feat(api): initial work on API

!1

app/api/apps.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class ApiConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'api'

app/api/serializers/access.py

@@ -0,0 +1,30 @@
+from rest_framework import serializers
+from access.models import Organization, Team
+
+
+class TeamSerializer(serializers.ModelSerializer):
+
+
+    class Meta:
+        model = Team
+        fields = (
+            "group_ptr_id",
+            "name",
+        )
+
+
+
+class OrganizationSerializer(serializers.ModelSerializer):
+
+    url = serializers.HyperlinkedIdentityField(
+        view_name="_api_organization", format="html"
+    )
+
+
+    class Meta:
+        model = Organization
+        fields = (
+            "id",
+            "name",
+            'url',
+        )

app/api/urls.py

@@ -0,0 +1,16 @@
+from django.urls import path
+from rest_framework.urlpatterns import format_suffix_patterns
+
+from .views import access, index
+
+
+urlpatterns = [
+    path("", index.IndexView.as_view(), name='_api_home'),
+    path("organization/", access.OrganizationList.as_view(), name='_api_orgs'),
+    path("organization/<int:pk>/", access.OrganizationDetail.as_view(), name='_api_organization'),
+    path("organization/<int:organization_id>/team/<int:group_ptr_id>/", access.TeamDetail.as_view(), name='_api_team'),
+    path("organization/team/", access.TeamList.as_view(), name='_api_teams'),
+
+]
+
+urlpatterns = format_suffix_patterns(urlpatterns)

app/api/views/access.py

@@ -0,0 +1,42 @@
+from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
+
+from rest_framework import generics
+
+from access.models import Organization, Team
+from api.serializers.access import OrganizationSerializer, TeamSerializer
+
+
+
+class OrganizationList(PermissionRequiredMixin, LoginRequiredMixin, generics.ListCreateAPIView):
+    permission_required = 'access.view_organization'
+    queryset = Organization.objects.all()
+    serializer_class = OrganizationSerializer
+
+
+    def get_view_name(self):
+        return "Organizations"
+
+
+
+class OrganizationDetail(PermissionRequiredMixin, LoginRequiredMixin, generics.RetrieveUpdateDestroyAPIView):
+    permission_required = 'access.view_organization'
+    queryset = Organization.objects.all()
+    serializer_class = OrganizationSerializer
+
+
+    def get_view_name(self):
+        return "Organization"
+
+
+
+class TeamList(generics.ListCreateAPIView):
+    queryset = Team.objects.all()
+    serializer_class = TeamSerializer
+
+
+
+class TeamDetail(generics.RetrieveUpdateDestroyAPIView):
+    queryset = Team.objects.all()
+    serializer_class = TeamSerializer
+
+    lookup_field = 'group_ptr_id'

app/api/views/index.py

@@ -0,0 +1,33 @@
+from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
+from django.contrib.auth.models import User
+from django.utils.safestring import mark_safe
+
+from rest_framework import generics, permissions, routers
+from rest_framework.decorators import api_view
+from rest_framework.response import Response
+from rest_framework.reverse import reverse
+
+
+
+class IndexView(PermissionRequiredMixin, LoginRequiredMixin, routers.APIRootView):
+
+    permission_required = 'access.view_organization'
+
+    def get_view_name(self):
+        return "My API"
+
+    def get_view_description(self, html=False) -> str:
+        text = "My REST API"
+        if html:
+            return mark_safe(f"<p>{text}</p>")
+        else:
+            return text
+
+
+    def get(self, request, *args, **kwargs):
+        return Response(
+        {
+            "organizations": reverse("_api_orgs", request=request),
+            "teams": reverse("_api_teams", request=request),
+        }
+    )