Fakultas Ilmu Komputer UI

Commit 4cc1b682 authored by Zamil Majdy's avatar Zamil Majdy
Browse files

Merge branch 'UserStory1' of https://gitlab.com/PPL2017csui/PPLA1 into Personal/Zamil

# Conflicts:
#	core/models/accounts.py
#	core/views/accounts.py
#	kape/urls.py
parents f9e68f0d 1f3a7888
# -*- coding: utf-8 -*-
# Generated by Django 1.10.5 on 2017-03-27 18:44
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('core', '0002_auto_20170320_1650'),
]
operations = [
migrations.AlterField(
model_name='student',
name='phone_number',
field=models.CharField(blank=True, db_index=True, max_length=100, null=True),
),
]
# -*- coding: utf-8 -*-
# Generated by Django 1.10.5 on 2017-03-27 21:44
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('core', '0003_auto_20170327_1844'),
('core', '0003_student_bookmarked_vacancies'),
]
operations = [
]
......@@ -47,7 +47,7 @@ class Student(models.Model):
user = models.OneToOneField(User)
npm = models.IntegerField(validators=[MinValueValidator(100000000), MaxValueValidator(9999999999)], unique=True)
resume = models.FileField(upload_to=get_student_resume_file_path, null=True, blank=True)
phone_number = models.CharField(max_length=100, blank=True, db_index=True)
phone_number = models.CharField(max_length=100, blank=True, db_index=True, null=True)
bookmarked_vacancies = models.ManyToManyField('core.Vacancy', blank=True)
@property
......
# __init__.py
from core.tests.test_login import LoginTests
import requests_mock
from rest_framework import status
from rest_framework.test import APITestCase
class LoginTests(APITestCase):
@requests_mock.Mocker()
def test_login(self, m):
"""
Ensure we can login
"""
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', [{'json': {
"username": "dummy.mahasiswa",
"nama": "Dummy Mahasiswa",
"state": 1,
"kode_org": "01.00.12.01:mahasiswa",
"kodeidentitas": "1234567890",
"nama_role": "mahasiswa"
}, 'status_code': 200}, {'json': {
"username": "dummy.mahasiswa",
"nama": "Dummy Mahasiswa",
"state": 1,
"kode_org": "01.00.12.01:mahasiswa",
"kodeidentitas": "1234567890",
"nama_role": "mahasiswa"
}, 'status_code': 200}, {'json': {
"username": "dummy.dosen",
"nama": "Dummy Dosen",
"state": 1,
"kode_org": "01.00.12.01:dosen",
"kodeidentitas": "1234567820",
"nama_role": "dosen"
}, 'status_code': 200}, {'json': {
"state": 0
}, 'status_code': 200}])
url = '/api/login/'
response = self.client.post(url, { 'username' : 'dummy.mahasiswa', 'password' : 'lalala', 'login-type' : 'sso-ui'}, format='json')
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
response = self.client.post(url, {'username': 'dummy.mahasiswa', 'password': 'lalala', 'login-type': 'sso-ui'},
format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
response = self.client.post(url, {'username': 'dummy.dosen', 'password': 'lalala', 'login-type': 'sso-ui'}, format='json')
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
response = self.client.post(url, {'username': 'dummy.salah', 'password': 'lalala', 'login-type': 'sso-ui'}, format='json')
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
response = self.client.post(url, {'username': 'dummy.perusahaan.salah', 'password': 'lalala', 'login-type': 'perusahaan'}, format='json')
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
import requests
from django.contrib.auth import authenticate, login
from django.contrib.auth.models import User
from rest_framework import viewsets
from rest_framework import viewsets, status
from rest_framework.decorators import list_route
from rest_framework.permissions import IsAdminUser, IsAuthenticated, AllowAny
from rest_framework.permissions import AllowAny
from rest_framework.permissions import IsAdminUser, IsAuthenticated
from rest_framework.response import Response
from core.lib.permissions import IsAdminOrStudent, IsAdminOrSelfOrReadOnly, IsAdminOrCompany, IsAdminOrSupervisor
......@@ -27,7 +30,6 @@ class UserViewSet(viewsets.ModelViewSet):
return [AllowAny()]
return super(UserViewSet, self).get_permissions()
class StudentViewSet(viewsets.ModelViewSet):
queryset = Student.objects.all()
serializer_class = StudentSerializer
......@@ -60,3 +62,72 @@ class SupervisorViewSet(viewsets.ModelViewSet):
return [IsAdminOrSelfOrReadOnly(), IsAdminOrSupervisor()]
return super(SupervisorViewSet, self).get_permissions()
class LoginViewSet(viewsets.GenericViewSet):
permission_classes = (AllowAny, )
serializer_class = UserSerializer
queryset = User.objects.all()
def create(self, request):
"""
Authenticate user by logging in
---
parameters:
- name: body
description: JSON object containing three strings: username, password and login-type. login-type should be either 'sso-ui' or 'company'.
required: true
paramType: body
pytype: RequestSerializer
"""
username = request.data.get('username')
password = request.data.get('password')
login_type = request.data.get('login-type')
if username is None or password is None or login_type is None:
return Response(status=status.HTTP_400_BAD_REQUEST)
if login_type == "sso-ui":
r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
json={"username": username, "password": password})
resp = r.json()
if resp.get('state') != 0:
# create user
name = resp.get('nama').split(" ")
first_name = name[0]
name.pop(0)
last_name = " ".join(name)
user, created = User.objects.get_or_create(
username=username,
email=username + "@ui.ac.id",
first_name=first_name,
last_name=last_name
)
user.set_password(password)
user.save()
login(request, user)
if created:
if resp.get('nama_role') == "mahasiswa":
student = Student.objects.create(
user=user,
npm=resp.get("kodeidentitas"),
resume=None,
phone_number=None
)
user.save()
student.save()
else:
supervisor = Supervisor.objects.create(
user=user,
nip=resp.get("kodeidentitas")
)
user.save()
supervisor.save()
return Response(status=status.HTTP_201_CREATED)
return Response(status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_401_UNAUTHORIZED)
else:
user = authenticate(username = username, password = password)
if user is not None:
login(request, user)
return Response(status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_401_UNAUTHORIZED)
......@@ -22,17 +22,16 @@ from rest_framework import routers
from rest_framework_swagger.views import get_swagger_view
from core import apps
from core.views.accounts import StudentViewSet, CompanyViewSet, SupervisorViewSet, UserViewSet
from core.views.vacancies import VacancyViewSet, ApplicationViewSet, BookmarkedVacancyByStudentViewSet
from core.views.accounts import StudentViewSet, CompanyViewSet, SupervisorViewSet, UserViewSet, LoginViewSet
from core.views.vacancies import VacancyViewSet, ApplicationViewSet
schema_view = get_swagger_view()
router = routers.DefaultRouter()
router.register(r'users', UserViewSet)
router.register(r'students', StudentViewSet)
router.register(r'students/(?P<student_id>\d+)/bookmarked-vacancies', BookmarkedVacancyByStudentViewSet,
base_name='bookmarked-vacancy-list')
router.register(r'companies', CompanyViewSet)
router.register(r'supervisors', SupervisorViewSet)
router.register(r'login', LoginViewSet)
router.register(r'vacancies', VacancyViewSet)
router.register(r'applications', ApplicationViewSet)
......@@ -45,3 +44,5 @@ urlpatterns += [
url(r'^admin/', admin.site.urls),
url(r'', apps.index, name="index"),
]
......@@ -10,4 +10,6 @@ gunicorn
django-nose
coverage
django-rest-swagger
django-silk
\ No newline at end of file
django-silk
requests
requests-mock
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment