UPDATE

.github/workflows/deploy.yaml

@@ -153,7 +153,7 @@ jobs:
             update_env \
               "DB_HOST=postgres" \
               "DB_NAME=sifatbahodb" \
-              "DB_PORT=5432" \
+              "DB_PORT=5432"
-              "DIDOX_TOKEN=${{ secrets.DIDOX_TOKEN }}"
+
             export PORT=8085
             docker stack deploy -c stack.yaml ${{ env.PROJECT_NAME }} --with-registry-auth

config/urls.py

@@ -13,7 +13,7 @@ from config.env import env
 
 
 def home(request):
-    return HttpResponse("OK: #d4e6d80c86fcf4422f71238c6552dfa4b42f9737")
+    return HttpResponse("OK: #46c96214578b78c1fe731f9a2ceb4429b81d4da9")
 
 
 urlpatterns = [

core/apps/accounts/models/user.py

@@ -3,6 +3,7 @@ from django.db import models
 
 from ..choices import RoleChoice
 from ..managers import UserManager
+from ...evaluation.permissions.permission import Role
 
 
 class User(auth_models.AbstractUser):
@@ -17,6 +18,7 @@ class User(auth_models.AbstractUser):
         default=RoleChoice.USER,
     )
     avatar = models.ImageField(upload_to="avatars/", null=True, blank=True)
+    permission = models.ForeignKey(Role, on_delete=models.SET_NULL, null=True)
 
     USERNAME_FIELD = "phone"
     objects = UserManager()

core/apps/accounts/serializers/user.py

@@ -30,3 +30,13 @@ class UserUpdateSerializer(serializers.ModelSerializer):
             "last_name",
             "avatar"
         ]
+class UserCreateSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = get_user_model()
+        fields = [
+            "phone",
+            "first_name",
+            "last_name",
+            "password",
+            "role"
+        ]

core/apps/accounts/urls.py

@@ -4,7 +4,8 @@ Accounts app urls
 
 from django.urls import path, include
 from rest_framework_simplejwt import views as jwt_views
-from .views import RegisterView, ResetPasswordView, MeView, ChangePasswordView, UserListApiView, AdminUserListApiView
+from .views import RegisterView, ResetPasswordView, MeView, ChangePasswordView, UserListApiView, AdminUserListApiView, \
+    AdminUpdateAPIView, AdminCreateAPIView
 from rest_framework.routers import DefaultRouter
 
 router = DefaultRouter()
@@ -25,4 +26,6 @@ urlpatterns = [
     ),
     path("user/list/", UserListApiView.as_view(), name="user-list"),
     path("admin-user/list/", AdminUserListApiView.as_view(), name="admin-user-list"),
+    path("admin/create/", AdminCreateAPIView.as_view(), name="user-create"),
+    path("admin/update/", AdminUpdateAPIView.as_view(), name="user-update"),
 ]

core/apps/accounts/views/user.py

@@ -1,15 +1,17 @@
 from django.contrib.auth import get_user_model
-
+from django.shortcuts import get_object_or_404
+from drf_spectacular.utils import extend_schema
 from rest_framework import generics, filters
 from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.views import APIView
 
-from drf_spectacular.utils import extend_schema
-
-from core.apps.accounts.serializers.user import UserSerializer
 from core.apps.accounts.choices.user import RoleChoice
+from core.apps.accounts.serializers.user import UserSerializer, UserCreateSerializer
 
 User = get_user_model()
 
+
 @extend_schema(tags=['User'])
 class UserListApiView(generics.ListAPIView):
     queryset = User.objects.filter(role=RoleChoice.USER)
@@ -29,3 +31,40 @@ class AdminUserListApiView(generics.ListAPIView):
     permission_classes = [IsAuthenticated]
     filter_backends = [filters.SearchFilter]
     search_fields = ['phone', 'first_name', 'last_name']
+
+
+@extend_schema(tags=['User'],
+               responses={200: UserSerializer},
+               request=UserCreateSerializer)
+class AdminCreateAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        if request.user.role not in (RoleChoice.SUPERUSER, RoleChoice.ADMIN):
+            return Response({'detail': 'Forbidden'}, status=403)
+
+        serializer = UserCreateSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        serializer.save()
+
+        return Response(serializer.data, status=201)
+
+@extend_schema(tags=['User'],
+               responses={200: UserSerializer},
+               request=UserCreateSerializer)
+
+class AdminUpdateAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def put(self, request, pk):
+        if request.user.role not in (RoleChoice.SUPERUSER, RoleChoice.ADMIN):
+            return Response({'detail': 'Forbidden'}, status=403)
+
+        user = get_object_or_404(User, pk=pk)
+        serializer = UserCreateSerializer(user, data=request.data)
+        serializer.is_valid(raise_exception=True)
+        serializer.save()
+
+        return Response(serializer.data, status=200)
+
+

