fix: contracts table fix, document file added

core/apps/accounts/models/user.py

@@ -64,7 +64,6 @@ class User(auth_models.AbstractUser):
         _("Email Address"), 
         blank=True,
     )
-    
     role = models.CharField(
         _("Role"),
         max_length=255,

core/apps/accounts/views/me.py

@@ -1,28 +1,25 @@
+from django.db import transaction
+
+from drf_spectacular.utils import extend_schema
+
 from rest_framework.generics import GenericAPIView  # type: ignore
-from rest_framework.decorators import action  # type: ignore
 from rest_framework import status  # type: ignore
 from rest_framework.request import HttpRequest  # type: ignore
 from rest_framework.response import Response  # type: ignore
-from rest_framework.permissions import (  # type: ignore
+from rest_framework.permissions import IsAuthenticated  # type: ignore
-    IsAuthenticated
-)
 
 from core.utils.views import BaseApiViewMixin
 from core.apps.companies.serializers import (
     RetrieveCompanySerializer,
     CreateCompanySerializer,
 )
-from core.apps.companies.models import (
+from core.apps.companies.models import CompanyModel, CompanyAccountModel
-    CompanyModel,
-    CompanyAccountModel
-)
-
-from django.db import transaction
 
 
 ######################################################################
 # @api-view  |  POST, GET - me/companies
 ######################################################################
+@extend_schema(tags=["Me"])
 class MeCompanyApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     permission_classes = [IsAuthenticated]
 

core/apps/banks/urls.py

@@ -1,11 +1,12 @@
 from django.urls import path, include
-from rest_framework.routers import DefaultRouter
+from rest_framework.routers import DefaultRouter  # type: ignore
 
 from . import views
 
 router = DefaultRouter()
-router.register(r"banks", views.BankView, "banks")
+
+router.register(r"banks", views.BankViewSet, "banks-view-set")  # type: ignore
 
 urlpatterns = [
-    path("", include(router.urls)),
+    path("", include(router.urls)),  # type: ignore
 ]

core/apps/banks/views/banks.py

@@ -1,7 +1,7 @@
-from django_core.mixins import BaseViewSetMixin
+from django_core.mixins import BaseViewSetMixin  # type: ignore
 from drf_spectacular.utils import extend_schema
-from rest_framework.permissions import IsAdminUser
+from rest_framework.permissions import AllowAny, IsAdminUser  # type: ignore
-from rest_framework.viewsets import ModelViewSet
+from rest_framework.viewsets import ModelViewSet  # type: ignore
 
 from core.apps.banks.models import BankModel
 from core.apps.banks.serializers.banks import (
@@ -13,14 +13,20 @@ from core.apps.banks.serializers.banks import (
 )
 
 
+###################################################################################
+# @view-set  |  POST, GET - /banks
+###################################################################################
 @extend_schema(tags=["Banks"])
-class BankView(BaseViewSetMixin, ModelViewSet):
+class BankViewSet(BaseViewSetMixin, ModelViewSet):
     queryset = BankModel.objects.all()
     serializer_class = ListBankSerializer
     permission_classes = [IsAdminUser]
 
-    action_permission_classes = {}
+    action_permission_classes = {
-    action_serializer_class = {
+        "list": [AllowAny],
+        "retrieve": [AllowAny],
+    }
+    action_serializer_class = {  # type: ignore
         "list": ListBankSerializer,
         "retrieve": RetrieveBankSerializer,
         "create": CreateBankSerializer,

core/apps/companies/urls.py

@@ -5,8 +5,8 @@ from . import views
 
 router = DefaultRouter()
 
-router.register(r"company-accounts", views.CompanyAccountCrudViewSet, "company-account-view-set")  # type: ignore
+router.register(r"company-accounts", views.CompanyAccountViewSet, "company-account-view-set")  # type: ignore
-router.register(r"company-folders", views.CompanyFolderCrudViewSet, "company-folders-view-set")  # type: ignore
+router.register(r"company-folders", views.CompanyFolderViewSet, "company-folders-view-set")  # type: ignore
 router.register(r"companies", views.CompanyCrudViewSet, "companies-view-set")  # type: ignore
 
 

core/apps/companies/views/accounts.py

@@ -12,11 +12,11 @@ from core.apps.companies.serializers.accounts import (
     DestroyCompanyAccountSerializer,
 )
 
