Add a /api/v1/me URL, which is a quick way to find your user record.

lib/main/tests/users.py

@@ -140,8 +140,24 @@ class UsersTest(BaseTest):
         data = self.delete(url3, expect=403, auth=self.get_other_credentials())
 
     def test_there_exists_an_obvious_url_where_a_user_may_find_his_user_record(self):
-        #self.assertTrue(False)
-        pass
+        url = '/api/v1/me/'
+        data = self.get(url, expect=401, auth=None)
+        data = self.get(url, expect=401, auth=self.get_invalid_credentials())
+        data = self.get(url, expect=200, auth=self.get_normal_credentials())
+        self.assertEquals(data['results'][0]['username'], 'normal')
+        self.assertEquals(data['count'], 1)
+        data = self.get(url, expect=200, auth=self.get_other_credentials())
+        self.assertEquals(data['results'][0]['username'], 'other')
+        self.assertEquals(data['count'], 1)
+        data = self.get(url, expect=200, auth=self.get_super_credentials())
+        self.assertEquals(data['results'][0]['username'], 'admin')
+        self.assertEquals(data['count'], 1)
+
+    # TODO:
+    # possibly nice to have, some quick lookup functions that are not postable:
+    # /users/2/organizations
+    # /users/2/projects
+    # /users/2/teams
 
 
 

lib/main/views.py

@@ -180,6 +180,19 @@ class UsersList(BaseList):
         same_team = base.filter(teams__in = self.request.user.teams.all()).distinct()
         return mine | admin_of | same_team
 
+class UsersMeList(BaseList):
+
+    model = User
+    serializer_class = UserSerializer
+    permission_classes = (CustomRbac,)
+
+    def post(self, request, *args, **kwargs):
+        raise PermissionDenied()
+
+    def _get_queryset(self):
+        ''' a quick way to find my user record '''
+        return User.objects.filter(pk=self.request.user.pk)
+
 class UsersDetail(BaseDetail):
 
     model = User