paperless-ngx/src/paperless/serialisers.py

from django.contrib.auth.models import Group
from django.contrib.auth.models import Permission
from django.contrib.auth.models import User
from rest_framework import serializers


class ObfuscatedUserPasswordField(serializers.Field):
    """
    Sends *** string instead of password in the clear
    """

    def to_representation(self, value):
        return "**********" if len(value) > 0 else ""

    def to_internal_value(self, data):
        return data


class UserSerializer(serializers.ModelSerializer):
    password = ObfuscatedUserPasswordField(required=False)
    user_permissions = serializers.SlugRelatedField(
        many=True,
        queryset=Permission.objects.all(),
        slug_field="codename",
        required=False,
    )
    inherited_permissions = serializers.SerializerMethodField()

    class Meta:
        model = User
        fields = (
            "id",
            "username",
            "email",
            "password",
            "first_name",
            "last_name",
            "date_joined",
            "is_staff",
            "is_active",
            "is_superuser",
            "groups",
            "user_permissions",
            "inherited_permissions",
        )

    def get_inherited_permissions(self, obj):
        return obj.get_group_permissions()

    def update(self, instance, validated_data):
        if "password" in validated_data:
            if len(validated_data.get("password").replace("*", "")) > 0:
                instance.set_password(validated_data.get("password"))
                instance.save()
            validated_data.pop("password")
        super().update(instance, validated_data)
        return instance

    def create(self, validated_data):
        groups = None
        if "groups" in validated_data:
            groups = validated_data.pop("groups")
        user_permissions = None
        if "user_permissions" in validated_data:
            user_permissions = validated_data.pop("user_permissions")
        password = None
        if (
            "password" in validated_data
            and len(validated_data.get("password").replace("*", "")) > 0
        ):
            password = validated_data.pop("password")
        user = User.objects.create(**validated_data)
        # set groups
        if groups:
            user.groups.set(groups)
        # set permissions
        if user_permissions:
            user.user_permissions.set(user_permissions)
        # set password
        if password:
            user.set_password(password)
        user.save()
        return user


class GroupSerializer(serializers.ModelSerializer):
    permissions = serializers.SlugRelatedField(
        many=True,
        queryset=Permission.objects.all(),
        slug_field="codename",
    )

    class Meta:
        model = Group
        fields = (
            "id",
            "name",
            "permissions",
        )


class ProfileSerializer(serializers.ModelSerializer):
    email = serializers.EmailField(allow_null=False)
    password = ObfuscatedUserPasswordField(required=False, allow_null=False)
    auth_token = serializers.SlugRelatedField(read_only=True, slug_field="key")

    class Meta:
        model = User
        fields = (
            "email",
            "password",
            "first_name",
            "last_name",
            "auth_token",
        )
feat: add users and groups API routes 2022-11-12 18:46:52 +00:00			`from django.contrib.auth.models import Group`
frontend permissions dialogs 2022-11-13 22:58:07 -08:00			`from django.contrib.auth.models import Permission`
feat: add users and groups API routes 2022-11-12 18:46:52 +00:00			`from django.contrib.auth.models import User`
			`from rest_framework import serializers`


Allow create / update password via UI 2022-11-23 00:35:17 -08:00			`class ObfuscatedUserPasswordField(serializers.Field):`
			`"""`
			`Sends *** string instead of password in the clear`
			`"""`

			`def to_representation(self, value):`
			`return "**********" if len(value) > 0 else ""`

			`def to_internal_value(self, data):`
			`return data`


feat: add users and groups API routes 2022-11-12 18:46:52 +00:00			`class UserSerializer(serializers.ModelSerializer):`
fix merge conflict for edit dialog succeeded and pw not required 2023-01-01 17:55:52 -08:00			`password = ObfuscatedUserPasswordField(required=False)`
frontend permissions dialogs 2022-11-13 22:58:07 -08:00			`user_permissions = serializers.SlugRelatedField(`
			`many=True,`
			`queryset=Permission.objects.all(),`
			`slug_field="codename",`
Make user_permissions not required 2023-03-01 00:33:01 -08:00			`required=False,`
frontend permissions dialogs 2022-11-13 22:58:07 -08:00			`)`
feat: add users and groups API routes 2022-11-12 18:46:52 +00:00			`inherited_permissions = serializers.SerializerMethodField()`

