From a16aed0299ab57b8f1f0e30366e02606ed1fe016 Mon Sep 17 00:00:00 2001
From: Ernesto Rico Schmidt <ernesto@helsinki.at>
Date: Fri, 9 Feb 2024 17:28:01 -0400
Subject: [PATCH] feat: expose if a user is privileged in the API
---
program/serializers.py | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/program/serializers.py b/program/serializers.py
index 1d6fa500..fbbe045a 100644
--- a/program/serializers.py
+++ b/program/serializers.py
@@ -104,6 +104,7 @@ class ProfileSerializer(serializers.ModelSerializer):
class UserSerializer(serializers.ModelSerializer):
+ is_privileged = serializers.SerializerMethodField()
permissions = serializers.SerializerMethodField()
# Add profile fields to JSON
profile = ProfileSerializer(required=False)
@@ -112,6 +113,7 @@ class UserSerializer(serializers.ModelSerializer):
model = User
read_only_fields = (
"id",
+ "is_privileged",
"permissions",
)
fields = (
@@ -130,6 +132,10 @@ class UserSerializer(serializers.ModelSerializer):
def get_permissions(obj: User) -> list[str]:
return sorted([p for p in obj.get_all_permissions() if p.startswith("program")])
+ @staticmethod
+ def get_is_privileged(obj: User) -> bool:
+ return obj.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
+
def create(self, validated_data):
"""
Create and return a new User instance, given the validated data.
@@ -621,7 +627,9 @@ class ShowSerializer(serializers.HyperlinkedModelSerializer):
instance.description = validated_data.get("description", instance.description)
instance.name = validated_data.get("name", instance.name)
- instance.short_description = validated_data.get("short_description", instance.short_description)
+ instance.short_description = validated_data.get(
+ "short_description", instance.short_description
+ )
# Only update these fields if the user is privileged, ignore otherwise
if user_is_privileged:
--
GitLab