123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- from django.contrib.auth.models import User, Group
- from rest_framework import viewsets
- from .serializers import UserSerializer, GroupSerializer
- from rest_framework.views import APIView
- from .permission import HasAPIKey
- from rest_framework.permissions import IsAuthenticated
- from .models import APIKey
- from rest_framework.decorators import api_view, permission_classes
- from rest_framework.response import Response
- class UserViewSet(viewsets.ModelViewSet):
- """
- API endpoint that allows users to be viewed or edited.
- """
- queryset = User.objects.all().order_by('-date_joined')
- serializer_class = UserSerializer
- keys = APIKey.objects.all()
- for i in keys:
- print()
- permission_classes = [HasAPIKey | IsAuthenticated]
- class GroupViewSet(viewsets.ModelViewSet):
- """
- API endpoint that allows groups to be viewed or edited.
- """
- queryset = Group.objects.all()
- serializer_class = GroupSerializer
- permission_classes = [HasAPIKey | IsAuthenticated]
- class SnippetUSER(APIView):
- permission_classes = []
- print(permission_classes)
- def get(self, request, format=None):
- snippets = User.objects.all()
- serializer = UserSerializer(snippets, many=True, context={'request': request})
- try:
- header_key = request.META["HTTP_X_API_KEY"]
- db_key = APIKey.objects.get_from_key(header_key)
- print(db_key.has_permission_method("user", "get"))
- except:
- header_key = request.META["HTTP_X_CSRFTOKEN"]
- return Response(serializer.data)
|