1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 15:21:13 +03:00

Fix for AC-257. Handle setting/updating password through UserSerializer.

This commit is contained in:
Chris Church 2013-07-25 15:20:44 -04:00
parent 7fc08767f6
commit 9916a5eefb
2 changed files with 47 additions and 36 deletions

View File

@ -84,6 +84,53 @@ class BaseSerializer(serializers.ModelSerializer):
else:
return obj.active
class UserSerializer(BaseSerializer):
password = serializers.WritableField(required=False, default='')
class Meta:
model = User
fields = ('id', 'url', 'related', 'created', 'username', 'first_name',
'last_name', 'email', 'is_active', 'is_superuser',
'password')
def to_native(self, obj):
ret = super(UserSerializer, self).to_native(obj)
ret.pop('password', None)
ret.fields.pop('password', None)
return ret
def get_validation_exclusions(self):
ret = super(UserSerializer, self).get_validation_exclusions()
ret.append('password')
return ret
def restore_object(self, attrs, instance=None):
new_password = attrs.pop('password', None)
instance = super(UserSerializer, self).restore_object(attrs, instance)
instance._new_password = new_password
return instance
def save_object(self, obj, **kwargs):
new_password = getattr(obj, '_new_password', None)
if new_password:
obj.set_password(new_password)
if not obj.password:
obj.set_unusable_password()
return super(UserSerializer, self).save_object(obj, **kwargs)
def get_related(self, obj):
res = super(UserSerializer, self).get_related(obj)
res.update(dict(
teams = reverse('main:user_teams_list', args=(obj.pk,)),
organizations = reverse('main:user_organizations_list', args=(obj.pk,)),
admin_of_organizations = reverse('main:user_admin_of_organizations_list', args=(obj.pk,)),
projects = reverse('main:user_projects_list', args=(obj.pk,)),
credentials = reverse('main:user_credentials_list', args=(obj.pk,)),
permissions = reverse('main:user_permissions_list', args=(obj.pk,)),
))
return res
class OrganizationSerializer(BaseSerializer):
class Meta:
@ -320,27 +367,6 @@ class CredentialSerializer(BaseSerializer):
raise serializers.ValidationError("team cannot be changed")
return attrs
class UserSerializer(BaseSerializer):
class Meta:
model = User
fields = ('id', 'url', 'related', 'created', 'username', 'first_name',
'last_name', 'email', 'is_active', 'is_superuser',)
# FIXME: Add password as write-only serializer field.
def get_related(self, obj):
res = super(UserSerializer, self).get_related(obj)
res.update(dict(
teams = reverse('main:user_teams_list', args=(obj.pk,)),
organizations = reverse('main:user_organizations_list', args=(obj.pk,)),
admin_of_organizations = reverse('main:user_admin_of_organizations_list', args=(obj.pk,)),
projects = reverse('main:user_projects_list', args=(obj.pk,)),
credentials = reverse('main:user_credentials_list', args=(obj.pk,)),
permissions = reverse('main:user_permissions_list', args=(obj.pk,)),
))
return res
class JobTemplateSerializer(BaseSerializer):
class Meta:

View File

@ -310,16 +310,6 @@ class UserList(ListCreateAPIView):
model = User
serializer_class = UserSerializer
def create(self, request, *args, **kwargs):
password = request.DATA.get('password', None)
response = super(UserList, self).create(request, *args, **kwargs)
if password:
pk = response.data['id']
user = User.objects.get(pk=pk)
user.set_password(password)
user.save()
return response
class UserMeList(ListAPIView):
model = User
@ -408,11 +398,6 @@ class UserDetail(RetrieveUpdateDestroyAPIView):
if changed:
raise PermissionDenied('Cannot change %s' % ', '.join(changed.keys()))
new_password = request.DATA.get('password', '')
if can_change and new_password:
obj.set_password(new_password)
obj.save()
class CredentialList(ListAPIView):
model = Credential