-######################################################################
+###################################################################################
-# Crud
+# @view-set  |  ALL - /company-accounts
-######################################################################
+###################################################################################
-@extend_schema(tags=["CompanyAccount"])
+@extend_schema(tags=["Company Accounts"])
-class CompanyAccountCrudViewSet(BaseViewSetMixin, ModelViewSet):
+class CompanyAccountViewSet(BaseViewSetMixin, ModelViewSet):
     queryset = CompanyAccountModel.objects.all()
     serializer_class = ListCompanyAccountSerializer
     permission_classes = [AllowAny]

core/apps/companies/views/companies.py

@@ -3,7 +3,6 @@ from django.contrib.auth import get_user_model
 
 from drf_spectacular.utils import extend_schema
 
-from rest_framework.decorators import action  # type: ignore
 from rest_framework.permissions import AllowAny, IsAdminUser  # type: ignore
 from rest_framework.viewsets import ModelViewSet  # type: ignore
 from rest_framework.generics import GenericAPIView  # type: ignore
@@ -26,22 +25,21 @@ from core.apps.companies.serializers import (
     RetrieveCompanyFolderSerializer,
     CreateFolderForCompanySerializer,
 )
-
 from core.apps.contracts.serializers import (
     RetrieveContractSerializer,
     BaseContractSerializer,
+    RetrieveContractQuerySerializer,
 )
-
 from core.apps.contracts.models import ContractModel
 
 
 UserModel = get_user_model()
 
 
-######################################################################
+###################################################################################
-# Crud
+# @view-set  |  ALL - /companies
-######################################################################
+###################################################################################
-@extend_schema(tags=["Company"])
+@extend_schema(tags=["Companies"])
 class CompanyCrudViewSet(BaseViewSetMixin, ModelViewSet):
     queryset = CompanyModel.objects.all()
     serializer_class = ListCompanySerializer
@@ -63,9 +61,9 @@ class CompanyCrudViewSet(BaseViewSetMixin, ModelViewSet):
     }
 
 
-######################################################################
+###################################################################################
-# company/<uuid:pk>/contract 
+# @api-view  |  GET - /companies/<uuid:pk>/contracts
-######################################################################
+###################################################################################
 @extend_schema(tags=["Company Contracts"])
 class CompanyContractApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     queryset = CompanyModel.objects.all()
@@ -82,18 +80,18 @@ class CompanyContractApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     #! TODO: status should be added.
     @extend_schema(
         summary="Company Contracts",
-        description="Get List Company Contracts"
+        description="Get List Company Contracts",
+        parameters=[RetrieveContractQuerySerializer]
     )
-    def get(
+    def get(self, request: HttpRequest, *args: object, **kwargs: object) -> Response:
-        self,
-        request: HttpRequest,
-        *args: object, 
-        **kwargs: object,
-    ) -> Response:
         company = self.get_object()
-        contracts = ContractModel.objects.filter(
+        contracts = (
+            ContractModel.objects.filter(
                 owners__legal_entity__phone=company.phone,
-        ).distinct()
+            )
+            .select_related("owners")
+            .distinct()
+        )
 
         folders_param = request.data.get("folders")
         if folders_param:
@@ -104,9 +102,9 @@ class CompanyContractApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
         return Response(serializer.data, status=status.HTTP_200_OK)
 
 
-######################################################################
+###################################################################################
-# company/<uuid:pk>/accounts
+# @api-view  |  GET - /company/<uuid:pk>/accounts
-######################################################################
+###################################################################################
 @extend_schema(tags=["Company Accounts"])
 class CompanyAccountApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     queryset = CompanyModel.objects.all()
@@ -131,9 +129,10 @@ class CompanyAccountApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
         return Response(data=ser.data, status=status.HTTP_200_OK)
 
 
-######################################################################
+
-# company/<uuid:pk>/folders
+###################################################################################
-######################################################################
+# @api-view  |  GET, POST - /company/<uuid:pk>/folders
+###################################################################################
 @extend_schema(tags=["Company Folders"])
 class CompanyFolderApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     queryset = CompanyModel.objects.all()
@@ -145,7 +144,7 @@ class CompanyFolderApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     }
     method_permission_classes = {
         "get": [IsCompanyAccount],
-        "get": [IsCompanyAccount],
+        "post": [IsCompanyAccount],
     }
 
     @extend_schema(

core/apps/companies/views/folders.py

@@ -24,12 +24,13 @@ from core.apps.companies.serializers.folders import (
 )
 
 
-######################################################################
+###################################################################################
-# Crud
+# @view-set  |  ALL - /company-folders
-######################################################################
+###################################################################################
-@extend_schema(tags=["CompanyFolder"])
+@extend_schema(tags=["Company Folders"])
-class CompanyFolderCrudViewSet(BaseViewSetMixin, ModelViewSet):
+class CompanyFolderViewSet(BaseViewSetMixin, ModelViewSet):
     queryset = CompanyFolderModel.objects.all()
+    serializer_class = ListCompanyFolderSerializer
     permission_classes = [AllowAny]
 
     action_permission_classes = {  # type: ignore
@@ -48,10 +49,10 @@ class CompanyFolderCrudViewSet(BaseViewSetMixin, ModelViewSet):
     }
 
 
-######################################################################
+###################################################################################
-# /company-folders/<uuid:pk>/contracts
+# @api-view  |  POST - /company-folders/<uuid:pk>/contracts
-######################################################################
+###################################################################################
-@extend_schema(tags=["CompanyFolder Contracts"])
+@extend_schema(tags=["Company Folder Contracts"])
 class ContractFolderApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     queryset = CompanyFolderModel.objects.all()
     permission_classes = [IsFolderOwner]

core/apps/contracts/migrations/0002_contractmodel_document_url.py

@@ -0,0 +1,19 @@
+# Generated by Django 5.2.4 on 2025-08-08 05:02
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("contracts", "0001_initial"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="contractmodel",
+            name="document_url",
+            field=models.FileField(default=1, max_length=2048, upload_to="", verbose_name="Document"),
+            preserve_default=False,
+        ),
+    ]

core/apps/contracts/migrations/0003_rename_document_url_contractmodel_document.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.4 on 2025-08-08 05:17
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("contracts", "0002_contractmodel_document_url"),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name="contractmodel",
+            old_name="document_url",
+            new_name="document",
+        ),
+    ]

core/apps/contracts/models/contracts.py

@@ -9,7 +9,6 @@ from core.apps.contracts.validators.contracts import (
 
 
 class ContractModel(UUIDPrimaryKeyBaseModel):
-
     name = models.CharField(
         _("name"),
         validators=[
@@ -17,13 +16,17 @@ class ContractModel(UUIDPrimaryKeyBaseModel):
         ], 
         max_length=255
     )
-    
+    document = models.FileField(
+        _("Document"),
+        null=False, 
+        blank=False,
+        max_length=2048,
+    )
     identifier = models.CharField(
         _("Identifier"), 
         null=False, 
         blank=False
     )
-
     allow_add_files = models.BooleanField(default=False)
     allow_delete_files = models.BooleanField(default=False)
 

core/apps/contracts/serializers/contracts/contracts.py

@@ -154,3 +154,25 @@ class CreateContractSerializer(BaseContractSerializer):
                 attached_files.save()  # type: ignore
 
         return contract
+
+
+###########################################################
+# Query Serializers
+###########################################################
+class RetrieveContractQuerySerializer(serializers.Serializer):
+    folders = serializers.ListField(
+        child=serializers.CharField(),
+        required=False,
+        help_text="Company Folders that contract should be allocated to."
+    )
+
+    created = serializers.BooleanField(required=False)
+    signed_by_counterparty = serializers.BooleanField(required=False)
+    signed_by_all_parts = serializers.BooleanField(required=False)
+    signed_by_counterparties = serializers.BooleanField(required=False)
+    
+    rejected_by_counterparty = serializers.BooleanField(required=False)
+    rejected_by_me = serializers.BooleanField(required=False)
+    rejected = serializers.BooleanField(required=False)
+
+    only_my_contracts = serializers.BooleanField(required=False)

core/apps/contracts/urls.py

@@ -1,37 +1,62 @@
 from django.urls import path, include
-from rest_framework.routers import DefaultRouter  # type: ignore
 
+from core.utils.router import TypedRouter
 from . import views
 
-router = DefaultRouter()
 
-router.register(r"contract-attached-files", views.ContractAttachedFileView, "contract-attached-files")  # type: ignore
+router = TypedRouter()
-router.register(r"contracts", views.ContractView, "contracts")  # type: ignore
-router.register(r"contracts", views.ContractRelationsViewSet, "contract-relations")  # type: ignore
-router.register(r"contract-file-contents", views.ContractFileContentView, "contract-file-contents")  # type: ignore
-router.register(r"contract-owners", views.ContractOwnerView, "contract-owners")  # type: ignore
-# router.register(r"contract-owners", views.CompanyFolderCrudViewSet, "contract-owner-files")  # type: ignore
 
