space manage users and permissions

2026-01-08 23:58:15 -05:00 · 2022-06-01 17:01:13 +02:00
parent c804064155
commit f41e4c62d4
3 changed files with 31 additions and 7 deletions
--- a/cookbook/serializer.py
+++ b/cookbook/serializer.py
@@ -135,10 +135,13 @@ class UserNameSerializer(WritableNestedModelSerializer):
        fields = ('id', 'username')


-class GroupSerializer(WritableNestedModelSerializer):
+class GroupSerializer(UniqueFieldsMixin, WritableNestedModelSerializer):
    def create(self, validated_data):
        raise ValidationError('Cannot create using this endpoint')

+    def update(self, instance, validated_data):
+        return instance  # cannot update group
+
    class Meta:
        model = Group
        fields = ('id', 'name')
@@ -170,8 +173,9 @@ class SpaceSerializer(serializers.ModelSerializer):
        read_only_fields = ('id', 'created_by', 'created_at', 'message', 'max_recipes', 'max_file_storage_mb', 'max_users', 'allow_sharing', 'demo',)


-class UserSpaceSerializer(serializers.ModelSerializer):
+class UserSpaceSerializer(WritableNestedModelSerializer):
    user = UserNameSerializer(read_only=True)
+    groups = GroupSerializer(many=True)

    def create(self, validated_data):
        raise ValidationError('Cannot create using this endpoint')
--- a/cookbook/views/api.py
+++ b/cookbook/views/api.py
@@ -386,7 +386,7 @@ class UserSpaceViewSet(viewsets.ModelViewSet):
    queryset = UserSpace.objects
    serializer_class = UserSpaceSerializer
    permission_classes = [CustomIsSpaceOwner]
-    http_method_names = ['get', 'patch', 'delete']
+    http_method_names = ['get', 'patch', 'put', 'delete']

    def get_queryset(self):
        return self.queryset.filter(space=self.request.space)