TODO: fix create contract related endpoints
This commit is contained in:
@@ -1,12 +1,20 @@
|
||||
from rest_framework import permissions
|
||||
from rest_framework import permissions # type: ignore
|
||||
from rest_framework.request import HttpRequest # type: ignore
|
||||
from rest_framework.views import APIView # type: ignore
|
||||
from core.apps.companies.models import CompanyFolderModel
|
||||
|
||||
|
||||
class CompanyfolderPermission(permissions.BasePermission):
|
||||
class IsFolderOwner(permissions.IsAuthenticated):
|
||||
|
||||
def __init__(self) -> None: ...
|
||||
def has_object_permission( # type: ignore
|
||||
self,
|
||||
request: HttpRequest,
|
||||
view: APIView,
|
||||
obj: CompanyFolderModel
|
||||
) -> bool:
|
||||
return CompanyFolderModel.objects.filter(
|
||||
company__accounts__user=request.user,
|
||||
id=obj.id
|
||||
).exists()
|
||||
|
||||
def __call__(self, *args, **kwargs):
|
||||
return self
|
||||
|
||||
def has_permission(self, request, view):
|
||||
return True
|
||||
|
||||
@@ -22,10 +22,6 @@ class RetrieveCompanyFolderSerializer(BaseCompanyFolderSerializer):
|
||||
class Meta(BaseCompanyFolderSerializer.Meta): ...
|
||||
|
||||
|
||||
class CreateCompanyFolderSerializer(BaseCompanyFolderSerializer):
|
||||
class Meta(BaseCompanyFolderSerializer.Meta): ...
|
||||
|
||||
|
||||
class UpdateCompanyFolderSerializer(BaseCompanyFolderSerializer):
|
||||
class Meta(BaseCompanyFolderSerializer.Meta): ...
|
||||
|
||||
@@ -35,6 +31,13 @@ class DestroyCompanyFolderSerializer(BaseCompanyFolderSerializer):
|
||||
fields = ["id"]
|
||||
|
||||
|
||||
###########################################################
|
||||
# Create Serializers
|
||||
###########################################################
|
||||
class CreateCompanyFolderSerializer(BaseCompanyFolderSerializer):
|
||||
class Meta(BaseCompanyFolderSerializer.Meta): ...
|
||||
|
||||
|
||||
class CreateCompanyFolderFromCompanySerializer(CreateCompanyFolderSerializer):
|
||||
class Meta(CreateCompanyFolderSerializer.Meta):
|
||||
read_only_fields = (
|
||||
|
||||
@@ -1,8 +1,16 @@
|
||||
from django_core.mixins import BaseViewSetMixin
|
||||
from drf_spectacular.utils import extend_schema
|
||||
from rest_framework.permissions import AllowAny, IsAdminUser
|
||||
from rest_framework.viewsets import ModelViewSet
|
||||
from typing import cast
|
||||
|
||||
from django_core.mixins import BaseViewSetMixin # type: ignore
|
||||
from drf_spectacular.utils import extend_schema
|
||||
from rest_framework.decorators import action # type: ignore
|
||||
from rest_framework.permissions import AllowAny, IsAdminUser # type: ignore
|
||||
from rest_framework.viewsets import ModelViewSet # type: ignore
|
||||
from rest_framework.request import HttpRequest # type: ignore
|
||||
from rest_framework.response import Response # type: ignore
|
||||
from rest_framework import status # type: ignore
|
||||
|
||||
from core.apps.contracts.serializers.contracts import CreateContractSerializer
|
||||
from core.apps.companies.permissions.folders import IsFolderOwner
|
||||
from core.apps.companies.models import CompanyFolderModel
|
||||
from core.apps.companies.serializers.folders import (
|
||||
CreateCompanyFolderSerializer,
|
||||
@@ -19,17 +27,38 @@ class CompanyFolderView(BaseViewSetMixin, ModelViewSet):
|
||||
serializer_class = ListCompanyFolderSerializer
|
||||
permission_classes = [AllowAny]
|
||||
|
||||
action_permission_classes = {
|
||||
action_permission_classes = { # type: ignore
|
||||
"list": [IsAdminUser],
|
||||
"retrieve": [IsAdminUser],
|
||||
"create": [IsAdminUser],
|
||||
"update": [IsAdminUser],
|
||||
"destroy": [IsAdminUser],
|
||||
"create_contract": [IsFolderOwner]
|
||||
}
|
||||
action_serializer_class = {
|
||||
action_serializer_class = { # type: ignore
|
||||
"list": ListCompanyFolderSerializer,
|
||||
"retrieve": RetrieveCompanyFolderSerializer,
|
||||
"create": CreateCompanyFolderSerializer,
|
||||
"update": UpdateCompanyFolderSerializer,
|
||||
"destroy": DestroyCompanyFolderSerializer,
|
||||
"create_contract": CreateContractSerializer,
|
||||
}
|
||||
|
||||
@extend_schema(
|
||||
summary="Create Contract For Folder",
|
||||
description="Create Contract For Folder",
|
||||
)
|
||||
@action(methods=["POST"], detail=True, url_path="contracts")
|
||||
def create_contract(
|
||||
self,
|
||||
request: HttpRequest,
|
||||
*args: object,
|
||||
**kwargs: object
|
||||
) -> Response:
|
||||
ser = cast(
|
||||
CreateContractSerializer,
|
||||
self.get_serializer(data=request.data) # type: ignore
|
||||
)
|
||||
ser.is_valid(raise_exception=True)
|
||||
ser.save()
|
||||
return Response(ser.data, status.HTTP_201_CREATED)
|
||||
|
||||
@@ -93,7 +93,11 @@ class CreateOwnersForContractSerializer(CreateContractOwnerSerializer):
|
||||
|
||||
|
||||
class CreateContractAttachedFileForContractSerializer(CreateContractAttachedFileSerializer):
|
||||
class Meta(CreateContractAttachedFileSerializer.Meta): ...
|
||||
class Meta(CreateContractAttachedFileSerializer.Meta):
|
||||
read_only_fields = (
|
||||
"contract",
|
||||
*CreateContractAttachedFileSerializer.Meta.read_only_fields
|
||||
)
|
||||
|
||||
def create(self, validated_data: dict[str, object]) -> Meta.model:
|
||||
contract = self.context.get("contract")
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import uuid
|
||||
|
||||
from drf_spectacular.utils import extend_schema
|
||||
from rest_framework.permissions import AllowAny, IsAdminUser # type: ignore
|
||||
from rest_framework.permissions import AllowAny, IsAdminUser, IsAuthenticated # type: ignore
|
||||
from rest_framework.viewsets import ModelViewSet # type: ignore
|
||||
from rest_framework.views import APIView # type: ignore
|
||||
|
||||
@@ -38,7 +38,7 @@ class ContractView(BaseViewSetMixin, ModelViewSet):
|
||||
action_permission_classes = { # type: ignore
|
||||
"list": [IsAdminUser],
|
||||
"retrieve": [IsAdminUser],
|
||||
"create": [IsAdminUser],
|
||||
"create": [IsAuthenticated],
|
||||
"update": [IsAdminUser],
|
||||
"destroy": [IsAdminUser],
|
||||
"list_file": [AllowAny],
|
||||
@@ -54,6 +54,15 @@ class ContractView(BaseViewSetMixin, ModelViewSet):
|
||||
"list_owner": RetrieveContractOwnerSerializer,
|
||||
}
|
||||
|
||||
def create(
|
||||
self,
|
||||
request: HttpRequest,
|
||||
*args: object,
|
||||
**kwargs: object,
|
||||
) -> Response:
|
||||
#! TODO: checkout if user has access to create new contract.
|
||||
return super().create(request, *args, **kwargs) # type: ignore
|
||||
|
||||
@extend_schema(
|
||||
summary="Get List Of Files",
|
||||
description="Get List Of Files"
|
||||
|
||||
Reference in New Issue
Block a user