From 3d5605f4b520714144e0ac2ffb91d4be27efafe0 Mon Sep 17 00:00:00 2001 From: adamscmRH Date: Thu, 24 May 2018 14:33:27 -0400 Subject: [PATCH] refactor & purge cruft --- awx/api/serializers.py | 136 +++++-------------- awx/api/urls/user.py | 2 +- awx/api/urls/user_oauth.py | 2 +- awx/api/views.py | 19 +-- awx/main/tests/functional/test_rbac_oauth.py | 4 +- 5 files changed, 39 insertions(+), 124 deletions(-) diff --git a/awx/api/serializers.py b/awx/api/serializers.py index c518a4514c..9348a6c37e 100644 --- a/awx/api/serializers.py +++ b/awx/api/serializers.py @@ -948,7 +948,7 @@ class UserSerializer(BaseSerializer): access_list = self.reverse('api:user_access_list', kwargs={'pk': obj.pk}), tokens = self.reverse('api:o_auth2_token_list', kwargs={'pk': obj.pk}), authorized_tokens = self.reverse('api:user_authorized_token_list', kwargs={'pk': obj.pk}), - personal_tokens = self.reverse('api:o_auth2_personal_token_list', kwargs={'pk': obj.pk}), + personal_tokens = self.reverse('api:user_personal_token_list', kwargs={'pk': obj.pk}), )) return res @@ -1013,10 +1013,30 @@ class BaseOAuth2TokenSerializer(BaseSerializer): except ObjectDoesNotExist: return '' - def get_modified(self, obj): - if obj is None: + def get_refresh_token(self, obj): + request = self.context.get('request', None) + try: + if not obj.refresh_token: + return None + elif request.method == 'POST': + return getattr(obj.refresh_token, 'token', '') + else: + return TOKEN_CENSOR + except ObjectDoesNotExist: return None - return obj.updated + + def get_related(self, obj): + ret = super(BaseOAuth2TokenSerializer, self).get_related(obj) + if obj.user: + ret['user'] = self.reverse('api:user_detail', kwargs={'pk': obj.user.pk}) + if obj.application: + ret['application'] = self.reverse( + 'api:o_auth2_application_detail', kwargs={'pk': obj.application.pk} + ) + ret['activity_stream'] = self.reverse( + 'api:o_auth2_token_activity_stream_list', kwargs={'pk': obj.pk} + ) + return ret def _is_valid_scope(self, value): if not value or (not isinstance(value, six.string_types)): @@ -1038,16 +1058,13 @@ class BaseOAuth2TokenSerializer(BaseSerializer): class UserAuthorizedTokenSerializer(BaseOAuth2TokenSerializer): - - def get_refresh_token(self, obj): - request = self.context.get('request', None) - try: - if request.method == 'POST': - return getattr(obj.refresh_token, 'token', '') - else: - return TOKEN_CENSOR - except ObjectDoesNotExist: - return '' + + class Meta: + extra_kwargs = { + 'scope': {'allow_null': False, 'required': True}, + 'user': {'allow_null': False, 'required': True}, + 'application': {'allow_null': False, 'required': True} + } def create(self, validated_data): current_user = self.context['request'].user @@ -1070,36 +1087,6 @@ class UserAuthorizedTokenSerializer(BaseOAuth2TokenSerializer): class OAuth2TokenSerializer(BaseOAuth2TokenSerializer): - def get_modified(self, obj): - if obj is None: - return None - return obj.updated - - def get_related(self, obj): - ret = super(OAuth2TokenSerializer, self).get_related(obj) - if obj.user: - ret['user'] = self.reverse('api:user_detail', kwargs={'pk': obj.user.pk}) - if obj.application: - ret['application'] = self.reverse( - 'api:o_auth2_application_detail', kwargs={'pk': obj.application.pk} - ) - ret['activity_stream'] = self.reverse( - 'api:o_auth2_token_activity_stream_list', kwargs={'pk': obj.pk} - ) - return ret - - def get_refresh_token(self, obj): - request = self.context.get('request', None) - try: - if request.method == 'POST': - return getattr(obj.refresh_token, 'token', '') - elif not obj.refresh_token: - return None - else: - return TOKEN_CENSOR - except ObjectDoesNotExist: - return None - def create(self, validated_data): current_user = self.context['request'].user validated_data['user'] = current_user @@ -1127,56 +1114,11 @@ class OAuth2TokenDetailSerializer(OAuth2TokenSerializer): read_only_fields = ('*', 'user', 'application') -class OAuth2AuthorizedTokenSerializer(BaseOAuth2TokenSerializer): - - def get_refresh_token(self, obj): - request = self.context.get('request', None) - try: - if request.method == 'POST': - return getattr(obj.refresh_token, 'token', '') - else: - return TOKEN_CENSOR - except ObjectDoesNotExist: - return '' - - def create(self, validated_data): - current_user = self.context['request'].user - validated_data['user'] = current_user - validated_data['token'] = generate_token() - validated_data['expires'] = now() + timedelta( - seconds=settings.OAUTH2_PROVIDER['ACCESS_TOKEN_EXPIRE_SECONDS'] - ) - obj = super(OAuth2AuthorizedTokenSerializer, self).create(validated_data) - if obj.application and obj.application.user: - obj.user = obj.application.user - obj.save() - if obj.application is not None: - RefreshToken.objects.create( - user=current_user, - token=generate_token(), - application=obj.application, - access_token=obj - ) - return obj - - -class OAuth2PersonalTokenSerializer(BaseOAuth2TokenSerializer): +class UserPersonalTokenSerializer(BaseOAuth2TokenSerializer): class Meta: read_only_fields = ('user', 'token', 'expires', 'application') - def get_related(self, obj): - ret = super(OAuth2PersonalTokenSerializer, self).get_related(obj) - if obj.user: - ret['user'] = self.reverse('api:user_detail', kwargs={'pk': obj.user.pk}) - ret['activity_stream'] = self.reverse( - 'api:o_auth2_token_activity_stream_list', kwargs={'pk': obj.pk} - ) - return ret - - def get_refresh_token(self, obj): - return None - def create(self, validated_data): validated_data['user'] = self.context['request'].user validated_data['token'] = generate_token() @@ -1184,7 +1126,7 @@ class OAuth2PersonalTokenSerializer(BaseOAuth2TokenSerializer): seconds=settings.OAUTH2_PROVIDER['ACCESS_TOKEN_EXPIRE_SECONDS'] ) validated_data['application'] = None - obj = super(OAuth2PersonalTokenSerializer, self).create(validated_data) + obj = super(UserPersonalTokenSerializer, self).create(validated_data) obj.save() return obj @@ -1218,18 +1160,6 @@ class OAuth2ApplicationSerializer(BaseSerializer): return None return obj.updated - def get_related(self, obj): - ret = super(OAuth2ApplicationSerializer, self).get_related(obj) - if obj.user: - ret['user'] = self.reverse('api:user_detail', kwargs={'pk': obj.user.pk}) - ret['tokens'] = self.reverse( - 'api:o_auth2_application_token_list', kwargs={'pk': obj.pk} - ) - ret['activity_stream'] = self.reverse( - 'api:o_auth2_application_activity_stream_list', kwargs={'pk': obj.pk} - ) - return ret - def _summary_field_tokens(self, obj): token_list = [{'id': x.pk, 'token': TOKEN_CENSOR, 'scope': x.scope} for x in obj.oauth2accesstoken_set.all()[:10]] if has_model_field_prefetched(obj, 'oauth2accesstoken_set'): diff --git a/awx/api/urls/user.py b/awx/api/urls/user.py index 9ecebbb044..c3c896af24 100644 --- a/awx/api/urls/user.py +++ b/awx/api/urls/user.py @@ -34,7 +34,7 @@ urls = [ url(r'^(?P[0-9]+)/applications/$', OAuth2ApplicationList.as_view(), name='o_auth2_application_list'), url(r'^(?P[0-9]+)/tokens/$', OAuth2UserTokenList.as_view(), name='o_auth2_token_list'), url(r'^(?P[0-9]+)/authorized_tokens/$', UserAuthorizedTokenList.as_view(), name='user_authorized_token_list'), - url(r'^(?P[0-9]+)/personal_tokens/$', OAuth2PersonalTokenList.as_view(), name='o_auth2_personal_token_list'), + url(r'^(?P[0-9]+)/personal_tokens/$', OAuth2PersonalTokenList.as_view(), name='user_personal_token_list'), ] diff --git a/awx/api/urls/user_oauth.py b/awx/api/urls/user_oauth.py index bec5c4332b..3b290dbf01 100644 --- a/awx/api/urls/user_oauth.py +++ b/awx/api/urls/user_oauth.py @@ -43,7 +43,7 @@ urls = [ OAuth2TokenActivityStreamList.as_view(), name='o_auth2_token_activity_stream_list' ), - url(r'^personal_tokens/$', OAuth2PersonalTokenList.as_view(), name='o_auth2_personal_token_list'), + url(r'^personal_tokens/$', OAuth2PersonalTokenList.as_view(), name='user_personal_token_list'), ] __all__ = ['urls'] diff --git a/awx/api/views.py b/awx/api/views.py index 5f1d8b22af..bd789ef9b7 100644 --- a/awx/api/views.py +++ b/awx/api/views.py @@ -1610,21 +1610,6 @@ class OAuth2UserTokenList(SubListCreateAPIView): relationship = 'main_oauth2accesstoken' parent_key = 'user' swagger_topic = 'Authentication' - - -class OAuth2AuthorizedTokenList(SubListCreateAPIView): - - view_name = _("OAuth2 Authorized Access Tokens") - - model = OAuth2AccessToken - serializer_class = OAuth2AuthorizedTokenSerializer - parent_model = OAuth2Application - relationship = 'oauth2accesstoken_set' - parent_key = 'application' - swagger_topic = 'Authentication' - - def get_queryset(self): - return get_access_token_model().objects.filter(application__isnull=False, user=self.request.user) class UserAuthorizedTokenList(SubListCreateAPIView): @@ -1632,7 +1617,7 @@ class UserAuthorizedTokenList(SubListCreateAPIView): view_name = _("OAuth2 User Authorized Access Tokens") model = OAuth2AccessToken - serializer_class = OAuth2AuthorizedTokenSerializer + serializer_class = UserAuthorizedTokenSerializer parent_model = User relationship = 'oauth2accesstoken_set' parent_key = 'user' @@ -1659,7 +1644,7 @@ class OAuth2PersonalTokenList(SubListCreateAPIView): view_name = _("OAuth2 Personal Access Tokens") model = OAuth2AccessToken - serializer_class = OAuth2PersonalTokenSerializer + serializer_class = UserPersonalTokenSerializer parent_model = User relationship = 'main_oauth2accesstoken' parent_key = 'user' diff --git a/awx/main/tests/functional/test_rbac_oauth.py b/awx/main/tests/functional/test_rbac_oauth.py index 757c55e12b..f076db3689 100644 --- a/awx/main/tests/functional/test_rbac_oauth.py +++ b/awx/main/tests/functional/test_rbac_oauth.py @@ -200,7 +200,7 @@ class TestOAuth2Token: user_list = [admin, org_admin, org_member, alice] can_access_list = [True, False, True, False] response = post( - reverse('api:o_auth2_personal_token_list', kwargs={'pk': org_member.pk}), + reverse('api:user_personal_token_list', kwargs={'pk': org_member.pk}), {'scope': 'read'}, org_member, expect=201 ) token = AccessToken.objects.get(token=response.data['token']) @@ -220,7 +220,7 @@ class TestOAuth2Token: for user, can_access in zip(user_list, can_access_list): response = post( - reverse('api:o_auth2_personal_token_list', kwargs={'pk': user.pk}), + reverse('api:user_personal_token_list', kwargs={'pk': user.pk}), {'scope': 'read', 'application':None}, user, expect=201 ) token = AccessToken.objects.get(token=response.data['token'])