|
1
|
|
|
from django.http import Http404 |
|
2
|
|
|
|
|
3
|
|
|
from rest_framework import viewsets, decorators, status |
|
4
|
|
|
from rest_framework.response import Response |
|
5
|
|
|
from dry_rest_permissions.generics import DRYPermissions |
|
6
|
|
|
|
|
7
|
|
|
from sigma_core.models.user import User |
|
8
|
|
|
from sigma_core.serializers.user import UserSerializer |
|
9
|
|
|
|
|
10
|
|
|
|
|
11
|
|
|
class UserViewSet(viewsets.ModelViewSet): |
|
12
|
|
|
permission_classes = (DRYPermissions, ) |
|
13
|
|
|
queryset = User.objects.all() |
|
14
|
|
|
serializer_class = UserSerializer |
|
15
|
|
|
|
|
16
|
|
|
def update(self, request, pk=None): |
|
17
|
|
|
try: |
|
18
|
|
|
user = User.objects.get(pk=pk) |
|
19
|
|
|
except User.DoesNotExist: |
|
20
|
|
|
return Http404() |
|
21
|
|
|
|
|
22
|
|
|
if (request.data['lastname'] != user.lastname or request.data['firstname'] != user.firstname): |
|
23
|
|
|
if not (request.user.is_staff or request.user.is_superuser): |
|
24
|
|
|
return Response('You cannot change your lastname or firstname', status=status.HTTP_400_BAD_REQUEST) |
|
25
|
|
|
|
|
26
|
|
|
return super(UserViewSet, self).update(request, pk) |
|
27
|
|
|
|
|
28
|
|
|
@decorators.list_route(methods=['get']) |
|
29
|
|
|
def me(self, request): |
|
30
|
|
|
""" |
|
31
|
|
|
Gives the data of the current user |
|
32
|
|
|
""" |
|
33
|
|
|
if request.user.__class__.__name__ == 'AnonymousUser': |
|
34
|
|
|
return Response(status=status.HTTP_401_UNAUTHORIZED) |
|
35
|
|
|
else: |
|
36
|
|
|
serializer = self.get_serializer_class()(request.user, context={'request': request}) |
|
37
|
|
|
return Response(serializer.data) |
|
38
|
|
|
|
ProjetSigma /
backend
