Merge branch 'feature/nextcloud-user-apis' into 'master'

Add APIs for NextCloud user sync See merge request !1098

Merge branch 'feature/nextcloud-user-apis' into 'master'
Add APIs for NextCloud user sync See merge request !1098
394ac9c8 · Joren Vrancken · bf0846cd · d5d50074 · 394ac9c8 · 394ac9c8
Commit 394ac9c8 authored Dec 16, 2018 by Joren Vrancken
--- a/docs/activemembers.api.rst
+++ b/docs/activemembers.api.rst
+activemembers.api package
+=========================
+.. automodule:: activemembers.api
+    :members:
+    :undoc-members:
+    :show-inheritance:
+Submodules
+----------
+activemembers.api.permissions module
+------------------------------------
+.. automodule:: activemembers.api.permissions
+    :members:
+    :undoc-members:
+    :show-inheritance:
+activemembers.api.serializers module
+------------------------------------
+.. automodule:: activemembers.api.serializers
+    :members:
+    :undoc-members:
+    :show-inheritance:
+activemembers.api.urls module
+-----------------------------
+.. automodule:: activemembers.api.urls
+    :members:
+    :undoc-members:
+    :show-inheritance:
+activemembers.api.views module
+------------------------------
+.. automodule:: activemembers.api.views
+    :members:
+    :undoc-members:
+    :show-inheritance:
--- a/docs/activemembers.rst
+++ b/docs/activemembers.rst
@@ -6,6 +6,13 @@ activemembers package
    :undoc-members:
    :show-inheritance:
+Subpackages
+-----------
+.. toctree::
+    activemembers.api
 Submodules
 ----------

--- a/website/activemembers/api/__init__.py
+++ b/website/activemembers/api/__init__.py
--- a/website/activemembers/api/permissions.py
+++ b/website/activemembers/api/permissions.py
+from django.conf import settings
+from rest_framework import permissions
+class NextCloudPermission(permissions.BasePermission):
+    """
+    Permission check for Nextcloud secret key
+    """
+    def has_permission(self, request, view):
+        if 'HTTP_AUTHORIZATION' in request.META:
+            token = request.META['HTTP_AUTHORIZATION']
+            return token == ('Secret ' +
+                             settings.ACTIVEMEMBERS_NEXTCLOUD_API_SECRET)
+        return request.user.is_superuser
--- a/website/activemembers/api/serializers.py
+++ b/website/activemembers/api/serializers.py
+from rest_framework import serializers
+from activemembers.models import MemberGroup, MemberGroupMembership
+from members.models import Member
+class NextCloudMemberSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Member
+        fields = ('pk', 'username', 'first_name',
+                  'last_name', 'is_superuser', 'email')
+class NextCloudGroupSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = MemberGroup
+        fields = ('pk', 'name', 'members')
+    members = serializers.SerializerMethodField()
+    def get_members(self, obj):
+        return (MemberGroupMembership.active_objects.filter(group=obj)
+                .values_list('member__username', flat=True))
--- a/website/activemembers/api/urls.py
+++ b/website/activemembers/api/urls.py
+from django.urls import path
+from activemembers.api import views
+urlpatterns = [
+    path('activemembers/nextcloud/users', views.NextCloudUsersView.as_view()),
+    path('activemembers/nextcloud/groups', views.NextCloudGroupsView.as_view()),
+]
--- a/website/activemembers/api/views.py
+++ b/website/activemembers/api/views.py
+from rest_framework.generics import ListAPIView
+from activemembers.api.permissions import NextCloudPermission
+from activemembers.api.serializers import (
+    NextCloudMemberSerializer,
+    NextCloudGroupSerializer
+)
+from activemembers.models import MemberGroupMembership, MemberGroup
+from members.models import Member
+class NextCloudUsersView(ListAPIView):
+    permission_classes = [NextCloudPermission]
+    queryset = Member.current_members.filter(
+        pk__in=MemberGroupMembership.active_objects.values_list(
+            'member_id', flat=True)
+    )
+    serializer_class = NextCloudMemberSerializer
+class NextCloudGroupsView(ListAPIView):
+    permission_classes = [NextCloudPermission]
+    queryset = MemberGroup.objects.all()
+    serializer_class = NextCloudGroupSerializer
--- a/website/members/api/urls.py
+++ b/website/members/api/urls.py
@@ -6,5 +6,5 @@ from members.api import viewsets, views
 router = routers.SimpleRouter()
 router.register(r'members', viewsets.MemberViewset)
 urlpatterns = router.urls + [
-    path('sentry-access/', views.SentryIdentityView.as_view())
+    path('sentry-access/', views.SentryIdentityView.as_view()),
 ]
--- a/website/thaliawebsite/settings/production.py
+++ b/website/thaliawebsite/settings/production.py
@@ -79,6 +79,8 @@ WIKI_API_KEY = os.environ.get('WIKI_API_KEY', 'changeme')
 MIGRATION_KEY = os.environ.get('MIGRATION_KEY')
 MAILINGLIST_API_SECRET = os.environ.get('MAILINGLIST_API_SECRET', '')
 MEMBERS_SENTRY_API_SECRET = os.environ.get('MEMBERS_SENTRY_API_SECRET', '')
+ACTIVEMEMBERS_NEXTCLOUD_API_SECRET = os.environ.get(
+    'ACTIVEMEMBERS_NEXTCLOUD_API_SECRET', '')
 GOOGLE_MAPS_API_KEY = os.environ.get('GOOGLE_MAPS_API_KEY', '')
 GOOGLE_MAPS_API_SECRET = os.environ.get('GOOGLE_MAPS_API_SECRET', '')

--- a/website/thaliawebsite/settings/settings.py
+++ b/website/thaliawebsite/settings/settings.py
@@ -283,6 +283,9 @@ MAILINGLIST_API_SECRET = ''
 # Members Sentry API key
 MEMBERS_SENTRY_API_SECRET = ''
+# Activemembers NextCloud API key
+ACTIVEMEMBERS_NEXTCLOUD_API_SECRET = ''
 # Google maps API key and secrets
 GOOGLE_MAPS_API_KEY = ''
 GOOGLE_MAPS_API_SECRET = ''

--- a/website/thaliawebsite/urls.py
+++ b/website/thaliawebsite/urls.py
@@ -104,6 +104,7 @@ urlpatterns = [  # pylint: disable=invalid-name
        url(r'wikilogin', views.wiki_login),
        url(r'^v1/', include([
            url(r'^token-auth', ObtainThaliaAuthToken.as_view()),
+            url(r'^', include('activemembers.api.urls')),
            url(r'^', include('events.api.urls')),
            url(r'^', include('members.api.urls')),
            url(r'^', include('partners.api.urls')),