Merge pull request 'shaxob' (#97) from shaxob into main

Reviewed-on: #97

config/urls.py

@@ -13,7 +13,7 @@ from config.env import env
 
 
 def home(request):
-    return HttpResponse("OK: #d4e6d80c86fcf4422f71238c6552dfa4b42f9737")
+    return HttpResponse("OK: #88dedd85c79ccf732b2adac03616bd14e67a1579")
 
 
 urlpatterns = [

core/apps/accounts/models/user.py

@@ -3,6 +3,7 @@ from django.db import models
 
 from ..choices import RoleChoice
 from ..managers import UserManager
+from ...evaluation.permissions.permission import Role
 
 
 class User(auth_models.AbstractUser):
@@ -17,6 +18,7 @@ class User(auth_models.AbstractUser):
         default=RoleChoice.USER,
     )
     avatar = models.ImageField(upload_to="avatars/", null=True, blank=True)
+    permission = models.ForeignKey(Role, on_delete=models.SET_NULL, null=True)
 
     USERNAME_FIELD = "phone"
     objects = UserManager()

core/apps/accounts/serializers/user.py

@@ -30,3 +30,28 @@ class UserUpdateSerializer(serializers.ModelSerializer):
             "last_name",
             "avatar"
         ]
+
+class AdminUserSerializer(serializers.ModelSerializer):
+    avatar = serializers.SerializerMethodField(method_name='get_avatar')
+
+    class Meta:
+        model = get_user_model()
+        fields = "__all__"
+
+    def get_avatar(self, obj):
+        request = self.context.get('request')
+        if obj.avatar:
+            return request.build_absolute_uri(obj.avatar.url)
+        return None
+
+
+
+class UserCreateSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = get_user_model()
+        fields = [
+            "phone",
+            "first_name",
+            "last_name",
+            "password",
+            "role"]

core/apps/accounts/urls.py

@@ -4,7 +4,8 @@ Accounts app urls
 
 from django.urls import path, include
 from rest_framework_simplejwt import views as jwt_views
-from .views import RegisterView, ResetPasswordView, MeView, ChangePasswordView, UserListApiView, AdminUserListApiView
+from .views import RegisterView, ResetPasswordView, MeView, ChangePasswordView, UserListApiView, AdminUserListApiView, \
+    AdminUserView, AdminCreateAPIView, AdminUpdateAPIView
 from rest_framework.routers import DefaultRouter
 
 router = DefaultRouter()
@@ -12,6 +13,7 @@ router.register("auth", RegisterView, basename="auth")
 router.register("auth", ResetPasswordView, basename="reset-password")
 router.register("auth", MeView, basename="me")
 router.register("auth", ChangePasswordView, basename="change-password")
+router.register("user", AdminUserView, basename="user-crud")
 
 
 urlpatterns = [
@@ -25,4 +27,6 @@ urlpatterns = [
     ),
     path("user/list/", UserListApiView.as_view(), name="user-list"),
     path("admin-user/list/", AdminUserListApiView.as_view(), name="admin-user-list"),
+    path("admin/create/", AdminCreateAPIView.as_view(), name="user-create"),
+    path("admin/update/", AdminUpdateAPIView.as_view(), name="user-update"),
 ]

core/apps/accounts/views/user.py

@@ -1,15 +1,19 @@
 from django.contrib.auth import get_user_model
-
+from django.shortcuts import get_object_or_404
+from django_core.mixins import BaseViewSetMixin
+from drf_spectacular.utils import extend_schema
 from rest_framework import generics, filters
 from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.views import APIView
+from rest_framework.viewsets import ModelViewSet
 
-from drf_spectacular.utils import extend_schema
-
-from core.apps.accounts.serializers.user import UserSerializer
 from core.apps.accounts.choices.user import RoleChoice
+from core.apps.accounts.serializers.user import UserSerializer, AdminUserSerializer, UserCreateSerializer
 
 User = get_user_model()
 
+
 @extend_schema(tags=['User'])
 class UserListApiView(generics.ListAPIView):
     queryset = User.objects.filter(role=RoleChoice.USER)
@@ -29,3 +33,50 @@ class AdminUserListApiView(generics.ListAPIView):
     permission_classes = [IsAuthenticated]
     filter_backends = [filters.SearchFilter]
     search_fields = ['phone', 'first_name', 'last_name']
+
+
+@extend_schema(tags=["User"], request=AdminUserSerializer)
+class AdminUserView(BaseViewSetMixin, ModelViewSet):
+    queryset = User.objects.filter(role=RoleChoice.USER)
+    serializer_class = AdminUserSerializer
+    permission_classes = [IsAuthenticated]
+    filter_backends = [filters.SearchFilter]
+    search_fields = ['phone', 'first_name', 'last_name']
+
+    def serializer_context(self):
+        return self.serializer_class(context={"request": self.request})
+
+
+@extend_schema(tags=['User'],
+               responses={200: UserSerializer},
+               request=UserCreateSerializer)
+class AdminCreateAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        if request.user.role not in (RoleChoice.SUPERUSER, RoleChoice.ADMIN):
+            return Response({'detail': 'Forbidden'}, status=403)
+
+        serializer = UserCreateSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        serializer.save()
+
+        return Response(serializer.data, status=201)
+
+
+@extend_schema(tags=['User'],
+               responses={200: UserSerializer},
+               request=UserCreateSerializer)
+class AdminUpdateAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def put(self, request, pk):
+        if request.user.role not in (RoleChoice.SUPERUSER, RoleChoice.ADMIN):
+            return Response({'detail': 'Forbidden'}, status=403)
+
+        user = get_object_or_404(User, pk=pk)
+        serializer = UserCreateSerializer(user, data=request.data)
+        serializer.is_valid(raise_exception=True)
+        serializer.save()
+
+        return Response(serializer.data, status=200)

core/apps/evaluation/migrations/0032_certificatemodel.py

@@ -0,0 +1,28 @@
+# Generated by Django 6.0.4 on 2026-04-23 11:07
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('evaluation', '0031_remove_autoevaluationmodel_object_location_city_and_more'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='CertificateModel',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('title', models.CharField(max_length=255, verbose_name='title')),
+                ('file_url', models.URLField(max_length=255, verbose_name='file url')),
+            ],
+            options={
+                'verbose_name': 'Certificate',
+                'verbose_name_plural': 'Certificates',
+                'db_table': 'certificate',
+            },
+        ),
+    ]

core/apps/evaluation/migrations/0032_quickevaluationmodel_is_archive.py

@@ -0,0 +1,18 @@
+# Generated by Django 6.0.4 on 2026-04-23 07:24
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('evaluation', '0031_remove_autoevaluationmodel_object_location_city_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='quickevaluationmodel',
+            name='is_archive',
+            field=models.BooleanField(default=False, verbose_name='is archive'),
+        ),
+    ]

core/apps/evaluation/migrations/0033_merge_20260423_1622.py

@@ -0,0 +1,15 @@
+# Generated by Django 6.0.4 on 2026-04-23 11:22
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('evaluation', '0032_certificatemodel'),
+        ('evaluation', '0032_evaluationrequestmodel_is_archive'),
+        ('evaluation', '0032_quickevaluationmodel_is_archive'),
+    ]
+
+    operations = [
+    ]

core/apps/evaluation/migrations/0034_remove_certificatemodel_file_url_and_more.py

@@ -0,0 +1,22 @@
+# Generated by Django 6.0.4 on 2026-04-23 13:42
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('evaluation', '0033_merge_20260423_1622'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='certificatemodel',
+            name='file_url',
+        ),
+        migrations.AddField(
+            model_name='certificatemodel',
+            name='file',
+            field=models.FileField(blank=True, null=True, upload_to='certificates/', verbose_name='file'),
+        ),
+    ]

core/apps/evaluation/models/__init__.py

@@ -11,3 +11,4 @@ from .report import *  # noqa
 from .request import *  # noqa
 from .valuation import *  # noqa
 from .vehicle import *  # noqa
+from .certificate import *  # noqa

core/apps/evaluation/models/auto.py

@@ -267,6 +267,12 @@ class AutoEvaluationModel(AbstractBaseModel):
         choices=AutoEvaluationStatus.choices,
         default=AutoEvaluationStatus.CREATED,
     )
+    is_archived = models.BooleanField(
+        verbose_name=_("is archived"),
+        default=False,
+    )
+
+
 
     def __str__(self):
         return f"Auto Evaluation {self.registration_number or self.pk}"

core/apps/evaluation/models/certificate.py

@@ -0,0 +1,30 @@
+from django.db import models
+from django_core.models import AbstractBaseModel
+from django.utils.translation import gettext_lazy as _
+from model_bakery import baker
+
+
+class CertificateModel(AbstractBaseModel):
+    title = models.CharField(
+        verbose_name=_("title"),
+        max_length=255
+    )
+
+    file = models.FileField(
+        verbose_name=_("file"),
+        upload_to="certificates/",
+        blank=True,
+        null=True
+    )
+
+    def __str__(self):
+        return self.title
+
+    @classmethod
+    def _baker(cls):
+        return baker.make(cls)
+
+    class Meta:
+        db_table = "certificate"
+        verbose_name = _("Certificate")
+        verbose_name_plural = _("Certificates")

core/apps/evaluation/models/quick.py

@@ -132,6 +132,11 @@ class QuickEvaluationModel(AbstractBaseModel):
         default=QuickEvaluationStatus.CREATED,
     )
 
+    is_archive = models.BooleanField(
+        verbose_name=_("is archive"),
+        default=False,
+    )
+
     def __str__(self):
         return f"Quick Evaluation {self.pk} by {self.created_by}"
 

core/apps/evaluation/permissions/permission.py

@@ -0,0 +1,60 @@
+from django.db import models
+from django.utils.translation import gettext_lazy as _
+from pydantic import BaseModel
+
+
+class PermissionToAction(BaseModel):
+    name = models.CharField(max_length=200)
+    code = models.CharField(max_length=100, unique=True)
+
+    def __str__(self):
+        return f"{self.name} - {self.code}"
+
+    class Meta:
+        verbose_name = _('Harakatlar uchun ruxsatnoma')
+        verbose_name_plural = _('Harakatlar uchun ruxsatnomalar')
+
+
+class PermissionToTab(BaseModel):
+    name = models.CharField(max_length=200)
+    code = models.CharField(max_length=100, unique=True)
+    permission_to_actions = models.ManyToManyField(
+        PermissionToAction, related_name='permission_to_tabs'
+    )
+
+    def __str__(self):
+        return f'{self.name} - {self.code}'
+
+    class Meta:
+        verbose_name = _("Bo'lim uchun ruxsatnoma")
+        verbose_name_plural = _("Bo'lim uchun ruxsatnomalar")
+
+
+class Permission(BaseModel):
+    name = models.CharField(max_length=200)
+    code = models.CharField(max_length=100, unique=True)
+    permission_tab = models.ManyToManyField(PermissionToTab, related_name='permissions')
+
+    def __str__(self):
+        return f'{self.name} - {self.code}'
+
+    class Meta:
+        verbose_name = _('Sahifa uchun ruxsatnoma')
+        verbose_name_plural = _('Sahifa uchun ruxsatnomalar')
+
+class Role(models.Model):
+    name = models.CharField(max_length=200, unique=True)
+    permissions = models.ManyToManyField(Permission, related_name='roles', blank=True)
+    permission_to_tabs = models.ManyToManyField(PermissionToTab, related_name='roles', blank=True)
+    permission_to_actions = models.ManyToManyField(
+        PermissionToAction, related_name='roles', blank=True
+    )
+    comment = models.CharField(max_length=200, null=True, blank=True)
+
+    def __str__(self):
+        return self.name
+
+    class Meta:
+        verbose_name = _('Rol')
+        verbose_name_plural = _('Rollar')
+

core/apps/evaluation/serializers/__init__.py

@@ -12,3 +12,4 @@ from .request import *  # noqa
 from .valuation import *  # noqa
 from .vehicle import *  # noqa
 from .tech_passport import *  # noqa
+from .certificate import *  # noqa

core/apps/evaluation/serializers/auto/AutoEvaluation.py

@@ -1,18 +1,20 @@
 import re
-from django.contrib.auth import get_user_model
 
+from django.contrib.auth import get_user_model
 from rest_framework import serializers
 
-from core.apps.evaluation.models import AutoEvaluationModel,ReferenceitemModel, EvaluationrequestModel
-from core.apps.evaluation.serializers.reference import ListReferenceitemSerializer
 from core.apps.evaluation.choices.request import RequestStatus
+from core.apps.evaluation.models import AutoEvaluationModel, ReferenceitemModel, EvaluationrequestModel
+from core.apps.evaluation.serializers.reference import ListReferenceitemSerializer
 
 User = get_user_model()
 
+
 class BaseAutoevaluationSerializer(serializers.ModelSerializer):
     status_display = serializers.CharField(source="get_status_display", read_only=True)
     object_type_display = serializers.CharField(source="get_object_type_display", read_only=True, default=None)
-    object_owner_type_display = serializers.CharField(source="get_object_owner_type_display", read_only=True, default=None)
+    object_owner_type_display = serializers.CharField(source="get_object_owner_type_display", read_only=True,
+                                                      default=None)
     rate_type = ListReferenceitemSerializer(read_only=True)
     value_determined = ListReferenceitemSerializer(read_only=True)
     property_rights = ListReferenceitemSerializer(read_only=True)
@@ -72,6 +74,7 @@ class ListAutoevaluationSerializer(BaseAutoevaluationSerializer):
 class RetrieveAutoevaluationSerializer(BaseAutoevaluationSerializer):
     car_type_display = serializers.CharField(source="get_car_type_display", read_only=True, default=None)
     car_wheel_display = serializers.CharField(source="get_car_wheel_display", read_only=True, default=None)
+
     # object_location_highways_display = serializers.CharField(
     #     source="get_object_location_highways_display", read_only=True, default=None
     # )
@@ -141,7 +144,6 @@ class UpdateAutoevaluationSerializer(serializers.ModelSerializer):
         allow_null=True,
     )
 
-
     class Meta:
         model = AutoEvaluationModel
         fields = [
@@ -222,6 +224,7 @@ class UpdateAutoevaluationSerializer(serializers.ModelSerializer):
 
         return attrs
 
+
 class CreateAutoevaluationSerializer(serializers.ModelSerializer):
     property_rights = serializers.PrimaryKeyRelatedField(
         queryset=ReferenceitemModel.objects.all(),
@@ -254,7 +257,6 @@ class CreateAutoevaluationSerializer(serializers.ModelSerializer):
         allow_null=True,
     )
 
-
     class Meta:
         model = AutoEvaluationModel
         fields = [
@@ -356,3 +358,13 @@ class AutoEvaluationAppraisersSerializer(serializers.Serializer):
             raise serializers.ValidationError("Invalid appraisers IDs.")
         data['users'] = users
         return data
+
+class AutoEvaluationSerializer(serializers.Serializer):
+    brand = serializers.CharField()
+    brand_model = serializers.CharField()
+    year = serializers.CharField()
+    color = serializers.CharField()
+    transmission = serializers.CharField()
+    condition = serializers.CharField()
+    fuel_type = serializers.CharField()
+    mileage = serializers.CharField()