core/apps/evaluation/migrations/0032_evaluationrequestmodel_is_archive.py

@@ -1,18 +0,0 @@
-# Generated by Django 6.0.4 on 2026-04-23 07:22
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('evaluation', '0031_remove_autoevaluationmodel_object_location_city_and_more'),
-    ]
-
-    operations = [
-        migrations.AddField(
-            model_name='evaluationrequestmodel',
-            name='is_archive',
-            field=models.BooleanField(default=False, verbose_name='is archive'),
-        ),
-    ]

core/apps/evaluation/models/auto.py

@@ -267,6 +267,12 @@ class AutoEvaluationModel(AbstractBaseModel):
         choices=AutoEvaluationStatus.choices,
         default=AutoEvaluationStatus.CREATED,
     )
+    is_archived = models.BooleanField(
+        verbose_name=_("is archived"),
+        default=False,
+    )
+
+
 
     def __str__(self):
         return f"Auto Evaluation {self.registration_number or self.pk}"

core/apps/evaluation/models/request.py

@@ -118,10 +118,6 @@ class EvaluationrequestModel(AbstractBaseModel):
         choices=RequestStatus.choices,
         default=RequestStatus.PENDING,
     )
-    is_archive = models.BooleanField(
-        verbose_name=_("is archive"),
-        default=False,
-    )
     def __str__(self):
         return f"Requests #{self.pk} — {self.get_rate_type_display()}"
 

core/apps/evaluation/permissions/permission.py

@@ -0,0 +1,60 @@
+from django.db import models
+from django.utils.translation import gettext_lazy as _
+from pydantic import BaseModel
+
+
+class PermissionToAction(BaseModel):
+    name = models.CharField(max_length=200)
+    code = models.CharField(max_length=100, unique=True)
+
+    def __str__(self):
+        return f"{self.name} - {self.code}"
+
+    class Meta:
+        verbose_name = _('Harakatlar uchun ruxsatnoma')
+        verbose_name_plural = _('Harakatlar uchun ruxsatnomalar')
+
+
+class PermissionToTab(BaseModel):
+    name = models.CharField(max_length=200)
+    code = models.CharField(max_length=100, unique=True)
+    permission_to_actions = models.ManyToManyField(
+        PermissionToAction, related_name='permission_to_tabs'
+    )
+
+    def __str__(self):
+        return f'{self.name} - {self.code}'
+
+    class Meta:
+        verbose_name = _("Bo'lim uchun ruxsatnoma")
+        verbose_name_plural = _("Bo'lim uchun ruxsatnomalar")
+
+
+class Permission(BaseModel):
+    name = models.CharField(max_length=200)
+    code = models.CharField(max_length=100, unique=True)
+    permission_tab = models.ManyToManyField(PermissionToTab, related_name='permissions')
+
+    def __str__(self):
+        return f'{self.name} - {self.code}'
+
+    class Meta:
+        verbose_name = _('Sahifa uchun ruxsatnoma')
+        verbose_name_plural = _('Sahifa uchun ruxsatnomalar')
+
+class Role(models.Model):
+    name = models.CharField(max_length=200, unique=True)
+    permissions = models.ManyToManyField(Permission, related_name='roles', blank=True)
+    permission_to_tabs = models.ManyToManyField(PermissionToTab, related_name='roles', blank=True)
+    permission_to_actions = models.ManyToManyField(
+        PermissionToAction, related_name='roles', blank=True
+    )
+    comment = models.CharField(max_length=200, null=True, blank=True)
+
+    def __str__(self):
+        return self.name
+
+    class Meta:
+        verbose_name = _('Rol')
+        verbose_name_plural = _('Rollar')
+

core/apps/evaluation/serializers/auto/AutoEvaluation.py

@@ -1,18 +1,20 @@
 import re
-from django.contrib.auth import get_user_model
 
+from django.contrib.auth import get_user_model
 from rest_framework import serializers
 
+from core.apps.evaluation.choices.request import RequestStatus
 from core.apps.evaluation.models import AutoEvaluationModel, ReferenceitemModel, EvaluationrequestModel
 from core.apps.evaluation.serializers.reference import ListReferenceitemSerializer
-from core.apps.evaluation.choices.request import RequestStatus
 
 User = get_user_model()
 
