Group API (#4327)

* Add basic endpoint for group information * Add hardcoded api-url lookup function for django models * Adds JS function for rendering a 'group' * Fix typo * Add unit tests for new endpoints * Increment API version * JS linting
2025-06-18 04:55:44 +00:00 · 2023-02-11 07:09:59 +11:00
parent 06605e70c5
commit f4e8c05165
8 changed files with 147 additions and 8 deletions
--- a/InvenTree/users/api.py
+++ b/InvenTree/users/api.py
@ -1,6 +1,6 @@
 """DRF API definition for the 'users' app"""

-from django.contrib.auth.models import User
+from django.contrib.auth.models import Group, User
 from django.core.exceptions import ObjectDoesNotExist
 from django.urls import include, path, re_path

@ -13,7 +13,7 @@ from rest_framework.views import APIView
 from InvenTree.mixins import ListAPI, RetrieveAPI, RetrieveUpdateAPI
 from InvenTree.serializers import UserSerializer
 from users.models import Owner, RuleSet, check_user_role
-from users.serializers import OwnerSerializer
+from users.serializers import GroupSerializer, OwnerSerializer


 class OwnerList(ListAPI):
@ -113,7 +113,9 @@ class UserDetail(RetrieveAPI):

    queryset = User.objects.all()
    serializer_class = UserSerializer
-    permission_classes = (permissions.IsAuthenticated,)
+    permission_classes = [
+        permissions.IsAuthenticated
+    ]


 class MeUserDetail(RetrieveUpdateAPI, UserDetail):
@ -129,7 +131,9 @@ class UserList(ListAPI):

    queryset = User.objects.all()
    serializer_class = UserSerializer
-    permission_classes = (permissions.IsAuthenticated,)
+    permission_classes = [
+        permissions.IsAuthenticated,
+    ]

    filter_backends = [
        DjangoFilterBackend,
@ -143,6 +147,35 @@ class UserList(ListAPI):
    ]


+class GroupDetail(RetrieveAPI):
+    """Detail endpoint for a particular auth group"""
+
+    queryset = Group.objects.all()
+    serializer_class = GroupSerializer
+    permission_classes = [
+        permissions.IsAuthenticated,
+    ]
+
+
+class GroupList(ListAPI):
+    """List endpoint for all auth groups"""
+
+    queryset = Group.objects.all()
+    serializer_class = GroupSerializer
+    permission_classes = [
+        permissions.IsAuthenticated,
+    ]
+
+    filter_backends = [
+        DjangoFilterBackend,
+        filters.SearchFilter,
+    ]
+
+    search_fields = [
+        'name',
+    ]
+
+
 class GetAuthToken(APIView):
    """Return authentication token for an authenticated user."""

@ -185,6 +218,12 @@ user_urls = [
        re_path(r'^.*$', OwnerList.as_view(), name='api-owner-list'),
    ])),

-    re_path(r'^(?P<pk>[0-9]+)/?$', UserDetail.as_view(), name='user-detail'),
-    path('', UserList.as_view()),
+    re_path(r'^group/', include([
+        re_path(r'^(?P<pk>[0-9]+)/?$', GroupDetail.as_view(), name='api-group-detail'),
+        re_path(r'^.*$', GroupList.as_view(), name='api-group-list'),
+    ])),
+
+    re_path(r'^(?P<pk>[0-9]+)/?$', UserDetail.as_view(), name='api-user-detail'),
+
+    path('', UserList.as_view(), name='api-user-list'),
 ]
--- a/InvenTree/users/serializers.py
+++ b/InvenTree/users/serializers.py
@ -1,5 +1,6 @@
 """DRF API serializers for the 'users' app"""

+from django.contrib.auth.models import Group

 from rest_framework import serializers

@ -24,3 +25,16 @@ class OwnerSerializer(InvenTreeModelSerializer):
            'name',
            'label',
        ]
+
+
+class GroupSerializer(InvenTreeModelSerializer):
+    """Serializer for a 'Group'"""
+
+    class Meta:
+        """Metaclass defines serializer fields"""
+
+        model = Group
+        fields = [
+            'pk',
+            'name',
+        ]
--- a/InvenTree/users/test_api.py
+++ b/InvenTree/users/test_api.py
@ -0,0 +1,55 @@
+"""API tests for various user / auth API endpoints"""
+
+from django.contrib.auth.models import Group, User
+from django.urls import reverse
+
+from InvenTree.api_tester import InvenTreeAPITestCase
+
+
+class UserAPITests(InvenTreeAPITestCase):
+    """Tests for user API endpoints"""
+
+    def test_user_api(self):
+        """Tests for User API endpoints"""
+
+        response = self.get(
+            reverse('api-user-list'),
+            expected_code=200
+        )
+
+        # Check the correct number of results was returned
+        self.assertEqual(len(response.data), User.objects.count())
+
+        for key in ['username', 'pk', 'email']:
+            self.assertIn(key, response.data[0])
+
+        # Check detail URL
+        pk = response.data[0]['pk']
+
+        response = self.get(
+            reverse('api-user-detail', kwargs={'pk': pk}),
+            expected_code=200
+        )
+
+        self.assertIn('pk', response.data)
+        self.assertIn('username', response.data)
+
+    def test_group_api(self):
+        """Tests for the Group API endpoints"""
+
+        response = self.get(
+            reverse('api-group-list'),
+            expected_code=200,
+        )
+
+        self.assertIn('name', response.data[0])
+
+        self.assertEqual(len(response.data), Group.objects.count())
+
+        # Check detail URL
+        response = self.get(
+            reverse('api-group-detail', kwargs={'pk': response.data[0]['pk']}),
+            expected_code=200,
+        )
+
+        self.assertIn('name', response.data)
--- a/InvenTree/users/tests.py
+++ b/InvenTree/users/tests.py
@ -231,7 +231,7 @@ class OwnerModelTest(InvenTreeTestCase):
        # self.assertEqual(response['owner_id'], group.pk)

        # own user detail
-        response_detail = self.do_request(reverse('user-detail', kwargs={'pk': self.user.id}), {}, 200)
+        response_detail = self.do_request(reverse('api-user-detail', kwargs={'pk': self.user.id}), {}, 200)
        self.assertEqual(response_detail['username'], self.username)

        response_me = self.do_request(reverse('api-user-me'), {}, 200)