Add signup and some custom permissions

2019-03-27 00:42:51 +01:00 · 2019-03-27 00:42:51 +01:00 · 0b37305080
parent 747478f0d7
commit 0b37305080
6 changed files with 61 additions and 25 deletions
--- a/backend/entrypoint.sh
+++ b/backend/entrypoint.sh
@ -14,17 +14,6 @@ from django.contrib.auth.models import User as AuthUser;
 from perks.models import User;
 if not AuthUser.objects.filter(username='${DJANGO_ADMIN_USER}').count() :
 	AuthUser.objects.create_superuser('${DJANGO_ADMIN_USER}', '${DJANGO_ADMIN_MAIL}', '${DJANGO_ADMIN_PASS}')
 if not User.objects.filter(base_user__username='${DJANGO_ADMIN_USER}').count() :
 	base_admin = AuthUser.objects.get(username='${DJANGO_ADMIN_USER}')
 	admin = User(base_user=base_admin)
 	admin.save()
 if not AuthUser.objects.filter(username='user').count() :
 	base_user = create_user('user', 'user@example.com', 'user')
 if not User.objects.filter(base_user__username='user').count() :
 	base_user = AuthUser.objects.get(username='user')
 	user = User(base_user=base_user)
 	user.save()
 " | python manage.py shell
 gunicorn -w 4 --bind 0.0.0.0:80 perktree.wsgi:application
--- a/backend/perks/permissions.py
+++ b/backend/perks/permissions.py
@ -0,0 +1,26 @@
 #! /usr/bin/env python
 # -*- coding: utf-8 -*-
 # vim:fenc=utf-8
 #
 # Copyright © 2019 pavle <pavle.portic@tilda.center>
 #
 # Distributed under terms of the BSD-3-Clause license.
 from rest_framework import permissions
 class IsPostOrIsAuthenticated(permissions.BasePermission):
 	def has_permission(self, request, view):
 		if request.method == 'POST':
 			return True
 		return request.user and request.user.is_authenticated
 class IsGetOrIsSuperuser(permissions.BasePermission):
 	def has_permission(self, request, view):
 		if request.method == 'GET':
 			return True
 		return request.user and request.user.is_superuser and request.user.is_authenticated
--- a/backend/perks/views.py
+++ b/backend/perks/views.py
@ -7,12 +7,14 @@
 # Distributed under terms of the BSD-3-Clause license.
 from os import environ
-from rest_framework.views import APIView
+from django.contrib.auth.models import User as AuthUser
 #  from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
-from rest_framework import permissions
+from rest_framework.views import APIView
 from .parser import PerkParser
 from .models import Perk, Tree, User
 from .parser import PerkParser
 from .permissions import IsPostOrIsAuthenticated, IsGetOrIsSuperuser
 from .serializers import PerkSerializer, TreeSerializer, UserSerializer
@ -23,7 +25,7 @@ if not PERKS_DIR:
 class TreeView(APIView):
-	#  permission_classes = (permissions.IsAuthenticated,)
+	permission_classes = (IsGetOrIsSuperuser,)
 	def get(self, request, format=None):
 		trees = []
@ -46,7 +48,7 @@ class TreeView(APIView):
 class PerkView(APIView):
-	#  permission_classes = (permissions.IsAuthenticated,)
+	permission_classes = (IsGetOrIsSuperuser,)
 	def get(self, request, tree_id, format=None):
 		output_data = {
@ -83,9 +85,12 @@ class PerkView(APIView):
 class UserView(APIView):
-	permission_classes = (permissions.IsAuthenticated,)
+	permission_classes = (IsPostOrIsAuthenticated,)
 	def get(self, request):
 		if not request.user.id:
 			return Response(status=404)
 		user = User.objects.get(base_user__id=request.user.id)
 		serialized_user = UserSerializer(user).data
@ -109,3 +114,14 @@ class UserView(APIView):
 		serialized_user = UserSerializer(user).data
 		return Response(serialized_user)
 	def post(self, request):
 		username = request.data['username']
 		email = request.data['email']
 		password = request.data['password']
 		base_user = AuthUser.objects.create_user(username=username, email=email, password=password)
 		user = User(base_user=base_user)
 		user.save()
 		serialized_user = UserSerializer(user).data
 		return Response(serialized_user)
--- a/frontend/src/components/auth/signup.component.vue
+++ b/frontend/src/components/auth/signup.component.vue
@ -42,7 +42,7 @@
 </template>
 <script>
-	import AuthController from '../../controllers/auth.controller';
+	import UserController from '../../controllers/user.controller';
 	export default {
 		name: 'signup',
@ -58,6 +58,8 @@
 		methods: {
 			submit(event) {
 				event.preventDefault();
 				this.signupErrors = [];
 				if (this.password !== this.passwordConfirm) {
 					this.signupErrors.push('Passwords do not match');
 					return;
@ -68,7 +70,7 @@
 					email: this.email,
 					password: this.password,
 				};
-				AuthController.signup(data).then(() => {
+				UserController.createUser(data).then(() => {
 					this.$router.push({ name: 'index' });
 				}).catch((error) => {
 					if (error.response) {
--- a/frontend/src/controllers/user.controller.js
+++ b/frontend/src/controllers/user.controller.js
@ -12,8 +12,8 @@ export default class AuthController {
 		return UserApi.getUser();
 	}
-	static signup(data) {
+	static createUser(data) {
-		return UserApi.signup(data);
+		return UserApi.createUser(data);
 	}
 	static updatePerks(perks) {
--- a/frontend/src/main.js
+++ b/frontend/src/main.js
@ -40,10 +40,13 @@ const configureHttp = () => {
 };
 const configureRaven = () => {
-	Raven
+	if (config.getEnv() !== 'dev') {
-		.config('https://2b1b0eea285244289175e53d65421fac@sentry.theedgeofrage.com/3')
+		console.log('Setting up Raven.js');
-		.addPlugin(RavenVue, Vue)
+		Raven
-		.install();
+			.config('https://2b1b0eea285244289175e53d65421fac@sentry.theedgeofrage.com/3')
 			.addPlugin(RavenVue, Vue)
 			.install();
 	}
 };
 configureHttp();