+
 class BaseAutoevaluationSerializer(serializers.ModelSerializer):
     status_display = serializers.CharField(source="get_status_display", read_only=True)
     object_type_display = serializers.CharField(source="get_object_type_display", read_only=True, default=None)
-    object_owner_type_display = serializers.CharField(source="get_object_owner_type_display", read_only=True, default=None)
+    object_owner_type_display = serializers.CharField(source="get_object_owner_type_display", read_only=True,
+                                                      default=None)
     rate_type = ListReferenceitemSerializer(read_only=True)
     value_determined = ListReferenceitemSerializer(read_only=True)
     property_rights = ListReferenceitemSerializer(read_only=True)
@@ -72,6 +74,7 @@ class ListAutoevaluationSerializer(BaseAutoevaluationSerializer):
 class RetrieveAutoevaluationSerializer(BaseAutoevaluationSerializer):
     car_type_display = serializers.CharField(source="get_car_type_display", read_only=True, default=None)
     car_wheel_display = serializers.CharField(source="get_car_wheel_display", read_only=True, default=None)
+
     # object_location_highways_display = serializers.CharField(
     #     source="get_object_location_highways_display", read_only=True, default=None
     # )
@@ -141,7 +144,6 @@ class UpdateAutoevaluationSerializer(serializers.ModelSerializer):
         allow_null=True,
     )
 
-
     class Meta:
         model = AutoEvaluationModel
         fields = [
@@ -222,6 +224,7 @@ class UpdateAutoevaluationSerializer(serializers.ModelSerializer):
 
         return attrs
 
+
 class CreateAutoevaluationSerializer(serializers.ModelSerializer):
     property_rights = serializers.PrimaryKeyRelatedField(
         queryset=ReferenceitemModel.objects.all(),
@@ -254,7 +257,6 @@ class CreateAutoevaluationSerializer(serializers.ModelSerializer):
         allow_null=True,
     )
 
-
     class Meta:
         model = AutoEvaluationModel
         fields = [
@@ -356,3 +358,13 @@ class AutoEvaluationAppraisersSerializer(serializers.Serializer):
             raise serializers.ValidationError("Invalid appraisers IDs.")
         data['users'] = users
         return data
+
+class AutoEvaluationSerializer(serializers.Serializer):
+    brand = serializers.CharField()
+    brand_model = serializers.CharField()
+    year = serializers.CharField()
+    color = serializers.CharField()
+    transmission = serializers.CharField()
+    condition = serializers.CharField()
+    fuel_type = serializers.CharField()
+    mileage = serializers.CharField()

core/apps/evaluation/serializers/request/EvaluationRequest.py

@@ -55,7 +55,6 @@ class BaseEvaluationrequestSerializer(serializers.ModelSerializer):
             "user",
             "created_at",
             "updated_at",
-            "is_archive",
         ]
 
     def get_location(self, obj):
@@ -184,7 +183,3 @@ class CreateEvaluationrequestSerializer(serializers.ModelSerializer):
             validated_data["location_name"] = str(location_name)
         validated_data["user"] = self.context["request"].user
         return super().create(validated_data)
-
-class ArchiveEvaluationrequestSerializer(serializers.Serializer):
-    id = serializers.IntegerField(required=True)
-    is_archive = serializers.BooleanField(required=True)

core/apps/evaluation/urls.py

@@ -29,7 +29,7 @@ from .views import (
     DidoxCompanyInfoAPIView,
     TechPassportAPIView,
     EvaluationStatusChange,
-    ArchiveEvaluationrequestView,
+    GetArchivedEvaluationListAPIView
 )
 
 router = DefaultRouter()
@@ -60,7 +60,8 @@ urlpatterns = [
         [
             path("<int:id>/list/", AutoEvaluationListAppraisersView.as_view(), name="auto-evaluation-list-appraisers"),
             path("<int:id>/set/", AutoEvaluationSetAppraisersView.as_view(), name="auto-evaluation-set-appraisers"),
-            path("<int:id>/remove/", AutoEvaluationRemoveAppraisersView.as_view(), name="auto-evaluation-remove-appraisers"),
+            path("<int:id>/remove/", AutoEvaluationRemoveAppraisersView.as_view(),
+                 name="auto-evaluation-remove-appraisers"),
         ]
     )),
     path(
@@ -75,5 +76,10 @@ urlpatterns = [
     ),
     path("evaluation-request/<int:pk>/change-status/", EvaluationStatusChange.as_view(),
          name="evaluation-change-status"),
-    path("evaluation-request/archive/", ArchiveEvaluationrequestView.as_view(), name="evaluation-request-archive"),
+
+    path("archived-evaluvation/", GetArchivedEvaluationListAPIView.as_view(),
+         name="archived-evaluation"),
+
+    path("auto-evaluvation-change-status/<int:pk>", GetArchivedEvaluationListAPIView.as_view(),
+         name="archived-evaluation"),
 ]

core/apps/evaluation/views/auto.py

@@ -1,13 +1,14 @@
 from django.db.models import Q
-from django_core.mixins import BaseViewSetMixin
 from django.shortcuts import get_object_or_404
+from django_core.mixins import BaseViewSetMixin
 from django_filters.rest_framework import DjangoFilterBackend
 from drf_spectacular.utils import extend_schema, OpenApiParameter
 from rest_framework.filters import OrderingFilter, SearchFilter
+from rest_framework.generics import GenericAPIView, ListAPIView
 from rest_framework.permissions import AllowAny, IsAuthenticated
-from rest_framework.viewsets import ModelViewSet
-from rest_framework.generics import GenericAPIView
 from rest_framework.response import Response
+from rest_framework.views import APIView
+from rest_framework.viewsets import ModelViewSet
 
 from core.apps.accounts.serializers.user import UserSerializer
 from core.apps.evaluation.filters.auto import AutoevaluationFilter
@@ -154,3 +155,22 @@ class AutoEvaluationListAppraisersView(GenericAPIView):
             return self.get_paginated_response(serializer.data)
         except Exception as e:
             return Response({"error": str(e)}, status=500)
+
+
+@extend_schema(tags=["AutoEvaluation"])
+class GetArchivedEvaluationListAPIView(ListAPIView):
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        return AutoEvaluationModel.objects.filter(is_archived=True)
+
+
+@extend_schema(tags=["AutoEvaluation"])
+class ArchivedEvaluation(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request, pk):
+        auto_evaluation = get_object_or_404(AutoEvaluationModel, pk=pk)
+        auto_evaluation.is_archived = request.data["is_archived"]
+        auto_evaluation.save()
+        return Response({"success": True}, status=200)

core/apps/evaluation/views/didox.py

@@ -31,6 +31,7 @@ class DidoxCompanyInfoAPIView(GenericAPIView):
     def get(self, request, *args, **kwargs):
         tin = kwargs.get("tin")
 
+        # 🔥 TYPE CHECK
         try:
             tin = int(tin)
         except (TypeError, ValueError):
@@ -47,14 +48,4 @@ class DidoxCompanyInfoAPIView(GenericAPIView):
                 status=status.HTTP_502_BAD_GATEWAY
             )
 
-        # if both name and personalNum are null/empty -> 404
-        name = data.get("name")
-        personal_num = data.get("personalNum")
-
-        if not name and not personal_num:
-            return Response(
-                {"detail": "Company or person not found"},
-                status=status.HTTP_404_NOT_FOUND
-            )
-
         return Response(data, status=status.HTTP_200_OK)

core/apps/evaluation/views/request.py

@@ -1,27 +1,23 @@
 from django.shortcuts import get_object_or_404
-
 from django_core.mixins import BaseViewSetMixin
 from django_filters.rest_framework import DjangoFilterBackend
 from drf_spectacular.utils import extend_schema
+from rest_framework import status
 from rest_framework.filters import OrderingFilter, SearchFilter
-from rest_framework.pagination import PageNumberPagination
+from rest_framework.permissions import IsAuthenticated
-from rest_framework.permissions import AllowAny, IsAuthenticated
-from rest_framework.viewsets import ModelViewSet
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from rest_framework import status
+from rest_framework.viewsets import ModelViewSet
 
+from core.apps.accounts.choices import RoleChoice
+from core.apps.evaluation.choices.request import RequestStatus
 from core.apps.evaluation.filters.request import EvaluationrequestFilter
 from core.apps.evaluation.models import EvaluationrequestModel
 from core.apps.evaluation.serializers.request import (
     CreateEvaluationrequestSerializer,
     ListEvaluationrequestSerializer,
     RetrieveEvaluationrequestSerializer,
-    ArchiveEvaluationrequestSerializer,
 )
-from core.apps.evaluation.choices.request import RequestStatus
-from rest_framework.generics import GenericAPIView
-from drf_spectacular.utils import OpenApiResponse
 
