'
|
|
), required=False, write_only=True
|
|
)
|
|
|
|
class Meta:
|
|
external_object_list_model = Permission
|
|
external_object_list_pk_list_field = 'permission_id_list'
|
|
|
|
def permissions_add(self, instance):
|
|
instance.permissions.add(
|
|
*self.get_external_object_list()
|
|
)
|
|
|
|
def permissions_remove(self, instance):
|
|
instance.permissions.remove(
|
|
*self.get_external_object_list()
|
|
)
|
|
|
|
|
|
class RoleSerializer(serializers.HyperlinkedModelSerializer):
|
|
group_add_url = serializers.HyperlinkedIdentityField(
|
|
lookup_url_kwarg='role_id', view_name='rest_api:role-group-add'
|
|
)
|
|
group_list_url = serializers.HyperlinkedIdentityField(
|
|
lookup_url_kwarg='role_id', view_name='rest_api:role-group-list'
|
|
)
|
|
group_remove_url = serializers.HyperlinkedIdentityField(
|
|
lookup_url_kwarg='role_id', view_name='rest_api:role-group-remove'
|
|
)
|
|
permission_add_url = serializers.HyperlinkedIdentityField(
|
|
lookup_url_kwarg='role_id', view_name='rest_api:role-permission-add'
|
|
)
|
|
permission_list_url = serializers.HyperlinkedIdentityField(
|
|
lookup_url_kwarg='role_id', view_name='rest_api:role-permission-list'
|
|
)
|
|
permission_remove_url = serializers.HyperlinkedIdentityField(
|
|
lookup_url_kwarg='role_id', view_name='rest_api:role-permission-remove'
|
|
)
|
|
|
|
class Meta:
|
|
extra_kwargs = {
|
|
'url': {
|
|
'lookup_url_kwarg': 'role_id',
|
|
'view_name': 'rest_api:role-detail'
|
|
}
|
|
}
|
|
fields = (
|
|
'id', 'label', 'url', 'group_add_url', 'group_list_url',
|
|
'group_remove_url', 'permission_add_url', 'permission_list_url',
|
|
'permission_remove_url'
|
|
)
|
|
model = Role
|