Merge pull request #2376 from GerardPaligot/feat_2374

Displays information of his account with the API.
zestedesavoir · Feb 24, 2015 · 67288da · 67288da
2 parents ddcfacd + 7cb2153
commit 67288da
Show file tree

Hide file tree

Showing 3 changed files with 80 additions and 5 deletions.
diff --git a/zds/member/api/tests.py b/zds/member/api/tests.py
@@ -321,6 +321,40 @@ def create_multiple_users(self, number_of_users=settings.REST_FRAMEWORK['PAGINAT
             ProfileFactory()
 
 
+class MemberMyDetailAPITest(APITestCase):
+    def test_detail_of_the_member(self):
+        """
+        Gets all information about the user.
+        """
+        profile = ProfileFactory()
+        client_oauth2 = create_oauth2_client(profile.user)
+        client_authenticated = APIClient()
+        authenticate_client(client_authenticated, client_oauth2, profile.user.username, 'hostel77')
+
+        response = client_authenticated.get(reverse('api-member-profile'))
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(profile.pk, response.data.get('pk'))
+        self.assertEqual(profile.user.username, response.data.get('username'))
+        self.assertEqual(profile.user.is_active, response.data.get('is_active'))
+        self.assertEqual(profile.site, response.data.get('site'))
+        self.assertEqual(profile.avatar_url, response.data.get('avatar_url'))
+        self.assertEqual(profile.biography, response.data.get('biography'))
+        self.assertEqual(profile.sign, response.data.get('sign'))
+        self.assertEqual(profile.email_for_answer, response.data.get('email_for_answer'))
+        self.assertIsNotNone(response.data.get('date_joined'))
+        self.assertFalse(response.data.get('show_email'))
+        self.assertEqual(profile.user.email, response.data.get('email'))
+
+    def test_detail_of_the_member_not_authenticated(self):
+        """
+        Tries to get profile of the member with a client not authenticated.
+        """
+        client = APIClient()
+
+        response = client.get(reverse('api-member-profile'))
+        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+
 class MemberDetailAPITest(APITestCase):
     def setUp(self):
         self.client = APIClient()

diff --git a/zds/member/api/urls.py b/zds/member/api/urls.py
@@ -3,11 +3,13 @@
 from django.conf.urls import patterns, url
 
 from zds.member.api.views import MemberListAPI, MemberDetailAPI, \
-    MemberDetailReadingOnly, MemberDetailBan
+    MemberDetailReadingOnly, MemberDetailBan, MemberMyDetailAPI
 
 urlpatterns = patterns('',
                        url(r'^$', MemberListAPI.as_view(), name='api-member-list'),
+                       url(r'^mon_profil/$', MemberMyDetailAPI.as_view(), name='api-member-profile'),
                        url(r'^(?P<pk>[0-9]+)/$', MemberDetailAPI.as_view(), name='api-member-detail'),
-                       url(r'^(?P<pk>[0-9]+)/lecture-seule/$', MemberDetailReadingOnly.as_view(), name='api-member-read-only'),
+                       url(r'^(?P<pk>[0-9]+)/lecture-seule/$', MemberDetailReadingOnly.as_view(),
+                           name='api-member-read-only'),
                        url(r'^(?P<pk>[0-9]+)/ban/$', MemberDetailBan.as_view(), name='api-member-ban'),
-                       )
+)
diff --git a/zds/member/api/views.py b/zds/member/api/views.py
@@ -2,8 +2,8 @@
 
 from rest_framework import filters
 from rest_framework import status
-from rest_framework.generics import ListCreateAPIView, RetrieveUpdateAPIView
-from rest_framework.permissions import IsAuthenticatedOrReadOnly, AllowAny
+from rest_framework.generics import ListCreateAPIView, RetrieveUpdateAPIView, RetrieveAPIView, get_object_or_404
+from rest_framework.permissions import IsAuthenticatedOrReadOnly, AllowAny, IsAuthenticated
 from rest_framework.response import Response
 from rest_framework_extensions.cache.decorators import cache_response
 from rest_framework_extensions.etag.decorators import etag
@@ -34,6 +34,11 @@ class DetailKeyConstructor(DefaultKeyConstructor):
     unique_view_id = bits.UniqueViewIdKeyBit()
 
 
+class MyDetailKeyConstructor(DefaultKeyConstructor):
+    format = bits.FormatKeyBit()
+    language = bits.LanguageKeyBit()
+
+
 class MemberListAPI(ListCreateAPIView, ProfileCreate, TokenGenerator):
     """
     Profile resource to list and register.
@@ -95,6 +100,40 @@ def get_serializer_class(self):
             return ProfileCreateSerializer
 
 
+class MemberMyDetailAPI(RetrieveAPIView):
+    """
+    Profile resource to display details of the member.
+    """
+    obj_key_func = MyDetailKeyConstructor()
+    permission_classes = (IsAuthenticated,)
+    serializer_class = ProfileDetailSerializer
+
+    @etag(obj_key_func)
+    @cache_response(key_func=obj_key_func)
+    def get(self, request, *args, **kwargs):
+        """
+        Gets information of his account.
+        ---
+
+        parameters:
+            - name: Authorization
+              description: Bearer token to make a authenticated request.
+              required: true
+              paramType: header
+        responseMessages:
+            - code: 401
+              message: Not authenticated
+        """
+        profile = self.get_object()
+        serializer = self.get_serializer(profile,
+                                         show_email=True,
+                                         is_authenticated=True)
+        return Response(serializer.data)
+
+    def get_object(self):
+        return get_object_or_404(Profile, user=self.request.user)
+
+
 class MemberDetailAPI(RetrieveUpdateAPIView):
     """
     Profile resource to display or update details of a member.