-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GNIP 99: Implement a CRUD REST API for users #11995
Comments
Thanks @giohappy |
💯 |
Do we still list GNIPs here? https://github.com/GeoNode/geonode/wiki/GeoNode-Improvement-Proposals |
@t-book tight, we should update that list. Could you do it? |
@giohappy will take care of it |
More API functionality is always welcome. Thanks Giovanni and GeoSolutions |
…actored validation in serializer
* [Fixes #11995] Implement POST and PATCH methods for the User API * Upgrare Remote Docker for CircleCI * [Fixes #11995] Implement POST and PATCH methods for the User API, refactored validation in serializer --------- Co-authored-by: RegisSinjari <[email protected]> Co-authored-by: Giovanni Allegri <[email protected]>
…2072) * [Fixes #11995 Implement POST and PATCH methods for the User API (#12011) * [Fixes #11995] Implement POST and PATCH methods for the User API * Upgrare Remote Docker for CircleCI * [Fixes #11995] Implement POST and PATCH methods for the User API, refactored validation in serializer --------- Co-authored-by: RegisSinjari <[email protected]> Co-authored-by: Giovanni Allegri <[email protected]> * [Fixes #11995] Implement the DELETE method for the User API (#12028) * [Fixes #11995] Implement the DELETE method for the User API * [Fixes #11995] Implement the DELETE method for the User API refactor and docstrings added * [Fixes #11995] Implement endpoint to transfer resources (#12067) * [Fixes #11995] Implement endpoint to transfer ownership * [Issue 11995] Implement endpoint to unregister as a project manager (#12066) * [FIXES #11995] Implement endpoint to unregister as a project manager * [FIXES #11995] Implement endpoint to unregister as a project managergroup.group_id * [FIXES #11995] Implement endpoint to unregister as a project manager,tests added * [Fixes #11995] black reformatting * [Fixes #11995] GNIP 99: Implement a CRUD REST API for users * [Fixes #11995] GNIP 99: Implement a CRUD REST API for users * Update views.py --------- Co-authored-by: RegisSinjari <[email protected]> Co-authored-by: Giovanni Allegri <[email protected]>
GNIP 99: Implement a CRUD REST API for users
Overview
The current
api/v2/users API
will be extended to cover the following operations for the Profile model:The following proposal includes only the API, no work on the user interface is considered.
Proposed By
GeoSolustions s.a.s. ([email protected])
Assigned to Release
This proposal is for GeoNode 4.3.0.
State
Motivation
At the moment GeoNode doesn't implement an API for the management of users from third-party client applications and services.
The lack of the possibility to delete an account is particularly critical in terms of compliance with the current data policy rules, which require any application to implement the option for users to delete their accounts.
Proposal
Retrieve a list of users
Endpoint:
api/v2/users
The endpoint is already implemented and returns the list of users visible to the current user.
Retrieve user data
Endpoint:
api/v2/users/<id>
The endpoint is already implemented and returns information about the current user.
Create a new user
Endpoint:
api/v2/users/<id>
Authorization: The action will only be available to administrators and for authenticated users only for their user id
Example of user creation:
Implementation notes:
ACCOUNT_EMAIL_REQUIRED
is set toTrue
, the email will be mandatory in the payload.AUTH_PASSWORD_VALIDATORS
, the API will return an error if the validation failsUpdate user data
Endpoint:
api/v2/users/<id>
Authorization: The action will only be available to administrators or users who want to modify their information.
The updatable information is the same as the one defined in the Profile/AbstractUser model.
Example of user update:
Implementation notes:
AUTH_PASSWORD_VALIDATORS
, the API will return an error if the validation failsDelete a user
Endpoint:
api/v2/users/<id>
Authorization: The action will only be available to administrators and for authenticated users only for their user id
The following rules will be implemented to validate the deletion request:
In case either of these two rules are violated, the request will be denied.
Two dedicated endpoints will be implemented to allow a user to transfer the ownership of resources and to unregister as a group manager. These actions will permit the user to fulfill the rules for the account deletion.
Example of user delete:
Transfer of resource ownership
Endpoint:
api/v2/users/<id>/transfer_resources
Authorization: The action will only be available to administrators and for authenticated users only for their own user id
This action will transfer the ownership of the resources owned by the current user to a target user.
Resources can only be assigned to users that are visible to the current user, or the default administrator.
Visible users are:
The target user is set inside the payload. The “DEFAULT” constant string can be used to transfer ownership to the default user, which is the principal administrator.
Example of a transfer request:
Unregister as a group manager
Endpoint:
api/v2/users/<id>/remove_from_group_manager
Authorization: The action will only be available to administrators and for authenticated users only for their user id
A user can request to be removed from the role of group manager for one or multiple groups.
The target groups (list) can be set inside the payload. The “ALL” constant string can be used to request the removal of a group manager from all the groups.
Example of a removal request:
Back compatibility
The changes will grant back compatibility with the already user's API.
Backwards Compatibility
The current
/api/v2/users
listing endpoint will maintain the same interface.Future evolution
The future enhancements could include:
Feedback
Update this section with relevant feedback, if any.
Voting
Project Steering Committee:
The text was updated successfully, but these errors were encountered: