Add courses to authorize people through

authserver/authserver/api/models.py

@@ -22,10 +22,18 @@ class Tool(models.Model):
     def __str__(self):
         return self.name
 
+class Course(models.Model):
+    name = models.CharField(max_length=32)
+    slug = models.CharField(max_length=32, unique=True)
+    tools = models.ManyToManyField(Tool, blank=True)
+
+    def __str__(self):
+        return self.name
+
 class Profile(models.Model):
     user = models.OneToOneField(User, on_delete=models.CASCADE, editable=False)
     lockout_admin = models.BooleanField(default=False)
-    authorized_tools = models.ManyToManyField(Tool, blank=True)
+    courses = models.ManyToManyField(Course, blank=True)
 
     def __str__(self):
         return self.user.username

authserver/authserver/api/serializers.py

@@ -10,13 +10,25 @@ class CategorySerializer(serializers.HyperlinkedModelSerializer):
         model = models.Category
         fields = '__all__'
 
+class CourseSerializer(serializers.HyperlinkedModelSerializer):
+    url = serializers.HyperlinkedIdentityField(view_name='course-detail', lookup_field='slug')
+    tools = serializers.SlugRelatedField(
+        many=True,
+        slug_field='slug',
+        queryset=models.Tool.objects.all()
+    )
+
+    class Meta:
+        model = models.Course
+        fields = '__all__'
+
 class ToolSerializer(serializers.HyperlinkedModelSerializer):
     url = serializers.HyperlinkedIdentityField(view_name='tool-detail', lookup_field='slug')
     category = serializers.HyperlinkedRelatedField(
-            view_name='category-detail',
-            lookup_field='slug',
-            queryset=models.Category.objects.all()
-        )
+        view_name='category-detail',
+        lookup_field='slug',
+        queryset=models.Category.objects.all()
+    )
 
     class Meta:
         model = models.Tool
@@ -33,16 +45,20 @@ class ToolDataSerializer(serializers.HyperlinkedModelSerializer):
 class ProfileSerializer(serializers.HyperlinkedModelSerializer):
     user = serializers.StringRelatedField()
     cards = serializers.StringRelatedField(many=True, read_only=True)
-    authorized_tools = serializers.SlugRelatedField(
-            many=True,
-            slug_field='slug',
-            queryset=models.Tool.objects.all()
-        )
+    courses = serializers.SlugRelatedField(
+        many=True,
+        slug_field='slug',
+        queryset=models.Course.objects.all()
+    )
+    authorized_tools = serializers.SerializerMethodField()
 
     class Meta:
         model = models.Profile
         fields = '__all__'
 
+    def get_authorized_tools(self, obj):
+        return [tool.slug for tool in models.Tool.objects.filter(course__profile=obj)]
+
 class UserSerializer(serializers.ModelSerializer):
     profile = ProfileSerializer(read_only=True)
 

authserver/authserver/api/views.py

@@ -30,6 +30,12 @@ class CategoryViewSet(viewsets.ModelViewSet):
     permission_classes = (IsLockoutAdmin,)
     lookup_field='slug'
 
+class CourseViewSet(viewsets.ModelViewSet):
+    queryset = models.Course.objects.all().order_by('id')
+    serializer_class = serializers.CourseSerializer
+    permission_classes = (IsLockoutAdmin,)
+    lookup_field='slug'
+
 class ToolViewSet(viewsets.ModelViewSet):
     queryset = models.Tool.objects.all().order_by('id')
     serializer_class = serializers.ToolSerializer
@@ -86,7 +92,7 @@ def login(request):
 
 @api_view(["GET"])
 def cards(request, mac):
-    cards = models.Card.objects.all().filter(profile__authorized_tools__mac=mac)
+    cards = models.Card.objects.all().filter(profile__courses__tools__mac=mac)
     card_numbers = [card.number for card in cards]
 
     return Response(','.join(card_numbers), status=status.HTTP_200_OK)

authserver/authserver/urls.py

@@ -25,6 +25,7 @@ from .api import views
 router = routers.DefaultRouter()
 router.register(r'tool', views.ToolViewSet)
 router.register(r'category', views.CategoryViewSet, 'category')
+router.register(r'course', views.CourseViewSet, 'course')
 router.register(r'tooldata', views.ToolDataViewSet, 'tooldata')
 router.register(r'profile', views.ProfileViewSet)
 router.register(r'user', views.UserViewSet, 'user')