diff --git a/apps/rbac/api/permission.py b/apps/rbac/api/permission.py index 9500af3ac..33f54d89b 100644 --- a/apps/rbac/api/permission.py +++ b/apps/rbac/api/permission.py @@ -1,9 +1,9 @@ -from rest_framework.response import Response -from rest_framework.decorators import action from django.shortcuts import get_object_or_404 +from rest_framework.decorators import action +from rest_framework.response import Response -from common.tree import TreeNodeSerializer from common.api import JMSModelViewSet +from common.tree import TreeNodeSerializer from ..models import Permission, Role from ..serializers import PermissionSerializer diff --git a/apps/rbac/serializers/permission.py b/apps/rbac/serializers/permission.py index 3af435e33..219700914 100644 --- a/apps/rbac/serializers/permission.py +++ b/apps/rbac/serializers/permission.py @@ -1,10 +1,9 @@ from django.contrib.auth.models import ContentType -from django.utils.translation import gettext_lazy as _ from rest_framework import serializers from ..models import Permission -__all__ = ['PermissionSerializer', 'UserPermsSerializer'] +__all__ = ['PermissionSerializer'] class PermissionContentTypeSerializer(serializers.ModelSerializer): @@ -19,13 +18,3 @@ class PermissionSerializer(serializers.ModelSerializer): class Meta: model = Permission fields = ['id', 'name', 'content_type', 'codename'] - - -class UserPermsSerializer(serializers.Serializer): - perms = serializers.ListField(label=_('Perms'), read_only=True) - - def create(self, validated_data): - pass - - def update(self, instance, validated_data): - pass diff --git a/apps/users/api/profile.py b/apps/users/api/profile.py index 0dee24b8e..90bac5509 100644 --- a/apps/users/api/profile.py +++ b/apps/users/api/profile.py @@ -17,7 +17,8 @@ from ..models import User __all__ = [ 'UserResetPasswordApi', 'UserResetPKApi', - 'UserProfileApi', 'UserPasswordApi' + 'UserProfileApi', 'UserPasswordApi', + 'UserPermissionsApi' ] @@ -77,3 +78,11 @@ class UserPasswordApi(generics.RetrieveUpdateAPIView): resp = super().update(request, *args, **kwargs) ResetPasswordSuccessMsg(self.request.user, request).publish_async() return resp + + +class UserPermissionsApi(generics.RetrieveAPIView): + permission_classes = (IsAuthenticated,) + serializer_class = serializers.UserPermsSerializer + + def get_object(self): + return self.request.user diff --git a/apps/users/serializers/profile.py b/apps/users/serializers/profile.py index 1074576fb..c61edc1c7 100644 --- a/apps/users/serializers/profile.py +++ b/apps/users/serializers/profile.py @@ -8,14 +8,6 @@ from .user import UserSerializer from ..models import User, MFAMixin -class UserOrgSerializer(serializers.Serializer): - id = serializers.CharField() - name = serializers.CharField() - is_default = serializers.BooleanField(read_only=True) - is_root = serializers.BooleanField(read_only=True) - is_system = serializers.BooleanField(read_only=True) - - class UserUpdatePasswordSerializer(serializers.ModelSerializer): old_password = EncryptedField(required=True, max_length=128) new_password = EncryptedField(required=True, max_length=128) @@ -71,16 +63,11 @@ class UserProfileSerializer(UserSerializer): mfa_level = LabeledChoiceField(choices=MFAMixin.MFA_LEVEL_CHOICES, label=_("MFA"), required=False) guide_url = serializers.SerializerMethodField() receive_backends = serializers.ListField(child=serializers.CharField(), read_only=True) - console_orgs = UserOrgSerializer(many=True, read_only=True) - audit_orgs = UserOrgSerializer(many=True, read_only=True) - workbench_orgs = UserOrgSerializer(many=True, read_only=True) - perms = serializers.ListField(label=_("Perms"), read_only=True) class Meta(UserSerializer.Meta): read_only_fields = [ 'date_joined', 'last_login', 'created_by', 'source', - 'console_orgs', 'audit_orgs', 'workbench_orgs', - 'receive_backends', 'perms', + 'receive_backends', ] fields_mini = [ 'id', 'name', 'username', 'email', @@ -184,3 +171,26 @@ class ResetOTPSerializer(serializers.Serializer): def update(self, instance, validated_data): pass + + +class UserOrgSerializer(serializers.Serializer): + id = serializers.CharField() + name = serializers.CharField() + is_default = serializers.BooleanField(read_only=True) + is_root = serializers.BooleanField(read_only=True) + is_system = serializers.BooleanField(read_only=True) + + +class UserPermsSerializer(serializers.Serializer): + id = serializers.CharField(label=_("User ID"), read_only=True) + username = serializers.CharField(label=_("Username"), read_only=True) + console_orgs = UserOrgSerializer(many=True, read_only=True) + audit_orgs = UserOrgSerializer(many=True, read_only=True) + workbench_orgs = UserOrgSerializer(many=True, read_only=True) + perms = serializers.ListField(label=_("Perms"), read_only=True) + + def create(self, validated_data): + pass + + def update(self, instance, validated_data): + pass diff --git a/apps/users/urls/api_urls.py b/apps/users/urls/api_urls.py index 1c40f234b..cc5a04a05 100644 --- a/apps/users/urls/api_urls.py +++ b/apps/users/urls/api_urls.py @@ -22,6 +22,7 @@ urlpatterns = [ path('profile/', api.UserProfileApi.as_view(), name='user-profile'), path('profile/password/', api.UserPasswordApi.as_view(), name='user-password'), path('profile/mfa/reset/', api.UserResetMFAApi.as_view(), name='my-mfa-reset'), + path('profile/permissions/', api.UserPermissionsApi.as_view(), name='user-permissions'), path('preference/', api.PreferenceApi.as_view(), name='preference'), path('users//mfa/reset/', api.UserResetMFAApi.as_view(), name='user-reset-mfa'), path('users//password/', api.UserChangePasswordApi.as_view(), name='change-user-password'),