diff --git a/galaxy_ng/app/api/ui_v2/views.py b/galaxy_ng/app/api/ui_v2/views.py index c5499ef3b8..6baca49951 100644 --- a/galaxy_ng/app/api/ui_v2/views.py +++ b/galaxy_ng/app/api/ui_v2/views.py @@ -4,6 +4,7 @@ from rest_framework import status from rest_framework.exceptions import ValidationError from rest_framework.decorators import action +from rest_framework import views from ansible_base.rest_pagination.default_paginator import DefaultPaginator @@ -23,14 +24,32 @@ from galaxy_ng.app.models.organization import Team -class UserViewSet(viewsets.ModelViewSet): - queryset = User.objects.all().order_by('id') - serializer_class = UserSerializer +class BaseView(views.APIView): + """ + A view to define the base properties for the views in + ansible_base.rbac. Set ANSIBLE_BASE_CUSTOM_VIEW_PARENT + to this class in settings so that the rbac endpoints + follow the defined pagination and permission classes. + """ + pagination_class = DefaultPaginator + permission_classes = [IsSuperUserOrReadOnly] + + # openapi compatibility ... + def endpoint_pieces(*args, **kwargs): + return '' + + +class BaseViewSet(viewsets.ModelViewSet): filter_backends = (DjangoFilterBackend,) - filterset_class = UserViewFilter pagination_class = DefaultPaginator permission_classes = [IsSuperUserOrReadOnly] + +class UserViewSet(BaseViewSet): + queryset = User.objects.all().order_by('id') + serializer_class = UserSerializer + filterset_class = UserViewFilter + def create(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) @@ -69,23 +88,17 @@ def perform_update(self, serializer): serializer.save() -class GroupViewSet(viewsets.ReadOnlyModelViewSet): +class GroupViewSet(BaseViewSet): queryset = Group.objects.all().order_by('id') serializer_class = GroupSerializer - filter_backends = (DjangoFilterBackend,) filterset_class = GroupViewFilter - pagination_class = DefaultPaginator - permission_classes = [IsSuperUserOrReadOnly] -class OrganizationViewSet(viewsets.ModelViewSet): +class OrganizationViewSet(BaseViewSet): queryset = Organization.objects.all().order_by('pk') serializer_class = OrganizationSerializer - filter_backends = (DjangoFilterBackend,) filterset_class = OrganizationFilter - pagination_class = DefaultPaginator - permission_classes = [IsSuperUserOrReadOnly] def update(self, request, *args, **kwargs): instance = self.get_object() @@ -101,14 +114,11 @@ def destroy(self, request, *args, **kwargs): return super().destroy(request, *args, **kwargs) -class TeamViewSet(viewsets.ModelViewSet): +class TeamViewSet(BaseViewSet): queryset = Team.objects.all().order_by('id') serializer_class = TeamSerializer - filter_backends = (DjangoFilterBackend,) filterset_class = TeamFilter - pagination_class = DefaultPaginator - permission_classes = [IsSuperUserOrReadOnly] def create(self, request, *args, **kwargs): diff --git a/galaxy_ng/app/settings.py b/galaxy_ng/app/settings.py index e835f2b7bb..c6d2e1bc09 100644 --- a/galaxy_ng/app/settings.py +++ b/galaxy_ng/app/settings.py @@ -403,6 +403,9 @@ # RESOURCE_SERVER = {"URL": str, "SECRET_KEY": str, "VALIDATE_HTTPS": bool} # -- ANSIBLE BASE RBAC -- +# The rbac viewsets inherit from a defined base class to get their +# pagination settings +ANSIBLE_BASE_CUSTOM_VIEW_PARENT = "galaxy_ng.app.api.ui_v2.views.BaseView" # If a role does not already exist that can give those object permissions # then the system must create one, this is used for naming the auto-created role ANSIBLE_BASE_ROLE_CREATOR_NAME = "{obj._meta.model_name} Creator Role" diff --git a/galaxy_ng/tests/integration/dab/test_dab_rbac_pagination.py b/galaxy_ng/tests/integration/dab/test_dab_rbac_pagination.py new file mode 100644 index 0000000000..d69ea974ef --- /dev/null +++ b/galaxy_ng/tests/integration/dab/test_dab_rbac_pagination.py @@ -0,0 +1,11 @@ +import pytest + + +pytestmark = pytest.mark.qa # noqa: F821 + + +@pytest.mark.deployment_standalone +def test_dab_rbac_pagination(galaxy_client): + gc = galaxy_client("admin", ignore_cache=True) + roledefs = gc.get('_ui/v2/role_definitions/?page_size=1') + assert len(roledefs['results']) == 1