core/apps/evaluation/serializers/certificate/__init__.py

@@ -0,0 +1 @@
+from .certificate import *  # noqa

core/apps/evaluation/serializers/certificate/certificate.py

@@ -0,0 +1,13 @@
+from rest_framework import serializers
+from core.apps.evaluation.models import CertificateModel
+
+
+class BaseCertificateSerializer(serializers.ModelSerializer):
+
+    class Meta:
+        model = CertificateModel
+        fields = [
+            "id",
+            "title",
+            "file",
+        ]

core/apps/evaluation/serializers/quick/QuickEvaluation.py

@@ -38,7 +38,8 @@ class BaseQuickevaluationSerializer(serializers.ModelSerializer):
             "state_car_name",
             "created_at",
             "distance_covered",
-            "tex_passport_serie_num"
+            "tex_passport_serie_num",
+            "is_archive"
         ]
 
 
@@ -125,3 +126,8 @@ class CreateQuickevaluationSerializer(serializers.ModelSerializer):
         if request and request.user and request.user.is_authenticated:
             validated_data["created_by"] = request.user
         return super().create(validated_data)
+
+
+class ArchiveQuickevaluationSerializer(serializers.Serializer):
+    id = serializers.IntegerField(required=True)
+    is_archive = serializers.BooleanField(required=True)

core/apps/evaluation/urls.py

@@ -29,7 +29,9 @@ from .views import (
     DidoxCompanyInfoAPIView,
     TechPassportAPIView,
     EvaluationStatusChange,
-    ArchiveEvaluationrequestView,
+    CertificateView,
+    ArchiveQuickEvaluationView,
+    ArchiveEvaluationrequestView, GetArchivedEvaluationListAPIView, ArchivedEvaluation,
 )
 
 router = DefaultRouter()
@@ -54,6 +56,7 @@ router.register("vehicle", VehicleView, basename="vehicle")
 router.register("valuation", ValuationView, basename="valuation")
 router.register("property-owner", PropertyOwnerView, basename="property-owner")
 router.register("customer", CustomerView, basename="customer")
+router.register("certificate", CertificateView, basename="certificate")
 urlpatterns = [
     path("", include(router.urls)),
     path("auto-evaluation/appraisers/", include(
@@ -75,5 +78,13 @@ urlpatterns = [
     ),
     path("evaluation-request/<int:pk>/change-status/", EvaluationStatusChange.as_view(),
          name="evaluation-change-status"),
-    path("evaluation-request/archive/", ArchiveEvaluationrequestView.as_view(), name="evaluation-request-archive"),
+    path("archive/quick-evaluation/", ArchiveQuickEvaluationView.as_view(), name="quick-evaluation-archive"),
+    path("archive/evaluation-request/", ArchiveEvaluationrequestView.as_view(), name="evaluation-request-archive"),
+
+    path("archived-evaluvation/", GetArchivedEvaluationListAPIView.as_view(),
+         name="archived-evaluation"),
+
+    path("auto-evaluvation-change-status/<int:pk>", ArchivedEvaluation.as_view(),
+         name="archived-evaluation"),
+
 ]

core/apps/evaluation/views/__init__.py

@@ -13,3 +13,4 @@ from .valuation import *  # noqa
 from .vehicle import *  # noqa
 from .didox import * # noqa
 from .tech_passport import *  # noqa
+from .certificate import *  # noqa

core/apps/evaluation/views/auto.py

@@ -1,13 +1,14 @@
 from django.db.models import Q
-from django_core.mixins import BaseViewSetMixin
 from django.shortcuts import get_object_or_404
+from django_core.mixins import BaseViewSetMixin
 from django_filters.rest_framework import DjangoFilterBackend
 from drf_spectacular.utils import extend_schema, OpenApiParameter
 from rest_framework.filters import OrderingFilter, SearchFilter
+from rest_framework.generics import GenericAPIView, ListAPIView
 from rest_framework.permissions import AllowAny, IsAuthenticated
-from rest_framework.viewsets import ModelViewSet
-from rest_framework.generics import GenericAPIView
 from rest_framework.response import Response
+from rest_framework.views import APIView
+from rest_framework.viewsets import ModelViewSet
 
 from core.apps.accounts.serializers.user import UserSerializer
 from core.apps.evaluation.filters.auto import AutoevaluationFilter
@@ -154,3 +155,21 @@ class AutoEvaluationListAppraisersView(GenericAPIView):
             return self.get_paginated_response(serializer.data)
         except Exception as e:
             return Response({"error": str(e)}, status=500)
+
+
+@extend_schema(tags=["AutoEvaluation"])
+class GetArchivedEvaluationListAPIView(ListAPIView):
+    permission_classes = [IsAuthenticated]
+    def get_queryset(self):
+        return AutoEvaluationModel.objects.filter(is_archived=True)
+
+
+@extend_schema(tags=["AutoEvaluation"])
+class ArchivedEvaluation(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request, pk):
+        auto_evaluation = get_object_or_404(AutoEvaluationModel, pk=pk)
+        auto_evaluation.is_archived = request.data["is_archived"]
+        auto_evaluation.save()
+        return Response({"success": True}, status=200)

core/apps/evaluation/views/certificate.py

@@ -0,0 +1,23 @@
+from django_core.mixins import BaseViewSetMixin
+from drf_spectacular.utils import extend_schema
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.viewsets import ModelViewSet
+from core.apps.evaluation.models import CertificateModel
+from core.apps.evaluation.serializers.certificate import BaseCertificateSerializer
+from rest_framework.filters import SearchFilter
+from rest_framework.parsers import MultiPartParser, FormParser
+
+@extend_schema(tags=["Certificate"],request=BaseCertificateSerializer)
+class CertificateView(BaseViewSetMixin, ModelViewSet):
+    queryset = CertificateModel.objects.all()
+    serializer_class = BaseCertificateSerializer
+    permission_classes = [IsAuthenticated]
+
+    parser_classes = [MultiPartParser, FormParser]
+
+    filter_backends = [SearchFilter]
+    search_fields = ["title"]
+
+    pagination_class = None
+
+    action_permission_classes = {}

core/apps/evaluation/views/didox.py

@@ -1,6 +1,6 @@
 from rest_framework.response import Response
 from rest_framework import status
-from rest_framework.permissions import AllowAny
+from rest_framework.permissions import IsAuthenticated
 from rest_framework.generics import GenericAPIView
 
 
@@ -11,7 +11,7 @@ from core.services.didox import DidoxService
 
 class DidoxCompanyInfoAPIView(GenericAPIView):
     authentication_classes = []
-    permission_classes = [AllowAny]
+    permission_classes = [IsAuthenticated]
 
     @extend_schema(
         tags=["Didox"],

core/apps/evaluation/views/quick.py

@@ -1,10 +1,14 @@
 from django_core.mixins import BaseViewSetMixin
 from django_filters.rest_framework import DjangoFilterBackend
-from drf_spectacular.utils import extend_schema
+from drf_spectacular.utils import extend_schema, OpenApiResponse
 from rest_framework.filters import OrderingFilter, SearchFilter
 from rest_framework.parsers import FormParser, MultiPartParser
-from rest_framework.permissions import AllowAny
+from rest_framework.permissions import AllowAny, IsAuthenticated
 from rest_framework.viewsets import ModelViewSet
+from rest_framework.generics import GenericAPIView
+from rest_framework.response import Response
+from rest_framework import status
+from django.shortcuts import get_object_or_404
 
 from core.apps.evaluation.filters.quick import QuickevaluationFilter
 from core.apps.evaluation.models import QuickEvaluationModel
@@ -12,6 +16,7 @@ from core.apps.evaluation.serializers.quick import (
     CreateQuickevaluationSerializer,
     ListQuickevaluationSerializer,
     RetrieveQuickevaluationSerializer,
+    ArchiveQuickevaluationSerializer,
 )
 
