Restrict profiles to lockout admins, convert to URL API
This commit is contained in:
parent
61ceff77e3
commit
dd1b9be50e
|
@ -22,6 +22,9 @@ class Tool(models.Model):
|
|||
return self.name
|
||||
|
||||
class Profile(models.Model):
|
||||
user = models.OneToOneField(User, on_delete=models.CASCADE)
|
||||
user = models.OneToOneField(User, on_delete=models.CASCADE, editable=False)
|
||||
lockout_admin = models.BooleanField(default=False)
|
||||
authorized_tools = models.ManyToManyField(Tool)
|
||||
|
||||
def __str__(self):
|
||||
return self.user.username
|
||||
|
|
|
@ -3,24 +3,41 @@ from rest_framework import serializers
|
|||
|
||||
from . import models
|
||||
|
||||
class CategorySerializer(serializers.ModelSerializer):
|
||||
class CategorySerializer(serializers.HyperlinkedModelSerializer):
|
||||
url = serializers.HyperlinkedIdentityField(view_name='category-detail', lookup_field='slug')
|
||||
|
||||
class Meta:
|
||||
model = models.Category
|
||||
fields = '__all__'
|
||||
|
||||
class ToolSerializer(serializers.ModelSerializer):
|
||||
class ToolSerializer(serializers.HyperlinkedModelSerializer):
|
||||
url = serializers.HyperlinkedIdentityField(view_name='tool-detail', lookup_field='slug')
|
||||
category = serializers.HyperlinkedRelatedField(
|
||||
view_name='category-detail',
|
||||
lookup_field='slug',
|
||||
queryset=models.Category.objects.all()
|
||||
)
|
||||
|
||||
class Meta:
|
||||
model = models.Tool
|
||||
fields = '__all__'
|
||||
|
||||
class ToolDataSerializer(serializers.ModelSerializer):
|
||||
class ToolDataSerializer(serializers.HyperlinkedModelSerializer):
|
||||
url = serializers.HyperlinkedIdentityField(view_name='category-detail', lookup_field='slug')
|
||||
tools = ToolSerializer(many=True)
|
||||
|
||||
class Meta:
|
||||
model = models.Category
|
||||
fields = '__all__'
|
||||
|
||||
class ProfileSerializer(serializers.ModelSerializer):
|
||||
class ProfileSerializer(serializers.HyperlinkedModelSerializer):
|
||||
user = serializers.StringRelatedField()
|
||||
authorized_tools = serializers.SlugRelatedField(
|
||||
many=True,
|
||||
slug_field='slug',
|
||||
queryset=models.Tool.objects.all()
|
||||
)
|
||||
|
||||
class Meta:
|
||||
model = models.Profile
|
||||
fields = '__all__'
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
from django.contrib.auth.models import User
|
||||
from rest_framework import viewsets, permissions
|
||||
from rest_framework import mixins, permissions, viewsets
|
||||
|
||||
from rest_framework.response import Response
|
||||
|
||||
from . import models, serializers
|
||||
|
||||
|
@ -14,20 +16,31 @@ class CategoryViewSet(viewsets.ModelViewSet):
|
|||
queryset = models.Category.objects.all().order_by('id')
|
||||
serializer_class = serializers.CategorySerializer
|
||||
permission_classes = (IsLockoutAdmin,)
|
||||
lookup_field='slug'
|
||||
|
||||
class ToolViewSet(viewsets.ModelViewSet):
|
||||
queryset = models.Tool.objects.all().order_by('id')
|
||||
serializer_class = serializers.ToolSerializer
|
||||
permission_classes = (IsLockoutAdmin,)
|
||||
lookup_field='slug'
|
||||
|
||||
class ToolDataViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
queryset = models.Category.objects.all().order_by('id')
|
||||
serializer_class = serializers.ToolDataSerializer
|
||||
class ToolDataViewSet(viewsets.ViewSet):
|
||||
def list(self, request):
|
||||
objects = models.Category.objects.all().order_by('id')
|
||||
serializer = serializers.ToolDataSerializer(objects, many=True, context={'request': request})
|
||||
return Response({'categories': serializer.data})
|
||||
|
||||
class ProfileViewSet(viewsets.ModelViewSet):
|
||||
class ProfileViewSet(
|
||||
mixins.RetrieveModelMixin,
|
||||
mixins.UpdateModelMixin,
|
||||
mixins.ListModelMixin,
|
||||
viewsets.GenericViewSet):
|
||||
queryset = models.Profile.objects.all().order_by('-user__date_joined')
|
||||
serializer_class = serializers.ProfileSerializer
|
||||
permission_classes = (IsLockoutAdmin,)
|
||||
|
||||
class UserViewSet(viewsets.ModelViewSet):
|
||||
queryset = models.User.objects.all().order_by('-date_joined')
|
||||
class UserViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
serializer_class = serializers.UserSerializer
|
||||
|
||||
def get_queryset(self):
|
||||
return User.objects.filter(username=self.request.user)
|
||||
|
|
|
@ -23,10 +23,10 @@ from rest_framework import routers
|
|||
from .api import views
|
||||
|
||||
router = routers.DefaultRouter()
|
||||
router.register(r'tool', views.ToolViewSet, 'tool')
|
||||
router.register(r'tool', views.ToolViewSet)
|
||||
router.register(r'category', views.CategoryViewSet, 'category')
|
||||
router.register(r'tooldata', views.ToolDataViewSet, 'tooldata')
|
||||
router.register(r'profile', views.ProfileViewSet, 'profile')
|
||||
router.register(r'profile', views.ProfileViewSet)
|
||||
router.register(r'user', views.UserViewSet, 'user')
|
||||
|
||||
urlpatterns = [
|
||||
|
|
Loading…
Reference in New Issue
Block a user