-urlpatterns = [  # type: ignore
+router.register(
+    r"contract-attached-files", 
+    views.ContractAttachedFileViewSet, 
+    "contract-attached-files-view-set"
+)
+router.register(
+    r"contract-file-contents", 
+    views.ContractFileContentViewSet, 
+    "contract-file-contents-view-set"
+)
+router.register(
+    r"contract-owners", 
+    views.ContractOwnerViewSet, 
+    "contract-owners-view-set"
+)
+router.register(
+    r"contracts", 
+    views.ContractViewSet, 
+    "contracts"
+)
+
+urlpatterns: list[object] = [
     path("", include(router.urls)),  # type: ignore
     path(
         r"contract-owners/<uuid:owner_id>/contract", 
-        views.ContractDetailView.as_view(), 
+        views.ContractDetailApiView.as_view(), 
-        name="contract-detail"
+        name="contract-detail-api-view"
     ),
     path(
         "contract-owners/<uuid:owner_id>/files/<uuid:file_id>",
-        views.ContractAttachedFileDeleteView.as_view(),
+        views.ContractOwnerAttachedFileApiView.as_view(),
-        name="contract-file-delete"
+        name="contract-file-api-view"
     ),
     path(
         r"contract-owners/<uuid:owner_id>/files/<uuid:file_id>/upload",
-        views.UploadFileContentView.as_view(),
+        views.UploadFileContentApiView.as_view(),
-        name="upload-file-content"
+        name="upload-file-content-api-view"
     ),
     path(
         r"folders/<uuid:pk>/contracts",
-        views.ListFolderContractsView.as_view(),
+        views.ListFolderContractsApiView.as_view(),
-        name="list-folder-contracts"
+        name="list-folder-contracts-api-view"
+    ),
+    path(
+        r"contracts/<uuid:pk>/owners",
+        views.ContractOwnerApiView.as_view(),
+        name="contract-owners-api-view"
+    ),
+    path(
+        r"/contracts/<uuid:pk>/files",
+        views.ContractAttachedFileApiView.as_view(),
+        name="contract-attached-files-api-view"
     )
 ]

core/apps/contracts/views/attached_files.py

@@ -1,7 +1,7 @@
-from django_core.mixins import BaseViewSetMixin
+from django_core.mixins import BaseViewSetMixin  # type: ignore
 from drf_spectacular.utils import extend_schema
-from rest_framework.permissions import AllowAny, IsAdminUser
+from rest_framework.permissions import AllowAny, IsAdminUser  # type: ignore
-from rest_framework.viewsets import ModelViewSet
+from rest_framework.viewsets import ModelViewSet  # type: ignore
 
 from core.apps.contracts.models import ContractAttachedFileModel
 from core.apps.contracts.serializers.attached_files import (
@@ -13,8 +13,11 @@ from core.apps.contracts.serializers.attached_files import (
 )
 
 
-@extend_schema(tags=["ContractAttachedFile"])
+###################################################################################
-class ContractAttachedFileView(BaseViewSetMixin, ModelViewSet):
+# @view-set  |  ALL - /contract-attached-files
+###################################################################################
+@extend_schema(tags=["Contract Attached Files"])
+class ContractAttachedFileViewSet(BaseViewSetMixin, ModelViewSet):
     queryset = ContractAttachedFileModel.objects.all()
     serializer_class = ListContractAttachedFileSerializer
     permission_classes = [AllowAny]
@@ -26,7 +29,7 @@ class ContractAttachedFileView(BaseViewSetMixin, ModelViewSet):
         "update": [IsAdminUser],
         "destroy": [IsAdminUser],
     }
-    action_serializer_class = {
+    action_serializer_class = {  # type: ignore
         "list": ListContractAttachedFileSerializer,
         "retrieve": RetrieveContractAttachedFileSerializer,
         "create": CreateContractAttachedFileSerializer,

core/apps/contracts/views/contracts.py

@@ -1,17 +1,16 @@
 import uuid
 
 from drf_spectacular.utils import extend_schema
-from rest_framework.permissions import AllowAny, IsAdminUser, IsAuthenticated  # type: ignore
+from rest_framework.permissions import AllowAny, IsAdminUser  # type: ignore
 from rest_framework.viewsets import ModelViewSet  # type: ignore
-from rest_framework.views import APIView  # type: ignore
+from rest_framework.generics import GenericAPIView  # type: ignore
-
+from rest_framework.parsers import MultiPartParser  # type: ignore
 from rest_framework.request import HttpRequest  # type: ignore
 from rest_framework.response import Response  # type: ignore
-from rest_framework.decorators import action  # type: ignore
-from rest_framework.generics import get_object_or_404  # type: ignore
 from rest_framework import status  # type: ignore
 
 from django_core.mixins import BaseViewSetMixin  # type: ignore
+from core.utils.views import BaseApiViewMixin
 from core.apps.contracts.models import (
     ContractModel,
     ContractAttachedFileModel,
@@ -29,11 +28,15 @@ from core.apps.contracts.serializers import (
 )
 
 
-@extend_schema(tags=["Contract"])
+###################################################################################
-class ContractView(BaseViewSetMixin, ModelViewSet):
+# @view-set  |  ALL - /contracts
+###################################################################################
+@extend_schema(tags=["Contracts"])
+class ContractViewSet(BaseViewSetMixin, ModelViewSet):
     queryset = ContractModel.objects.all()
     serializer_class = ListContractSerializer
     permission_classes = [AllowAny]
+    parser_classes = [MultiPartParser]
 
     action_permission_classes = {  # type: ignore
         "list": [IsAdminUser],
@@ -60,83 +63,103 @@ class ContractView(BaseViewSetMixin, ModelViewSet):
         return super().create(request, *args, **kwargs)  # type: ignore
 
 
-class ContractRelationsViewSet(BaseViewSetMixin, ModelViewSet):
+###################################################################################
+# @api-view  |  GET - /contracts/{id}/owners
+###################################################################################
+@extend_schema(tags=["Contract Owners"])
+class ContractOwnerApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     queryset = ContractModel.objects.all()
     permission_classes = [AllowAny]
 
-    action_permission_classes = {
+    method_permission_classes = {
-        "list_file": [AllowAny],
+        "get": [AllowAny]
-        "list_owner": [AllowAny],
     }
-    action_serializer_class = {  # type: ignore
+    method_serializer_class = {
-        "list_file": ListContractAttachedFileSerializer, 
+        "get": RetrieveContractOwnerSerializer,
-        "list_owner": RetrieveContractOwnerSerializer,
+    }
+
+    @extend_schema(
+        summary="Get List Of Owners",
+        description="Get list of owners"
+    ) 
+    def get(self, *args: object, **kwargs: object) -> Response:
+        contract = self.get_object()
+        owners = ContractOwnerModel.objects.filter(contract=contract)
+        ser = self.get_serializer(instance=owners, many=True)
+        return Response(ser.data, status.HTTP_200_OK)
+
+
+###################################################################################
+# @api-view  |  GET - /contracts/{id}/files
+###################################################################################
+@extend_schema(tags=["Contract Attached Files"])
+class ContractAttachedFileApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
+    queryset = ContractModel.objects.all()
+    permission_classes = [AllowAny]
+
+    method_permission_classes = {
+        "get": [AllowAny]
+    }
+    method_serializer_class = {
+        "get": ListContractAttachedFileSerializer,
     }
 
     @extend_schema(
         summary="Get List Of Files",
         description="Get List Of Files"
     )
-    @action(url_path="files", detail=True, methods=["GET"])
+    def get(self, *args: object, **kwargs: object) -> Response:
-    def list_file(
+        contract = self.get_object()
-        self,
-        request: HttpRequest,
-        pk: uuid.UUID,
-        *args: object,
-        **kwargs: object
-    ) -> Response:
-        contract = get_object_or_404(ContractModel, pk=pk)
         files = ContractAttachedFileModel.objects.filter(contract=contract)
-        ser = self.get_serializer(instance=files, many=True)  # type: ignore
+        ser = self.get_serializer(instance=files, many=True)
         return Response(data=ser.data, status=status.HTTP_200_OK)
 
-    @extend_schema(
-        summary="Get List Of Owners",
-        description="Get list of owners"
-    )    
-    @action(url_path="owners", detail=True, methods=["GET"])
-    def list_owner(
-        self,
-        request: HttpRequest,
-        pk: uuid.UUID,
-        *args: object,
-        **kwargs: object
-    ) -> Response:
-        contract = get_object_or_404(ContractModel, pk=pk)
-        owners = ContractOwnerModel.objects.filter(contract=contract)
-        ser = self.get_serializer(instance=owners, many=True)  # type: ignore
-        return Response(ser.data, status.HTTP_200_OK)
 
-
+###################################################################################
-class ContractDetailView(APIView):
+# @api-view  |  GET - /contract-owners/{id}/contract
+###################################################################################
+@extend_schema(tags=["Contract Owners"])
+class ContractDetailApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
+    queryset = ContractOwnerModel.objects.all()
     permission_classes = [AllowAny]
 
+    method_permission_classes = {
+        "get": [AllowAny]
+    }
+    method_serializer_class = {
+        "get": RetrieveContractSerializer
+    }
+
     @extend_schema(
         summary="Uploads a file for contract attached files",
         description="Creates a file for contract attached files.",
     )
-    def get(
+    def get(self, request: HttpRequest, pk: uuid.UUID, *args: object, **kwargs: object) -> Response:
-        self,
+        contract = ContractModel.objects.filter(owners__id=pk)[0]
-        request: HttpRequest,
+        ser = self.get_serializer(instance=contract)  # type: ignore
-        owner_id: uuid.UUID,
-        *args: object, 
-        **kwargs: object
-    ) -> Response:
-        contract = ContractModel.objects.filter(owners__id=owner_id)[0]
-        ser = RetrieveContractSerializer(instance=contract)
         return Response(ser.data, status=status.HTTP_200_OK)
     
