Switch the user model so that we can add a user with a token field

matthiask · Jul 5, 2024 · 0f3502d · 0f3502d
1 parent 562501a
commit 0f3502d
Show file tree

Hide file tree

Showing 13 changed files with 225 additions and 22 deletions.
diff --git a/accounts/__init__.py b/accounts/__init__.py
diff --git a/accounts/admin.py b/accounts/admin.py
@@ -0,0 +1,32 @@
+from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin as StockUserAdmin
+
+from accounts.models import User
+
+
+@admin.register(User)
+class UserAdmin(StockUserAdmin):
+    fieldsets = None
+    add_fieldsets = (
+        (
+            None,
+            {
+                "classes": ("wide",),
+                "fields": ("email", "full_name", "role", "password1", "password2"),
+            },
+        ),
+    )
+    list_display = (
+        "email",
+        "full_name",
+        "is_active",
+        "is_staff",
+        "is_superuser",
+        "role",
+        "date_joined",
+    )
+    list_filter = ("is_active", "is_staff", "is_superuser", "role", "groups")
+    ordering = User._meta.ordering
+    search_fields = ("full_name", "email")
+    filter_horizontal = ("groups", "user_permissions")
+    radio_fields = {"role": admin.VERTICAL}
diff --git a/accounts/apps.py b/accounts/apps.py
@@ -0,0 +1,9 @@
+from django.apps import AppConfig
+from django.utils.text import capfirst
+from django.utils.translation import gettext_lazy as _
+
+
+class AccountsConfig(AppConfig):
+    name = "accounts"
+    default_auto_field = "django.db.models.AutoField"
+    verbose_name = capfirst(_("Authentication"))
diff --git a/accounts/locale/de/LC_MESSAGES/django.mo b/accounts/locale/de/LC_MESSAGES/django.mo
diff --git a/accounts/locale/de/LC_MESSAGES/django.po b/accounts/locale/de/LC_MESSAGES/django.po
@@ -0,0 +1,27 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2023-09-17 18:26+0200\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <[email protected]>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: little_auth/apps.py:9
+msgid "Authentication"
+msgstr "Authentifizierung"
+
+#: little_auth/models.py:23
+msgid "full name"
+msgstr "Voller Name"
diff --git a/accounts/migrations/0001_initial.py b/accounts/migrations/0001_initial.py
@@ -0,0 +1,114 @@
+# Generated by Django 5.1b1 on 2024-07-05 08:05
+
+import django.utils.timezone
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    initial = True
+
+    dependencies = [
+        ("auth", "0012_alter_user_first_name_max_length"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="User",
+            fields=[
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("password", models.CharField(max_length=128, verbose_name="password")),
+                (
+                    "last_login",
+                    models.DateTimeField(
+                        blank=True, null=True, verbose_name="last login"
+                    ),
+                ),
+                (
+                    "is_superuser",
+                    models.BooleanField(
+                        default=False,
+                        help_text="Designates that this user has all permissions without explicitly assigning them.",
+                        verbose_name="superuser status",
+                    ),
+                ),
+                (
+                    "email",
+                    models.EmailField(
+                        max_length=254, unique=True, verbose_name="email"
+                    ),
+                ),
+                (
+                    "is_active",
+                    models.BooleanField(default=True, verbose_name="is active"),
+                ),
+                (
+                    "is_staff",
+                    models.BooleanField(default=False, verbose_name="is staff"),
+                ),
+                (
+                    "date_joined",
+                    models.DateTimeField(
+                        default=django.utils.timezone.now, verbose_name="date joined"
+                    ),
+                ),
+                (
+                    "full_name",
+                    models.CharField(max_length=200, verbose_name="full name"),
+                ),
+                (
+                    "role",
+                    models.CharField(
+                        choices=[("", "")],
+                        default="default",
+                        max_length=100,
+                        verbose_name="role",
+                    ),
+                ),
+                (
+                    "token",
+                    models.CharField(
+                        editable=False,
+                        max_length=100,
+                        unique=True,
+                        verbose_name="token",
+                    ),
+                ),
+                (
+                    "groups",
+                    models.ManyToManyField(
+                        blank=True,
+                        help_text="The groups this user belongs to. A user will get all permissions granted to each of their groups.",
+                        related_name="user_set",
+                        related_query_name="user",
+                        to="auth.group",
+                        verbose_name="groups",
+                    ),
+                ),
+                (
+                    "user_permissions",
+                    models.ManyToManyField(
+                        blank=True,
+                        help_text="Specific permissions for this user.",
+                        related_name="user_set",
+                        related_query_name="user",
+                        to="auth.permission",
+                        verbose_name="user permissions",
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "user",
+                "verbose_name_plural": "users",
+                "ordering": ["full_name", "email"],
+                "abstract": False,
+            },
+        ),
+    ]
diff --git a/accounts/migrations/__init__.py b/accounts/migrations/__init__.py
diff --git a/accounts/models.py b/accounts/models.py
@@ -0,0 +1,36 @@
+from authlib.base_user import BaseUser
+from authlib.roles import RoleField
+from django.db import models
+from django.utils.crypto import get_random_string
+from django.utils.translation import gettext_lazy as _
+
+
+class User(BaseUser):
+    full_name = models.CharField(_("full name"), max_length=200)
+    role = RoleField()
+    token = models.CharField(_("token"), max_length=100, editable=False, unique=True)
+
+    class Meta(BaseUser.Meta):
+        ordering = ["full_name", "email"]
+
+    def __str__(self):
+        return self.full_name or self.email
+
+    def get_full_name(self):
+        return str(self)
+
+    def get_short_name(self):
+        return str(self)
+
+    def save(self, *args, **kwargs):
+        super().save(*args, **kwargs)
+        if not self.token:
+            self.cycle_token()
+
+    save.alters_data = True
+
+    def cycle_token(self):
+        self.token = f"{get_random_string(60)}-{self.pk}"
+        self.save()
+
+    cycle_token.alters_data = True
diff --git a/app/settings.py b/app/settings.py
@@ -123,17 +123,17 @@
         "django.contrib.staticfiles",
         "django.forms",
         "authlib.admin_oauth",
-        "authlib.little_auth",
         "django.contrib.admin",
         "app",
+        "accounts",
         "projects",
         "canonical_domain",
         "debug_toolbar" if DEBUG_TOOLBAR else "",
     ]
     if app
 ]
 
-AUTH_USER_MODEL = "little_auth.user"
+AUTH_USER_MODEL = "accounts.user"
 AUTHENTICATION_BACKENDS = [
     "authlib.backends.PermissionsBackend",
     "authlib.backends.EmailBackend",

diff --git a/app/sso.py b/app/sso.py
@@ -1,4 +1,4 @@
-from authlib.little_auth.models import User
+from accounts.models import User
 
 
 def create_user_callback(request, user_mail):

diff --git a/conf/fixtures/user.json b/conf/fixtures/user.json
diff --git a/projects/models.py b/projects/models.py
@@ -63,6 +63,8 @@ def cycle_token(self):
         self.token = f"{get_random_string(60)}-{self.pk}"
         self.save()
 
+    cycle_token.alters_data = True
+
 
 class CatalogQuerySet(models.QuerySet):
     def for_user(self, user):

diff --git a/projects/test_views.py b/projects/test_views.py
@@ -1,9 +1,9 @@
 from unittest.mock import Mock, patch
 
-from authlib.little_auth.models import User
 from django.test import Client, TestCase
 from django.test.utils import override_settings
 
+from accounts.models import User
 from projects.models import Catalog, Project
 from projects.translators import TranslationError, fix_nls
 
@@ -229,7 +229,7 @@ def test_smoke(self):
             r = su_client.get("/admin/projects/project/")
 
         self.assertContains(r, '<td class="field-explicit_users">-</td>')
-        self.assertContains(r, '<td class="field-explicit_users">use***@***.com</td>')
+        self.assertContains(r, '<td class="field-explicit_users">user@example.com</td>')
 
     def test_suggest(self):
         c = Client()