add rest api for users and groups

ec9774e5 · Karsa Zoltán István · e7ca9813 · ec9774e5 · ec9774e5 · ec9774e5
Commit ec9774e5 authored Sep 12, 2022 by Karsa Zoltán István
Show whitespace changes
Inline Side-by-side

Showing with 64 additions and 5 deletions

circle/dashboard/serializers.py
+12 -0

circle/dashboard/urls.py
+3 -1

circle/dashboard/views/group.py
+26 -1

circle/dashboard/views/user.py
+23 -2

circle/dashboard/views/vm.py
+0 -1

No files found.
--- a/circle/dashboard/serializers.py
+++ b/circle/dashboard/serializers.py
 from rest_framework.renderers import JSONRenderer
 from rest_framework import serializers
+from django.contrib.auth.models import Group, User

 from vm.models import Instance, InstanceTemplate, Lease, Interface, Node
 from firewall.models import Vlan
 from storage.models import Disk


+class GroupSerializer(serializers.ModelSerializer): 
+    class Meta:
+        model = Group
+        fields = ('id', 'name', 'user_set')
+
+class UserSerializer(serializers.ModelSerializer):    
+    class Meta:
+        model = User
+        fields = ('id', 'username', 'email', 'is_staff', 'groups')
+
+
 class NodeSerializer(serializers.ModelSerializer):
    class Meta:
        model = Node

--- a/circle/dashboard/urls.py
+++ b/circle/dashboard/urls.py
@@ -59,7 +59,7 @@ from .views import (
    DownloadDiskREST, GetInstanceREST, GetInterfaceREST, ShutdownInstanceREST,
    GetLeaseREST, GetDiskRest, DeployInstanceREST, CreateDiskREST,
    VlanREST, ResizeDiskREST, GetVlanREST,
-    StorageDetail, DiskDetail,
+    StorageDetail, DiskDetail, UserREST, GroupREST,
    MessageList, MessageDetail, MessageCreate, MessageDelete,
    EnableTwoFactorView, DisableTwoFactorView,
    AclUserGroupAutocomplete, AclUserAutocomplete,
@@ -69,6 +69,8 @@ from .views.node import node_ops, NodeREST, GetNodeREST
 from .views.vm import vm_ops, vm_mass_ops

 urlpatterns = [
+    path('acpi/user/', UserREST.as_view()),
+    path('acpi/group/', GroupREST.as_view()),
    path('acpi/vm/', InstanceREST.as_view()),
    path('acpi/node/', NodeREST.as_view()),
    path('acpi/node/<int:pk>/', GetNodeREST.as_view()),

--- a/circle/dashboard/views/group.py
+++ b/circle/dashboard/views/group.py
@@ -27,7 +27,7 @@ from django.contrib.auth.models import User, Group
 from django.contrib.messages.views import SuccessMessageMixin
 from django.core.exceptions import PermissionDenied, SuspiciousOperation
 from django.urls import reverse, reverse_lazy
-from django.http import HttpResponse, Http404
+from django.http import HttpResponse, Http404, JsonResponse
 from django.shortcuts import redirect
 from django.utils.translation import ugettext as _
 from django.views.generic import UpdateView, TemplateView
@@ -35,6 +35,12 @@ from django.views.generic.detail import SingleObjectMixin
 from django_tables2 import SingleTableView
 from itertools import chain

+from rest_framework import status
+from rest_framework.views import APIView
+from rest_framework.parsers import JSONParser
+from rest_framework.authentication import TokenAuthentication, BasicAuthentication
+from rest_framework.permissions import IsAdminUser
+
 from vm.models import Instance, InstanceTemplate
 from .util import (CheckedDetailView, AclUpdateView, search_user,
                   saml_available, DeleteViewBase)
@@ -46,6 +52,8 @@ from ..models import FutureMember, GroupProfile
 from ..store_api import Store, NoStoreException
 from ..tables import GroupListTable

+from dashboard.serializers import GroupSerializer
+
 try:
    # Python 2: "unicode" is built-in
    unicode
@@ -55,6 +63,23 @@ except NameError:
 logger = logging.getLogger(__name__)


+class GroupREST(APIView):
+    authentication_classes = [TokenAuthentication,BasicAuthentication]
+    permission_classes = [IsAdminUser]
+
+    def get(self, request, format=None):
+        if request.query_params.get('name'):
+            try:
+                group = Group.objects.filter(name__istartswith=request.query_params.get('name')).get()
+                serializer = GroupSerializer(group, many=False)
+                return JsonResponse(serializer.data, safe=False)
+            except:
+                return JsonResponse({}, status=404)
+        groups = Group.objects.all()
+        serializer = GroupSerializer(groups, many=True)
+        return JsonResponse(serializer.data, safe=False)
+
+
 class GroupCodeMixin(object):

    @classmethod

--- a/circle/dashboard/views/user.py
+++ b/circle/dashboard/views/user.py
@@ -18,6 +18,7 @@

 import json
 import logging
+from multiprocessing import context

 import pyotp

@@ -31,7 +32,7 @@ from django.core.exceptions import PermissionDenied, SuspiciousOperation
 from django.urls import reverse, reverse_lazy
 from django.core.paginator import Paginator, InvalidPage
 from django.db.models import Q
-from django.http import HttpResponse, HttpResponseRedirect, Http404
+from django.http import HttpResponse, HttpResponseRedirect, Http404, JsonResponse
 from django.shortcuts import redirect, get_object_or_404
 from django.templatetags.static import static
 from django.utils.translation import ugettext as _
@@ -41,6 +42,12 @@ from django.views.generic import (
 )
 from simplesshkey.models import UserKey

+from rest_framework import status
+from rest_framework.views import APIView
+from rest_framework.parsers import JSONParser
+from rest_framework.authentication import TokenAuthentication, BasicAuthentication
+from rest_framework.permissions import IsAdminUser
+
 from braces.views import LoginRequiredMixin, PermissionRequiredMixin

 from django_tables2 import SingleTableView, LazyPaginator
@@ -58,6 +65,7 @@ from ..tables import (
 )
 from rest_framework.authtoken.models import Token
 from .util import saml_available, DeleteViewBase, LoginView
+from dashboard.serializers import UserSerializer

 try:
    # Python 2: "unicode" is built-in
@@ -67,8 +75,21 @@ except NameError:

 logger = logging.getLogger(__name__)

+class UserREST(APIView):
+    authentication_classes = [TokenAuthentication,BasicAuthentication]
+    permission_classes = [IsAdminUser]

-
+    def get(self, request, format=None):
+        if request.query_params.get('username'):
+            try:
+                user = User.objects.filter(username__istartswith=request.query_params.get('username')).get()
+                serializer = UserSerializer(user, many=False)
+                return JsonResponse(serializer.data, safe=False)
+            except:
+                return JsonResponse({}, status=404)
+        users = User.objects.all()
+        serializer = UserSerializer(users, many=True)
+        return JsonResponse(serializer.data, safe=False)

 def set_session_expiry(request, user):
    if user.is_superuser:

--- a/circle/dashboard/views/vm.py
+++ b/circle/dashboard/views/vm.py
@@ -92,7 +92,6 @@ logger = logging.getLogger(__name__)

 from rest_framework import status
 from rest_framework.views import APIView
-from rest_framework.decorators import api_view, authentication_classes, permission_classes
 from rest_framework.parsers import JSONParser
 from rest_framework.authentication import TokenAuthentication, BasicAuthentication
 from rest_framework.permissions import IsAdminUser