 
-class ListFolderContractsView(APIView):
+###################################################################################
-    permission_classes = [IsAdminUser]
+# @api-view  |  GET - /folders/{id}/contracts
+###################################################################################
+@extend_schema(tags=["Contracts"])
+class ListFolderContractsApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
+    permission_classes = [AllowAny]
+    queryset = ContractOwnerModel.objects.all()
     
-    def get(
+    method_permission_classes = {
-        self,
+        "get": [AllowAny]
-        request: HttpRequest,
+    }
-        pk: uuid.UUID,
+    method_serializer_class = {
-        *args: object, 
+        "get": ListContractSerializer
-        **kwargs: object
+    } 
-    ) -> Response:
+
+    @extend_schema(
+        summary="Get Contracts related to folders",
+        description="Get Contracts related to folders",
+    )
+    def get(self, request: HttpRequest, pk: uuid.UUID, *args: object, **kwargs: object) -> Response:
         contracts = ContractModel.objects.filter(folders__id=pk)
-        ser = ListContractSerializer(instance=contracts, many=True)
+        ser = self.get_serializer(instance=contracts, many=True)  # type: ignore
         return Response(ser.data, status.HTTP_200_OK)

core/apps/contracts/views/file_contents.py

@@ -1,7 +1,7 @@
-from django_core.mixins import BaseViewSetMixin
+from django_core.mixins import BaseViewSetMixin  # type: ignore
 from drf_spectacular.utils import extend_schema
-from rest_framework.permissions import AllowAny, IsAdminUser
+from rest_framework.permissions import AllowAny, IsAdminUser  # type: ignore
-from rest_framework.viewsets import ModelViewSet
+from rest_framework.viewsets import ModelViewSet  # type: ignore
 
 from core.apps.contracts.models import ContractFileContentModel
 from core.apps.contracts.serializers.file_contents import (
@@ -13,8 +13,11 @@ from core.apps.contracts.serializers.file_contents import (
 )
 
 
-@extend_schema(tags=["ContractFileContent"])
+###################################################################################
-class ContractFileContentView(BaseViewSetMixin, ModelViewSet):
+# @view-set  |  ALL - /contract-file-contents
+###################################################################################
+@extend_schema(tags=["Contract File Contents"])
+class ContractFileContentViewSet(BaseViewSetMixin, ModelViewSet):
     queryset = ContractFileContentModel.objects.all()
     serializer_class = ListContractFileContentSerializer
     permission_classes = [AllowAny]
@@ -26,7 +29,7 @@ class ContractFileContentView(BaseViewSetMixin, ModelViewSet):
         "update": [IsAdminUser],
         "destroy": [IsAdminUser],
     }
-    action_serializer_class = {
+    action_serializer_class = {  # type: ignore
         "list": ListContractFileContentSerializer,
         "retrieve": RetrieveContractFileContentSerializer,
         "create": CreateContractFileContentSerializer,

core/apps/contracts/views/owners.py

@@ -3,18 +3,18 @@ from typing import cast
 
 from django_core.mixins import BaseViewSetMixin  # type: ignore
 from django.utils.translation import gettext as _
-from drf_spectacular.utils import extend_schema, OpenApiResponse
+from drf_spectacular.utils import extend_schema
 from rest_framework.exceptions import PermissionDenied  # type: ignore
-from rest_framework.decorators import action  # type: ignore
 from rest_framework.permissions import AllowAny, IsAdminUser  # type: ignore
 from rest_framework.viewsets import ModelViewSet  # type: ignore
 from rest_framework.request import HttpRequest  # type: ignore
 from rest_framework.response import Response  # type: ignore
 from rest_framework import status  # type: ignore
-from rest_framework.views import APIView  # type: ignore
+from rest_framework.generics import GenericAPIView  # type: ignore
 from rest_framework.parsers import MultiPartParser, FormParser  # type: ignore
 from rest_framework.generics import get_object_or_404  # type: ignore
 
+from core.utils.views import BaseApiViewMixin
 from core.apps.contracts.models import (
     ContractOwnerModel,
     ContractAttachedFileModel,
@@ -26,14 +26,15 @@ from core.apps.contracts.serializers import (
     UpdateContractOwnerSerializer,
     DestroyContractOwnerSerializer,
 
-    RetrieveContractAttachedFileSerializer,
-    CreateContractAttachedFileSerializer,
     CreateContractFileContentFromOwnerSerializer,
 )
 
 
-@extend_schema(tags=["ContractOwner"])
+###################################################################################
-class ContractOwnerView(BaseViewSetMixin, ModelViewSet):
+# @view-set  |  ALL - /contract-owners
+###################################################################################
+@extend_schema(tags=["Contract Owners"])
+class ContractOwnerViewSet(BaseViewSetMixin, ModelViewSet):
     queryset = ContractOwnerModel.objects.all()
     serializer_class = ListContractOwnerSerializer
     permission_classes = [AllowAny]
@@ -54,63 +55,19 @@ class ContractOwnerView(BaseViewSetMixin, ModelViewSet):
     }
 
 
-# class ContractOwnerFileViewSet(BaseViewSetMixin, ModelViewSet):
+###################################################################################
-#     queryset = ContractOwnerModel.objects.all()
+# @api-view  |  DELETE - /contract-owners/{owner_id}/files/{file_id}
-#     serializer_class = RetrieveContractAttachedFileSerializer
+###################################################################################
-#     permission_classes = [AllowAny]
+@extend_schema(tags=["Contract Files"])
-
+class ContractOwnerAttachedFileApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
-#     action_serializer_class = {  # type: ignore
-#         "list_file": RetrieveContractAttachedFileSerializer,
-#         "create_file": CreateContractAttachedFileSerializer,
-#     }
-
-#     @extend_schema(
-#         summary="Contract Files Related to Owner",
-#         description="Contract Files Related to Owner",
-#     )
-#     @action(url_path="files", methods=["GET"], detail=True)
-#     def list_file(
-#         self,
-#         request: HttpRequest,
-#         *args: object,
-#         **kwargs: object,
-#     ) -> Response:
-#         owner = cast(ContractOwnerModel, self.get_object())
-#         files = ContractAttachedFileModel.objects.filter(
-#             contract__owners=owner, contents__owner=owner
-#         ).select_related("contents")
-#         serializer = self.get_serializer(instance=files, many=True)
-#         return Response(serializer.data, status.HTTP_200_OK)
-
-#     @extend_schema(
-#         summary="Create Contract Files Related to Owner",
-#         description="Create Contract Files Related to Owner"
-#     )
-#     @action(url_path="files", methods=["GET"], detail=True)
-#     def create_file(
-#         self,
-#         request: HttpRequest,
-#         *args: object,
-#         **kwargs: object,
-#     ) -> Response:
-#         owner = cast(
-#             ContractOwnerModel, 
-#             self.get_queryset().select_related("contract")
-#         )
-#         if not owner.contract.allow_add_files:
-#             raise PermissionDenied(_("Attaching new files was restricted for this contract."))
-#         ser = self.get_serializer(data=request.data)
-#         ser.is_valid(raise_exception=True)
-#         ser.save()  # type: ignore
-#         return Response(ser.data, status.HTTP_201_CREATED)
-
-
-class ContractAttachedFileDeleteView(APIView):
     permission_classes = [AllowAny]
+    serializer_class = ListContractOwnerSerializer
+    queryset = ContractOwnerModel.objects.all()
+
+    method_permission_classes = {"delete": [AllowAny]}
+    method_serializer_class = {}
 
     @extend_schema(
-        # request=ContractFileDeleteRequestSerializer,
-        responses={204: OpenApiResponse(description="File successfully deleted.")},
         summary="Delete a file from contract",
         description="Deletes a contract-attached file if contract allows file deletion.",
     )
@@ -127,9 +84,9 @@ class ContractAttachedFileDeleteView(APIView):
         )
         if not owner.contract.allow_delete_files:
             raise PermissionDenied(_("Deleting attached files was restricted for this contract"))
+        
         file = get_object_or_404(
-            ContractAttachedFileModel.objects.all().select_related("contract"),
+            ContractAttachedFileModel.objects.all().select_related("contract"), pk=file_id
-            pk=file_id
         )
         if owner.contract.pk != file.contract.pk:
             raise PermissionDenied(_("Contract have no such file attached"))
@@ -137,15 +94,20 @@ class ContractAttachedFileDeleteView(APIView):
         return Response(status=status.HTTP_204_NO_CONTENT)
         
     
-class UploadFileContentView(APIView):
+###################################################################################
+# @api-view  |  POST - /contract-owners/{owner_id}/files/{file_id}/upload
+###################################################################################
+@extend_schema(tags=["Contract File contents"])
+class UploadFileContentApiView(BaseApiViewMixin, GenericAPIView):  # type: ignore
     permission_classes = [AllowAny]
     parser_classes = [MultiPartParser, FormParser]  # type: ignore
 
