From dc4c98bfc9b8aa66f6e25da1274583ed43c95108 Mon Sep 17 00:00:00 2001 From: Shaxobff Date: Wed, 29 Apr 2026 11:18:50 +0500 Subject: [PATCH 1/4] update --- core/apps/accounts/serializers/permission.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/apps/accounts/serializers/permission.py b/core/apps/accounts/serializers/permission.py index f3e05cb..628e199 100644 --- a/core/apps/accounts/serializers/permission.py +++ b/core/apps/accounts/serializers/permission.py @@ -18,7 +18,7 @@ class PermissionToTabSerializer(serializers.ModelSerializer): class PermissionSerializer(serializers.ModelSerializer): - permission_tabs = PermissionToTabSerializer(many=True) + permission_tabs = PermissionToTabSerializer(many=True, source='permission_to_tabs') class Meta: model = Permission From 51b30c2cc4793e9a2420a455376de2ab32feeca1 Mon Sep 17 00:00:00 2001 From: Shaxobff Date: Wed, 29 Apr 2026 11:57:23 +0500 Subject: [PATCH 2/4] update --- core/apps/accounts/serializers/permission.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/apps/accounts/serializers/permission.py b/core/apps/accounts/serializers/permission.py index 628e199..885232d 100644 --- a/core/apps/accounts/serializers/permission.py +++ b/core/apps/accounts/serializers/permission.py @@ -10,7 +10,7 @@ class PermissionToActionSerializer(serializers.ModelSerializer): class PermissionToTabSerializer(serializers.ModelSerializer): - permission_to_actions = PermissionToActionSerializer(many=True) + permission_to_actions = PermissionToActionSerializer(many=True, read_only=True) class Meta: model = PermissionToTab @@ -18,7 +18,7 @@ class PermissionToTabSerializer(serializers.ModelSerializer): class PermissionSerializer(serializers.ModelSerializer): - permission_tabs = PermissionToTabSerializer(many=True, source='permission_to_tabs') + permission_tabs = PermissionToTabSerializer(many=True, read_only=True) class Meta: model = Permission From 1cb9551e8191d406ebba67f2765f2b2f646df429 Mon Sep 17 00:00:00 2001 From: Shaxobff Date: Wed, 29 Apr 2026 14:21:33 +0500 Subject: [PATCH 3/4] update --- core/apps/accounts/views/user.py | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/core/apps/accounts/views/user.py b/core/apps/accounts/views/user.py index 4fa760c..aff8801 100644 --- a/core/apps/accounts/views/user.py +++ b/core/apps/accounts/views/user.py @@ -9,6 +9,8 @@ from rest_framework.views import APIView from rest_framework.viewsets import ModelViewSet from core.apps.accounts.choices.user import RoleChoice +from core.apps.accounts.models import Role +from core.apps.accounts.serializers.permission import RoleListSerializer from core.apps.accounts.serializers.user import UserSerializer, AdminUserSerializer, UserCreateSerializer User = get_user_model() @@ -64,7 +66,7 @@ class AdminCreateAPIView(APIView): return Response(serializer.data, status=201) -@extend_schema(tags=['User'],) +@extend_schema(tags=['User'], ) class AdminUpdateAPIView(generics.GenericAPIView): permission_classes = [IsAuthenticated] serializer_class = UserCreateSerializer @@ -88,7 +90,6 @@ class DeleteAdminUserApiView(APIView): if request.user.role != RoleChoice.SUPERUSER: return Response({'detail': 'Forbidden'}, status=403) - user = get_object_or_404(User, pk=pk) if user.role != RoleChoice.ADMIN: return Response({'detail': 'This user is not an admin'}, status=400) @@ -100,4 +101,17 @@ class DeleteAdminUserApiView(APIView): class UserDetailAPIView(generics.RetrieveAPIView): permission_classes = [IsAuthenticated] serializer_class = UserSerializer - lookup_field = 'id' \ No newline at end of file + lookup_field = 'id' + + +class AdminPermissionsAPIView(generics.GenericAPIView): + permission_classes = [IsAuthenticated] + + def get(self, request): + if request.user.role.name != RoleChoice.ADMIN: + return Response({'detail': 'Forbidden'}, status=403) + + admin_role = Role.objects.get(name=RoleChoice.ADMIN) + + serializer = RoleListSerializer(admin_role) + return Response(serializer.data) \ No newline at end of file From db7e34c1c2a9565e949ebe490cf95ec7ac88f8f4 Mon Sep 17 00:00:00 2001 From: Shaxobff Date: Wed, 29 Apr 2026 16:12:12 +0500 Subject: [PATCH 4/4] update --- .../serializers/auto/AutoEvaluation.py | 7 +++++- .../serializers/quick/QuickEvaluation.py | 4 ++++ core/apps/evaluation/urls.py | 2 ++ core/apps/evaluation/views/auto.py | 20 +++++++++++++--- core/apps/evaluation/views/quick.py | 24 ++++++++++++++----- 5 files changed, 47 insertions(+), 10 deletions(-) diff --git a/core/apps/evaluation/serializers/auto/AutoEvaluation.py b/core/apps/evaluation/serializers/auto/AutoEvaluation.py index 9b2391c..ae28e21 100644 --- a/core/apps/evaluation/serializers/auto/AutoEvaluation.py +++ b/core/apps/evaluation/serializers/auto/AutoEvaluation.py @@ -329,4 +329,9 @@ class AutoEvaluationSerializer(serializers.Serializer): transmission = serializers.CharField() condition = serializers.CharField() fuel_type = serializers.CharField() - mileage = serializers.CharField() \ No newline at end of file + mileage = serializers.CharField() + +class AutoEvaluationModelSerializer(serializers.ModelSerializer): + class Meta: + model = AutoEvaluationModel + fields = "__all__" \ No newline at end of file diff --git a/core/apps/evaluation/serializers/quick/QuickEvaluation.py b/core/apps/evaluation/serializers/quick/QuickEvaluation.py index caf942e..7b6586d 100644 --- a/core/apps/evaluation/serializers/quick/QuickEvaluation.py +++ b/core/apps/evaluation/serializers/quick/QuickEvaluation.py @@ -128,3 +128,7 @@ class CreateQuickevaluationSerializer(serializers.ModelSerializer): return super().create(validated_data) +class QuickEvaluationModelSerializer(serializers.ModelSerializer): + class Meta: + model = QuickEvaluationModel + fields = '__all__' \ No newline at end of file diff --git a/core/apps/evaluation/urls.py b/core/apps/evaluation/urls.py index 820352e..59e1718 100644 --- a/core/apps/evaluation/urls.py +++ b/core/apps/evaluation/urls.py @@ -37,6 +37,7 @@ urlpatterns = [ # Quick Evaluation path('quick-evaluation/', include( [ + path("admin/", views.AdminQuickEvalAPIView.as_view(), name="quick-evaluation"), path( 'archive/', include( [ @@ -51,6 +52,7 @@ urlpatterns = [ # Auto Evaluation path("auto-evaluation/", include( [ + path("admin/", views.AdminEvaluationsAPIView.as_view(), name="admin-evaluations"), path('archive/', include( [ path('/', views.AutoEvaluationArchiveAPIView.as_view()), diff --git a/core/apps/evaluation/views/auto.py b/core/apps/evaluation/views/auto.py index ca8445a..b2ed9fc 100644 --- a/core/apps/evaluation/views/auto.py +++ b/core/apps/evaluation/views/auto.py @@ -1,10 +1,9 @@ from django.db.models import Q from django.shortcuts import get_object_or_404 from django_core.mixins import BaseViewSetMixin - from django_filters.rest_framework import DjangoFilterBackend from drf_spectacular.utils import extend_schema, OpenApiParameter - +from rest_framework import generics from rest_framework.filters import OrderingFilter, SearchFilter from rest_framework.generics import GenericAPIView, ListAPIView from rest_framework.permissions import AllowAny, IsAuthenticated @@ -12,10 +11,12 @@ from rest_framework.response import Response from rest_framework.views import APIView from rest_framework.viewsets import ModelViewSet +from core.apps.accounts.choices import RoleChoice from core.apps.accounts.serializers.user import UserSerializer from core.apps.evaluation.filters.auto import AutoevaluationFilter from core.apps.evaluation.models import AutoEvaluationModel -from core.apps.evaluation.serializers import auto as serializers +from core.apps.evaluation.serializers import auto as serializers, AutoEvaluationModelSerializer + @extend_schema(tags=["AutoEvaluation"]) class AutoEvaluationView(BaseViewSetMixin, ModelViewSet): @@ -175,3 +176,16 @@ class AutoEvaluationArchiveAPIView(APIView): }, status=200 ) + +@extend_schema(tags=["AutoEvaluation"]) +class AdminEvaluationsAPIView(generics.GenericAPIView): + permission_classes = [IsAuthenticated] + + def get(self, request): + if request.user.role != RoleChoice.ADMIN: + return Response({'detail': 'Forbidden'}, status=403) + auto_eval = AutoEvaluationModel.objects.filter( + created_by=self.request.user + ).select_related('appraisers').distinct() + serializer = AutoEvaluationModelSerializer(auto_eval, many=True) + return Response(serializer.data) diff --git a/core/apps/evaluation/views/quick.py b/core/apps/evaluation/views/quick.py index 7716a1d..1cc2110 100644 --- a/core/apps/evaluation/views/quick.py +++ b/core/apps/evaluation/views/quick.py @@ -1,17 +1,13 @@ # django from django.shortcuts import get_object_or_404 - # django core from django_core.mixins import BaseViewSetMixin - # django filters from django_filters.rest_framework import DjangoFilterBackend - # swagger from drf_spectacular.utils import extend_schema - # rest framework -from rest_framework import status +from rest_framework import status, generics from rest_framework.filters import OrderingFilter, SearchFilter from rest_framework.generics import ListAPIView from rest_framework.parsers import FormParser, MultiPartParser @@ -20,10 +16,11 @@ from rest_framework.response import Response from rest_framework.views import APIView from rest_framework.viewsets import ModelViewSet +from core.apps.accounts.choices import RoleChoice # core apps from core.apps.evaluation.filters.quick import QuickevaluationFilter from core.apps.evaluation.models import QuickEvaluationModel -from core.apps.evaluation.serializers import quick as serializers +from core.apps.evaluation.serializers import quick as serializers, QuickEvaluationModelSerializer @extend_schema(tags=["QuickEvaluation"]) @@ -87,3 +84,18 @@ class QuickEvaluationArchivedListAPIView(ListAPIView): def get_queryset(self): return QuickEvaluationModel.objects.filter(is_archive=True) + + +@extend_schema(tags=["QuickEvaluation"]) +class AdminQuickEvalAPIView(generics.GenericAPIView): + permission_classes = [IsAuthenticated] + + def get(self, request): + if request.user.role != RoleChoice.ADMIN: + return Response({'detail': 'Forbidden'}, status=403) + quick_eval = QuickEvaluationModel.objects.filter( + created_by=self.request.user + ).select_related('created_by').distinct() + serializer = QuickEvaluationModelSerializer(quick_eval, many=True) + + return Response(serializer.data)