			`class Meta:`
			`model = User`
			`fields = (`
			`"id",`
			`"username",`
include email + pw for frontend user editing 2023-01-03 08:29:36 -08:00			`"email",`
Allow create / update password via UI 2022-11-23 00:35:17 -08:00			`"password",`
feat: add users and groups API routes 2022-11-12 18:46:52 +00:00			`"first_name",`
			`"last_name",`
			`"date_joined",`
fix: update user permissions and groups, update group permissions 2022-11-13 21:55:37 +00:00			`"is_staff",`
Revert "fix: update user permissions and groups, update group permissions" This reverts commit 57b709824fa058a41c3f13066b27f83ca1281b2c. 2022-11-13 14:18:44 -08:00			`"is_active",`
feat: add users and groups API routes 2022-11-12 18:46:52 +00:00			`"is_superuser",`
			`"groups",`
frontend permissions dialogs 2022-11-13 22:58:07 -08:00			`"user_permissions",`
feat: add users and groups API routes 2022-11-12 18:46:52 +00:00			`"inherited_permissions",`
			`)`

Revert "fix: update user permissions and groups, update group permissions" This reverts commit 57b709824fa058a41c3f13066b27f83ca1281b2c. 2022-11-13 14:18:44 -08:00			`def get_inherited_permissions(self, obj):`
			`return obj.get_group_permissions()`
feat: add users and groups API routes 2022-11-12 18:46:52 +00:00
Allow create / update password via UI 2022-11-23 00:35:17 -08:00			`def update(self, instance, validated_data):`
			`if "password" in validated_data:`
			`if len(validated_data.get("password").replace("*", "")) > 0:`
			`instance.set_password(validated_data.get("password"))`
			`instance.save()`
			`validated_data.pop("password")`
			`super().update(instance, validated_data)`
			`return instance`

			`def create(self, validated_data):`
			`groups = None`
			`if "groups" in validated_data:`
			`groups = validated_data.pop("groups")`
			`user_permissions = None`
			`if "user_permissions" in validated_data:`
			`user_permissions = validated_data.pop("user_permissions")`
			`password = None`
Configures ruff as the one stop linter and resolves warnings it raised 2023-03-28 09:39:30 -07:00			`if (`
			`"password" in validated_data`
			`and len(validated_data.get("password").replace("*", "")) > 0`
			`):`
			`password = validated_data.pop("password")`
Allow create / update password via UI 2022-11-23 00:35:17 -08:00			`user = User.objects.create(**validated_data)`
			`# set groups`
			`if groups:`
			`user.groups.set(groups)`
			`# set permissions`
			`if user_permissions:`
			`user.user_permissions.set(user_permissions)`
			`# set password`
			`if password:`
			`user.set_password(password)`
			`user.save()`
			`return user`

feat: add users and groups API routes 2022-11-12 18:46:52 +00:00
			`class GroupSerializer(serializers.ModelSerializer):`
frontend permissions dialogs 2022-11-13 22:58:07 -08:00			`permissions = serializers.SlugRelatedField(`
			`many=True,`
			`queryset=Permission.objects.all(),`
			`slug_field="codename",`
			`)`
Revert "fix: update user permissions and groups, update group permissions" This reverts commit 57b709824fa058a41c3f13066b27f83ca1281b2c. 2022-11-13 14:18:44 -08:00
feat: add users and groups API routes 2022-11-12 18:46:52 +00:00			`class Meta:`
			`model = Group`
			`fields = (`
			`"id",`
			`"name",`
			`"permissions",`
			`)`
Feature: update user profile (#4678) 2023-12-02 08:26:42 -08:00

			`class ProfileSerializer(serializers.ModelSerializer):`
			`email = serializers.EmailField(allow_null=False)`
			`password = ObfuscatedUserPasswordField(required=False, allow_null=False)`
			`auth_token = serializers.SlugRelatedField(read_only=True, slug_field="key")`

			`class Meta:`
			`model = User`
			`fields = (`
			`"email",`
			`"password",`
			`"first_name",`
			`"last_name",`
			`"auth_token",`
			`)`