add user list handler, first of many

2025-10-10 11:33:01 +00:00 · 2014-09-13 22:42:07 -07:00
parent 970e4d2ce2
commit 833835b0f3
2 changed files with 69 additions and 3 deletions
--- a/jupyterhub/apihandlers/users.py
+++ b/jupyterhub/apihandlers/users.py
@@ -0,0 +1,29 @@
+"""Authorization handlers"""
+
+# Copyright (c) Jupyter Development Team.
+# Distributed under the terms of the Modified BSD License.
+
+import json
+
+from ..handlers import BaseHandler
+from .. import orm
+from ..utils import admin_only
+
+
+class UserListAPIHandler(BaseHandler):
+    @admin_only
+    def get(self):
+        users = list(self.db.query(orm.User))
+
+        data = []
+        for user in users:
+            data.append({
+                'name': user.name,
+                'server': user.server.base_url if user.server else None,
+            })
+
+        self.write(json.dumps(data))
+
+default_handlers = [
+    (r"/api/users", UserListAPIHandler),
+]
--- a/jupyterhub/tests/test_api.py
+++ b/jupyterhub/tests/test_api.py
@@ -5,13 +5,31 @@ import requests
 from ..utils import url_path_join as ujoin
 from .. import orm

+def add_user(db, **kwargs):
+    user = orm.User(**kwargs)
+    db.add(user)
+    db.commit()
+    return user
+
+def auth_header(db, name):
+    user = db.query(orm.User).filter(orm.User.name==name).first()
+    if user is None:
+        user = add_user(db, name=name)
+    if not user.api_tokens:
+        token = user.new_api_token()
+        db.add(token)
+        db.commit()
+    else:
+        token = user.api_tokens[0]
+    return {'Authorization': 'token %s' % token.token}

 def api_request(app, *api_path, **kwargs):
    """Make an API request"""
    base_url = app.hub.server.url
-    token = app.db.query(orm.APIToken).first()
-    kwargs.setdefault('headers', {})
-    kwargs['headers'].setdefault('Authorization', 'token %s' % token.token)
+    headers = kwargs.setdefault('headers', {})
+
+    if 'Authorization' not in headers:
+        headers.update(auth_header(app.db, 'admin'))
    
    url = ujoin(base_url, 'api', *api_path)
    method = kwargs.pop('method', 'get')
@@ -47,3 +65,22 @@ def test_auth_api(app):
    assert r.status_code == 403
    

+def test_get_users(app):
+    db = app.db
+    r = api_request(app, 'users')
+    assert r.status_code == 200
+    assert sorted(r.json(), key=lambda d: d['name']) == [
+        {
+            'name': 'admin',
+            'server': None,
+        },
+        {
+            'name': 'user',
+            'server': None,
+        }
+    ]
+
+    r = api_request(app, 'users',
+        headers=auth_header(db, 'user'),
+    )
+    assert r.status_code == 403