src/backend/mailbox_manager/api/serializers.py

"""Client serializers for People's mailbox manager app."""

import json

from rest_framework import exceptions, serializers

from core.api.serializers import UserSerializer

from mailbox_manager import models
from mailbox_manager.utils.dimail import DimailAPIClient


class MailboxSerializer(serializers.ModelSerializer):
    """Serialize mailbox."""

    class Meta:
        model = models.Mailbox
        fields = ["id", "first_name", "last_name", "local_part", "secondary_email"]
        # everything is actually read-only as we do not allow update for now
        read_only_fields = ["id"]

    def create(self, validated_data):
        """
        Override create function to fire a request on mailbox creation.
        """
        # send new mailbox request to dimail
        client = DimailAPIClient()
        response = client.send_mailbox_request(
            validated_data, self.context["request"].user.sub
        )

        # fix format to have actual json, and remove uuid
        mailbox_data = json.loads(response.content.decode("utf-8").replace("'", '"'))
        del mailbox_data["uuid"]

        # actually save mailbox on our database
        instance = models.Mailbox.objects.create(**validated_data)

        # send confirmation email
        client.send_new_mailbox_notification(
            recipient=validated_data["secondary_email"], mailbox_data=mailbox_data
        )
        return instance


class MailDomainSerializer(serializers.ModelSerializer):
    """Serialize mail domain."""

    abilities = serializers.SerializerMethodField(read_only=True)

    class Meta:
        model = models.MailDomain
        lookup_field = "slug"
        fields = [
            "id",
            "name",
            "slug",
            "status",
            "abilities",
            "created_at",
            "updated_at",
        ]
        read_only_fields = [
            "id",
            "slug",
            "status",
            "abilities",
            "created_at",
            "updated_at",
        ]

    def get_abilities(self, domain) -> dict:
        """Return abilities of the logged-in user on the instance."""
        request = self.context.get("request")
        if request:
            return domain.get_abilities(request.user)
        return {}


class MailDomainAccessSerializer(serializers.ModelSerializer):
    """Serialize mail domain access."""

    user = UserSerializer(read_only=True, fields=["id", "name", "email"])
    can_set_role_to = serializers.SerializerMethodField(read_only=True)

    class Meta:
        model = models.MailDomainAccess
        fields = [
            "id",
            "user",
            "role",
            "can_set_role_to",
        ]
        read_only_fields = ["id", "user", "can_set_role_to"]

    def get_can_set_role_to(self, access):
        """Return roles available to set for the authenticated user"""
        return access.get_can_set_role_to(self.context.get("request").user)

    def validate(self, attrs):
        """
        Check access rights specific to writing (update)
        """
        request = self.context.get("request")
        authenticated_user = getattr(request, "user", None)
        role = attrs.get("role")

        # Update
        if self.instance:
            can_set_role_to = self.instance.get_can_set_role_to(authenticated_user)

            if role and role not in can_set_role_to:
                message = (
                    f"You are only allowed to set role to {', '.join(can_set_role_to)}"
                    if can_set_role_to
                    else "You are not allowed to modify role for this user."
                )
                raise exceptions.PermissionDenied(message)
        return attrs


class MailDomainAccessReadOnlySerializer(MailDomainAccessSerializer):
    """Serialize mail domain access for list and retrieve actions."""

    class Meta:
        model = models.MailDomainAccess
        fields = [
            "id",
            "user",
            "role",
            "can_set_role_to",
        ]
        read_only_fields = [
            "id",
            "user",
            "role",
            "can_set_role_to",
        ]
✨(api) add CRUD for mailbox manager MailDomain models Add create,list,retrieve and delete actions for MailDomain model. 2024-04-17 11:19:22 +02:00			`"""Client serializers for People's mailbox manager app."""`
✨(api) allow to list and create Mailboxes Simply display all Mailboxes create for a MailDomain. LDAP connection is not yet available, it will be implemented soon. Read and create permissions will be refined soon too. 2024-04-16 17:06:43 +02:00
✨(mailbox) send new mailbox confirmation email send mailbox information upon creating a new mailbox 2024-09-20 18:08:02 +02:00			`import json`

✨(backend) domain accesses update API Allow to update (PUT, PATCH) an access. Role can be change only to a role available depending to the authenticated user. 2024-09-27 15:54:44 +02:00			`from rest_framework import exceptions, serializers`
✨(api) allow to list and create Mailboxes Simply display all Mailboxes create for a MailDomain. LDAP connection is not yet available, it will be implemented soon. Read and create permissions will be refined soon too. 2024-04-16 17:06:43 +02:00
✨(backend) domain accesses list API Add an endpoint to list all accesses created for a domain Return all roles available to set for each access depending to the authenticated user. 2024-09-14 00:59:38 +02:00			`from core.api.serializers import UserSerializer`

