Ajout et début de l'API REST

2023-12-14 13:55:25 +01:00
parent e7ca33031b
commit b9c93b53a9
16 changed files with 170 additions and 3 deletions
--- a/Reskreen/rest_permission.py
+++ b/Reskreen/rest_permission.py
@@ -0,0 +1,11 @@
+from rest_framework import permissions
+class CustomPermission_DjangoModel_based(permissions.DjangoModelPermissions):
+    perms_map = {
+        'GET': ['%(app_label)s.view_%(model_name)s'],
+        'OPTIONS': ['%(app_label)s.view_%(model_name)s'],
+        'HEAD': ['%(app_label)s.view_%(model_name)s'],
+        'POST': ['%(app_label)s.add_%(model_name)s'],
+        'PUT': ['%(app_label)s.change_%(model_name)s'],
+        'PATCH': ['%(app_label)s.change_%(model_name)s'],
+        'DELETE': ['%(app_label)s.delete_%(model_name)s'],
+    }
--- a/Reskreen/settings.py
+++ b/Reskreen/settings.py
@@ -55,6 +55,18 @@ INSTALLED_APPS = [
    'django_summernote',    
 ]

+INSTALLED_APPS += ( 'apilog.apps.ApilogConfig',)
+
+#Ajout de rest_framework
+INSTALLED_APPS += ('rest_framework', 'rest_framework.authtoken',)
+'''REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework.authentication.TokenAuthentication', #Todo prod: replace by TokenAuthentication
+    ),
+    # Autres paramètres de configuration...
+}'''
+
+
 LANGUAGE_CODE = 'fr-CH'

 if not cfg_dev_mode:
@@ -117,6 +129,8 @@ MIDDLEWARE = [
    'django.middleware.locale.LocaleMiddleware',
 ]

+MIDDLEWARE += ('apilog.middleware.APILogMiddleware',)
+
 ROOT_URLCONF = 'Reskreen.urls'

 TEMPLATES = [
--- a/Reskreen/urls.py
+++ b/Reskreen/urls.py
@@ -26,12 +26,15 @@ urlpatterns = [
    path('accounts/', admin.site.urls),
    path('collabs/', include('collabs.urls')),
    path('vehicules/', include('vehicles.urls')),
+    path('comm-opmessage/', include('comm_op.urls')),
    path('caldav/', include('mycaldav.urls')),
    #path('collabs_hour/', include('collabs.urls')),
    path('carnet_rouge/', include('carnet_rouge.urls')),
    path('student_eval/', include('studenteval.urls')),
    path('summernote/', include('django_summernote.urls')),
    path('editor/', include('django_summernote.urls')),
+    path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
+
 ]