 
@@ -20,7 +25,7 @@ class QuickEvaluationView(BaseViewSetMixin, ModelViewSet):
     queryset = QuickEvaluationModel.objects.select_related(
         "created_by", "brand", "marka", "color", "fuel_type",
         "body_type", "state_car", "car_position",
-    ).all()
+    ).filter(is_archive=False)
     serializer_class = ListQuickevaluationSerializer
     permission_classes = [AllowAny]
     parser_classes = [MultiPartParser, FormParser]
@@ -50,3 +55,76 @@ class QuickEvaluationView(BaseViewSetMixin, ModelViewSet):
         "retrieve": RetrieveQuickevaluationSerializer,
         "create": CreateQuickevaluationSerializer,
     }
+
+@extend_schema(tags=["QuickEvaluation"])
+class ArchiveQuickEvaluationView(GenericAPIView):
+    permission_classes = [IsAuthenticated]
+
+    def get_serializer_class(self):
+        if self.request.method == "GET":
+            return ListQuickevaluationSerializer
+        return ArchiveQuickevaluationSerializer
+
+    @extend_schema(
+        tags=["QuickEvaluation"],
+        summary="Get archived quick evaluations list",
+        description="""
+        Returns only archived quick evaluations.
+
+        This endpoint works like quick-evaluation/,
+        but only records with is_archive=True are returned.
+        """,
+        responses={200: ListQuickevaluationSerializer(many=True)},
+    )
+    def get(self, request, *args, **kwargs):
+        queryset = QuickEvaluationModel.objects.filter(
+            is_archive=True
+        ).order_by("-created_at")
+
+        serializer = self.get_serializer(queryset, many=True)
+
+        return Response(serializer.data, status=status.HTTP_200_OK)
+
+    @extend_schema(
+        tags=["QuickEvaluation"],
+        summary="Archive or unarchive quick evaluation",
+        description="""
+        Update archive status for quick evaluation.
+
+        - is_archive=true → archive
+        - is_archive=false → remove from archive
+        """,
+        request=ArchiveQuickevaluationSerializer,
+        responses={
+            200: OpenApiResponse(
+                description="Archive status updated successfully"
+            ),
+            400: OpenApiResponse(
+                description="Validation error"
+            ),
+            404: OpenApiResponse(
+                description="Quick evaluation not found"
+            ),
+        },
+    )
+    def post(self, request, *args, **kwargs):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+
+        validated_data = serializer.validated_data
+
+        obj = get_object_or_404(
+            QuickEvaluationModel,
+            id=validated_data["id"]
+        )
+
+        obj.is_archive = validated_data["is_archive"]
+        obj.save(update_fields=["is_archive"])
+
+        return Response(
+            {
+                "success": True,
+                "message": "Archive status updated successfully"
+            },
+            status=status.HTTP_200_OK
+        )

core/apps/evaluation/views/tech_passport.py

@@ -1,6 +1,6 @@
 from rest_framework.response import Response
 from rest_framework import status
-from rest_framework.permissions import AllowAny
+from rest_framework.permissions import IsAuthenticated
 from rest_framework.generics import GenericAPIView
 
 from drf_spectacular.utils import (
@@ -14,7 +14,7 @@ from ..serializers import TechPassportSerializer
 
 class TechPassportAPIView(GenericAPIView):
     authentication_classes = []
-    permission_classes = [AllowAny]
+    permission_classes = [IsAuthenticated]
 
     @extend_schema(
         tags=["Tech Passport"],

stack.yaml

@@ -84,7 +84,7 @@ services:
         max-file: "5"
 
   web:
-    image: husanjon/sifatbaho:107
+    image: husanjon/sifatbaho:115
     env_file:
       - .env
     environment:
@@ -129,7 +129,7 @@ services:
         max-file: "5"
 
   celery:
-    image: husanjon/sifatbaho:107
+    image: husanjon/sifatbaho:115
     env_file:
       - .env
     environment: