Commit Graph

62 Commits

Author SHA1 Message Date
Yohann D'ANELLO 3096cb2966
Parse input of search filters to prevent errors based on invalid regex, fixes #113
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2022-03-10 16:11:01 +01:00
Yohann D'ANELLO 58136f3c48
Fix permission checks in the /api/me view
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2022-03-09 11:45:24 +01:00
Yohann D'ANELLO 9048a416df
In the /api/me page, display note, profile and memberships only if we have associated permissions
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-12-23 23:25:18 +01:00
Yohann D'ANELLO 8be16e7b58
Permissions support fully OAuth2 scopes
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-09-02 20:58:05 +02:00
Yohann D'ANELLO ea092803d7
Check permissions per request instead of per user
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-09-02 20:58:05 +02:00
Yohann D'ANELLO d5ecb72a71
Update copyright for 2021
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-06-14 21:45:56 +02:00
Yohann D'ANELLO be168c5ada
Decimal value is serialized as a str value
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-21 10:59:58 +01:00
Yohann D'ANELLO b2437ef9b5
Remove additional blank lines
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-09 17:18:43 +01:00
Yohann D'ANELLO 73d27e820b
Provide also note information (with balance and picture)
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-09 12:55:19 +01:00
Yohann D'ANELLO 40e1b42078
Fix API path
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-09 12:54:57 +01:00
Yohann D'ANELLO 72806f0ace
Add profile and membership information to OAuth views
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-09 10:57:35 +01:00
Yohann D'ANELLO b244e01231
Add simple view to give OAuth information
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-09 10:41:43 +01:00
Yohann D'ANELLO 7866ab7ec0
Ordering filters are now properly tested
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-23 18:25:54 +01:00
Yohann D'ANELLO f570ff3cd5
Check that permissions are working when accessing to API pages
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-23 18:21:59 +01:00
Yohann D'ANELLO 5cb4183e9f
Use python Warnings instead of printing messages during tests
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-23 15:11:33 +01:00
Yohann D'ANELLO 3a20555663
Unit tests for API pages, closes #83
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-23 14:54:21 +01:00
Yohann D'ANELLO f71fb1fa81 Use pre-defined queryset by default in API views 2020-09-04 16:02:42 +02:00
Alexandre Iooss d29e1d69d1 Format api viewsets 2020-09-03 21:47:08 +02:00
Alexandre Iooss ff187581c9 Remove useless blank lines and spaces in api app 2020-09-03 21:21:19 +02:00
Pierre-antoine Comby 4da5c41f40 move viewsets and serializers out of urls.py 2020-09-02 19:00:04 +02:00
Yohann D'ANELLO 8db9e92986 Sqlite does not support order by in subqueries 2020-09-02 18:01:41 +02:00
Yohann D'ANELLO 1bbe7df797 API app must have no dependency 2020-08-31 00:49:41 +02:00
Yohann D'ANELLO a9258c332a Order note research results: match first aliases then normalized names 2020-08-30 22:33:59 +02:00
Yohann D'ANELLO d95cd8c7c7 🎨 Better autocomplete field 2020-08-06 18:27:57 +02:00
Yohann D'ANELLO c205219d47 🐛 Fix transaction update concurency 2020-08-05 19:42:44 +02:00
Yohann D'ANELLO 5ea8d8f870 🎨 Update activity interface 2020-08-03 16:11:05 +02:00
Yohann D'ANELLO 9361f3f2f0 Aliases should load really faster 2020-07-30 15:07:30 +02:00
Yohann D'ANELLO 31d2224b8f List wei 2020-04-11 23:02:12 +02:00
Yohann D'ANELLO 5ac10b58d5 API Support (useless, but...) 2020-03-22 16:04:09 +01:00
Yohann D'ANELLO 091c427707 Restructurate code 2020-03-20 14:43:35 +01:00
Yohann D'ANELLO 3f2b21f7f4 Fix CI 2020-03-20 02:14:43 +01:00
Yohann D'ANELLO 6fc43e651e More optimisation 2020-03-20 01:46:59 +01:00
Yohann D'ANELLO 730d37c620 Protect views from viewing if the user has no right to view an object 2020-03-19 02:26:06 +01:00
Yohann D'ANELLO 057f42fdb6 Handle permissions (and it seems working!) 2020-03-18 14:42:35 +01:00
Yohann D'ANELLO 06c97d75a0 Logs are decreasing ordered 2020-03-11 12:41:44 +01:00
Yohann D'ANELLO b89028b3dc Add models in the API 2020-03-11 11:37:47 +01:00
Yohann D'ANELLO 417cd5da04 Improve REST API with filters 2020-03-11 11:15:03 +01:00
Yohann D'ANELLO bc97eb1eb4 Add logs to the API (this right should only be given to superusers) 2020-03-11 10:08:28 +01:00
Yohann D'ANELLO d0206fb790 Make erdnaxe be happy 2020-03-07 22:28:59 +01:00
Yohann D'ANELLO fd529a53c8 Logging support 2020-02-24 18:18:44 +01:00
Alexandre Iooss 4bbd464f9c
Unify file headers 2020-02-18 21:30:26 +01:00
Alexandre Iooss e679a4b629
Fix formatting issues 2020-02-18 21:14:29 +01:00
Alexandre Iooss f89d91e524
Format code 2020-02-18 12:31:15 +01:00
Alexandre Iooss 55722b801a
Split API in each app 2020-02-18 11:58:42 +01:00
Yohann D'ANELLO 559445c8b4 Add some decoration 2020-02-17 19:44:56 +01:00
Yohann D'ANELLO 55977bcbe7 Token authentication 2020-02-17 19:25:33 +01:00
Yohann D'ANELLO f3f13c5153 Reformat code, add some missing lines at end of files 2020-02-17 14:08:40 +01:00
Yohann D'ANELLO 596686497d Aliases are case insensitive 2020-02-08 23:49:39 +01:00
Yohann D'ANELLO db218a2783 Add __init__ files 2020-02-08 18:27:27 +01:00
Yohann D'ANELLO 2880b5b3c7 Useless to search a note by its id (already implemented) 2020-02-08 17:37:26 +01:00