Initial public REST API

2017-03-06 16:50:55 +01:00 · 2017-03-06 16:50:55 +01:00 · 95b6ac712b
parent 12a01f5a0a
commit 95b6ac712b
5 changed files with 68 additions and 0 deletions
--- a/requirements.txt
+++ b/requirements.txt
@ -3,5 +3,7 @@ git+https://github.com/djangonauts/django-hstore@61427e474cb2f4be8fdfce225d78a53
 django-appconf==1.0.2
 django-auth-ldap==1.2.9
 Django-Select2==5.8.10
+djangorestframework==3.5.4
 Pillow==3.3.1
 psycopg2==2.6.2
+djangorestframework-hstore==1.3
--- a/spejstore/settings.py
+++ b/spejstore/settings.py
@ -42,6 +42,7 @@ INSTALLED_APPS = [
    'django_hstore',
    'tree',
    'django_select2',
+    'rest_framework',

    'storage',
 ]
@ -109,6 +110,8 @@ AUTH_PASSWORD_VALIDATORS = [
    },
 ]

+# LDAP configuration
+
 import ldap
 from django_auth_ldap.config import LDAPSearch, GroupOfUniqueNamesType

@ -170,3 +173,12 @@ STATICFILES_DIRS = [

 MEDIA_URL = '/media/'
 MEDIA_ROOT = os.path.join(BASE_DIR, "media")
+
+# REST Framework
+REST_FRAMEWORK = {
+    # Use Django's standard `django.contrib.auth` permissions,
+    # or allow read-only access for unauthenticated users.
+    'DEFAULT_PERMISSION_CLASSES': [
+        'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
+    ]
+}
--- a/spejstore/urls.py
+++ b/spejstore/urls.py
@ -8,12 +8,22 @@ from django.contrib import admin
 from django.conf import settings
 from django.conf.urls.static import static

+from rest_framework import routers

+from storage import apiviews
+
+
+router = routers.DefaultRouter()
+router.register(r'items', apiviews.ItemViewSet)
+
+# Wire up our API using automatic URL routing.
+# Additionally, we include login URLs for the browsable API.
 urlpatterns = [
    url(r'^admin/', admin.site.urls),
    url(r'^select2/', include('django_select2.urls')),

    url(r'^', include('storage.urls')),
+    url(r'^api/1/', include(router.urls)),
 ] \
    + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) \
    + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
--- a/storage/apiviews.py
+++ b/storage/apiviews.py
@ -0,0 +1,35 @@
+from rest_framework import viewsets, generics
+from rest_framework.response import Response
+from rest_framework.decorators import detail_route
+
+from storage.models import Item
+from storage.serializers import ItemSerializer
+from django.shortcuts import get_object_or_404
+
+
+class ItemViewSet(viewsets.ModelViewSet):
+    """
+    API endpoint that allows items to be viewed or edited.
+    """
+    queryset = Item.objects
+    serializer_class = ItemSerializer
+
+    def get_queryset(self):
+        return Item.get_roots()
+
+    def get_object(self):
+        lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_field
+
+        obj = get_object_or_404(Item, pk=self.kwargs[lookup_url_kwarg])
+        self.check_object_permissions(self.request, obj)
+
+        return obj
+
+    @detail_route()
+    def children(self, request, pk):
+        """
+        Returns a list of all the group names that the given
+        user belongs to.
+        """
+        item = self.get_object()
+        return Response(self.serializer_class(item.get_children().all(), many=True).data)
--- a/storage/serializers.py
+++ b/storage/serializers.py
@ -0,0 +1,9 @@
+from storage.models import Item
+from rest_framework import serializers
+from rest_framework_hstore.serializers import HStoreSerializer
+
+
+class ItemSerializer(HStoreSerializer):
+    class Meta:
+        model = Item
+        fields = ('uuid', 'name', 'description', 'props', 'state', 'parent')