Split rest api between clientapi and frontend

django_backend/backend/admin.py

@@ -5,6 +5,6 @@ from . import models
 
 b = apps.get_app_config('backend')
 
-# register all models of the skat app
+# register all models of the app
 for _, model in b.models.items():
     admin.site.register(model)

django_backend/backend/clientapi/models.py

+
+
+class Deployments:
+    # attributes: services
+    pass
+
+
+class UserDeployment:
+    # attributes: user, ssh_keys
+    pass

django_backend/backend/clientapi/serializers.py

+
+from rest_framework import serializers
+
+from .. import models
+from ..frontend import serializers as frontend_serializers
+
+
+class UserSerializer(serializers.ModelSerializer):
+    groups = frontend_serializers.GroupSerializer(many=True)
+
+    class Meta:
+        model = models.User
+        fields = [
+                'sub', 'email', 'groups'
+                ]
+
+
+class UserDeploymentSerializer(serializers.ModelSerializer):
+    user = UserSerializer()
+    ssh_keys = frontend_serializers.SSHPublicKeySerializer(many=True)
+
+    class Meta:
+        model = models.Deployment
+        fields = ['user', 'ssh_keys']
+
+
+class DeploymentsSerializer(serializers.Serializer):
+    services = serializers.DictField(
+            child=serializers.ListField(
+                child=UserDeploymentSerializer()
+                )
+            )

django_backend/backend/clientapi/urls.py

+
+from django.conf.urls import include, url
+from rest_framework import routers
+from . import views
+
+router = routers.DefaultRouter(trailing_slash=False)
+# router.register(
+# r'deployments', views.ClientViewSet, base_name='deployments')
+
+urlpatterns = [
+    url(r'^', include(router.urls)),
+    url(r'^deployments', views.DeploymentsView.as_view()),
+]

django_backend/backend/clientapi/views.py

+
+from rest_framework import generics
+from rest_framework.authentication import TokenAuthentication
+
+from . import serializers, models
+
+
+class DeploymentsView(generics.RetrieveAPIView):
+    authentication_classes = (TokenAuthentication,)
+    serializer_class = serializers.DeploymentsSerializer
+
+    def get_object(self):
+        d = models.Deployments()
+
+        d.services = {}
+        for service in self.request.user.site.services.all():
+            # deployments with ssh keys
+            d.services[service.name] = (
+                    service.deployments
+                    .filter(user__user_type='oidcuser')
+                    .exclude(ssh_keys=None)
+                    )
+
+        return d

django_backend/backend/serializers.py → django_backend/backend/frontend/serializers.py

 from django.contrib.auth.models import Group
 from rest_framework import serializers
-from . import models
+from .. import models
 
 
 class GroupSerializer(serializers.ModelSerializer):
@@ -20,7 +20,7 @@ class ServiceSerializer(serializers.ModelSerializer):
     groups = GroupSerializer(many=True)
 
     class Meta:
-        model = models.Site
+        model = models.Service
         exclude = ['id']
 
 
@@ -58,5 +58,17 @@ class UserSerializer(serializers.ModelSerializer):
                 ]
 
 
+class ClientSerializer(serializers.HyperlinkedModelSerializer):
+    class Meta:
+        model = models.User
+        fields = [
+                'name', 'site'
+                ]
+
+
 class StateSerializer(serializers.Serializer):
     services = ServiceSerializer(many=True)
+
+
+class ClientViewSerializer(serializers.Serializer):
+    deployments = serializers.JSONField()

django_backend/backend/frontend/urls.py

+
+from django.conf.urls import url
+from . import views
+
+
+urlpatterns = [
+    url(r'^state/', views.StateView.as_view()),
+    url(r'^sshkey/', views.SSHPublicKeyView.as_view()),
+    url(r'^operational/', views.OperationalView.as_view()),
+    url(r'^deployments/', views.DeploymentView.as_view()),
+]

django_backend/backend/rest_views.py → django_backend/backend/frontend/views.py

@@ -4,10 +4,12 @@ from django.db.utils import OperationalError
 from django.shortcuts import get_object_or_404, redirect
 from rest_framework import views, viewsets
 from rest_framework.permissions import AllowAny
+from rest_framework.authentication import TokenAuthentication
 from rest_framework.response import Response
 from rest_framework import status
 
