Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add missing User API (url, view, serializer, tests) #51

Merged
merged 1 commit into from
Apr 10, 2024
Merged

Add missing User API (url, view, serializer, tests) #51

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions httprequest_lego_provider/serializers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
# See LICENSE file for licensing details.
"""Serializers."""

# imported-auth-user has to be disabled as the import is needed for UserSerializer
# pylint:disable=imported-auth-user
from django.contrib.auth.models import User
kot0dama marked this conversation as resolved.
Show resolved Hide resolved
from rest_framework import serializers

from .models import Domain, DomainUserPermission
Expand Down Expand Up @@ -35,3 +38,18 @@ class Meta:

model = DomainUserPermission
fields = "__all__"


class UserSerializer(serializers.ModelSerializer):
"""Serializer for the User objects."""

class Meta:
"""Serializer configuration.

Attributes:
model: the model to serialize.
fields: fields to serialize.
"""

model = User
fields = ["url", "username", "email", "groups"]
57 changes: 57 additions & 0 deletions httprequest_lego_provider/tests/test_views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -453,3 +453,60 @@ def test_post_domain_user_permission_when_logged_in_as_admin_user(

assert DomainUserPermission.objects.filter(user=99, domain=domain) is not None
assert response.status_code == 201


@pytest.mark.django_db
def test_post_user_when_logged_in_as_non_admin_user(client: Client, user_auth_token: str):
"""
arrange: log in a non-admin user.
act: submit a POST request for the user URL.
assert: a 403 is returned and the user is not inserted in the database.
"""
response = client.post(
"/api/v1/users/",
data={"username": "non-existing-user"},
format="json",
headers={"AUTHORIZATION": f"Basic {user_auth_token}"},
)

assert response.status_code == 403
with pytest.raises(User.DoesNotExist):
User.objects.get(username="non-existing-user")


@pytest.mark.django_db
def test_post_user_when_logged_in_as_admin_user(client: Client, admin_user_auth_token: str):
"""
arrange: log in an admin user.
act: submit a POST request for the user URL.
assert: a 201 is returned and the user is inserted in the database.
"""
response = client.post(
"/api/v1/users/",
data={"username": "new-user"},
format="json",
headers={"AUTHORIZATION": f"Basic {admin_user_auth_token}"},
)

assert response.status_code == 201
assert User.objects.get(username="new-user") is not None


@pytest.mark.django_db
def test_post_user_when_logged_in_as_admin_user_and_user_invalid(
client: Client, admin_user_auth_token: str
):
"""
arrange: log in a admin user.
act: submit a POST request with an invalid value for the user URL.
assert: a 400 is returned.
"""
existing = User.objects.all()[0]
response = client.post(
"/api/v1/users/",
data={"username": existing.username},
format="json",
headers={"AUTHORIZATION": f"Basic {admin_user_auth_token}"},
)

assert response.status_code == 400
1 change: 1 addition & 0 deletions httprequest_lego_provider/urls.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
router = DefaultRouter()
router.register("domains", views.DomainViewSet)
router.register("domain-user-permissions", views.DomainUserPermissionViewSet)
router.register("users", views.UserViewSet)

urlpatterns = [
path("cleanup", views.handle_cleanup, name="cleanup"),
Expand Down
19 changes: 18 additions & 1 deletion httprequest_lego_provider/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@

from typing import Optional

# imported-auth-user has to be disabled as the import is needed for UserViewSet
# pylint:disable=imported-auth-user
from django.contrib.auth.models import User
kot0dama marked this conversation as resolved.
Show resolved Hide resolved
from django.http import HttpRequest, HttpResponse
from rest_framework import viewsets
from rest_framework.decorators import api_view
Expand All @@ -15,7 +18,7 @@
from .dns import remove_dns_record, write_dns_record
from .forms import CleanupForm, PresentForm
from .models import Domain, DomainUserPermission
from .serializers import DomainSerializer, DomainUserPermissionSerializer
from .serializers import DomainSerializer, DomainUserPermissionSerializer, UserSerializer


@api_view(["POST"])
Expand Down Expand Up @@ -101,3 +104,17 @@ class DomainUserPermissionViewSet(viewsets.ModelViewSet):
queryset = DomainUserPermission.objects.all()
serializer_class = DomainUserPermissionSerializer
permission_classes = [IsAdminUser]


class UserViewSet(viewsets.ModelViewSet):
"""Views for the User.

Attributes:
queryset: query for the objects in the model.
serializer_class: class used for serialization.
permission_classes: list of classes to match permissions.
"""

queryset = User.objects.all().order_by("-date_joined")
kot0dama marked this conversation as resolved.
Show resolved Hide resolved
serializer_class = UserSerializer
permission_classes = [IsAdminUser]
Loading