From 54612e31ca531cbad0e0fceeb27c072ce9b8b07b Mon Sep 17 00:00:00 2001
From: henu <henri.varjotie@aalto.fi>
Date: Thu, 25 May 2017 17:06:44 +0300
Subject: [PATCH] Add REST API support to members

Members can be now retrieved one at a time is user has admin rights.
Implemented also permissions and throttle rates to REST API and added
required settings.py modifications to settings-sample.py file.
---
 members/serializers.py    |  8 ++++++++
 members/urls.py           |  6 ++++++
 members/views.py          | 14 +++++++++++++-
 sikweb/settings-sample.py |  1 +
 4 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 members/serializers.py

diff --git a/members/serializers.py b/members/serializers.py
new file mode 100644
index 0000000..95f1e21
--- /dev/null
+++ b/members/serializers.py
@@ -0,0 +1,8 @@
+from rest_framework import serializers
+from members.models import Member
+
+class MemberSerializer(serializers.ModelSerializer):
+    paid = serializers.DateTimeField(source='last_paid')
+    class Meta:
+        model = Member
+        fields = ('id', 'first_name', 'last_name', 'email', 'POR', 'AYY', 'jas', 'created', 'paid')
diff --git a/members/urls.py b/members/urls.py
index de099b3..792a1c7 100644
--- a/members/urls.py
+++ b/members/urls.py
@@ -17,6 +17,9 @@ from members.views import member_delete_confirm
 from members.views import member_delete
 from members.views import payment_list
 
+# rest api
+from members.views import MemberDetail
+
 # application
 from members.views import application_form
 from members.views import application_list
@@ -96,6 +99,9 @@ urlpatterns = [
     # favourite icon
     url(r'^favicon\.ico$', favicon_view),
 
+    # rest api url
+    url(r'^api/members/(?P<pk>\d+)$', MemberDetail.as_view()),
+
     # email validation
     # url(r'^validate/(?P<uidb64>[0-9A-Za-z_\-\']+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$', validateEmail, name='user-activation-link'),
     # url(r'^validate/success/$', validate_success),
diff --git a/members/views.py b/members/views.py
index 97aead0..f0a0288 100644
--- a/members/views.py
+++ b/members/views.py
@@ -10,11 +10,17 @@ from django.utils.translation import ugettext as _
 '''Email validation'''
 from django.db.models.signals import post_save
 from django.dispatch import receiver
-from .tokens import email_token_generator
+#from .tokens import email_token_generator
 from django.utils.http import urlsafe_base64_encode
 from django.utils.encoding import force_bytes
 from django.core.mail import send_mail
 
+'''REST framework'''
+from members.serializers import MemberSerializer
+from rest_framework import generics
+from rest_framework import permissions
+from rest_framework.throttling import UserRateThrottle, AnonRateThrottle
+
 import json
 import requests
 import logging
@@ -502,3 +508,9 @@ def email_on_accept(sender, instance, created, **kwargs):
         message = 'Jäsenhakemuksesi on hyväksytty!!!\r\n'
         send_mail_wrapper(subject, message, instance.email)
 
+# Can be used to retrieve single member information via REST API
+class MemberDetail(generics.RetrieveAPIView):
+    queryset = Member.objects.all()
+    serializer_class = MemberSerializer
+    permission_classes = (permissions.IsAdminUser, )
+    throttle_classes = (UserRateThrottle, AnonRateThrottle, )
diff --git a/sikweb/settings-sample.py b/sikweb/settings-sample.py
index 0323a47..4df4a29 100644
--- a/sikweb/settings-sample.py
+++ b/sikweb/settings-sample.py
@@ -137,6 +137,7 @@ REST_FRAMEWORK = {
     'DEFAULT_PERMISSION_CLASSES': (
         'rest_framework.permissions.IsAuthenticated',
         'rest_framework.permissions.DjangoModelPermissions',
+        'rest_framework.permissions.IsAdminUser',
     ),
     'DEFAULT_THROTTLE_CLASSES': (
         'members.throttles.BurstRateThrottle',