+    method_permission_classes = {"post": [AllowAny]}
+    method_serializer_class = {"post": CreateContractFileContentFromOwnerSerializer}
+
     @extend_schema(
         summary="Uploads a file for contract attached files",
         description="Creates a file for contract attached files.",
-        request=CreateContractFileContentFromOwnerSerializer,
-        responses={201: CreateContractFileContentFromOwnerSerializer},
     )
     def post(
         self,
@@ -155,13 +117,11 @@ class UploadFileContentView(APIView):
         *args: object,
         **kwargs: object
     ) -> Response:
-        serializer = CreateContractFileContentFromOwnerSerializer(
+        serializer_context = dict(file_id=file_id, contract_owner_id=owner_id)
-            data=request.data,  # type: ignore 
+        serializer = cast(
-            context={
+            CreateContractFileContentFromOwnerSerializer, 
-                "file_id": file_id,
+            self.get_serializer(data=request.data, context=serializer_context)  # type: ignore
-                "contract_owner_id": owner_id,
-            }
         )
         serializer.is_valid(raise_exception=True)
-        serializer.save()  # type: ignore
+        serializer.save()
         return Response(serializer.data, status=status.HTTP_201_CREATED)

core/utils/router.py

@@ -0,0 +1,54 @@
+from typing import Type, Optional, Self, override
+
+from rest_framework.viewsets import ViewSetMixin  # type: ignore
+from rest_framework.routers import DefaultRouter  # type: ignore
+
+
+class TypedRouter(DefaultRouter):
+    """
+    A subclass of DRF's `rest_framework.routers.DefaultRouter` that adds proper static
+    type annotations to certain methods — particularly the `register` method.
+
+    This resolves issues with static analysis tools such as MyPy and Pyright,
+    which normally raise warnings or require `# type: ignore` comments due to the
+    original method's lack of strict typing.
+
+    Benefits:
+    - Eliminates the need to use `# type: ignore` when calling `.register(...)`
+    - Improves type safety by enforcing that only subclasses of `ViewSetMixin` are passed
+    - Enhances developer experience (DX) in statically typed projects
+    - Promotes DRY principles by reducing repetitive ignores across the codebase
+
+    This class does not modify any runtime behavior of `DefaultRouter`. It is purely a DX
+    and tooling improvement for typed Python projects using Django REST Framework (DRF).
+
+    Example:
+        from my_project.routers import TypedRouter
+        from my_app.api import UserViewSet
+
+        router = TypedRouter()
+        router.register("users", UserViewSet, basename="user")
+    """
+
+    @override
+    def register(  # type: ignore
+        self,
+        prefix: str,
+        viewset: Type[ViewSetMixin],
+        basename: Optional[str] = None,
+        **kwargs: object
+    ) -> Self:
+        """
+        Registers a viewset with a given URL prefix and optional basename, with proper type hints
+        to improve static analysis (e.g., with MyPy or Pyright) when using DRF's DefaultRouter.
+
+        This method overrides `DefaultRouter.register()` to annotate the expected `viewset` type
+        as a subclass of `ViewSetMixin`, which reflects how DRF expects viewsets to behave.
+
+        Useful for eliminating `# type: ignore` comments and improving autocompletion.
+
+        See also:
+        - DRF Router documentation: https://www.django-rest-framework.org/api-guide/routers/
+        """
+        super().register(prefix=prefix, viewset=viewset, basename=basename, **kwargs)  # type: ignore
+        return self

docs/COMMENTS.md

@@ -61,7 +61,8 @@ List only the HTTP methods the view explicitly supports:
 * `OPTIONS`
 
 Order doesn't matter, but use **uppercase** for consistency.
-
+Write `ALL` instead of counting one by one, if your endpoint handles
+all of the supported methods.
 ---
 
 ### 📍 Endpoint Path

docs/ENDPOINTS.md

@@ -68,16 +68,15 @@ Testers will write `done`, `not ok` and developers will define status that is no
 * `PATCH /company-accounts/<uuid:pk>`           — admin  — ok
 * `DELETE /company-accounts/<uuid:pk>`          — admin  — ok
 * `POST /accounts/verify`                       — user   — TODO
-
   * required: `phone`, `code`
 
 ---
 
 ## 🌐 Banks
 
-* `GET /banks`                                   — admin  — ok
+* `GET /banks`                                   — user   — ok
 * `POST /banks`                                  — admin  — ok
-* `GET /banks/<uuid:pk>`                         — admin  — ok
+* `GET /banks/<uuid:pk>`                         — user   — ok
 * `DELETE /banks/<uuid:pk>`                      — admin  — ok
 * `PATCH /banks/<uuid:pk>`                       — admin  — ok