35 lines
1.5 KiB
Python
35 lines
1.5 KiB
Python
from rest_framework import generics, status, viewsets
|
|
from rest_framework.decorators import action
|
|
from rest_framework.response import Response
|
|
|
|
from userausfall.models import MissingUserAttribute, PasswordMismatch, User
|
|
from userausfall.rest_api.serializers import TrustBridgeSerializer
|
|
from userausfall.views import get_authenticated_user
|
|
|
|
|
|
class TrustBridgeView(generics.RetrieveUpdateAPIView):
|
|
serializer_class = TrustBridgeSerializer
|
|
|
|
def get_object(self):
|
|
return get_authenticated_user(self.request).get_or_create_trust_bridge()
|
|
|
|
|
|
class UserViewSet(viewsets.GenericViewSet):
|
|
@action(detail=True, methods=["post"])
|
|
def activate(self, request, pk=None):
|
|
"""Create the corresponding LDAP account."""
|
|
user: User = self.get_object()
|
|
serializer = self.get_serializer(data=request.data)
|
|
if serializer.is_valid():
|
|
try:
|
|
# We prevent untrusted user accounts from being activated via API.
|
|
# They might be activated via Admin or programmatically.
|
|
if not user.trust_bridge.is_trusted:
|
|
raise MissingUserAttribute("User has no trusted trust bridge.")
|
|
user.create_ldap_account(serializer.validated_data["password"])
|
|
except (MissingUserAttribute, PasswordMismatch) as e:
|
|
return Response({"message": str(e)}, status=status.HTTP_400_BAD_REQUEST)
|
|
return Response(status=status.HTTP_204_NO_CONTENT)
|
|
else:
|
|
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|