[Update] 用户profile中添加orgs

apps/users/api/__init__.py

@@ -3,4 +3,5 @@
 
 from .user import *
 from .group import *
+from .profile import *
 from .relation import *

apps/users/api/mixins.py

@@ -0,0 +1,9 @@
+# -*- coding: utf-8 -*-
+#
+from .. import utils
+
+
+class UserQuerysetMixin:
+    def get_queryset(self):
+        queryset = utils.get_current_org_members()
+        return queryset

apps/users/api/profile.py

@@ -0,0 +1,68 @@
+# ~*~ coding: utf-8 ~*~
+import uuid
+
+from rest_framework import generics
+from rest_framework.permissions import IsAuthenticated
+
+from common.permissions import (
+    IsCurrentUserOrReadOnly
+)
+from .. import serializers
+from ..models import User
+from .mixins import UserQuerysetMixin
+
+__all__ = [
+    'UserResetPasswordApi', 'UserResetPKApi',
+    'UserProfileApi', 'UserUpdatePKApi',
+]
+
+
+class UserResetPasswordApi(UserQuerysetMixin, generics.UpdateAPIView):
+    queryset = User.objects.all()
+    serializer_class = serializers.UserSerializer
+    permission_classes = (IsAuthenticated,)
+
+    def perform_update(self, serializer):
+        # Note: we are not updating the user object here.
+        # We just do the reset-password stuff.
+        from ..utils import send_reset_password_mail
+        user = self.get_object()
+        user.password_raw = str(uuid.uuid4())
+        user.save()
+        send_reset_password_mail(user)
+
+
+class UserResetPKApi(UserQuerysetMixin, generics.UpdateAPIView):
+    serializer_class = serializers.UserSerializer
+    permission_classes = (IsAuthenticated,)
+
+    def perform_update(self, serializer):
+        from ..utils import send_reset_ssh_key_mail
+        user = self.get_object()
+        user.public_key = None
+        user.save()
+        send_reset_ssh_key_mail(user)
+
+
+# 废弃
+class UserUpdatePKApi(UserQuerysetMixin, generics.UpdateAPIView):
+    serializer_class = serializers.UserPKUpdateSerializer
+    permission_classes = (IsCurrentUserOrReadOnly,)
+
+    def perform_update(self, serializer):
+        user = self.get_object()
+        user.public_key = serializer.validated_data['public_key']
+        user.save()
+
+
+class UserProfileApi(generics.RetrieveAPIView):
+    permission_classes = (IsAuthenticated,)
+    serializer_class = serializers.UserSerializer
+
+    def get_object(self):
+        return self.request.user
+
+    def retrieve(self, request, *args, **kwargs):
+        age = request.session.get_expiry_age()
+        request.session.set_expiry(age)
+        return super().retrieve(request, *args, **kwargs)

apps/users/api/user.py

@@ -1,23 +1,20 @@
 # ~*~ coding: utf-8 ~*~
-import uuid
-
 from django.core.cache import cache
-from django.contrib.auth import logout
 from django.utils.translation import ugettext as _
 
 from rest_framework import generics
 from rest_framework.response import Response
-from rest_framework.permissions import IsAuthenticated
 from rest_framework_bulk import BulkModelViewSet
 
 from common.permissions import (
-    IsOrgAdmin, IsCurrentUserOrReadOnly, IsOrgAdminOrAppUser,
+    IsOrgAdmin, IsOrgAdminOrAppUser,
     CanUpdateDeleteUser, IsSuperUser
 )
 from common.mixins import CommonApiMixin
 from common.utils import get_logger
 from orgs.utils import current_org
-from .. import serializers, utils
+from .. import serializers
+from .mixins import UserQuerysetMixin
 from ..models import User
 from ..signals import post_user_create
 
@@ -25,17 +22,10 @@ from ..signals import post_user_create
 logger = get_logger(__name__)
 __all__ = [
     'UserViewSet', 'UserChangePasswordApi',
-    'UserResetPasswordApi', 'UserResetPKApi', 'UserUpdatePKApi',
+    'UserUnblockPKApi', 'UserResetOTPApi',
-    'UserUnblockPKApi', 'UserProfileApi', 'UserResetOTPApi',
 ]
 
 
-class UserQuerysetMixin:
-    def get_queryset(self):
-        queryset = utils.get_current_org_members()
-        return queryset
-
-
 class UserViewSet(CommonApiMixin, UserQuerysetMixin, BulkModelViewSet):
     filter_fields = ('username', 'email', 'name', 'id')
     search_fields = filter_fields
@@ -101,44 +91,6 @@ class UserChangePasswordApi(UserQuerysetMixin, generics.RetrieveUpdateAPIView):
         user.save()
 
 
-class UserResetPasswordApi(UserQuerysetMixin, generics.UpdateAPIView):
-    queryset = User.objects.all()
-    serializer_class = serializers.UserSerializer
-    permission_classes = (IsAuthenticated,)
-
-    def perform_update(self, serializer):
-        # Note: we are not updating the user object here.
-        # We just do the reset-password stuff.
-        from ..utils import send_reset_password_mail
-        user = self.get_object()
-        user.password_raw = str(uuid.uuid4())
-        user.save()
-        send_reset_password_mail(user)
-
-
-class UserResetPKApi(UserQuerysetMixin, generics.UpdateAPIView):
-    serializer_class = serializers.UserSerializer
-    permission_classes = (IsAuthenticated,)
-
-    def perform_update(self, serializer):
-        from ..utils import send_reset_ssh_key_mail
-        user = self.get_object()
-        user.public_key = None
-        user.save()
-        send_reset_ssh_key_mail(user)
-
-
-# 废弃
-class UserUpdatePKApi(UserQuerysetMixin, generics.UpdateAPIView):
-    serializer_class = serializers.UserPKUpdateSerializer
-    permission_classes = (IsCurrentUserOrReadOnly,)
-
-    def perform_update(self, serializer):
-        user = self.get_object()
-        user.public_key = serializer.validated_data['public_key']
-        user.save()
-
-
 class UserUnblockPKApi(UserQuerysetMixin, generics.UpdateAPIView):
     permission_classes = (IsOrgAdmin,)
     serializer_class = serializers.UserSerializer
@@ -154,19 +106,6 @@ class UserUnblockPKApi(UserQuerysetMixin, generics.UpdateAPIView):
         cache.delete(key_block)
 
 
-class UserProfileApi(generics.RetrieveAPIView):
-    permission_classes = (IsAuthenticated,)
-    serializer_class = serializers.UserSerializer
-
-    def get_object(self):
-        return self.request.user
-
-    def retrieve(self, request, *args, **kwargs):
-        age = request.session.get_expiry_age()
-        request.session.set_expiry(age)
-        return super().retrieve(request, *args, **kwargs)
-
-
 class UserResetOTPApi(UserQuerysetMixin, generics.RetrieveAPIView):
     permission_classes = (IsOrgAdmin,)
     serializer_class = serializers.ResetOTPSerializer

apps/users/models/user.py

@@ -563,6 +563,11 @@ class User(AuthMixin, TokenMixin, RoleMixin, MFAMixin, AbstractUser):
         user_default = settings.STATIC_URL + "img/avatar/user.png"
         return user_default
 
+    def admin_orgs(self):
+        from orgs.models import Organization
+        orgs = Organization.get_user_admin_or_audit_orgs(self)
+        return orgs
+
     def avatar_url(self):
         admin_default = settings.STATIC_URL + "img/avatar/admin.png"
         user_default = settings.STATIC_URL + "img/avatar/user.png"

apps/users/serializers/user.py

@@ -17,7 +17,13 @@ __all__ = [
 ]
 
 
+class UserOrgSerializer(serializers.Serializer):
+    id = serializers.CharField()
+    name = serializers.CharField()
+
+
 class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer):
+    admin_orgs = UserOrgSerializer(many=True, read_only=True)
 
     class Meta:
         model = User
@@ -27,7 +33,8 @@ class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer):
             'groups', 'role', 'wechat', 'phone', 'mfa_level',
             'comment', 'source', 'is_valid', 'is_expired',
             'is_active', 'created_by', 'is_first_login',
-            'date_password_last_updated', 'date_expired', 'avatar_url',
+            'date_password_last_updated', 'date_expired',
+            'avatar_url', 'admin_orgs',
         ]
         extra_kwargs = {
             'password': {'write_only': True, 'required': False, 'allow_null': True, 'allow_blank': True},