api: add possibility to get to user API through /api/users/{user_id}
This commit is contained in:
parent
5843ad8f33
commit
f0e88b1cc3
|
@ -408,9 +408,10 @@ def test_user_forms(local_user):
|
|||
|
||||
resp = get_app(pub).get(sign_uri('/api/user/forms', user=local_user))
|
||||
resp2 = get_app(pub).get(sign_uri('/myspace/forms', user=local_user))
|
||||
resp3 = get_app(pub).get(sign_uri('/api/users/%s/forms' % local_user.id))
|
||||
assert len(resp.json) == 1
|
||||
assert resp.json[0]['form_status'] == 'New'
|
||||
assert resp.json == resp2.json
|
||||
assert resp.json == resp2.json == resp3.json
|
||||
|
||||
resp = get_app(pub).get(sign_uri('/api/user/forms?full=on', user=local_user))
|
||||
assert resp.json[0]['fields']['foobar'] == 'foo@localhost'
|
||||
|
|
15
wcs/api.py
15
wcs/api.py
|
@ -348,9 +348,12 @@ class ApiCategoriesDirectory(RootDirectory):
|
|||
class ApiUserDirectory(Directory):
|
||||
_q_exports = ['', 'forms', 'drafts']
|
||||
|
||||
def __init__(self, user=None):
|
||||
self.user = user
|
||||
|
||||
def _q_index(self):
|
||||
get_response().set_content_type('application/json')
|
||||
user = get_user_from_api_query_string() or get_request().user
|
||||
user = self.user or get_user_from_api_query_string() or get_request().user
|
||||
if not user:
|
||||
raise AccessForbiddenError('no user specified')
|
||||
user_info = user.get_substitution_variables(prefix='')
|
||||
|
@ -376,7 +379,7 @@ class ApiUserDirectory(Directory):
|
|||
|
||||
def drafts(self):
|
||||
get_response().set_content_type('application/json')
|
||||
user = get_user_from_api_query_string() or get_request().user
|
||||
user = self.user or get_user_from_api_query_string() or get_request().user
|
||||
if not user:
|
||||
raise AccessForbiddenError()
|
||||
drafts = []
|
||||
|
@ -400,7 +403,7 @@ class ApiUserDirectory(Directory):
|
|||
|
||||
def forms(self):
|
||||
get_response().set_content_type('application/json')
|
||||
user = get_user_from_api_query_string() or get_request().user
|
||||
user = self.user or get_user_from_api_query_string() or get_request().user
|
||||
if not user:
|
||||
raise AccessForbiddenError()
|
||||
forms = []
|
||||
|
@ -462,6 +465,12 @@ class ApiUsersDirectory(Directory):
|
|||
data = [as_dict(x) for x in users]
|
||||
return json.dumps({'data': data, 'err': 0})
|
||||
|
||||
def _q_lookup(self, component):
|
||||
if not (is_url_signed() or (
|
||||
get_request().user and get_request().user.can_go_in_admin())):
|
||||
raise AccessForbiddenError()
|
||||
return ApiUserDirectory(get_publisher().user_class.get(component))
|
||||
|
||||
|
||||
class ApiDirectory(Directory):
|
||||
_q_exports = ['forms', 'roles', ('reverse-geocoding', 'reverse_geocoding'),
|
||||
|
|
Loading…
Reference in New Issue