inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-04-29 20:16:44 +00:00
Code

Add API endpoint which provides list of role permissions available to current user

Browse Source
This commit is contained in:
Oliver Walters 2021-02-26 17:52:06 +11:00
parent cd5bc395f2
commit 5c61c18dc4
3 changed files with 54 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
InvenTree/part/templates/part/category.html
View File

@ -144,7 +144,8 @@
</div> </div>
<div class='panel-content'> <div class='panel-content'>
{% block details %} {% block details %}
<table class='table table-striped table-condensed' id='part-table'></table> <table class='table table-striped table-condensed' data-toolbar='#button-toolbar' id='part-table'>
</table>
{% endblock %} {% endblock %}
</div> </div>
</div> </div>

47
InvenTree/users/views.py → InvenTree/users/api.py
View File

@ -1,3 +1,9 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from rest_framework import generics
from rest_framework import generics, permissions from rest_framework import generics, permissions
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist from django.core.exceptions import ObjectDoesNotExist
@ -9,6 +15,47 @@ from rest_framework.response import Response
from rest_framework import status from rest_framework import status
from .models import RuleSet, check_user_role
class RoleDetails(APIView):
"""
API endpoint which lists the available role permissions
for the current user
(Requires authentication)
"""
permission_classes = [
permissions.IsAuthenticated
]
def get(self, request, *args, **kwargs):
user = request.user
data = {}
for ruleset in RuleSet.RULESET_CHOICES:
role, text = ruleset
permissions = []
for permission in RuleSet.RULESET_PERMISSIONS:
if check_user_role(user, role, permission):
permissions.append(permission)
if len(permissions) > 0:
data[role] = permissions
else:
data[role] = None
return Response(data)
class UserDetail(generics.RetrieveAPIView): class UserDetail(generics.RetrieveAPIView):
""" Detail endpoint for a single user """ """ Detail endpoint for a single user """

9
InvenTree/users/urls.py
View File

@ -1,11 +1,12 @@
from django.conf.urls import url from django.conf.urls import url
from . import views from . import api
user_urls = [ user_urls = [
url(r'^(?P<pk>[0-9]+)/?$', views.UserDetail.as_view(), name='user-detail'), url(r'^(?P<pk>[0-9]+)/?$', api.UserDetail.as_view(), name='user-detail'),
url(r'token', views.GetAuthToken.as_view(), name='api-token'), url(r'roles', api.RoleDetails.as_view(), name='api-roles'),
url(r'token', api.GetAuthToken.as_view(), name='api-token'),
url(r'^$', views.UserList.as_view()), url(r'^$', api.UserList.as_view()),
] ]