ynerant/nk20
1
0
Fork 0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-02-23 16:41:23 +00:00
Code Issues Releases Wiki Activity

Compare commits

base: ynerant:72806f0aceb08e61600226a63583e440f94619fe
Branches Tags
ynerant:main
ynerant:patch_openers_(forgot_something)
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:potvieux
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:food_traceability
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0
..
compare: ynerant:e95a8b6e18523b42c2e4408049f8cf71c05b5acf
Branches Tags
ynerant:main
ynerant:patch_openers_(forgot_something)
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:potvieux
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:food_traceability
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0

No commits in common. "72806f0aceb08e61600226a63583e440f94619fe" and "e95a8b6e18523b42c2e4408049f8cf71c05b5acf" have entirely different histories.
72806f0ace ... e95a8b6e18

6 changed files with 6 additions and 68 deletions
Show Stats Expand all files Collapse all files

46
apps/api/serializers.py
View File

@ -4,14 +4,10 @@
from django.contrib.contenttypes.models import ContentType
from django.contrib.auth.models import User
from django.utils import timezone
from rest_framework import serializers
from member.api.serializers import ProfileSerializer, MembershipSerializer
from note.models import Alias
from rest_framework.serializers import ModelSerializer
class UserSerializer(serializers.ModelSerializer):
class UserSerializer(ModelSerializer):
"""
REST API Serializer for Users.
The djangorestframework plugin will analyse the model `User` and parse all fields in the API.
@ -26,7 +22,7 @@ class UserSerializer(serializers.ModelSerializer):
)
class ContentTypeSerializer(serializers.ModelSerializer):
class ContentTypeSerializer(ModelSerializer):
"""
REST API Serializer for Users.
The djangorestframework plugin will analyse the model `User` and parse all fields in the API.
@ -35,39 +31,3 @@ class ContentTypeSerializer(serializers.ModelSerializer):
class Meta:
model = ContentType
fields = '__all__'
class OAuthSerializer(serializers.ModelSerializer):
"""
Informations that are transmitted by OAuth.
For now, this includes user, profile and valid memberships.
This should be better managed later.
"""
normalized_name = serializers.SerializerMethodField()
profile = ProfileSerializer()
memberships = serializers.SerializerMethodField()
def get_normalized_name(self, obj):
return Alias.normalize(obj.username)
def get_memberships(self, obj):
return serializers.ListSerializer(child=MembershipSerializer()).to_representation(
obj.memberships.filter(date_start__lte=timezone.now(), date_end__gte=timezone.now()))
class Meta:
model = User
fields = (
'id',
'username',
'normalized_name',
'first_name',
'last_name',
'email',
'is_superuser',
'is_active',
'is_staff',
'profile',
'memberships',
)

2
apps/api/urls.py
View File

@ -5,7 +5,6 @@ from django.conf import settings
from django.conf.urls import url, include
from rest_framework import routers
from .views import UserInformationView
from .viewsets import ContentTypeViewSet, UserViewSet
# Routers provide an easy way of automatically determining the URL conf.
@ -48,6 +47,5 @@ app_name = 'api'
# Additionally, we include login URLs for the browsable API.
urlpatterns = [
url('^', include(router.urls)),
url('me', UserInformationView.as_view()),
url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
]

20
apps/api/views.py
View File

@ -1,20 +0,0 @@
# Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from django.contrib.auth.models import User
from rest_framework.generics import RetrieveAPIView
from .serializers import OAuthSerializer
class UserInformationView(RetrieveAPIView):
"""
These fields are give to OAuth authenticators.
"""
serializer_class = OAuthSerializer
def get_queryset(self):
return User.objects.filter(pk=self.request.user.pk)
def get_object(self):
return self.request.user

2
apps/permission/backends.py
View File

@ -134,6 +134,8 @@ class PermissionBackend(ModelBackend):
return False
sess = get_current_session()
if sess is not None and sess.session_key is None:
return False
if user_obj.is_superuser and sess.get("permission_mask", -1) >= 42:
return True

3
note_kfet/settings/__init__.py
View File

@ -12,7 +12,7 @@ def read_env():
directory.
"""
try:
with open(os.path.join(BASE_DIR, '.env')) as f:
with open('.env') as f:
content = f.read()
except IOError:
content = ''
@ -30,7 +30,6 @@ def read_env():
# Try to load environment variables from project .env
BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
read_env()
# Load base settings

1
note_kfet/settings/base.py
View File

@ -239,7 +239,6 @@ REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication',
'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
],
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
'PAGE_SIZE': 20,