mirror of
https://github.com/ansible/awx.git
synced 2024-10-31 15:21:13 +03:00
Fix for AC-257. Handle setting/updating password through UserSerializer.
This commit is contained in:
parent
7fc08767f6
commit
9916a5eefb
@ -84,6 +84,53 @@ class BaseSerializer(serializers.ModelSerializer):
|
||||
else:
|
||||
return obj.active
|
||||
|
||||
class UserSerializer(BaseSerializer):
|
||||
|
||||
password = serializers.WritableField(required=False, default='')
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ('id', 'url', 'related', 'created', 'username', 'first_name',
|
||||
'last_name', 'email', 'is_active', 'is_superuser',
|
||||
'password')
|
||||
|
||||
def to_native(self, obj):
|
||||
ret = super(UserSerializer, self).to_native(obj)
|
||||
ret.pop('password', None)
|
||||
ret.fields.pop('password', None)
|
||||
return ret
|
||||
|
||||
def get_validation_exclusions(self):
|
||||
ret = super(UserSerializer, self).get_validation_exclusions()
|
||||
ret.append('password')
|
||||
return ret
|
||||
|
||||
def restore_object(self, attrs, instance=None):
|
||||
new_password = attrs.pop('password', None)
|
||||
instance = super(UserSerializer, self).restore_object(attrs, instance)
|
||||
instance._new_password = new_password
|
||||
return instance
|
||||
|
||||
def save_object(self, obj, **kwargs):
|
||||
new_password = getattr(obj, '_new_password', None)
|
||||
if new_password:
|
||||
obj.set_password(new_password)
|
||||
if not obj.password:
|
||||
obj.set_unusable_password()
|
||||
return super(UserSerializer, self).save_object(obj, **kwargs)
|
||||
|
||||
def get_related(self, obj):
|
||||
res = super(UserSerializer, self).get_related(obj)
|
||||
res.update(dict(
|
||||
teams = reverse('main:user_teams_list', args=(obj.pk,)),
|
||||
organizations = reverse('main:user_organizations_list', args=(obj.pk,)),
|
||||
admin_of_organizations = reverse('main:user_admin_of_organizations_list', args=(obj.pk,)),
|
||||
projects = reverse('main:user_projects_list', args=(obj.pk,)),
|
||||
credentials = reverse('main:user_credentials_list', args=(obj.pk,)),
|
||||
permissions = reverse('main:user_permissions_list', args=(obj.pk,)),
|
||||
))
|
||||
return res
|
||||
|
||||
class OrganizationSerializer(BaseSerializer):
|
||||
|
||||
class Meta:
|
||||
@ -320,27 +367,6 @@ class CredentialSerializer(BaseSerializer):
|
||||
raise serializers.ValidationError("team cannot be changed")
|
||||
return attrs
|
||||
|
||||
class UserSerializer(BaseSerializer):
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ('id', 'url', 'related', 'created', 'username', 'first_name',
|
||||
'last_name', 'email', 'is_active', 'is_superuser',)
|
||||
|
||||
# FIXME: Add password as write-only serializer field.
|
||||
|
||||
def get_related(self, obj):
|
||||
res = super(UserSerializer, self).get_related(obj)
|
||||
res.update(dict(
|
||||
teams = reverse('main:user_teams_list', args=(obj.pk,)),
|
||||
organizations = reverse('main:user_organizations_list', args=(obj.pk,)),
|
||||
admin_of_organizations = reverse('main:user_admin_of_organizations_list', args=(obj.pk,)),
|
||||
projects = reverse('main:user_projects_list', args=(obj.pk,)),
|
||||
credentials = reverse('main:user_credentials_list', args=(obj.pk,)),
|
||||
permissions = reverse('main:user_permissions_list', args=(obj.pk,)),
|
||||
))
|
||||
return res
|
||||
|
||||
class JobTemplateSerializer(BaseSerializer):
|
||||
|
||||
class Meta:
|
||||
|
@ -310,16 +310,6 @@ class UserList(ListCreateAPIView):
|
||||
model = User
|
||||
serializer_class = UserSerializer
|
||||
|
||||
def create(self, request, *args, **kwargs):
|
||||
password = request.DATA.get('password', None)
|
||||
response = super(UserList, self).create(request, *args, **kwargs)
|
||||
if password:
|
||||
pk = response.data['id']
|
||||
user = User.objects.get(pk=pk)
|
||||
user.set_password(password)
|
||||
user.save()
|
||||
return response
|
||||
|
||||
class UserMeList(ListAPIView):
|
||||
|
||||
model = User
|
||||
@ -408,11 +398,6 @@ class UserDetail(RetrieveUpdateDestroyAPIView):
|
||||
if changed:
|
||||
raise PermissionDenied('Cannot change %s' % ', '.join(changed.keys()))
|
||||
|
||||
new_password = request.DATA.get('password', '')
|
||||
if can_change and new_password:
|
||||
obj.set_password(new_password)
|
||||
obj.save()
|
||||
|
||||
class CredentialList(ListAPIView):
|
||||
|
||||
model = Credential
|
||||
|
Loading…
Reference in New Issue
Block a user