External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-07 17:37:37 -02:30
Code Issues Packages Projects Releases Wiki Activity

refactor & purge cruft

Browse Source
This commit is contained in:
adamscmRH
2018-05-24 14:33:27 -04:00
parent be9598af53
commit 3d5605f4b5
5 changed files with 39 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
awx/api/serializers.py
View File

@@ -948,7 +948,7 @@ class UserSerializer(BaseSerializer):
access_list = self.reverse('api:user_access_list', kwargs={'pk': obj.pk}), access_list = self.reverse('api:user_access_list', kwargs={'pk': obj.pk}),
tokens = self.reverse('api:o_auth2_token_list', kwargs={'pk': obj.pk}), tokens = self.reverse('api:o_auth2_token_list', kwargs={'pk': obj.pk}),
authorized_tokens = self.reverse('api:user_authorized_token_list', kwargs={'pk': obj.pk}), authorized_tokens = self.reverse('api:user_authorized_token_list', kwargs={'pk': obj.pk}),
personal_tokens = self.reverse('api:o_auth2_personal_token_list', kwargs={'pk': obj.pk}), personal_tokens = self.reverse('api:user_personal_token_list', kwargs={'pk': obj.pk}),
)) ))
return res return res
@@ -1013,10 +1013,30 @@ class BaseOAuth2TokenSerializer(BaseSerializer):
except ObjectDoesNotExist: except ObjectDoesNotExist:
return '' return ''
def get_modified(self, obj): def get_refresh_token(self, obj):
if obj is None: request = self.context.get('request', None)
try:
if not obj.refresh_token:
return None
elif request.method == 'POST':
return getattr(obj.refresh_token, 'token', '')
else:
return TOKEN_CENSOR
except ObjectDoesNotExist:
return None return None
return obj.updated
def get_related(self, obj):
ret = super(BaseOAuth2TokenSerializer, self).get_related(obj)
if obj.user:
ret['user'] = self.reverse('api:user_detail', kwargs={'pk': obj.user.pk})
if obj.application:
ret['application'] = self.reverse(
'api:o_auth2_application_detail', kwargs={'pk': obj.application.pk}
)
ret['activity_stream'] = self.reverse(
'api:o_auth2_token_activity_stream_list', kwargs={'pk': obj.pk}
)
return ret
def _is_valid_scope(self, value): def _is_valid_scope(self, value):
if not value or (not isinstance(value, six.string_types)): if not value or (not isinstance(value, six.string_types)):
@@ -1039,15 +1059,12 @@ class BaseOAuth2TokenSerializer(BaseSerializer):
class UserAuthorizedTokenSerializer(BaseOAuth2TokenSerializer): class UserAuthorizedTokenSerializer(BaseOAuth2TokenSerializer):
def get_refresh_token(self, obj): class Meta:
request = self.context.get('request', None) extra_kwargs = {
try: 'scope': {'allow_null': False, 'required': True},
if request.method == 'POST': 'user': {'allow_null': False, 'required': True},
return getattr(obj.refresh_token, 'token', '') 'application': {'allow_null': False, 'required': True}
else: }
return TOKEN_CENSOR
except ObjectDoesNotExist:
return ''
def create(self, validated_data): def create(self, validated_data):
current_user = self.context['request'].user current_user = self.context['request'].user
@@ -1070,36 +1087,6 @@ class UserAuthorizedTokenSerializer(BaseOAuth2TokenSerializer):
class OAuth2TokenSerializer(BaseOAuth2TokenSerializer): class OAuth2TokenSerializer(BaseOAuth2TokenSerializer):
def get_modified(self, obj):
if obj is None:
return None
return obj.updated
def get_related(self, obj):
ret = super(OAuth2TokenSerializer, self).get_related(obj)
if obj.user:
ret['user'] = self.reverse('api:user_detail', kwargs={'pk': obj.user.pk})
if obj.application:
ret['application'] = self.reverse(
'api:o_auth2_application_detail', kwargs={'pk': obj.application.pk}
)
ret['activity_stream'] = self.reverse(
'api:o_auth2_token_activity_stream_list', kwargs={'pk': obj.pk}
)
return ret
def get_refresh_token(self, obj):
request = self.context.get('request', None)
try:
if request.method == 'POST':
return getattr(obj.refresh_token, 'token', '')
elif not obj.refresh_token:
return None
else:
return TOKEN_CENSOR
except ObjectDoesNotExist:
return None
def create(self, validated_data): def create(self, validated_data):
current_user = self.context['request'].user current_user = self.context['request'].user
validated_data['user'] = current_user validated_data['user'] = current_user
@@ -1127,56 +1114,11 @@ class OAuth2TokenDetailSerializer(OAuth2TokenSerializer):
read_only_fields = ('*', 'user', 'application') read_only_fields = ('*', 'user', 'application')
class OAuth2AuthorizedTokenSerializer(BaseOAuth2TokenSerializer): class UserPersonalTokenSerializer(BaseOAuth2TokenSerializer):
def get_refresh_token(self, obj):
request = self.context.get('request', None)
try:
if request.method == 'POST':
return getattr(obj.refresh_token, 'token', '')
else:
return TOKEN_CENSOR
except ObjectDoesNotExist:
return ''
def create(self, validated_data):
current_user = self.context['request'].user
validated_data['user'] = current_user
validated_data['token'] = generate_token()
validated_data['expires'] = now() + timedelta(
seconds=settings.OAUTH2_PROVIDER['ACCESS_TOKEN_EXPIRE_SECONDS']
)
obj = super(OAuth2AuthorizedTokenSerializer, self).create(validated_data)
if obj.application and obj.application.user:
obj.user = obj.application.user
obj.save()
if obj.application is not None:
RefreshToken.objects.create(
user=current_user,
token=generate_token(),
application=obj.application,
access_token=obj
)
return obj
class OAuth2PersonalTokenSerializer(BaseOAuth2TokenSerializer):
class Meta: class Meta:
read_only_fields = ('user', 'token', 'expires', 'application') read_only_fields = ('user', 'token', 'expires', 'application')
def get_related(self, obj):
ret = super(OAuth2PersonalTokenSerializer, self).get_related(obj)
if obj.user:
ret['user'] = self.reverse('api:user_detail', kwargs={'pk': obj.user.pk})
ret['activity_stream'] = self.reverse(
'api:o_auth2_token_activity_stream_list', kwargs={'pk': obj.pk}
)
return ret
def get_refresh_token(self, obj):
return None
def create(self, validated_data): def create(self, validated_data):
validated_data['user'] = self.context['request'].user validated_data['user'] = self.context['request'].user
validated_data['token'] = generate_token() validated_data['token'] = generate_token()
@@ -1184,7 +1126,7 @@ class OAuth2PersonalTokenSerializer(BaseOAuth2TokenSerializer):
seconds=settings.OAUTH2_PROVIDER['ACCESS_TOKEN_EXPIRE_SECONDS'] seconds=settings.OAUTH2_PROVIDER['ACCESS_TOKEN_EXPIRE_SECONDS']
) )
validated_data['application'] = None validated_data['application'] = None
obj = super(OAuth2PersonalTokenSerializer, self).create(validated_data) obj = super(UserPersonalTokenSerializer, self).create(validated_data)
obj.save() obj.save()
return obj return obj
@@ -1218,18 +1160,6 @@ class OAuth2ApplicationSerializer(BaseSerializer):
return None return None
return obj.updated return obj.updated
def get_related(self, obj):
ret = super(OAuth2ApplicationSerializer, self).get_related(obj)
if obj.user:
ret['user'] = self.reverse('api:user_detail', kwargs={'pk': obj.user.pk})
ret['tokens'] = self.reverse(
'api:o_auth2_application_token_list', kwargs={'pk': obj.pk}
)
ret['activity_stream'] = self.reverse(
'api:o_auth2_application_activity_stream_list', kwargs={'pk': obj.pk}
)
return ret
def _summary_field_tokens(self, obj): def _summary_field_tokens(self, obj):
token_list = [{'id': x.pk, 'token': TOKEN_CENSOR, 'scope': x.scope} for x in obj.oauth2accesstoken_set.all()[:10]] token_list = [{'id': x.pk, 'token': TOKEN_CENSOR, 'scope': x.scope} for x in obj.oauth2accesstoken_set.all()[:10]]
if has_model_field_prefetched(obj, 'oauth2accesstoken_set'): if has_model_field_prefetched(obj, 'oauth2accesstoken_set'):

