Add APIs for NextCloud user sync

51c7665c · Sébastiaan Versteeg · bf0846cd · 51c7665c · 51c7665c · 51c7665c
Verified Commit 51c7665c authored Dec 14, 2018 by Sébastiaan Versteeg
--- a/docs/activemembers.api.rst
+++ b/docs/activemembers.api.rst
+activemembers.api package
+=========================
+
+.. automodule:: activemembers.api
+    :members:
+    :undoc-members:
+    :show-inheritance:
+
+Submodules
+----------
+
+activemembers.api.permissions module
+------------------------------------
+
+.. automodule:: activemembers.api.permissions
+    :members:
+    :undoc-members:
+    :show-inheritance:
+
+activemembers.api.serializers module
+------------------------------------
+
+.. automodule:: activemembers.api.serializers
+    :members:
+    :undoc-members:
+    :show-inheritance:
+
+activemembers.api.urls module
+-----------------------------
+
+.. automodule:: activemembers.api.urls
+    :members:
+    :undoc-members:
+    :show-inheritance:
+
+activemembers.api.views module
+------------------------------
+
+.. automodule:: activemembers.api.views
+    :members:
+    :undoc-members:
+    :show-inheritance:
+
+
--- a/docs/activemembers.rst
+++ b/docs/activemembers.rst
@@ -6,6 +6,13 @@ activemembers package
    :undoc-members:
    :show-inheritance:

+Subpackages
+-----------
+
+.. toctree::
+
+    activemembers.api
+
 Submodules
 ----------


--- a/website/activemembers/api/__init__.py
+++ b/website/activemembers/api/__init__.py
--- a/website/activemembers/api/permissions.py
+++ b/website/activemembers/api/permissions.py
+from django.conf import settings
+
+from rest_framework import permissions
+
+
+class NextCloudPermission(permissions.BasePermission):
+    """
+    Permission check for Nextcloud secret key
+    """
+
+    def has_permission(self, request, view):
+        if 'HTTP_AUTHORIZATION' in request.META:
+            token = request.META['HTTP_AUTHORIZATION']
+            return token == ('Secret ' +
+                             settings.ACTIVEMEMBERS_NEXTCLOUD_API_SECRET)
+        return request.user.is_superuser
--- a/website/activemembers/api/serializers.py
+++ b/website/activemembers/api/serializers.py
+from rest_framework import serializers
+
+from activemembers.models import MemberGroup
+from members.models import Member
+
+
+class NextCloudMemberSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Member
+        fields = ('pk', 'username', 'first_name',
+                  'last_name', 'is_superuser', 'email')
+
+
+class NextCloudGroupSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = MemberGroup
+        fields = ('pk', 'name', 'members')
+
+    members = serializers.SlugRelatedField(
+        many=True,
+        read_only=True,
+        slug_field='username'
+    )
--- a/website/activemembers/api/urls.py
+++ b/website/activemembers/api/urls.py
+from django.urls import path
+
+from activemembers.api import views
+
+urlpatterns = [
+    path('activemembers/nextcloud/users', views.NextCloudUsersView.as_view()),
+    path('activemembers/nextcloud/groups', views.NextCloudGroupsView.as_view()),
+]
--- a/website/activemembers/api/views.py
+++ b/website/activemembers/api/views.py
+from rest_framework.generics import ListAPIView
+
+from activemembers.api.permissions import NextCloudPermission
+from activemembers.api.serializers import (
+    NextCloudMemberSerializer,
+    NextCloudGroupSerializer
+)
+from activemembers.models import MemberGroupMembership, MemberGroup
+from members.models import Member
+
+
+class NextCloudUsersView(ListAPIView):
+    permission_classes = [NextCloudPermission]
+    queryset = Member.objects.filter(
+        pk__in=MemberGroupMembership.active_objects.values_list(
+            'member_id', flat=True)
+    )
+    serializer_class = NextCloudMemberSerializer
+
+
+class NextCloudGroupsView(ListAPIView):
+    permission_classes = [NextCloudPermission]
+    queryset = MemberGroup.objects.all()
+    serializer_class = NextCloudGroupSerializer
--- a/website/members/api/urls.py
+++ b/website/members/api/urls.py
@@ -6,5 +6,5 @@ from members.api import viewsets, views
 router = routers.SimpleRouter()
 router.register(r'members', viewsets.MemberViewset)
 urlpatterns = router.urls + [
-    path('sentry-access/', views.SentryIdentityView.as_view())
+    path('sentry-access/', views.SentryIdentityView.as_view()),
 ]
--- a/website/thaliawebsite/settings/production.py
+++ b/website/thaliawebsite/settings/production.py
@@ -79,6 +79,8 @@ WIKI_API_KEY = os.environ.get('WIKI_API_KEY', 'changeme')
 MIGRATION_KEY = os.environ.get('MIGRATION_KEY')
 MAILINGLIST_API_SECRET = os.environ.get('MAILINGLIST_API_SECRET', '')
 MEMBERS_SENTRY_API_SECRET = os.environ.get('MEMBERS_SENTRY_API_SECRET', '')
+ACTIVEMEMBERS_NEXTCLOUD_API_SECRET = os.environ.get(
+    'ACTIVEMEMBERS_NEXTCLOUD_API_SECRET', '')

 GOOGLE_MAPS_API_KEY = os.environ.get('GOOGLE_MAPS_API_KEY', '')
 GOOGLE_MAPS_API_SECRET = os.environ.get('GOOGLE_MAPS_API_SECRET', '')

--- a/website/thaliawebsite/settings/settings.py
+++ b/website/thaliawebsite/settings/settings.py
@@ -283,6 +283,9 @@ MAILINGLIST_API_SECRET = ''
 # Members Sentry API key
 MEMBERS_SENTRY_API_SECRET = ''

+# Activemembers NextCloud API key
+ACTIVEMEMBERS_NEXTCLOUD_API_SECRET = ''
+
 # Google maps API key and secrets
 GOOGLE_MAPS_API_KEY = ''
 GOOGLE_MAPS_API_SECRET = ''

--- a/website/thaliawebsite/urls.py
+++ b/website/thaliawebsite/urls.py
@@ -104,6 +104,7 @@ urlpatterns = [  # pylint: disable=invalid-name
        url(r'wikilogin', views.wiki_login),
        url(r'^v1/', include([
            url(r'^token-auth', ObtainThaliaAuthToken.as_view()),
+            url(r'^', include('activemembers.api.urls')),
            url(r'^', include('events.api.urls')),
            url(r'^', include('members.api.urls')),
            url(r'^', include('partners.api.urls')),