From a65b1574dba558ee2b2115e977322a086758204f Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jan@dittberner.info>
Date: Sun, 16 Apr 2023 13:21:57 +0200
Subject: [PATCH] Add admin user information REST API

---
 docs/changelog.rst                      |  1 +
 gnuviechadmin/gnuviechadmin/settings.py | 13 +++++++++++
 gnuviechadmin/gnuviechadmin/urls.py     |  9 ++++++++
 gnuviechadmin/help/serializers.py       | 30 +++++++++++++++++++++++++
 gnuviechadmin/help/views.py             | 30 +++++++++++++++++++++++--
 5 files changed, 81 insertions(+), 2 deletions(-)
 create mode 100644 gnuviechadmin/help/serializers.py

diff --git a/docs/changelog.rst b/docs/changelog.rst
index 4aeb686..9dc3203 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -1,6 +1,7 @@
 Changelog
 =========
 
+* :feature:`-` add REST API to retrieve and set user information as admin
 * :feature:`-` add support model for offline account reset codes in new help
   app
 * :support:`-` remove unused PowerDNS support tables from domains app
diff --git a/gnuviechadmin/gnuviechadmin/settings.py b/gnuviechadmin/gnuviechadmin/settings.py
index 089e171..6d81694 100644
--- a/gnuviechadmin/gnuviechadmin/settings.py
+++ b/gnuviechadmin/gnuviechadmin/settings.py
@@ -207,6 +207,8 @@ DJANGO_APPS = (
     "django.contrib.flatpages",
     "crispy_forms",
     "impersonate",
+    "rest_framework",
+    "rest_framework.authtoken",
 )
 
 ALLAUTH_APPS = (
@@ -264,6 +266,17 @@ CRISPY_TEMPLATE_PACK = "bootstrap3"
 # ######### END CRISPY_FORMS CONFIGURATION
 
 
+# ######### REST FRAMEWORK CONFIGURATION
+REST_FRAMEWORK = {
+    "DEFAULT_AUTHENTICATION_CLASSES": [
+        "rest_framework.authentication.BasicAuthentication",
+        "rest_framework.authentication.SessionAuthentication",
+        "rest_framework.authentication.TokenAuthentication",
+    ]
+}
+# ######### END REST FRAMEWORK CONFIGURATION
+
+
 # ######### LOGGING CONFIGURATION
 # See: https://docs.djangoproject.com/en/dev/ref/settings/#logging
 # A sample logging configuration. The only tangible logging
diff --git a/gnuviechadmin/gnuviechadmin/urls.py b/gnuviechadmin/gnuviechadmin/urls.py
index 8bcfca5..34a7d7c 100644
--- a/gnuviechadmin/gnuviechadmin/urls.py
+++ b/gnuviechadmin/gnuviechadmin/urls.py
@@ -6,11 +6,20 @@ from django.contrib import admin
 from django.contrib.flatpages import views
 from django.contrib.staticfiles.urls import staticfiles_urlpatterns
 from django.urls import path, re_path
+from rest_framework import routers
+
+from help import views as help_views
 
 admin.autodiscover()
 
+router = routers.DefaultRouter()
+router.register(r"users", help_views.UserViewSet)
+router.register(r"help-users", help_views.HelpUserViewSet)
+
 urlpatterns = [
     re_path(r"", include("dashboard.urls")),
+    path("api/", include(router.urls)),
+    path("api-auth/", include("rest_framework.urls", namespace="rest_framework")),
     re_path(r"^admin/", admin.site.urls),
     re_path(r"^impersonate/", include("impersonate.urls")),
     re_path(r"^accounts/", include("allauth.urls")),
diff --git a/gnuviechadmin/help/serializers.py b/gnuviechadmin/help/serializers.py
new file mode 100644
index 0000000..2052926
--- /dev/null
+++ b/gnuviechadmin/help/serializers.py
@@ -0,0 +1,30 @@
+"""
+Serializers for the REST API
+"""
+
+from django.contrib.auth import get_user_model
+from rest_framework import serializers
+
+from help.models import HelpUser
+
+User = get_user_model()
+
+
+class UserSerializer(serializers.HyperlinkedModelSerializer):
+    class Meta:
+        model = User
+        fields = ["url", "username", "helpuser"]
+        read_only_fields = ["username", "helpuser"]
+
+
+class HelpUserSerializer(serializers.HyperlinkedModelSerializer):
+    class Meta:
+        model = HelpUser
+        fields = [
+            "url",
+            "user",
+            "email_address",
+            "postal_address",
+            "offline_account_code",
+        ]
+        read_only_fields = ["user", "offline_account_code"]
diff --git a/gnuviechadmin/help/views.py b/gnuviechadmin/help/views.py
index 91ea44a..cdfcff6 100644
--- a/gnuviechadmin/help/views.py
+++ b/gnuviechadmin/help/views.py
@@ -1,3 +1,29 @@
-from django.shortcuts import render
+from django.contrib.auth import get_user_model
+from rest_framework import permissions, viewsets
 
-# Create your views here.
+from help.models import HelpUser
+from help.serializers import HelpUserSerializer, UserSerializer
+
+User = get_user_model()
+
+
+class UserViewSet(viewsets.ReadOnlyModelViewSet):
+    """
+    API endpoint that allows users to be viewed or edited.
+
+    """
+
+    queryset = User.objects.all().order_by("-username")
+    serializer_class = UserSerializer
+    permission_classes = [permissions.IsAdminUser]
+
+
+class HelpUserViewSet(viewsets.ModelViewSet):
+    """
+    API endpoint that allows user help profile to be viewed or edited.
+
+    """
+
+    queryset = HelpUser.objects.all().order_by("-user__username")
+    serializer_class = HelpUserSerializer
+    permission_classes = [permissions.IsAdminUser]