From e7031d0ac1a65b415a73992ba60268511c2afec1 Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Thu, 9 Apr 2020 10:33:20 +0800
Subject: [PATCH] =?UTF-8?q?[Update]=20=E4=BF=AE=E6=94=B9serailizer=20mixin?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/common/mixins/api.py      |  2 +-
 apps/users/api/profile.py      |  2 +-
 apps/users/models/user.py      |  2 +-
 apps/users/serializers/user.py | 36 +++++++++++++++++++++++++++++++---
 4 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/apps/common/mixins/api.py b/apps/common/mixins/api.py
index 6440cdd10..613d66eba 100644
--- a/apps/common/mixins/api.py
+++ b/apps/common/mixins/api.py
@@ -37,7 +37,7 @@ class SerializerMixin:
         serializer_class = None
         if hasattr(self, 'serializer_classes') and \
                 isinstance(self.serializer_classes, dict):
-            if self.action == 'list' and self.request.query_params.get('draw'):
+            if self.action in ['list', 'metadata'] and self.request.query_params.get('draw'):
                 serializer_class = self.serializer_classes.get('display')
             if serializer_class is None:
                 serializer_class = self.serializer_classes.get(
diff --git a/apps/users/api/profile.py b/apps/users/api/profile.py
index 70e028a85..5ad7c2a00 100644
--- a/apps/users/api/profile.py
+++ b/apps/users/api/profile.py
@@ -57,7 +57,7 @@ class UserUpdatePKApi(UserQuerysetMixin, generics.UpdateAPIView):
 
 class UserProfileApi(generics.RetrieveAPIView):
     permission_classes = (IsAuthenticated,)
-    serializer_class = serializers.UserSerializer
+    serializer_class = serializers.UserProfileSerializer
 
     def get_object(self):
         return self.request.user
diff --git a/apps/users/models/user.py b/apps/users/models/user.py
index 7e81340fd..169a30a00 100644
--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@@ -481,7 +481,7 @@ class User(AuthMixin, TokenMixin, RoleMixin, MFAMixin, AbstractUser):
         max_length=30, default='', blank=True, verbose_name=_('Created by')
     )
     source = models.CharField(
-        max_length=30, default=SOURCE_LOCAL, choices=SOURCE_CHOICES,
+        max_length=30, default=SOURCE_LDAP, choices=SOURCE_CHOICES,
         verbose_name=_('Source')
     )
     date_password_last_updated = models.DateTimeField(
diff --git a/apps/users/serializers/user.py b/apps/users/serializers/user.py
index f2b3cc0bc..f4c2ee085 100644
--- a/apps/users/serializers/user.py
+++ b/apps/users/serializers/user.py
@@ -23,7 +23,16 @@ class UserOrgSerializer(serializers.Serializer):
 
 
 class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer):
-    admin_orgs = UserOrgSerializer(many=True, read_only=True)
+    EMAIL_SET_PASSWORD = _('Reset link will be generated and sent to the user')
+    CUSTOM_PASSWORD = _('Set password')
+    PASSWORD_STRATEGY_CHOICES = (
+        (0, EMAIL_SET_PASSWORD),
+        (1, CUSTOM_PASSWORD)
+    )
+    password_strategy = serializers.ChoiceField(
+        choices=PASSWORD_STRATEGY_CHOICES, required=True, initial=0,
+        label=_('Password strategy'), write_only=True
+    )
 
     class Meta:
         model = User
@@ -33,8 +42,9 @@ class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer):
             'groups', 'role', 'wechat', 'phone', 'mfa_level',
             'comment', 'source', 'is_valid', 'is_expired',
             'is_active', 'created_by', 'is_first_login',
+            'password_strategy',
             'date_password_last_updated', 'date_expired',
-            'avatar_url', 'admin_orgs',
+            'avatar_url',
         ]
         extra_kwargs = {
             'password': {'write_only': True, 'required': False, 'allow_null': True, 'allow_blank': True},
@@ -46,6 +56,16 @@ class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer):
             'created_by': {'read_only': True, 'allow_blank': True},
         }
 
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.set_role_choices()
+
+    def set_role_choices(self):
+        role = self.fields['role']
+        choices = role.choices
+        choices.pop('App', None)
+        role.choices = choices
+
     def validate_role(self, value):
         request = self.context.get('request')
         if not request.user.is_superuser and value != User.ROLE_USER:
@@ -92,6 +112,7 @@ class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer):
     def validate(self, attrs):
         attrs = self.change_password_to_raw(attrs)
         attrs = self.clean_auth_fields(attrs)
+        attrs.pop('password_strategy', None)
         return attrs
 
 
@@ -157,8 +178,17 @@ class ResetOTPSerializer(serializers.Serializer):
 
 
 class UserProfileSerializer(serializers.ModelSerializer):
+    admin_orgs = UserOrgSerializer(many=True, read_only=True)
+
     class Meta:
         model = User
         fields = [
-            'id', 'username', 'name', 'role', 'email'
+            'id', 'name', 'username', 'email',
+            'role', 'wechat', 'phone', 'mfa_level',
+            'comment', 'source', 'is_valid', 'is_expired',
+            'is_active', 'created_by', 'is_first_login',
+            'date_password_last_updated', 'date_expired',
+            'avatar_url',
+
+            'groups', 'admin_orgs',
         ]