mirror of
https://github.com/lemeow125/Ivy-Backend.git
synced 2025-01-18 14:53:07 +08:00
Move user list serializer and view to accounts app and restrict all endpoints to logged in users only
This commit is contained in:
parent
71583894bb
commit
65a95a90af
6 changed files with 32 additions and 24 deletions
9
ivy/accounts/serializers.py
Normal file
9
ivy/accounts/serializers.py
Normal file
|
@ -0,0 +1,9 @@
|
|||
|
||||
from rest_framework import serializers
|
||||
from django.contrib.auth.models import User
|
||||
|
||||
|
||||
class UserSerializer(serializers.ModelSerializer):
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ('id', 'username', 'email', 'date_joined')
|
|
@ -1,7 +1,13 @@
|
|||
from django.contrib import admin
|
||||
from django.urls import path, include
|
||||
from rest_framework import routers
|
||||
from . import views
|
||||
|
||||
router = routers.DefaultRouter()
|
||||
router.register(r'user_list', views.UserListViewSet)
|
||||
|
||||
urlpatterns = [
|
||||
path('', include('djoser.urls')),
|
||||
path('', include('djoser.urls.authtoken'))
|
||||
path('', include('djoser.urls.authtoken')),
|
||||
path('', include(router.urls)),
|
||||
]
|
||||
|
|
|
@ -1,3 +1,13 @@
|
|||
from django.shortcuts import render
|
||||
from rest_framework import viewsets
|
||||
from .serializers import UserSerializer
|
||||
from django.contrib.auth.models import User
|
||||
from rest_framework.permissions import IsAuthenticated
|
||||
|
||||
# Create your views here.
|
||||
|
||||
|
||||
class UserListViewSet(viewsets.ModelViewSet):
|
||||
permission_classes = [IsAuthenticated]
|
||||
http_method_names = ['get']
|
||||
serializer_class = UserSerializer
|
||||
queryset = User.objects.all()
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
from rest_framework import serializers, mixins
|
||||
from rest_framework import serializers
|
||||
from django.contrib.auth.models import User
|
||||
from simple_history.models import HistoricalRecords
|
||||
from .models import Product
|
||||
|
||||
|
||||
|
@ -34,9 +33,3 @@ class LogSerializer(serializers.HyperlinkedModelSerializer):
|
|||
'history_date', 'history_user')
|
||||
read_only_fields = ('history_id', 'id', 'name', 'quantity',
|
||||
'history_date', 'history_user')
|
||||
|
||||
|
||||
class UserSerializer(serializers.ModelSerializer):
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ('id', 'username', 'email', 'date_joined')
|
||||
|
|
|
@ -6,7 +6,6 @@ router = routers.DefaultRouter()
|
|||
router.register(r'products', views.ProductViewSet)
|
||||
router.register(r'logs', views.LogViewSet)
|
||||
router.register(r'lowest_stock_product', views.LeastStockProductViewSet)
|
||||
router.register(r'user_list', views.UserListViewSet)
|
||||
|
||||
# Wire up our API using automatic URL routing.
|
||||
# Additionally, we include login URLs for the browsable API.
|
||||
|
|
|
@ -1,36 +1,27 @@
|
|||
from rest_framework.permissions import IsAuthenticated
|
||||
from rest_framework import viewsets
|
||||
from django.contrib.auth.models import User
|
||||
from .serializers import ProductSerializer, LogSerializer, UserSerializer
|
||||
from .serializers import ProductSerializer, LogSerializer
|
||||
from .models import Product
|
||||
|
||||
|
||||
class ProductViewSet(viewsets.ModelViewSet):
|
||||
# permission_classes = [IsAuthenticated]
|
||||
permission_classes = [IsAuthenticated]
|
||||
serializer_class = ProductSerializer
|
||||
queryset = Product.objects.all().order_by('-date_added')
|
||||
|
||||
|
||||
class UserListViewSet(viewsets.ModelViewSet):
|
||||
# permission_classes = [IsAuthenticated]
|
||||
http_method_names = ['get']
|
||||
serializer_class = UserSerializer
|
||||
queryset = User.objects.all()
|
||||
|
||||
|
||||
class LeastStockProductViewSet(viewsets.ModelViewSet):
|
||||
# permission_classes = [IsAuthenticated]
|
||||
permission_classes = [IsAuthenticated]
|
||||
http_method_names = ['get']
|
||||
serializer_class = ProductSerializer
|
||||
queryset = Product.objects.all().order_by('quantity')
|
||||
|
||||
def get_queryset(self):
|
||||
return super().get_queryset()[:1]
|
||||
# queryset = Product.objects.all().order_by('quantity').first()
|
||||
|
||||
|
||||
class LogViewSet(viewsets.ModelViewSet):
|
||||
# permission_classes = [IsAuthenticated]
|
||||
permission_classes = [IsAuthenticated]
|
||||
http_method_names = ['get']
|
||||
serializer_class = LogSerializer
|
||||
queryset = Product.history.all().order_by('-history_date')
|
||||
|
|
Loading…
Reference in a new issue