Adding perms to serializers

UmissTeam · May 16, 2017 · 8477085 · 8477085
1 parent d412893
commit 8477085
Show file tree

Hide file tree

Showing 4 changed files with 82 additions and 3 deletions.
diff --git a/umiss_project/db.sqlite3 b/umiss_project/db.sqlite3
diff --git a/umiss_project/umiss_auth/migrations/0005_auto_20170515_2101.py b/umiss_project/umiss_auth/migrations/0005_auto_20170515_2101.py
@@ -0,0 +1,62 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.2 on 2017-05-15 21:01
+from __future__ import unicode_literals
+
+from django.conf import settings
+import django.contrib.auth.models
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('umiss_auth', '0004_auto_20170422_2244'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='MonitorUser',
+            fields=[
+                ('customuser_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to=settings.AUTH_USER_MODEL)),
+                ('android_token', models.CharField(max_length=512)),
+            ],
+            options={
+                'abstract': False,
+                'verbose_name_plural': 'users',
+                'verbose_name': 'user',
+            },
+            bases=('umiss_auth.customuser',),
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+        migrations.CreateModel(
+            name='PatientUser',
+            fields=[
+                ('customuser_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'abstract': False,
+                'verbose_name_plural': 'users',
+                'verbose_name': 'user',
+            },
+            bases=('umiss_auth.customuser',),
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+        migrations.RemoveField(
+            model_name='customuser',
+            name='monitor_users',
+        ),
+        migrations.RemoveField(
+            model_name='customuser',
+            name='user_type',
+        ),
+        migrations.AddField(
+            model_name='patientuser',
+            name='monitor_users',
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='monitors', to=settings.AUTH_USER_MODEL),
+        ),
+    ]
diff --git a/umiss_project/umiss_auth/serializers.py b/umiss_project/umiss_auth/serializers.py
@@ -9,10 +9,20 @@ class Meta:
         fields = ('url', 'username')
 
 
-class MonitorUserSerializer(UserSerializer):
+class MonitorUserSerializer(serializers.HyperlinkedModelSerializer):
     class Meta:
         model = MonitorUser
+        fields = ('url', 'username', 'password')
 
-class PatientUserSerializer(UserSerializer):
+    def create(self, validated_data):
+        user = MonitorUser.objects.create_user(**validated_data)
+        return user
+
+class PatientUserSerializer(serializers.HyperlinkedModelSerializer):
     class Meta:
         model = PatientUser
+        fields = ('url', 'username', 'password')
+
+    def create(self, validated_data):
+        user = PatientUser.objects.create_user(**validated_data)
+        return user
diff --git a/umiss_project/umiss_auth/views.py b/umiss_project/umiss_auth/views.py
@@ -4,19 +4,26 @@
 from .models import MonitorUser, PatientUser
 from rest_framework import viewsets
 from rest_framework import permissions
+from .permissions import IsAnonCreate
 
 
 class UserViewSet(viewsets.ReadOnlyModelViewSet):
     queryset = CustomUser.objects.all()
     serializer_class = UserSerializer
+    write_only_fields = ('password',)
 
-    permission_classes = (permissions.AllowAny, permissions.BasePermission)
+    permission_classes = (IsAnonCreate,)
 
 class MonitorViewSet(viewsets.ModelViewSet):
     queryset = MonitorUser.objects.all()
     serializer_class = MonitorUserSerializer
+    write_only_fields = ('password')
 
+    permission_classes = (IsAnonCreate,)
 
 class PatienteViewSet(viewsets.ModelViewSet):
     queryset = PatientUser.objects.all()
     serializer_class = PatientUserSerializer
+    write_only_fields = ('password',)
+
+    permission_classes = (IsAnonCreate,)