add get api

-from django.contrib.auth.models import User, Group
+from django.contrib.auth.models import Group
 from rest_framework import serializers
 from rest_framework import serializers
-from api.models import Item, SharedItem
+from .models import Item, SharedItem,User
 
 
 
 
 class UserSerializer(serializers.HyperlinkedModelSerializer):
 class UserSerializer(serializers.HyperlinkedModelSerializer):
     class Meta:
     class Meta:
         model = User
         model = User
-        fields = ['url', 'username', 'email', 'groups']
+        fields = '__all__'
 
 
 class GroupSerializer(serializers.HyperlinkedModelSerializer):
 class GroupSerializer(serializers.HyperlinkedModelSerializer):
     class Meta:
     class Meta:

@@ -27,8 +27,11 @@ class UserViewSet(viewsets.ModelViewSet):
     """
     """
     queryset = User.objects.all().order_by('-date_joined')
     queryset = User.objects.all().order_by('-date_joined')
     serializer_class = UserSerializer
     serializer_class = UserSerializer
-    permission_classes = [permissions.IsAuthenticated]
-
+    permission_classes = [permissions.IsAuthenticatedOrReadOnly, permissions.AllowAny,
+                          # IsOwnerOrReadOnly
+                          ]
+    permission_classes_by_action = {'get': [permissions.AllowAny],
+                                    'destroy': [permissions.AllowAny]}
     @csrf_exempt
     @csrf_exempt
     @action(detail=False, methods=['POST'], permission_classes=[permissions.AllowAny], url_path='signup', url_name='singup')
     @action(detail=False, methods=['POST'], permission_classes=[permissions.AllowAny], url_path='signup', url_name='singup')
     def signup(self, request):
     def signup(self, request):
@@ -93,6 +96,22 @@ class UserViewSet(viewsets.ModelViewSet):
             )
             )
         return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED)
         return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED)
 
 
+    def get(self, request, pk):
+        user = User.objects.filter(int_id=pk)
+        data = serializers.serialize("json", user)
+        json_data = json.loads(data)
+        res = json_data[0]['fields']
+        res['id']=json_data[0]['pk']
+        return Response({'data': res}, status=status.HTTP_200_OK)
+
+    def get_permissions(self):
+        try:
+            # return permission_classes depending on `action`
+            return [permission() for permission in self.permission_classes_by_action[self.action]]
+        except KeyError:
+            # action is not set return default permission_classes
+            return [permission() for permission in self.permission_classes]
+
 
 
 class ItemViewSet(viewsets.ViewSet):
 class ItemViewSet(viewsets.ViewSet):
 
 

@@ -35,5 +35,6 @@ urlpatterns = [
     url(r'^<int:pk>/copy/$', views.ItemViewSet.copy, name='copy'),
     url(r'^<int:pk>/copy/$', views.ItemViewSet.copy, name='copy'),
     url(r'^<int:pk>/children/$', views.ItemViewSet.children, name='copy'),
     url(r'^<int:pk>/children/$', views.ItemViewSet.children, name='copy'),
     url(r'^signup/$', views.UserViewSet.signup, name='signup'),
     url(r'^signup/$', views.UserViewSet.signup, name='signup'),
+    url(r'^login/$', views.UserViewSet.login, name='login'),
 
 
 ]
 ]