✨(backend) domain accesses update API Allow to update (PUT, PATCH) an access. Role can be change only to a role available depending to the authenticated user. 2024-09-27 15:54:44 +02:00			`from mailbox_manager import models`
♻️(serializers) move dimail calls to serializers we move all business logic from model to serializer. all API calls (direct and from front) will keep on triggering expected 3rd party calls while admin actions will uniquely trigger modifications in our database. 2024-09-19 18:47:08 +02:00			`from mailbox_manager.utils.dimail import DimailAPIClient`
✨(api) allow to list and create Mailboxes Simply display all Mailboxes create for a MailDomain. LDAP connection is not yet available, it will be implemented soon. Read and create permissions will be refined soon too. 2024-04-16 17:06:43 +02:00

			`class MailboxSerializer(serializers.ModelSerializer):`
			`"""Serialize mailbox."""`

			`class Meta:`
			`model = models.Mailbox`
✨(mail) add first_name and last_name for Mailbox Mail provisioning API needs a full name to create a new mailbox. 2024-08-07 12:29:40 +02:00			`fields = ["id", "first_name", "last_name", "local_part", "secondary_email"]`
✨(mailboxes) add mail provisioning api integration We want people to create new mailboxes in La Régie. This commit adds integration with intermediary dimail-api, which will in turn send our email creation request to Open-Xchange. 2024-08-05 12:20:44 +02:00			`# everything is actually read-only as we do not allow update for now`
			`read_only_fields = ["id"]`
✨(api) allow to list and create Mailboxes Simply display all Mailboxes create for a MailDomain. LDAP connection is not yet available, it will be implemented soon. Read and create permissions will be refined soon too. 2024-04-16 17:06:43 +02:00
♻️(serializers) move dimail calls to serializers we move all business logic from model to serializer. all API calls (direct and from front) will keep on triggering expected 3rd party calls while admin actions will uniquely trigger modifications in our database. 2024-09-19 18:47:08 +02:00			`def create(self, validated_data):`
			`"""`
			`Override create function to fire a request on mailbox creation.`
			`"""`
✨(mailbox) send new mailbox confirmation email send mailbox information upon creating a new mailbox 2024-09-20 18:08:02 +02:00			`# send new mailbox request to dimail`
♻️(serializers) move dimail calls to serializers we move all business logic from model to serializer. all API calls (direct and from front) will keep on triggering expected 3rd party calls while admin actions will uniquely trigger modifications in our database. 2024-09-19 18:47:08 +02:00			`client = DimailAPIClient()`
✨(mailbox) send new mailbox confirmation email send mailbox information upon creating a new mailbox 2024-09-20 18:08:02 +02:00			`response = client.send_mailbox_request(`
			`validated_data, self.context["request"].user.sub`
			`)`

			`# fix format to have actual json, and remove uuid`
			`mailbox_data = json.loads(response.content.decode("utf-8").replace("'", '"'))`
			`del mailbox_data["uuid"]`

			`# actually save mailbox on our database`
			`instance = models.Mailbox.objects.create(**validated_data)`

			`# send confirmation email`
			`client.send_new_mailbox_notification(`
			`recipient=validated_data["secondary_email"], mailbox_data=mailbox_data`
			`)`
			`return instance`
♻️(serializers) move dimail calls to serializers we move all business logic from model to serializer. all API calls (direct and from front) will keep on triggering expected 3rd party calls while admin actions will uniquely trigger modifications in our database. 2024-09-19 18:47:08 +02:00
✨(api) allow to list and create Mailboxes Simply display all Mailboxes create for a MailDomain. LDAP connection is not yet available, it will be implemented soon. Read and create permissions will be refined soon too. 2024-04-16 17:06:43 +02:00
			`class MailDomainSerializer(serializers.ModelSerializer):`
			`"""Serialize mail domain."""`

✨(mail) manage mailboxes permissions Manage create and list permissions for all roles. 2024-08-06 00:04:51 +02:00			`abilities = serializers.SerializerMethodField(read_only=True)`