 
 # class RequestPagination(PageNumberPagination):
@@ -175,76 +171,3 @@ class EvaluationStatusChange(APIView):
             'status': evaluation.status,
             'id': evaluation.pk
         })
-
-@extend_schema(tags=["EvaluationRequest"])
-class ArchiveEvaluationrequestView(GenericAPIView):
-    permission_classes = [IsAuthenticated]
-
-    def get_serializer_class(self):
-        if self.request.method == "GET":
-            return ListEvaluationrequestSerializer
-        return ArchiveEvaluationrequestSerializer
-
-    @extend_schema(
-        tags=["EvaluationRequest"],
-        summary="Get archived evaluation requests list",
-        description="""
-        Returns only archived evaluation requests.
-
-        This endpoint works like evaluation-request/,
-        but only records with is_archive=True are returned.
-        """,
-        responses={200: ListEvaluationrequestSerializer(many=True)},
-    )
-    def get(self, request, *args, **kwargs):
-        queryset = EvaluationrequestModel.objects.filter(
-            is_archive=True
-        ).order_by("-created_at")
-
-        serializer = self.get_serializer(queryset, many=True)
-
-        return Response(serializer.data, status=status.HTTP_200_OK)
-
-    @extend_schema(
-        tags=["EvaluationRequest"],
-        summary="Archive or unarchive evaluation request",
-        description="""
-        Update archive status for evaluation request.
-
-        - is_archive=true → archive
-        - is_archive=false → remove from archive
-        """,
-        request=ArchiveEvaluationrequestSerializer,
-        responses={
-            200: OpenApiResponse(
-                description="Archive status updated successfully"
-            ),
-            400: OpenApiResponse(
-                description="Validation error"
-            ),
-            404: OpenApiResponse(
-                description="Evaluation request not found"
-            ),
-        },
-    )
-    def post(self, request, *args, **kwargs):
-        serializer = self.get_serializer(data=request.data)
-        serializer.is_valid(raise_exception=True)
-
-        validated_data = serializer.validated_data
-
-        obj = get_object_or_404(
-            EvaluationrequestModel,
-            id=validated_data["id"]
-        )
-
-        obj.is_archive = validated_data["is_archive"]
-        obj.save(update_fields=["is_archive"])
-
-        return Response(
-            {
-                "success": True,
-                "message": "Archive status updated successfully"
-            },
-            status=status.HTTP_200_OK
-        )

core/apps/evaluation/views/tech_passport.py

@@ -33,27 +33,18 @@ class TechPassportAPIView(GenericAPIView):
     def post(self, request, *args, **kwargs):
         serializer = TechPassportSerializer(data=request.data)
         serializer.is_valid(raise_exception=True)
-
         data = serializer.validated_data
 
+        try:
             result = TechPassportService.get_auto_info(
                 autonumber=data["autonumber"],
                 tech_pass_number=data["tech_pass_number"],
                 tech_pass_series=data["tech_pass_series"],
             )
+            return Response(result, status=status.HTTP_200_OK)
 
-        response_data = result["data"]
+        except Exception as e:
-        status_code = result["status_code"]
-
-        # success bo‘lsa faqat data ichidagi data qaytariladi
-        if status_code == 200:
             return Response(
-                response_data.get("data", {}),
+                {"detail": str(e)},
-                status=status.HTTP_200_OK
+                status=status.HTTP_400_BAD_REQUEST
-            )
-
-        # error bo‘lsa original response qaytariladi
-        return Response(
-            response_data,
-            status=status_code
             )

core/services/tech_passport.py

@@ -44,28 +44,21 @@ class TechPassportService:
                 verify=False
             )
 
+            response.raise_for_status()
+
             logger.info(
-                f"Tech passport response status: {response.status_code}"
+                f"Tech passport info fetched successfully: {response.status_code}"
             )
 
-            try:
             response_data = response.json()
-            except ValueError:
-                response_data = {
-                    "detail": "Invalid response from external service"
-                }
 
-            return {
+            return response_data.get("data", {})
-                "status_code": response.status_code,
-                "data": response_data
-            }
 
         except requests.exceptions.RequestException as e:
-            logger.error(str(e))
+            logger.error(
-
+                f"Error while fetching tech passport info: {str(e)}"
+            )
             return {
-                "status_code": 500,
+                "success": False,
-                "data": {
+                "message": str(e)
-                    "detail": str(e)
-                }
             }

stack.yaml

@@ -84,7 +84,7 @@ services:
         max-file: "5"
 
   web:
-    image: husanjon/sifatbaho:107
+    image: husanjon/sifatbaho:103
     env_file:
       - .env
     environment:
@@ -129,7 +129,7 @@ services:
         max-file: "5"
 
   celery:
-    image: husanjon/sifatbaho:107
+    image: husanjon/sifatbaho:103
     env_file:
       - .env
     environment: