api: expose role slugs (#7180)
This commit is contained in:
parent
6a25e750d0
commit
82124a4edd
|
@ -100,19 +100,21 @@ La liste des catégories est disponible à l'URL <code>/categories</code>.
|
|||
<title>Rôles</title>
|
||||
|
||||
<p>
|
||||
La liste des rôles est disponible à l'URL <code>/roles</code>.
|
||||
La liste des rôles est disponible à l'URL <code>/api/roles</code>.
|
||||
</p>
|
||||
|
||||
<screen>
|
||||
<output style="prompt">$ </output><input>curl -H "Accept: application/json" \
|
||||
https://www.example.net/roles</input>
|
||||
https://www.example.net/api/roles</input>
|
||||
<output>
|
||||
{"data":
|
||||
[
|
||||
{"id": 1,
|
||||
"text": "Gestionnaires formulaires"},
|
||||
"text": "Gestionnaires formulaires",
|
||||
"slug": "gestionnaires-formulaires"},
|
||||
{"id": 2,
|
||||
"text": "Usagers privilégiés"}
|
||||
"text": "Usagers privilégiés",
|
||||
"slug": "usagers-privilegies"}
|
||||
]
|
||||
}
|
||||
</output>
|
||||
|
|
|
@ -377,3 +377,17 @@ def test_api_list_formdata(local_user):
|
|||
assert len(resp.json) == 20
|
||||
resp = get_app(pub).get(sign_uri('/api/forms/test/list?filter=all', user=local_user))
|
||||
assert len(resp.json) == 30
|
||||
|
||||
def test_roles(local_user):
|
||||
Role.wipe()
|
||||
role = Role(name='Hello World')
|
||||
role.store()
|
||||
|
||||
resp = get_app(pub).get(sign_uri('/api/roles', user=local_user), headers={'Accept': 'application/json'})
|
||||
assert resp.json['data'][0]['text'] == 'Hello World'
|
||||
assert resp.json['data'][0]['slug'] == 'hello-world'
|
||||
|
||||
# also check old endpoint, for compatibility
|
||||
resp = get_app(pub).get(sign_uri('/roles', user=local_user), headers={'Accept': 'application/json'})
|
||||
assert resp.json['data'][0]['text'] == 'Hello World'
|
||||
assert resp.json['data'][0]['slug'] == 'hello-world'
|
||||
|
|
19
wcs/api.py
19
wcs/api.py
|
@ -17,6 +17,7 @@
|
|||
import base64
|
||||
import hmac
|
||||
import hashlib
|
||||
import json
|
||||
import datetime
|
||||
import urllib
|
||||
import urllib2
|
||||
|
@ -28,6 +29,7 @@ from quixote.directory import Directory
|
|||
from qommon.errors import AccessForbiddenError, QueryError, TraversalError
|
||||
|
||||
from wcs.formdef import FormDef
|
||||
from wcs.roles import Role
|
||||
|
||||
|
||||
def get_user_from_api_query_string():
|
||||
|
@ -152,7 +154,7 @@ class ApiFormsDirectory(Directory):
|
|||
|
||||
|
||||
class ApiDirectory(Directory):
|
||||
_q_exports = ['forms', ('reverse-geocoding', 'reverse_geocoding')]
|
||||
_q_exports = ['forms', 'roles', ('reverse-geocoding', 'reverse_geocoding')]
|
||||
|
||||
forms = ApiFormsDirectory()
|
||||
|
||||
|
@ -168,3 +170,18 @@ class ApiDirectory(Directory):
|
|||
get_response().set_content_type('application/json')
|
||||
return urllib2.urlopen('%s/reverse?format=json&zoom=18&addressdetails=1&lat=%s&lon=%s' % (
|
||||
nominatim_url, lat, lon)).read()
|
||||
|
||||
def roles(self):
|
||||
get_response().set_content_type('application/json')
|
||||
if not (get_request().user and get_request().user.can_go_in_admin()) and \
|
||||
not get_user_from_api_query_string():
|
||||
raise errors.AccessForbiddenError()
|
||||
list_roles = []
|
||||
charset = get_publisher().site_charset
|
||||
for role in Role.select():
|
||||
list_roles.append({'text': unicode(role.name, charset),
|
||||
'allows_backoffice_access': role.allows_backoffice_access,
|
||||
'slug': role.slug,
|
||||
'id': role.id})
|
||||
get_response().set_content_type('application/json')
|
||||
return json.dumps({'data': list_roles})
|
||||
|
|
14
wcs/root.py
14
wcs/root.py
|
@ -301,20 +301,10 @@ class RootDirectory(Directory):
|
|||
return json.dumps(user_info)
|
||||
|
||||
def roles(self):
|
||||
# endpoint for backward compatibility, new code should call /api/roles
|
||||
if not get_request().is_json():
|
||||
return redirect('/')
|
||||
get_response().set_content_type('application/json')
|
||||
if not (get_request().user and get_request().user.can_go_in_admin()) and \
|
||||
not get_user_from_api_query_string():
|
||||
raise errors.AccessForbiddenError()
|
||||
list_roles = []
|
||||
charset = get_publisher().site_charset
|
||||
for role in Role.select():
|
||||
list_roles.append({'text': unicode(role.name, charset),
|
||||
'allows_backoffice_access': role.allows_backoffice_access,
|
||||
'id': role.id})
|
||||
get_response().set_content_type('application/json')
|
||||
return json.dumps({'data': list_roles})
|
||||
return self.api.roles()
|
||||
|
||||
def tmp_upload(self):
|
||||
results = []
|
||||
|
|
Loading…
Reference in New Issue