-from . import serializers, models
+from . import serializers
+from .. import models
 
 
 class OperationalView(views.APIView):
@@ -122,3 +124,24 @@ class DeploymentView(views.APIView):
             return redirect('/backend/api/state/')
 
         return Response({'ok': False}, status=status.HTTP_400_BAD_REQUEST)
+
+
+class ClientViewSet(viewsets.ModelViewSet):
+    authentication_classes = (TokenAuthentication,)
+    serializer_class = serializers.ClientViewSerializer
+
+    def get_queryset(self):
+        # services of this client
+        services = self.request.user.site.services.all()
+
+        deployments = {}
+        for service in services:
+            deployments[service.name] = []
+            for deployment in service.deployments.all():
+                deployments[service.name].append(
+                        serializers.UserSerializer(deployment.user).data
+                        )
+
+        c = models.ClientView()
+        c.deployments = deployments
+        return [c]

django_backend/backend/models.py

 from django.contrib.auth.models import AbstractUser, Group
 from django.db import models
-from django.forms import ValidationError
+from django.conf import settings
+from django.dispatch import receiver
+from rest_framework.authtoken.models import Token
+from django.db.models.signals import post_save
 
 
 class User(AbstractUser):
+    TYPE_CHOICES = (
+            ('apiclient', 'API-Client'),
+            ('oidcuser', 'OIDC User'),
+            ('admin', 'Admin'),
+            )
+    user_type = models.CharField(
+            max_length=20,
+            choices=TYPE_CHOICES,
+            default='oidcuser',
+            )
     sub = models.CharField(max_length=150, blank=True, null=True)
     password = models.CharField(max_length=150, blank=True, null=True)
 
 
+@receiver(post_save, sender=settings.AUTH_USER_MODEL)
+def create_auth_token(sender, instance=None, created=False, **kwargs):
+    if created:
+        if instance.user_type == 'apiclient':
+            Token.objects.create(user=instance)
+
+
 def construct_user(user_info):
     return User(
             sub=user_info['sub'],
@@ -20,6 +40,11 @@ def construct_user(user_info):
 
 
 class Site(models.Model):
+    client = models.OneToOneField(
+            User,
+            related_name='site',
+            blank=True,
+            null=True)
     name = models.CharField(max_length=150, unique=True)
     description = models.TextField(max_length=300, blank=True)
 

django_backend/backend/urls.py

+from django.conf.urls import include, url
+from django.contrib import admin
+
+from .clientapi import urls as clientapi_urls
+from .frontend import urls as frontend_urls, views as frontend_views
+from .auth import views as auth_views
+
+
+urlpatterns = [
+    url(r'^clientapi/', include(clientapi_urls.urlpatterns)),
+    url(r'^api/', include(frontend_urls.urlpatterns)),
+    url(r'^auth/', auth_views.Auth.as_view()),
+    url(r'^auth_callback/', auth_views.AuthCallback.as_view()),
+    url(r'^auth_logout', frontend_views.LogoutView.as_view()),
+    url(r'^admin', admin.site.urls),
+]

django_backend/settings.py

@@ -46,6 +46,7 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'rest_framework',
+    'rest_framework.authtoken',
     'django_backend.backend',
     'corsheaders',
 ]
@@ -143,8 +144,8 @@ STATIC_ROOT = 'static'
 
 REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': [
-        # 'rest_framework.authentication.SessionAuthentication',
         'django_backend.backend.auth.auth_class.CsrfExemptSessionAuthentication',
+        'rest_framework.authentication.TokenAuthentication',
         ],
     'DEFAULT_PERMISSION_CLASSES': [
         'rest_framework.permissions.IsAuthenticated',

django_backend/urls.py

 from django.conf.urls import include, url
-from django.contrib import admin
-from django_backend.backend.auth import views as auth_views
-
-from rest_framework import routers
-
-from .backend import rest_views
-
-router = routers.DefaultRouter(trailing_slash=False)
-router.register(r'services', rest_views.ServiceViewSet)
 
+from .backend import urls
 
 urlpatterns = [
-    url(r'^backend/rest/', include(router.urls)),
-    url(r'^backend/api/state/', rest_views.StateView.as_view()),
-    url(r'^backend/api/sshkey/', rest_views.SSHPublicKeyView.as_view()),
-    url(r'^backend/api/operational/', rest_views.OperationalView.as_view()),
-    url(r'^backend/api/deployments/', rest_views.DeploymentView.as_view()),
-    url(r'^backend/auth/', auth_views.Auth.as_view()),
-    url(r'^backend/auth_callback/', auth_views.AuthCallback.as_view()),
-    url(r'^backend/auth_logout', rest_views.LogoutView.as_view()),
-    url(r'^backend/admin', admin.site.urls),
+    url(r'^backend/', include(urls.urlpatterns)),
 ]