Merge pull request #3 from nens/credentials

auth settings from userprofile to organisation

api/admin.py

@@ -4,21 +4,21 @@
 from . import models as api_models
 
 
-class UserProfileAdminForm(forms.ModelForm):
+class OrganisationAdminForm(forms.ModelForm):
     class Meta:
-        model = api_models.UserProfile
+        model = api_models.Organisation
         fields = "__all__"
         widgets = {
             "bro_user_token": forms.PasswordInput(render_value=True),
             "bro_user_password": forms.PasswordInput(render_value=True),
         }
 
 
-class YourModelAdmin(admin.ModelAdmin):
-    form = UserProfileAdminForm
+class OrganisationAdmin(admin.ModelAdmin):
+    form = OrganisationAdminForm
 
 
-admin.site.register(api_models.UserProfile, YourModelAdmin)
-admin.site.register(api_models.Organisation)
+admin.site.register(api_models.UserProfile)
+admin.site.register(api_models.Organisation, OrganisationAdmin)
 admin.site.register(api_models.ImportTask)
 admin.site.register(api_models.UploadTask)

api/migrations/0020_remove_userprofile_bro_user_password_and_more.py

@@ -0,0 +1,35 @@
+# Generated by Django 5.0.1 on 2024-03-14 09:55
+
+import encrypted_model_fields.fields
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api", "0019_remove_importtask_created_at_and_more"),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name="userprofile",
+            name="bro_user_password",
+        ),
+        migrations.RemoveField(
+            model_name="userprofile",
+            name="bro_user_token",
+        ),
+        migrations.AddField(
+            model_name="organisation",
+            name="bro_user_password",
+            field=encrypted_model_fields.fields.EncryptedCharField(
+                blank=True, null=True
+            ),
+        ),
+        migrations.AddField(
+            model_name="organisation",
+            name="bro_user_token",
+            field=encrypted_model_fields.fields.EncryptedCharField(
+                blank=True, null=True
+            ),
+        ),
+    ]

api/models.py

@@ -12,6 +12,8 @@ class Organisation(models.Model):
     uuid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
     name = models.CharField(max_length=255)
     kvk_number = models.CharField(max_length=8)
+    bro_user_token = EncryptedCharField(max_length=100, blank=True, null=True)
+    bro_user_password = EncryptedCharField(max_length=100, blank=True, null=True)
     created = models.DateTimeField(auto_now_add=True)
     updated = models.DateTimeField(auto_now=True)
 
@@ -29,18 +31,12 @@ class UserProfile(models.Model):
     )
     created = models.DateTimeField(auto_now_add=True)
     updated = models.DateTimeField(auto_now=True)
-    bro_user_token = EncryptedCharField(max_length=100, blank=True, null=True)
-    bro_user_password = EncryptedCharField(max_length=100, blank=True, null=True)
+
     default_project_number = models.CharField(max_length=20, blank=True, null=True)
 
     def __str__(self):
         return self.user.username
 
-    @property
-    def credentials_set(self) -> bool:
-        """Checks if the credentials are set"""
-        return bool(self.bro_user_password and self.bro_user_token)
-
 
 class ImportTask(models.Model):
     uuid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)

api/serializers.py

@@ -5,25 +5,25 @@
 
 
 class UserProfileSerializer(UrlFieldMixin, serializers.ModelSerializer):
-    credentials_set = serializers.SerializerMethodField()
     organisation_name = serializers.SerializerMethodField()
     organisation_kvk = serializers.SerializerMethodField()
 
     class Meta:
         model = api_models.UserProfile
         exclude = ["user"]
 
-    # Exclude token and password in the get requests
-    def to_representation(self, instance):
-        if self.context["request"].method == "GET":
-            exclude_fields = ["bro_user_token", "bro_user_password"]
-            for field in exclude_fields:
-                self.fields.pop(field, None)
-        return super().to_representation(instance)
-
-    def get_credentials_set(self, obj):
-        """Return the value of the credentials_set property."""
-        return obj.credentials_set
+    # NOTE:
+    # Removed this after removing auth-details from user profile.
+    # Auth-details are now linked to organisation and will need an endpoint.
+    # This snippet can be used in the organisation endpoint
+
+    # # Exclude token and password in the get requests
+    # def to_representation(self, instance):
+    #     if self.context["request"].method == "GET":
+    #         exclude_fields = ["bro_user_token", "bro_user_password"]
+    #         for field in exclude_fields:
+    #             self.fields.pop(field, None)
+    #     return super().to_representation(instance)
 
     def get_organisation_name(self, obj):
         organisation = obj.organisation

api/views.py

@@ -78,8 +78,6 @@ def update(self, request, *args, **kwargs):
         data = request.data
         allowed_fields = {
             "default_project_number",
-            "bro_user_token",
-            "bro_user_password",
         }
         for key in data.keys():
             if key not in allowed_fields:
@@ -235,13 +233,13 @@ def post(self, request):
         serializer = serializers.UploadTaskSerializer(data=request.data)
 
         if serializer.is_valid():
-            upload_task_instance = serializer.save()
+            upload_task_instance: models.UploadTask = serializer.save()
 
             # Accessing the authenticated user's username and token
             user_profile = models.UserProfile.objects.get(user=request.user)
             data_owner = user_profile.organisation
-            username = user_profile.bro_user_token
-            password = user_profile.bro_user_password
+            username = data_owner.bro_user_token
+            password = data_owner.bro_user_password
 
             # Update the instance of the new task
             upload_task_instance.status = "PENDING"