update rest api user fields (#2057)

CHANGELOG.rst

@@ -65,6 +65,7 @@ Changed
     - Update REST API views for OpenAPI compatibility (#1951)
     - Return ``503`` in ``ZoneSubmitMoveAPIView`` if project is locked (#1847)
     - Return ``503`` in ``ZoneCreateAPIView`` if no investigation or iRODS collections (#2036)
+    - Replace REST API ``SODARUserSerializer`` fields with UUID ``SlugRelatedField`` (#2057)
 - **Samplesheets**
     - Update REST API versioning (#1936)
     - Update REST API views for OpenAPI compatibility (#1951)
@@ -75,6 +76,7 @@ Changed
     - Return ``503`` in ``IrodsDataRequestAcceptAPIView`` if project is locked (#1847)
     - Return ``ProjectIrodsFileListAPIView`` results as list without ``irods_data`` object (#2040)
     - Remove length limitation from ``Process.performer`` (#1789, #1942, #2033)
+    - Replace REST API ``SODARUserSerializer`` fields with UUID ``SlugRelatedField`` (#2057)
 - **Taskflowbackend**
     - Refactor task tests (#2002)
     - Unify user name parameter naming in flows (#1653)

docs_manual/source/sodar_release_notes.rst

@@ -25,6 +25,7 @@ Release for SODAR Core v1.0 upgrade, iRODS v4.3 upgrade and feature updates.
 - Update REST API versioning
 - Update REST API views for OpenAPI support
 - Update lock requiring REST API views to return 503 if project is locked
+- Update REST APIs to return user UUID instead of SODARUserSerializer objects
 - Update landing zone creation REST API view to return 503 if no investigation
   or iRODS collections
 - Update irodsinfo configuration download to return JSON without Zip archive if
@@ -65,10 +66,14 @@ REST API Updates
 ----------------
 
 - Sample Sheets API
+    * ``IrodsAccessTicketRetrieveAPIView``
+        + Return ``user`` field as UUID string instead of serializer
     * ``IrodsCollsCreateAPIView``
         + Return ``503`` if project is locked
     * ``IrodsDataRequestAcceptAPIView``
         + Return ``503`` if project is locked
+    * ``IrodsDataRequestRetrieveAPIView``
+        + Return ``user`` field as UUID string instead of serializer
     * ``ProjectIrodsFileListAPIView``
         + Return results as list without ``irods_data`` object
         + Return ``modify_time`` field in standard REST API format
@@ -77,6 +82,8 @@ REST API Updates
         + Return ``503`` if Taskflow is not enabled
         + Return ``503`` if investigation for project is not found
         + Return ``503`` if project iRODS collections have not been created
+    * ``ZoneRetrieveAPIView``
+        + Return ``user`` field as UUID string instead of serializer
     * ``ZoneSubmitMoveAPIView``
         + Return ``503`` if project is locked
 

landingzones/serializers.py

@@ -5,10 +5,7 @@
 
 # Projectroles dependency
 from projectroles.plugins import get_backend_api
-from projectroles.serializers import (
-    SODARProjectModelSerializer,
-    SODARUserSerializer,
-)
+from projectroles.serializers import SODARProjectModelSerializer
 
 # Samplesheets dependency
 from samplesheets.models import Investigation, Assay
@@ -30,7 +27,7 @@ class LandingZoneSerializer(SODARProjectModelSerializer):
     """Serializer for the LandingZone model"""
 
     title = serializers.CharField(required=False)
-    user = SODARUserSerializer(read_only=True)
+    user = serializers.SlugRelatedField(slug_field='sodar_uuid', read_only=True)
     assay = serializers.CharField(source='assay.sodar_uuid')
     status_locked = serializers.SerializerMethodField(read_only=True)
     create_colls = serializers.BooleanField(write_only=True, default=False)

landingzones/tests/test_views_api.py

@@ -90,7 +90,7 @@ def test_get_owner(self):
         expected = {
             'title': self.zone.title,
             'project': str(self.project.sodar_uuid),
-            'user': self.get_serialized_user(self.user),
+            'user': str(self.user.sodar_uuid),
             'assay': str(self.assay.sodar_uuid),
             'status': self.zone.status,
             'status_info': self.zone.status_info,
@@ -118,7 +118,7 @@ def test_get_pagination(self):
                 {
                     'title': self.zone.title,
                     'project': str(self.project.sodar_uuid),
-                    'user': self.get_serialized_user(self.user),
+                    'user': str(self.user.sodar_uuid),
                     'assay': str(self.assay.sodar_uuid),
                     'status': self.zone.status,
                     'status_info': self.zone.status_info,
@@ -214,7 +214,7 @@ def test_get(self):
         expected = {
             'title': self.zone.title,
             'project': str(self.project.sodar_uuid),
-            'user': self.get_serialized_user(self.user),
+            'user': str(self.user.sodar_uuid),
             'assay': str(self.assay.sodar_uuid),
             'status': self.zone.status,
             'status_info': self.zone.status_info,

landingzones/tests/test_views_api_taskflow.py

@@ -134,7 +134,7 @@ def test_post(self):
         expected = {
             'title': zone.title,
             'project': str(self.project.sodar_uuid),
-            'user': self.get_serialized_user(self.user),
+            'user': str(self.user.sodar_uuid),
             'assay': str(self.assay.sodar_uuid),
             'status': ZONE_STATUS_CREATING,
             'status_info': DEFAULT_STATUS_INFO[ZONE_STATUS_CREATING],

landingzones/views_api.py

@@ -187,7 +187,7 @@ class ZoneRetrieveAPIView(
     - ``status_info``: Detailed description of the landing zone status (string)
     - ``status_locked``: Whether write access to the zone is currently locked (boolean)
     - ``title``: Full title of the created landing zone (string)
-    - ``user``: User who owns the zone (dict)
+    - ``user``: UUID of user who owns the zone (string)
     """
 
     lookup_field = 'sodar_uuid'

samplesheets/serializers.py

@@ -9,7 +9,6 @@
 from projectroles.serializers import (
     SODARProjectModelSerializer,
     SODARNestedListSerializer,
-    SODARUserSerializer,
 )
 
 from samplesheets.forms import (
@@ -106,7 +105,7 @@ class IrodsDataRequestSerializer(
 ):
     """Serializer for the IrodsDataRequest model"""
 
-    user = SODARUserSerializer(read_only=True)
+    user = serializers.SlugRelatedField(slug_field='sodar_uuid', read_only=True)
 
     class Meta:
         model = IrodsDataRequest
@@ -149,7 +148,7 @@ class IrodsAccessTicketSerializer(
     """Serializer for the IrodsAccessTicket model"""
 
     is_active = serializers.SerializerMethodField()
-    user = SODARUserSerializer(read_only=True)
+    user = serializers.SlugRelatedField(slug_field='sodar_uuid', read_only=True)
 
     class Meta:
         model = IrodsAccessTicket

samplesheets/tests/test_views_api.py

@@ -708,7 +708,7 @@ def test_get(self):
             'path': self.ticket.path,
             'date_created': local_date_created.isoformat(),
             'date_expires': self.ticket.date_expires,
-            'user': self.get_serialized_user(self.user),
+            'user': str(self.user.sodar_uuid),
             'is_active': self.ticket.is_active(),
         }
         self.assertEqual(json.loads(response.content), expected)
@@ -748,7 +748,7 @@ def test_get(self):
             'path': self.ticket.path,
             'date_created': self.get_drf_datetime(self.ticket.date_created),
             'date_expires': self.ticket.date_expires,
-            'user': self.get_serialized_user(self.user),
+            'user': str(self.user.sodar_uuid),
             'is_active': self.ticket.is_active(),
         }
         self.assertEqual(json.loads(response.content), [expected])
@@ -777,7 +777,7 @@ def test_get_active(self):
             'path': self.ticket.path,
             'date_created': self.get_drf_datetime(self.ticket.date_created),
             'date_expires': self.ticket.date_expires,
-            'user': self.get_serialized_user(self.user),
+            'user': str(self.user.sodar_uuid),
             'is_active': self.ticket.is_active(),
         }
         self.assertEqual(json.loads(response.content), [expected])
@@ -804,7 +804,7 @@ def test_get_pagination(self):
                         self.ticket.date_created
                     ),
                     'date_expires': self.ticket.date_expires,
-                    'user': self.get_serialized_user(self.user),
+                    'user': str(self.user.sodar_uuid),
                     'is_active': self.ticket.is_active(),
                 }
             ],
@@ -852,7 +852,7 @@ def test_get(self):
             'action': IRODS_REQUEST_ACTION_DELETE,
             'path': self.request.path,
             'target_path': '',
-            'user': self.get_serialized_user(self.user_contributor),
+            'user': str(self.user_contributor.sodar_uuid),
             'status': IRODS_REQUEST_STATUS_ACTIVE,
             'status_info': '',
             'description': self.request.description,
@@ -901,7 +901,7 @@ def test_get(self):
             'action': IRODS_REQUEST_ACTION_DELETE,
             'path': self.request.path,
             'target_path': '',
-            'user': self.get_serialized_user(self.user_contributor),
+            'user': str(self.user_contributor.sodar_uuid),
             'status': IRODS_REQUEST_STATUS_ACTIVE,
             'status_info': '',
             'description': self.request.description,
@@ -926,7 +926,7 @@ def test_get_pagination(self):
                     'action': IRODS_REQUEST_ACTION_DELETE,
                     'path': self.request.path,
                     'target_path': '',
-                    'user': self.get_serialized_user(self.user_contributor),
+                    'user': str(self.user_contributor.sodar_uuid),
                     'status': IRODS_REQUEST_STATUS_ACTIVE,
                     'status_info': '',
                     'description': self.request.description,

samplesheets/tests/test_views_api_taskflow.py

@@ -554,7 +554,7 @@ def test_put(self):
             'path': self.ticket.path,  # Path should not be updated
             'date_created': local_date_created.isoformat(),
             'date_expires': self.date_expires_update,
-            'user': self.get_serialized_user(self.user),
+            'user': str(self.user.sodar_uuid),
             'is_active': self.ticket.is_active(),
         }
         self.assertEqual(response.json(), expected)
@@ -624,7 +624,7 @@ def test_patch(self):
             'path': self.ticket.path,
             'date_created': local_date_created.isoformat(),
             'date_expires': self.date_expires_update,
-            'user': self.get_serialized_user(self.user),
+            'user': str(self.user.sodar_uuid),
             'is_active': self.ticket.is_active(),
         }
         self.assertEqual(response.json(), expected)

samplesheets/views_api.py

@@ -385,7 +385,7 @@ class IrodsAccessTicketRetrieveAPIView(
     - ``study``: Study UUID (string)
     - ``date_created``: Creation datetime (YYYY-MM-DDThh:mm:ssZ)
     - ``date_expires``: Expiry datetime (YYYY-MM-DDThh:mm:ssZ or null)
-    - ``user``: User who created the request (SODARUserSerializer dict)
+    - ``user``: UUID of user who created the request (string)
     - ``is_active``: Whether the request is currently active (boolean)
     - ``sodar_uuid``: IrodsAccessTicket UUID (string)
     """
@@ -585,7 +585,7 @@ class IrodsDataRequestRetrieveAPIView(
     - ``action``: Request action (string)
     - ``path``: iRODS path to object or collection (string)
     - ``target_path``: Target path (string, currently unused)
-    - ``user``: User initiating request (dict)
+    - ``user``: UUID of user initiating request (string)
     - ``status``: Request status (string)
     - ``status_info``: Request status info (string)
     - ``description``: Request description (string)