update

core/apps/accounts/views/user.py

@@ -9,6 +9,8 @@ from rest_framework.views import APIView
 from rest_framework.viewsets import ModelViewSet
 
 from core.apps.accounts.choices.user import RoleChoice
+from core.apps.accounts.models import Role
+from core.apps.accounts.serializers.permission import RoleListSerializer
 from core.apps.accounts.serializers.user import UserSerializer, AdminUserSerializer, UserCreateSerializer
 
 User = get_user_model()
@@ -64,7 +66,7 @@ class AdminCreateAPIView(APIView):
         return Response(serializer.data, status=201)
 
 
-@extend_schema(tags=['User'],)
+@extend_schema(tags=['User'], )
 class AdminUpdateAPIView(generics.GenericAPIView):
     permission_classes = [IsAuthenticated]
     serializer_class = UserCreateSerializer
@@ -88,7 +90,6 @@ class DeleteAdminUserApiView(APIView):
         if request.user.role != RoleChoice.SUPERUSER:
             return Response({'detail': 'Forbidden'}, status=403)
 
-
         user = get_object_or_404(User, pk=pk)
         if user.role != RoleChoice.ADMIN:
             return Response({'detail': 'This user is not an admin'}, status=400)
@@ -100,4 +101,17 @@ class DeleteAdminUserApiView(APIView):
 class UserDetailAPIView(generics.RetrieveAPIView):
     permission_classes = [IsAuthenticated]
     serializer_class = UserSerializer
-    lookup_field = 'id'
+    lookup_field = 'id'
+
+
+class AdminPermissionsAPIView(generics.GenericAPIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        if request.user.role.name != RoleChoice.ADMIN:
+            return Response({'detail': 'Forbidden'}, status=403)
+
+        admin_role = Role.objects.get(name=RoleChoice.ADMIN)
+
+        serializer = RoleListSerializer(admin_role)
+        return Response(serializer.data)