2021-05-21 10:14:12 +02:00
|
|
|
from rest_framework import viewsets, status
|
2021-05-18 12:07:03 +02:00
|
|
|
from rest_framework.decorators import action
|
|
|
|
from rest_framework.response import Response
|
2021-04-12 11:16:56 +02:00
|
|
|
|
2021-05-21 10:14:12 +02:00
|
|
|
from userausfall.models import User, MissingUserAttribute, PasswordMismatch
|
2021-08-03 12:38:34 +02:00
|
|
|
from userausfall.rest_api.permissions import UserPermission
|
2021-08-03 11:41:58 +02:00
|
|
|
from userausfall.rest_api.serializers import (
|
|
|
|
ActivateUserSerializer,
|
|
|
|
CreateUserSerializer,
|
2021-08-03 12:38:34 +02:00
|
|
|
RetrieveUserSerializer,
|
2021-08-03 11:41:58 +02:00
|
|
|
)
|
2021-04-12 11:16:56 +02:00
|
|
|
|
|
|
|
|
2021-05-18 12:07:03 +02:00
|
|
|
class UserViewSet(viewsets.ModelViewSet):
|
2021-08-03 12:38:34 +02:00
|
|
|
permission_classes = [UserPermission]
|
2021-05-21 10:14:12 +02:00
|
|
|
queryset = User.objects.all()
|
2021-05-18 12:07:03 +02:00
|
|
|
|
2021-08-03 12:38:34 +02:00
|
|
|
@action(detail=False, url_path="me")
|
|
|
|
def retrieve_authenticated(self, request):
|
2021-08-03 11:41:58 +02:00
|
|
|
"""Retrieve user data for logged in user."""
|
2021-08-03 12:38:34 +02:00
|
|
|
serializer = self.get_serializer(request.user)
|
2021-08-03 11:41:58 +02:00
|
|
|
return Response(serializer.data)
|
|
|
|
|
2021-08-03 12:38:34 +02:00
|
|
|
@action(detail=True, methods=["post"])
|
2021-05-21 10:14:12 +02:00
|
|
|
def activate(self, request, pk=None):
|
|
|
|
"""Create the corresponding LDAP account."""
|
2021-08-03 12:38:34 +02:00
|
|
|
user: User = self.get_object()
|
|
|
|
serializer = self.get_serializer(data=request.data)
|
2021-05-21 10:14:12 +02:00
|
|
|
if serializer.is_valid():
|
|
|
|
try:
|
2021-08-03 11:41:58 +02:00
|
|
|
# We prevent untrusted user accounts from being activated via API.
|
|
|
|
# They might be activated via Admin or programmatically.
|
|
|
|
if not user.trust_bridge.is_trusted:
|
|
|
|
raise MissingUserAttribute("User has no trusted trust bridge.")
|
2021-05-21 10:14:12 +02:00
|
|
|
user.create_ldap_account(serializer.validated_data["password"])
|
|
|
|
except (MissingUserAttribute, PasswordMismatch) as e:
|
|
|
|
return Response({"message": str(e)}, status=status.HTTP_400_BAD_REQUEST)
|
|
|
|
return Response(status=status.HTTP_204_NO_CONTENT)
|
|
|
|
else:
|
|
|
|
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
2021-08-02 10:14:38 +02:00
|
|
|
|
|
|
|
def get_serializer_class(self):
|
2021-08-03 12:38:34 +02:00
|
|
|
if self.action == "activate":
|
|
|
|
return ActivateUserSerializer
|
|
|
|
elif self.action == "create":
|
2021-08-02 10:14:38 +02:00
|
|
|
return CreateUserSerializer
|
2021-08-03 12:38:34 +02:00
|
|
|
elif self.action == "retrieve_authenticated":
|
|
|
|
return RetrieveUserSerializer
|