diff --git a/awx/main/serializers.py b/awx/main/serializers.py index b6b88ae118..e694293b27 100644 --- a/awx/main/serializers.py +++ b/awx/main/serializers.py @@ -84,6 +84,53 @@ class BaseSerializer(serializers.ModelSerializer): else: return obj.active +class UserSerializer(BaseSerializer): + + password = serializers.WritableField(required=False, default='') + + class Meta: + model = User + fields = ('id', 'url', 'related', 'created', 'username', 'first_name', + 'last_name', 'email', 'is_active', 'is_superuser', + 'password') + + def to_native(self, obj): + ret = super(UserSerializer, self).to_native(obj) + ret.pop('password', None) + ret.fields.pop('password', None) + return ret + + def get_validation_exclusions(self): + ret = super(UserSerializer, self).get_validation_exclusions() + ret.append('password') + return ret + + def restore_object(self, attrs, instance=None): + new_password = attrs.pop('password', None) + instance = super(UserSerializer, self).restore_object(attrs, instance) + instance._new_password = new_password + return instance + + def save_object(self, obj, **kwargs): + new_password = getattr(obj, '_new_password', None) + if new_password: + obj.set_password(new_password) + if not obj.password: + obj.set_unusable_password() + return super(UserSerializer, self).save_object(obj, **kwargs) + + def get_related(self, obj): + res = super(UserSerializer, self).get_related(obj) + res.update(dict( + teams = reverse('main:user_teams_list', args=(obj.pk,)), + organizations = reverse('main:user_organizations_list', args=(obj.pk,)), + admin_of_organizations = reverse('main:user_admin_of_organizations_list', args=(obj.pk,)), + projects = reverse('main:user_projects_list', args=(obj.pk,)), + credentials = reverse('main:user_credentials_list', args=(obj.pk,)), + permissions = reverse('main:user_permissions_list', args=(obj.pk,)), + )) + return res + class OrganizationSerializer(BaseSerializer): class Meta: @@ -320,27 +367,6 @@ class CredentialSerializer(BaseSerializer): raise serializers.ValidationError("team cannot be changed") return attrs -class UserSerializer(BaseSerializer): - - class Meta: - model = User - fields = ('id', 'url', 'related', 'created', 'username', 'first_name', - 'last_name', 'email', 'is_active', 'is_superuser',) - - # FIXME: Add password as write-only serializer field. - - def get_related(self, obj): - res = super(UserSerializer, self).get_related(obj) - res.update(dict( - teams = reverse('main:user_teams_list', args=(obj.pk,)), - organizations = reverse('main:user_organizations_list', args=(obj.pk,)), - admin_of_organizations = reverse('main:user_admin_of_organizations_list', args=(obj.pk,)), - projects = reverse('main:user_projects_list', args=(obj.pk,)), - credentials = reverse('main:user_credentials_list', args=(obj.pk,)), - permissions = reverse('main:user_permissions_list', args=(obj.pk,)), - )) - return res - class JobTemplateSerializer(BaseSerializer): class Meta: diff --git a/awx/main/views.py b/awx/main/views.py index 6936436043..5869cd6454 100644 --- a/awx/main/views.py +++ b/awx/main/views.py @@ -310,16 +310,6 @@ class UserList(ListCreateAPIView): model = User serializer_class = UserSerializer - def create(self, request, *args, **kwargs): - password = request.DATA.get('password', None) - response = super(UserList, self).create(request, *args, **kwargs) - if password: - pk = response.data['id'] - user = User.objects.get(pk=pk) - user.set_password(password) - user.save() - return response - class UserMeList(ListAPIView): model = User @@ -408,11 +398,6 @@ class UserDetail(RetrieveUpdateDestroyAPIView): if changed: raise PermissionDenied('Cannot change %s' % ', '.join(changed.keys())) - new_password = request.DATA.get('password', '') - if can_change and new_password: - obj.set_password(new_password) - obj.save() - class CredentialList(ListAPIView): model = Credential