2
awx/api/urls/user.py
View File

@@ -34,7 +34,7 @@ urls = [
url(r'^(?P<pk>[0-9]+)/applications/$', OAuth2ApplicationList.as_view(), name='o_auth2_application_list'), url(r'^(?P<pk>[0-9]+)/applications/$', OAuth2ApplicationList.as_view(), name='o_auth2_application_list'),
url(r'^(?P<pk>[0-9]+)/tokens/$', OAuth2UserTokenList.as_view(), name='o_auth2_token_list'), url(r'^(?P<pk>[0-9]+)/tokens/$', OAuth2UserTokenList.as_view(), name='o_auth2_token_list'),
url(r'^(?P<pk>[0-9]+)/authorized_tokens/$', UserAuthorizedTokenList.as_view(), name='user_authorized_token_list'), url(r'^(?P<pk>[0-9]+)/authorized_tokens/$', UserAuthorizedTokenList.as_view(), name='user_authorized_token_list'),
url(r'^(?P<pk>[0-9]+)/personal_tokens/$', OAuth2PersonalTokenList.as_view(), name='o_auth2_personal_token_list'), url(r'^(?P<pk>[0-9]+)/personal_tokens/$', OAuth2PersonalTokenList.as_view(), name='user_personal_token_list'),
] ]

2
awx/api/urls/user_oauth.py
View File

@@ -43,7 +43,7 @@ urls = [
OAuth2TokenActivityStreamList.as_view(), OAuth2TokenActivityStreamList.as_view(),
name='o_auth2_token_activity_stream_list' name='o_auth2_token_activity_stream_list'
), ),
url(r'^personal_tokens/$', OAuth2PersonalTokenList.as_view(), name='o_auth2_personal_token_list'), url(r'^personal_tokens/$', OAuth2PersonalTokenList.as_view(), name='user_personal_token_list'),
] ]
__all__ = ['urls'] __all__ = ['urls']

19
awx/api/views.py
View File

@@ -1612,27 +1612,12 @@ class OAuth2UserTokenList(SubListCreateAPIView):
swagger_topic = 'Authentication' swagger_topic = 'Authentication'
class OAuth2AuthorizedTokenList(SubListCreateAPIView):
view_name = _("OAuth2 Authorized Access Tokens")
model = OAuth2AccessToken
serializer_class = OAuth2AuthorizedTokenSerializer
parent_model = OAuth2Application
relationship = 'oauth2accesstoken_set'
parent_key = 'application'
swagger_topic = 'Authentication'
def get_queryset(self):
return get_access_token_model().objects.filter(application__isnull=False, user=self.request.user)
class UserAuthorizedTokenList(SubListCreateAPIView): class UserAuthorizedTokenList(SubListCreateAPIView):
view_name = _("OAuth2 User Authorized Access Tokens") view_name = _("OAuth2 User Authorized Access Tokens")
model = OAuth2AccessToken model = OAuth2AccessToken
serializer_class = OAuth2AuthorizedTokenSerializer serializer_class = UserAuthorizedTokenSerializer
parent_model = User parent_model = User
relationship = 'oauth2accesstoken_set' relationship = 'oauth2accesstoken_set'
parent_key = 'user' parent_key = 'user'
@@ -1659,7 +1644,7 @@ class OAuth2PersonalTokenList(SubListCreateAPIView):
view_name = _("OAuth2 Personal Access Tokens") view_name = _("OAuth2 Personal Access Tokens")
model = OAuth2AccessToken model = OAuth2AccessToken
serializer_class = OAuth2PersonalTokenSerializer serializer_class = UserPersonalTokenSerializer
parent_model = User parent_model = User
relationship = 'main_oauth2accesstoken' relationship = 'main_oauth2accesstoken'
parent_key = 'user' parent_key = 'user'

4
awx/main/tests/functional/test_rbac_oauth.py
View File

@@ -200,7 +200,7 @@ class TestOAuth2Token:
user_list = [admin, org_admin, org_member, alice] user_list = [admin, org_admin, org_member, alice]
can_access_list = [True, False, True, False] can_access_list = [True, False, True, False]
response = post( response = post(
reverse('api:o_auth2_personal_token_list', kwargs={'pk': org_member.pk}), reverse('api:user_personal_token_list', kwargs={'pk': org_member.pk}),
{'scope': 'read'}, org_member, expect=201 {'scope': 'read'}, org_member, expect=201
) )
token = AccessToken.objects.get(token=response.data['token']) token = AccessToken.objects.get(token=response.data['token'])
@@ -220,7 +220,7 @@ class TestOAuth2Token:
for user, can_access in zip(user_list, can_access_list): for user, can_access in zip(user_list, can_access_list):
response = post( response = post(
reverse('api:o_auth2_personal_token_list', kwargs={'pk': user.pk}), reverse('api:user_personal_token_list', kwargs={'pk': user.pk}),
{'scope': 'read', 'application':None}, user, expect=201 {'scope': 'read', 'application':None}, user, expect=201
) )
token = AccessToken.objects.get(token=response.data['token']) token = AccessToken.objects.get(token=response.data['token'])