33 lines
1.0 KiB
Python
33 lines
1.0 KiB
Python
|
from django.utils.translation import ugettext_lazy as _
|
||
|
from rest_framework import viewsets, exceptions
|
||
|
|
||
|
from orchestra.api import router, SetPasswordApiMixin
|
||
|
|
||
|
from .models import Account
|
||
|
from .serializers import AccountSerializer
|
||
|
|
||
|
|
||
|
class AccountApiMixin(object):
|
||
|
def get_queryset(self):
|
||
|
qs = super(AccountApiMixin, self).get_queryset()
|
||
|
return qs.filter(account=self.request.user.pk)
|
||
|
|
||
|
|
||
|
class AccountViewSet(SetPasswordApiMixin, viewsets.ModelViewSet):
|
||
|
model = Account
|
||
|
serializer_class = AccountSerializer
|
||
|
singleton_pk = lambda _,request: request.user.pk
|
||
|
|
||
|
def get_queryset(self):
|
||
|
qs = super(AccountViewSet, self).get_queryset()
|
||
|
return qs.filter(id=self.request.user.pk)
|
||
|
|
||
|
def destroy(self, request, pk=None):
|
||
|
# TODO reimplement in permissions
|
||
|
if not request.user.is_superuser:
|
||
|
raise exceptions.PermissionDenied(_("Accounts can not be deleted."))
|
||
|
return super(AccountViewSet, self).destroy(request, pk=pk)
|
||
|
|
||
|
|
||
|
router.register(r'accounts', AccountViewSet)
|