 if settings.DEBUG:
--- a/apilog/init.py
+++ b/apilog/init.py
--- a/apilog/admin.py
+++ b/apilog/admin.py
@@ -0,0 +1,15 @@
+from django.contrib import admin
+from .models import APILog
+
+
+@admin.register(APILog)
+class APILogAdmin(admin.ModelAdmin):
+    list_display = ('user', 'request_url', 'request_params', 'request_method', 'request_body', 'request_timestamp')
+    list_filter = ('user', 'request_method')
+    search_fields = ('request_url',)
+    ordering = ('-request_timestamp',)
+
+    actions = None
+
+    def has_delete_permission(self, request, obj=None):
+        return False
--- a/apilog/apps.py
+++ b/apilog/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class ApilogConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'apilog'
--- a/apilog/middleware.py
+++ b/apilog/middleware.py
@@ -0,0 +1,27 @@
+from .models import APILog
+
+class APILogMiddleware:
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        if not request.path.startswith('/admin'):
+
+            user = request.user if request.user.is_authenticated else None
+
+
+            request_url = request.path
+
+            request_params = request.GET if request.GET else None
+
+
+            request_method = request.method
+
+
+            request_body = request.body.decode('utf-8')
+
+
+            APILog.objects.create(user=user, request_url=request_url, request_params=request_params, request_method=request_method, request_body=request_body)
+
+        response = self.get_response(request)
+        return response
--- a/apilog/models.py
+++ b/apilog/models.py
@@ -0,0 +1,22 @@
+from django.db import models
+from django.conf import settings
+from django.db.models.signals import pre_delete
+from django.dispatch import receiver
+
+
+class APILog(models.Model):
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.SET_NULL, null=True)
+    request_url = models.URLField()
+    request_params = models.CharField(max_length=255, null=True, blank=True)
+    request_method = models.CharField(max_length=10)
+    request_body = models.TextField()
+    request_timestamp = models.DateTimeField(auto_now_add=True)
+
+    def __str__(self):
+        return f"{self.user} - {self.request_url}"
+
+
+@receiver(pre_delete, sender=APILog)
+def prevent_delete(sender, instance, **kwargs):
+    # Empêchez la suppression en levant une exception, par exemple ValueError
+    raise ValueError("Vous n'êtes pas autorisé à supprimer cet enregistrement.")
--- a/apilog/tests.py
+++ b/apilog/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
--- a/apilog/views.py
+++ b/apilog/views.py
@@ -0,0 +1,3 @@
+from django.shortcuts import render
+
+# Create your views here.
--- a/comm_op/serializers.py
+++ b/comm_op/serializers.py
@@ -0,0 +1,8 @@
+from rest_framework import serializers
+
+from.models import comm_opMessage
+
+class cl_comm_opMessage_Serializer(serializers.ModelSerializer):
+    class Meta:
+        model = comm_opMessage
+        fields = '__all__'
--- a/comm_op/urls.py
+++ b/comm_op/urls.py
@@ -0,0 +1,15 @@
+from django.urls import path, include
+from rest_framework import routers
+
+
+from . import views
+
+router = routers.DefaultRouter()
+router.register(r'api-comm-opmessage', views.comm_opMessageViewset, basename='comm-opmessage')
+
+app_name = "comm_opMessage"
+urlpatterns = [
+    path('', include(router.urls)),
+
+]
+
--- a/comm_op/views.py
+++ b/comm_op/views.py
@@ -1,3 +1,12 @@
 from django.shortcuts import render

-# Create your views here.
+from comm_op.models import *
+from rest_framework import viewsets
+from Reskreen.rest_permission import CustomPermission_DjangoModel_based
+
+from .serializers import cl_comm_opMessage_Serializer
+
+class comm_opMessageViewset(viewsets.ModelViewSet):
+    queryset = comm_opMessage.objects.all()
+    serializer_class = cl_comm_opMessage_Serializer
+    permission_classes = [CustomPermission_DjangoModel_based]
--- a/vehicles/serializers.py
+++ b/vehicles/serializers.py
@@ -0,0 +1,14 @@
+from django.contrib.auth.models import User, Group
+from rest_framework import serializers
+
+from.models import Vehicles_infos, Vehicles
+
+class cl_Vehicles_Serializer(serializers.ModelSerializer):
+    class Meta:
+        model = Vehicles
+        fields = '__all__'
+
+class cl_Vehicles_infos_Serializer(serializers.ModelSerializer):
+    class Meta:
+        model = Vehicles_infos
+        fields = '__all__'
--- a/vehicles/urls.py
+++ b/vehicles/urls.py
@@ -1,14 +1,17 @@
-from django.urls import path
-
+from django.urls import path, include
+from rest_framework import routers


 from . import views

+router = routers.DefaultRouter()
+router.register(r'api-vehicle', views.VehicleViewset, basename='vehicle')

 app_name = "vehicles"
 urlpatterns = [
    path('vhc', views.view_vhc, name='view_vhc'),
    path('peremptions', views.view_peremptions, name='view_peremptions'),
+    path('', include(router.urls)),



--- a/vehicles/views.py
+++ b/vehicles/views.py
@@ -6,6 +6,20 @@ from django.template import loader
 from django.views.decorators.clickjacking import xframe_options_exempt

 from vehicles.models import *
+from rest_framework import viewsets
+from Reskreen.rest_permission import CustomPermission_DjangoModel_based
+
+from .serializers import cl_Vehicles_Serializer, cl_Vehicles_infos_Serializer
+
+class VehicleViewset(viewsets.ModelViewSet):
+    queryset = Vehicles.objects.all()
+    serializer_class = cl_Vehicles_Serializer
+    permission_classes = [CustomPermission_DjangoModel_based]
+
+class VehicleViewset(viewsets.ModelViewSet):
+    queryset = Vehicles.objects.all()
+    serializer_class = cl_Vehicles_Serializer
+    permission_classes = [CustomPermission_DjangoModel_based]

@xframe_options_exempt
 def view_vhc(request):