✨(api) allow to list and create Mailboxes Simply display all Mailboxes create for a MailDomain. LDAP connection is not yet available, it will be implemented soon. Read and create permissions will be refined soon too. 2024-04-16 17:06:43 +02:00			`class Meta:`
			`model = models.MailDomain`
✨(mailbox_manager) modify API to get maildomain Access to maildomain by slug name 2024-06-03 16:59:55 +02:00			`lookup_field = "slug"`
✨(api) add CRUD for mailbox manager MailDomain models Add create,list,retrieve and delete actions for MailDomain model. 2024-04-17 11:19:22 +02:00			`fields = [`
			`"id",`
			`"name",`
✨(mailbox_manager) add slug to MailDomain serializer add missing field to MailDomain serializer after commit b4bafb6 2024-06-18 15:10:15 +02:00			`"slug",`
✨(mail) add status on domain create or retrieve API to display status on frontend 2024-08-08 15:55:16 +02:00			`"status",`
✨(mail) manage mailboxes permissions Manage create and list permissions for all roles. 2024-08-06 00:04:51 +02:00			`"abilities",`
✨(api) add CRUD for mailbox manager MailDomain models Add create,list,retrieve and delete actions for MailDomain model. 2024-04-17 11:19:22 +02:00			`"created_at",`
			`"updated_at",`
			`]`
✅(tests) fix tests after adding slugs to domains - slug readonly on admin - fix test to expect slug in payload, when retrieving a domain 2024-06-19 16:48:07 +02:00			`read_only_fields = [`
			`"id",`
			`"slug",`
✨(mail) add status on domain create or retrieve API to display status on frontend 2024-08-08 15:55:16 +02:00			`"status",`
✨(mail) manage mailboxes permissions Manage create and list permissions for all roles. 2024-08-06 00:04:51 +02:00			`"abilities",`
✅(tests) fix tests after adding slugs to domains - slug readonly on admin - fix test to expect slug in payload, when retrieving a domain 2024-06-19 16:48:07 +02:00			`"created_at",`
			`"updated_at",`
			`]`
✨(api) add CRUD for mailbox manager MailDomain models Add create,list,retrieve and delete actions for MailDomain model. 2024-04-17 11:19:22 +02:00
✨(mail) manage mailboxes permissions Manage create and list permissions for all roles. 2024-08-06 00:04:51 +02:00			`def get_abilities(self, domain) -> dict:`
			`"""Return abilities of the logged-in user on the instance."""`
			`request = self.context.get("request")`
			`if request:`
			`return domain.get_abilities(request.user)`
			`return {}`

✨(api) add CRUD for mailbox manager MailDomain models Add create,list,retrieve and delete actions for MailDomain model. 2024-04-17 11:19:22 +02:00
			`class MailDomainAccessSerializer(serializers.ModelSerializer):`
✨(backend) domain accesses list API Add an endpoint to list all accesses created for a domain Return all roles available to set for each access depending to the authenticated user. 2024-09-14 00:59:38 +02:00			`"""Serialize mail domain access."""`

			`user = UserSerializer(read_only=True, fields=["id", "name", "email"])`
			`can_set_role_to = serializers.SerializerMethodField(read_only=True)`
✨(api) add CRUD for mailbox manager MailDomain models Add create,list,retrieve and delete actions for MailDomain model. 2024-04-17 11:19:22 +02:00
			`class Meta:`
			`model = models.MailDomainAccess`
			`fields = [`
			`"id",`
			`"user",`
			`"role",`
✨(backend) domain accesses list API Add an endpoint to list all accesses created for a domain Return all roles available to set for each access depending to the authenticated user. 2024-09-14 00:59:38 +02:00			`"can_set_role_to",`
			`]`
			`read_only_fields = ["id", "user", "can_set_role_to"]`

			`def get_can_set_role_to(self, access):`
✨(backend) domain accesses update API Allow to update (PUT, PATCH) an access. Role can be change only to a role available depending to the authenticated user. 2024-09-27 15:54:44 +02:00			`"""Return roles available to set for the authenticated user"""`
			`return access.get_can_set_role_to(self.context.get("request").user)`

			`def validate(self, attrs):`
			`"""`
			`Check access rights specific to writing (update)`
			`"""`
			`request = self.context.get("request")`
			`authenticated_user = getattr(request, "user", None)`
			`role = attrs.get("role")`

			`# Update`
			`if self.instance:`
			`can_set_role_to = self.instance.get_can_set_role_to(authenticated_user)`

			`if role and role not in can_set_role_to:`
			`message = (`
			`f"You are only allowed to set role to {', '.join(can_set_role_to)}"`
			`if can_set_role_to`
			`else "You are not allowed to modify role for this user."`
			`)`
			`raise exceptions.PermissionDenied(message)`
			`return attrs`
✨(backend) domain accesses list API Add an endpoint to list all accesses created for a domain Return all roles available to set for each access depending to the authenticated user. 2024-09-14 00:59:38 +02:00

			`class MailDomainAccessReadOnlySerializer(MailDomainAccessSerializer):`
			`"""Serialize mail domain access for list and retrieve actions."""`

			`class Meta:`
			`model = models.MailDomainAccess`
			`fields = [`
			`"id",`
			`"user",`
			`"role",`
			`"can_set_role_to",`
			`]`
			`read_only_fields = [`
			`"id",`
			`"user",`
			`"role",`
			`"can_set_role_to",`
✨(api) add CRUD for mailbox manager MailDomain models Add create,list,retrieve and delete actions for MailDomain model. 2024-04-17 11:19:22 +02:00			`]`