Verified Commit 13c5219d authored by Eliot Berriot's avatar Eliot Berriot
Browse files

See #206: added API endpoint for managing settings

parent 0dc9cdab
from django.conf.urls import url
from rest_framework import routers
from . import views
admin_router = routers.SimpleRouter()
admin_router.register(r'admin/settings', views.AdminSettings, 'admin-settings')
urlpatterns = [
url(r'^nodeinfo/2.0/$', views.NodeInfo.as_view(), name='nodeinfo-2.0'),
url(r'^settings/$', views.InstanceSettings.as_view(), name='settings'),
]
] + admin_router.urls
......@@ -2,6 +2,7 @@ from rest_framework import views
from rest_framework.response import Response
from dynamic_preferences.api import serializers
from dynamic_preferences.api import viewsets as preferences_viewsets
from dynamic_preferences.registries import global_preferences_registry
from funkwhale_api.common import preferences
......@@ -15,6 +16,10 @@ NODEINFO_2_CONTENT_TYPE = (
)
class AdminSettings(preferences_viewsets.GlobalPreferencesViewSet):
pagination_class = None
class InstanceSettings(views.APIView):
permission_classes = []
authentication_classes = []
......
......@@ -6,7 +6,7 @@ import os
import uuid
from django.conf import settings
from django.contrib.auth.models import AbstractUser
from django.contrib.auth.models import AbstractUser, Permission
from django.urls import reverse
from django.db import models
from django.utils.encoding import python_2_unicode_compatible
......@@ -55,6 +55,10 @@ class User(AbstractUser):
def __str__(self):
return self.username
def add_permission(self, codename):
p = Permission.objects.get(codename=codename)
self.user_permissions.add(p)
def get_absolute_url(self):
return reverse('users:detail', kwargs={'username': self.username})
......
......@@ -21,3 +21,31 @@ def test_nodeinfo_endpoint_disabled(db, api_client, preferences):
response = api_client.get(url)
assert response.status_code == 404
def test_settings_only_list_public_settings(db, api_client, preferences):
url = reverse('api:v1:instance:settings')
response = api_client.get(url)
for conf in response.data:
p = preferences.model.objects.get(
section=conf['section'], name=conf['name'])
assert p.preference.show_in_api is True
def test_admin_settings_restrict_access(db, logged_in_api_client, preferences):
url = reverse('api:v1:instance:admin-settings-list')
response = logged_in_api_client.get(url)
assert response.status_code == 403
def test_admin_settings_correct_permission(
db, logged_in_api_client, preferences):
user = logged_in_api_client.user
user.add_permission('change_globalpreferencemodel')
url = reverse('api:v1:instance:admin-settings-list')
response = logged_in_api_client.get(url)
assert response.status_code == 200
assert len(response.data) == len(preferences.all())
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment