This repository has been archived by the owner on Jan 19, 2021. It is now read-only.
/
api.py
86 lines (66 loc) · 2.77 KB
/
api.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
from tastypie import fields
from tastypie.authentication import Authentication
from tastypie.authorization import ReadOnlyAuthorization
from tastypie.resources import ModelResource
from common.api import HTMLSerializer
from users.models import UserProfile
class VouchedAuthentication(Authentication):
"""Api Authentication that only lets in authenticated and vouched
users.
"""
def is_authenticated(self, request, **kwargs):
user = request.user
if user.is_authenticated() and user.get_profile().is_vouched:
return True
return False
def get_identifier(self, request):
return request.user.username
class PaidStaffAuthentication(Authentication):
"""API Authentication that only lets in paid staff users.
"""
def is_authenticated(self, request, **kwargs):
user = request.user
if (user.is_authenticated() and
user.get_profile().groups.filter(name='staff')):
return True
return False
def get_identifier(self, request):
return request.user.username
# class UserProfileResource(ModelResource):
# email = fields.CharField(attribute='user__email', null=True,
# readonly=True)
# class Meta:
# queryset = UserProfile.objects.select_related()
# authentication = PaidStaffAuthentication()
# authorization = ReadOnlyAuthorization()
# serializer = HTMLSerializer()
# list_allowed_methods = ['get']
# detail_allowed_methods = ['get']
# resource_name = 'users'
# filtering = {'email': ('exact'),
# 'display_name': ('exact', 'contains', 'startswith'),
# 'ircname': ('exact', 'contains', 'startswith')}
# def get_object_list(self, request):
# if 'updated' in request.GET:
# try:
# updated = float(request.GET.get('updated'))
# time = datetime.fromtimestamp(updated)
# except (ValueError, TypeError):
# pass
# else:
# return (super(UserProfileResource, self)
# .get_object_list(request)
# .filter(last_updated__gt=time))
# return super(UserProfileResource, self).get_object_list(request)
class VouchedResource(ModelResource):
email = fields.CharField(attribute='user__email', null=True, readonly=True)
class Meta:
queryset = UserProfile.objects.all()
authentication = VouchedAuthentication()
authorization = ReadOnlyAuthorization()
serializer = HTMLSerializer()
list_allowed_methods = ['get']
detail_allowed_methods = ['get']
resource_name = 'vouched'
fields = ['is_vouched']
filtering = {'email': ['exact']}