Merge pull request EGCETSII#36 from Full-Tortuga/feature/EGCETSII#31-…

…Acciones-estado-usuario Feature/EGCETSII#31 acciones estado usuario
Full-Tortuga · Dec 19, 2021 · d70ec58 · d70ec58
2 parents a575a33 + 57e5874
commit d70ec58
Show file tree

Hide file tree

Showing 5 changed files with 66 additions and 26 deletions.
diff --git a/decide/administration/serializers.py b/decide/administration/serializers.py
@@ -0,0 +1,15 @@
+from rest_framework import serializers
+
+from django.contrib.auth.models import User
+
+
+class UserAdminSerializer(serializers.HyperlinkedModelSerializer):
+    class Meta:
+        model = User
+        fields = ('id', 'username', 'first_name', 'last_name', 'email', 'is_active', 'is_staff', 'is_superuser')
+
+
+class UserSerializer(serializers.HyperlinkedModelSerializer):
+    class Meta:
+        model = User
+        fields = ('id', 'username', 'first_name', 'last_name', 'email', 'password')
diff --git a/decide/administration/urls.py b/decide/administration/urls.py
@@ -13,6 +13,7 @@
     path('api/base/auth/<int:auth_id>', views.AuthAPI.as_view()),
     path('api/base/key', views.KeysAPI.as_view()),
     path('api/base/key/<int:key_id>', views.KeyAPI.as_view()),
+    path('api/users/state', views.UpdateUserStateAPI.as_view()),
 
     # match react-app routed pages
     re_path(r'(^(?!(api)).*$)', views.index),

diff --git a/decide/administration/views.py b/decide/administration/views.py
@@ -1,6 +1,4 @@
 from django.shortcuts import render
-from base import serializers
-from base.mods import query
 from rest_framework.status import *
 from django.contrib.auth.models import User
 from django.core.exceptions import ObjectDoesNotExist
@@ -10,15 +8,11 @@
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from base.models import Auth, Key
-from rest_framework.renderers import JSONRenderer
 
-from authentication.serializers import UserSerializer
+from administration.serializers import UserAdminSerializer, UserSerializer
 from base.serializers import AuthSerializer, KeySerializer
 from base.perms import IsAdminAPI
-
-import json
-
-from utils.database import bulk_delete
+from utils.utils import get_ids, is_valid
 
 
 def index(request):
@@ -45,7 +39,10 @@ def delete(self, request):
             Auth.objects.all().delete()
             return Response({}, status=HTTP_200_OK)
         else:
-            return bulk_delete(request.data["idList"], 'base_auth')
+            ids = get_ids(request.data["idList"])
+            is_valid(len(ids) > 0, 'The format of the ids list is not correct')
+            Auth.objects.filter(id__in=ids).delete()
+            return Response({}, status=HTTP_200_OK)
 
 
 class AuthAPI(APIView):
@@ -96,7 +93,10 @@ def delete(self, request):
             Key.objects.all().delete()
             return Response({}, status=HTTP_200_OK)
         else:
-            return bulk_delete(request.data["idList"], 'base_auth')
+            ids = get_ids(request.data["idList"])
+            is_valid(len(ids) > 0, 'The format of the ids list is not correct')
+            Key.objects.filter(id__in=ids).delete()
+            return Response({}, status=HTTP_200_OK)
 
 
 class KeyAPI(APIView):
@@ -132,7 +132,7 @@ class UsersAPI(APIView):
 
     def get(self, request):
         query = User.objects.all()
-        rest = UserSerializer(query, many=True).data
+        rest = UserAdminSerializer(query, many=True).data
         return Response(rest, status=HTTP_200_OK)
 
     def post(self, request):
@@ -152,7 +152,10 @@ def delete(self, request):
             User.objects.all().filter(is_superuser=False).delete()
             return Response({}, status=HTTP_200_OK)
         else:
-            return bulk_delete(request.data["idList"], 'auth_user')
+            ids = get_ids(request.data["idList"])
+            is_valid(len(ids) > 0, 'The format of the ids list is not correct')
+            User.objects.filter(id__in=ids).delete()
+            return Response({}, status=HTTP_200_OK)
 
 
 class UserAPI(APIView):
@@ -163,7 +166,7 @@ def get(self, request, user_id):
             query = User.objects.filter(id=user_id).get()
         except ObjectDoesNotExist:
             return Response({}, status=HTTP_404_NOT_FOUND)
-        rest = UserSerializer(query).data
+        rest = UserAdminSerializer(query).data
         return Response(rest, status=HTTP_200_OK)
 
     def put(self, request, user_id):
@@ -207,3 +210,27 @@ def get(self, request):
         response = Response({}, status=HTTP_200_OK)
         response.delete_cookie('token')
         return response
+
+
+class UpdateUserStateAPI(APIView):
+    permission_classes = (IsAdminAPI,)
+
+    def post(self, request):
+        ids = get_ids(request.data["idList"])
+        state = request.data['state']
+        value = request.data['value']
+        is_valid(len(ids) > 0, 'The format of the ids list is not correct')
+        is_valid(value == 'True' or value == 'False', 'The field value must be True or False')
+        res = Response({}, status=HTTP_200_OK)
+        if state == 'Active':
+            users = User.objects.filter(id__in=ids)
+            users.update(is_active=value)
+        elif state == 'Staff':
+            users = User.objects.filter(id__in=ids)
+            users.update(is_staff=value)
+        elif state == 'Superuser':
+            users = User.objects.filter(id__in=ids)
+            users.update(is_superuser=value)
+        else:
+            res = Response({"result": "The field state must be Active, Staff or Superuser"}, status=HTTP_400_BAD_REQUEST)
+        return res
diff --git a/decide/utils/database.py b/decide/utils/database.py
diff --git a/decide/utils/utils.py b/decide/utils/utils.py
@@ -0,0 +1,10 @@
+from rest_framework.exceptions import ValidationError
+
+
+def get_ids(ids):
+    return [i for i in ids.split(",") if str.isdigit(i)]
+
+
+def is_valid(expression, msg):
+    if not expression:
+        raise ValidationError(msg)