Modify user active api And Add Token authorization

011c1255 · ibuler · 1a9f90a0 · 011c1255 · 011c1255 · 011c1255
Commit 011c1255 authored Aug 29, 2016 by ibuler
6 changed files
--- a/apps/jumpserver/settings.py
+++ b/apps/jumpserver/settings.py
@@ -53,6 +53,7 @@ INSTALLED_APPS = [
    'audits.apps.AuditsConfig',
    'common.apps.CommonConfig',
    'rest_framework',
+    'rest_framework.authtoken',
    'bootstrapform',
    # 'django.contrib.admin',
    'django.contrib.auth',
@@ -247,6 +248,7 @@ REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
+        'rest_framework.authentication.TokenAuthentication',
    ),
 }
 # This setting is required to override the Django's main loop, when running in

--- a/apps/users/api.py
+++ b/apps/users/api.py
@@ -7,7 +7,7 @@ from rest_framework import generics, mixins, status, permissions
 from rest_framework.views import APIView
 from rest_framework.response import Response

-from .serializers import UserSerializer, UserGroupSerializer
+from .serializers import UserSerializer, UserGroupSerializer, UserActiveSerializer
 from .models import User, UserGroup


@@ -18,24 +18,20 @@ class UserListAddApi(generics.ListCreateAPIView):
    queryset = User.objects.all()
    serializer_class = UserSerializer

-    # permission_classes = (
-    #     permissions.DenyAll,
-    # )
-

 class UserDetailDeleteUpdateApi(generics.RetrieveUpdateDestroyAPIView):
    queryset = User.objects.all()
    serializer_class = UserSerializer

-    def put(self, request, *args, **kwargs):
-        for k, v in request.META.items():
-            logger.debug("%s --> %s" % (k, v))
-        return super(UserDetailDeleteUpdateApi, self).put(request, *args, **kwargs)

-    # def get(self, request, *args, **kwargs):
-    #     print("hello world")
-    #     print(request.user)
-    #     return super(UserDetailDeleteUpdateApi, self).get(request, *args, **kwargs)
+class UserActiveApi(generics.RetrieveUpdateDestroyAPIView):
+    queryset = User.objects.all()
+    serializer_class = UserActiveSerializer
+
+    # def put(self, request, *args, **kwargs):
+    #     for k, v in request.META.items():
+    #         logger.debug("%s --> %s" % (k, v))
+    #     return super(UserActiveApi, self).put(request, *args, **kwargs)


 class UserGroupListAddApi(generics.ListCreateAPIView):

--- a/apps/users/serializers.py
+++ b/apps/users/serializers.py
@@ -17,6 +17,12 @@ class UserSerializer(serializers.ModelSerializer):
        ]


+class UserActiveSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = User
+        fields = ['is_active']
+
+
 class UserGroupSerializer(serializers.ModelSerializer):
    users = serializers.HyperlinkedRelatedField(many=True, read_only=True, view_name='users:user-detail-api')


--- a/apps/users/templates/users/user_detail.html
+++ b/apps/users/templates/users/user_detail.html
@@ -231,12 +231,9 @@
            var status = $(obj).prop('checked');

            $.ajax({
-                url: "{% url 'users:user-detail-api' pk=user.id %}",
-{#                url: "{% url 'users:login' %}",#}
+                url: "{% url 'users:user-active-api' pk=user.id %}",
                type: "PUT",
                data: {
-                    'username': "{{ user.username }}",
-                    'email': "{{ user.email }}",
                    'is_active': status
                },
                success: function (data, status) {

--- a/apps/users/urls.py
+++ b/apps/users/urls.py
@@ -22,8 +22,9 @@ urlpatterns = [


 urlpatterns += [
-    url(r'^v1/users/$', api.UserListAddApi.as_view(), name='user-list-api'),
-    url(r'^v1/users/(?P<pk>[0-9]+)/$', api.UserDetailDeleteUpdateApi.as_view(), name='user-detail-api'),
-    url(r'^v1/usergroups/$', api.UserGroupListAddApi.as_view(), name='usergroup-list-api'),
-    url(r'^v1/usergroups/(?P<pk>[0-9]+)/$', api.UserGroupDetailDeleteUpdateApi.as_view(), name='usergroup-detail-api'),
+    url(r'^v1/users$', api.UserListAddApi.as_view(), name='user-list-api'),
+    url(r'^v1/users/(?P<pk>[0-9]+)$', api.UserDetailDeleteUpdateApi.as_view(), name='user-detail-api'),
+    url(r'^v1/users/(?P<pk>[0-9]+)/active$', api.UserActiveApi.as_view(), name='user-active-api'),
+    url(r'^v1/usergroups$', api.UserGroupListAddApi.as_view(), name='usergroup-list-api'),
+    url(r'^v1/usergroups/(?P<pk>[0-9]+)$', api.UserGroupDetailDeleteUpdateApi.as_view(), name='usergroup-detail-api'),
 ]
--- a/logs/jumpserver.log
+++ b/logs/jumpserver.log