Create/Remove users associated with groups

fao89 · fao89 · commit 0086ec2a9086 · 2020-08-13T16:23:28.000-03:00
https://pulp.plan.io/issues/7310 closes #7310
diff --git a/CHANGES/7310.feature b/CHANGES/7310.feature
@@ -0,0 +1,3 @@
+Extended endpoint `/pulp/api/v3/groups/:pk/users` to add and remove users from a group.
+
+NOTE: this endpoint is in tech-preview and may change in backwards incompatible ways in the future.
diff --git a/CHANGES/7311.feature b/CHANGES/7311.feature
@@ -1,4 +1,4 @@
-The `/pulp/api/v3/groups/:pk/permissions` endpoint is available for posting and deleting
-permissions.
+Extended endpoints `/pulp/api/v3/groups/:pk/model_permissions` and
+`/pulp/api/v3/groups/:pk/object_permissions` to add and remove permissions from a group.
 
 NOTE: this endpoint is in tech-preview and may change in backwards incompatible ways in the future.
diff --git a/pulpcore/app/serializers/user.py b/pulpcore/app/serializers/user.py
@@ -2,6 +2,8 @@
 
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Group, Permission
+from django.urls import reverse
+from guardian.models.models import GroupObjectPermission
 from rest_framework import serializers
 
 from pulpcore.app.serializers import IdentityField
@@ -27,15 +29,39 @@ def to_representation(self, obj):
             return serializer.data.get("pulp_href")
 
 
-class ObjectPermissionSerializer(serializers.Serializer):
-    """Serializer for user/group object permission."""
+class PermissionSerializer(serializers.Serializer):
+    """Serializer for User/Group object permission."""
 
+    pulp_href = serializers.SerializerMethodField(read_only=True)
+    id = serializers.SerializerMethodField(read_only=True)
     permission = PermissionField(source="*", read_only=True)
     obj = ContentObjectField(help_text=_("Content object."), source="*", read_only=True)
 
+    def get_id(self, obj):
+        """Get model/object permission id."""
+        return obj.id
+
+    def get_pulp_href(self, obj):
+        """Get model/object permission pulp_href."""
+        group_pk = self.context.get("group_pk")
+
+        if group_pk and isinstance(obj, Permission):
+            return reverse("model_permissions-detail", args=[group_pk, obj.pk])
+
+        if group_pk and isinstance(obj, GroupObjectPermission):
+            return reverse("object_permissions-detail", args=[group_pk, obj.pk])
+
+    def to_representation(self, obj):
+        representation = super().to_representation(obj)
+
+        if not self.context.get("group_pk"):
+            representation.pop("pulp_href")
+
+        return representation
+
 
 class UserGroupSerializer(serializers.ModelSerializer):
-    """Serializer for user groups."""
+    """Serializer for Groups that belong to an User."""
 
     name = serializers.CharField(help_text=_("Name."), max_length=150,)
     pulp_href = IdentityField(view_name="groups-detail")
@@ -46,7 +72,7 @@ class Meta:
 
 
 class UserSerializer(serializers.ModelSerializer):
-    """Serializer for user."""
+    """Serializer for User."""
 
     pulp_href = IdentityField(view_name="users-detail")
     id = serializers.IntegerField(read_only=True)
@@ -83,7 +109,7 @@ class Meta:
 
 
 class GroupUserSerializer(serializers.ModelSerializer):
-    """Serializer for group users."""
+    """Serializer for Users that belong to a Group."""
 
     username = serializers.CharField(
         help_text=_("Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only."),
@@ -97,7 +123,7 @@ class Meta:
 
 
 class GroupSerializer(serializers.ModelSerializer):
-    """Serializer for group."""
+    """Serializer for Group."""
 
     pulp_href = IdentityField(view_name="groups-detail")
     id = serializers.IntegerField(read_only=True)
@@ -106,17 +132,3 @@ class GroupSerializer(serializers.ModelSerializer):
     class Meta:
         model = Group
         fields = ("name", "pulp_href", "id")
-
-
-class PermissionSerializer(serializers.ModelSerializer):
-    """Serializer for group."""
-
-    pulp_href = IdentityField(view_name="permissions-detail")
-    id = serializers.IntegerField(read_only=True)
-    name = serializers.CharField(help_text=_("Name"), max_length=255)
-    codename = serializers.CharField(help_text=_("Codename"), max_length=100)
-    content_type_id = serializers.IntegerField(help_text=_("Content type id"))
-
-    class Meta:
-        model = Permission
-        fields = ("pulp_href", "id", "name", "codename", "content_type_id")
diff --git a/pulpcore/app/viewsets/__init__.py b/pulpcore/app/viewsets/__init__.py
@@ -49,4 +49,10 @@
 )
 from .task import TaskViewSet, TaskGroupViewSet, WorkerViewSet  # noqa
 from .upload import UploadViewSet  # noqa
-from .user import GroupViewSet, PermissionViewSet, UserViewSet  # noqa
+from .user import (  # noqa
+    GroupViewSet,
+    GroupUserViewSet,
+    GroupModelPermissionViewSet,
+    GroupObjectPermissionViewSet,
+    UserViewSet,
+)
diff --git a/pulpcore/app/viewsets/user.py b/pulpcore/app/viewsets/user.py

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+Extended endpoint `/pulp/api/v3/groups/:pk/users` to add and remove users from a group.
	`2`	`+`
	`3`	`+NOTE: this endpoint is in tech-preview and may change in backwards incompatible ways in the future.`