diff --git a/gregui/api/views/userinfo.py b/gregui/api/views/userinfo.py
index a16fe70caca461454a5b6df79e505d326e6f28a1..b2e17997d1c50815c546f824839438480e9f9425 100644
--- a/gregui/api/views/userinfo.py
+++ b/gregui/api/views/userinfo.py
@@ -3,13 +3,12 @@ from typing import (
Type,
)
-from rest_framework import permissions
from rest_framework.authentication import BaseAuthentication, SessionAuthentication
from rest_framework.permissions import AllowAny, BasePermission
from rest_framework.status import HTTP_403_FORBIDDEN
from rest_framework.views import APIView
from rest_framework.response import Response
-from greg.models import Identity, InvitationLink
+from greg.models import InvitationLink
from gregui.models import GregUserProfile
@@ -27,112 +26,77 @@ class UserInfoView(APIView):
def get(self, request, format=None):
"""
- Get info about the visiting user
+ Get info about the visiting user.
Works for users logged in using Feide, and those relying solely on an
- invitation id.
-
- TODO: Can this be modified into a permission class to reduce clutter?
+ invitation id. Pure django users, and anonymous users are denied access.
"""
user = request.user
invite_id = request.session.get("invite_id")
- # Authenticated user, allow access
- if user.is_authenticated:
- user_profile = GregUserProfile.objects.get(user=user)
- sponsor_id = None
- person_id = None
- if user_profile.sponsor:
- sponsor_id = user_profile.sponsor.id
- if user_profile.person:
- person_id = user_profile.person.id
- content = {
- "feide_id": user_profile.userid_feide,
- "sponsor_id": sponsor_id,
- "person_id": person_id,
- "roles": [],
- }
- person = user_profile.person
- if person:
- passports = person.identities.filter(
- type=Identity.IdentityType.PASSPORT_NUMBER
- ).first()
+ person = None
+ sponsor = None
+ content = {
+ "feide_id": None,
+ "sponsor_id": None,
+ "person_id": None,
+ "roles": [],
+ }
+ # Fetch sponsor and/or person object from profile of authenticated user
+ if user.is_authenticated:
+ try:
+ user_profile = GregUserProfile.objects.get(user=user)
+ sponsor = user_profile.sponsor
+ person = user_profile.person
content.update(
{
- "first_name": person.first_name,
- "last_name": person.last_name,
- "email": person.private_email and person.private_email.value,
- "mobile_phone": person.private_mobile
- and person.private_mobile.value,
- "fnr": person.fnr and "".join((person.fnr.value[:-5], "*****")),
- "passport": passports and passports.value,
- "roles": [],
+ "feide_id": user_profile.userid_feide,
}
)
- roles = person.roles
- if roles:
- content.update(
- {
- "roles": [
- {
- "id": role.id,
- "ou_nb": role.orgunit.name_nb,
- "ou_en": role.orgunit.name_en,
- "name_nb": role.type.name_nb,
- "name_en": role.type.name_en,
- "start_date": role.start_date,
- "end_date": role.end_date,
- "sponsor": {
- "first_name": role.sponsor.first_name,
- "last_name": role.sponsor.last_name,
- },
- }
- for role in roles.all()
- ],
- }
- )
- return Response(content)
+ except GregUserProfile.DoesNotExist:
+ return Response(status=HTTP_403_FORBIDDEN)
- # Invitation cookie, allow access
+ # Or fetch person info for invited guest
elif invite_id:
link = InvitationLink.objects.get(uuid=invite_id)
- invitation = link.invitation
- person = invitation.role.person
- passports = person.identities.filter(
- type=Identity.IdentityType.PASSPORT_NUMBER
- ).first()
-
- content = {
- "feide_id": None,
- "sponsor_id": None,
- "person_id": person.id,
- "first_name": person.first_name,
- "last_name": person.last_name,
- "email": person.private_email and person.private_email.value,
- "mobile_phone": person.private_mobile and person.private_mobile.value,
- "fnr": person.fnr and "".join((person.fnr.value[:-5], "*****")),
- "passport": passports and passports.value,
- "roles": [
- {
- "id": role.id,
- "ou_nb": role.orgunit.name_nb,
- "ou_en": role.orgunit.name_en,
- "name_nb": role.type.name_nb,
- "name_en": role.type.name_en,
- "start_date": role.start_date,
- "end_date": role.end_date,
- "sponsor": {
- "first_name": role.sponsor.first_name,
- "last_name": role.sponsor.last_name,
- },
- }
- for role in person.roles.all()
- ],
- }
-
- return Response(content)
+ person = link.invitation.role.person
- # Neither, deny access
+ # Otherwise, deny access
else:
return Response(status=HTTP_403_FORBIDDEN)
+
+ # Add sponsor fields if sponsor object present
+ if sponsor:
+ content.update({"sponsor_id": user_profile.sponsor.id})
+ # Add person fields if person object present
+ if person:
+ content.update(
+ {
+ "person_id": person.id,
+ "first_name": person.first_name,
+ "last_name": person.last_name,
+ "email": person.private_email and person.private_email.value,
+ "mobile_phone": person.private_mobile
+ and person.private_mobile.value,
+ "fnr": person.fnr and "".join((person.fnr.value[:-5], "*****")),
+ "passport": person.passport and person.passport.value,
+ "roles": [
+ {
+ "id": role.id,
+ "ou_nb": role.orgunit.name_nb,
+ "ou_en": role.orgunit.name_en,
+ "name_nb": role.type.name_nb,
+ "name_en": role.type.name_en,
+ "start_date": role.start_date,
+ "end_date": role.end_date,
+ "sponsor": {
+ "first_name": role.sponsor.first_name,
+ "last_name": role.sponsor.last_name,
+ },
+ }
+ for role in person.roles.all()
+ ],
+ }
+ )
+ return Response(content)