shaxob #127
@@ -10,7 +10,7 @@ class PermissionToActionSerializer(serializers.ModelSerializer):
|
||||
|
||||
|
||||
class PermissionToTabSerializer(serializers.ModelSerializer):
|
||||
permission_to_actions = PermissionToActionSerializer(many=True)
|
||||
permission_to_actions = PermissionToActionSerializer(many=True, read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = PermissionToTab
|
||||
@@ -18,7 +18,7 @@ class PermissionToTabSerializer(serializers.ModelSerializer):
|
||||
|
||||
|
||||
class PermissionSerializer(serializers.ModelSerializer):
|
||||
permission_tabs = PermissionToTabSerializer(many=True)
|
||||
permission_tabs = PermissionToTabSerializer(many=True, read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = Permission
|
||||
|
||||
@@ -9,6 +9,8 @@ from rest_framework.views import APIView
|
||||
from rest_framework.viewsets import ModelViewSet
|
||||
|
||||
from core.apps.accounts.choices.user import RoleChoice
|
||||
from core.apps.accounts.models import Role
|
||||
from core.apps.accounts.serializers.permission import RoleListSerializer
|
||||
from core.apps.accounts.serializers.user import UserSerializer, AdminUserSerializer, UserCreateSerializer
|
||||
|
||||
User = get_user_model()
|
||||
@@ -64,7 +66,7 @@ class AdminCreateAPIView(APIView):
|
||||
return Response(serializer.data, status=201)
|
||||
|
||||
|
||||
@extend_schema(tags=['User'],)
|
||||
@extend_schema(tags=['User'], )
|
||||
class AdminUpdateAPIView(generics.GenericAPIView):
|
||||
permission_classes = [IsAuthenticated]
|
||||
serializer_class = UserCreateSerializer
|
||||
@@ -88,7 +90,6 @@ class DeleteAdminUserApiView(APIView):
|
||||
if request.user.role != RoleChoice.SUPERUSER:
|
||||
return Response({'detail': 'Forbidden'}, status=403)
|
||||
|
||||
|
||||
user = get_object_or_404(User, pk=pk)
|
||||
if user.role != RoleChoice.ADMIN:
|
||||
return Response({'detail': 'This user is not an admin'}, status=400)
|
||||
@@ -100,4 +101,17 @@ class DeleteAdminUserApiView(APIView):
|
||||
class UserDetailAPIView(generics.RetrieveAPIView):
|
||||
permission_classes = [IsAuthenticated]
|
||||
serializer_class = UserSerializer
|
||||
lookup_field = 'id'
|
||||
lookup_field = 'id'
|
||||
|
||||
|
||||
class AdminPermissionsAPIView(generics.GenericAPIView):
|
||||
permission_classes = [IsAuthenticated]
|
||||
|
||||
def get(self, request):
|
||||
if request.user.role.name != RoleChoice.ADMIN:
|
||||
return Response({'detail': 'Forbidden'}, status=403)
|
||||
|
||||
admin_role = Role.objects.get(name=RoleChoice.ADMIN)
|
||||
|
||||
serializer = RoleListSerializer(admin_role)
|
||||
return Response(serializer.data)
|
||||
@@ -329,4 +329,9 @@ class AutoEvaluationSerializer(serializers.Serializer):
|
||||
transmission = serializers.CharField()
|
||||
condition = serializers.CharField()
|
||||
fuel_type = serializers.CharField()
|
||||
mileage = serializers.CharField()
|
||||
mileage = serializers.CharField()
|
||||
|
||||
class AutoEvaluationModelSerializer(serializers.ModelSerializer):
|
||||
class Meta:
|
||||
model = AutoEvaluationModel
|
||||
fields = "__all__"
|
||||
@@ -128,3 +128,7 @@ class CreateQuickevaluationSerializer(serializers.ModelSerializer):
|
||||
return super().create(validated_data)
|
||||
|
||||
|
||||
class QuickEvaluationModelSerializer(serializers.ModelSerializer):
|
||||
class Meta:
|
||||
model = QuickEvaluationModel
|
||||
fields = '__all__'
|
||||
@@ -37,6 +37,7 @@ urlpatterns = [
|
||||
# Quick Evaluation
|
||||
path('quick-evaluation/', include(
|
||||
[
|
||||
path("admin/", views.AdminQuickEvalAPIView.as_view(), name="quick-evaluation"),
|
||||
path(
|
||||
'archive/', include(
|
||||
[
|
||||
@@ -51,6 +52,7 @@ urlpatterns = [
|
||||
# Auto Evaluation
|
||||
path("auto-evaluation/", include(
|
||||
[
|
||||
path("admin/", views.AdminEvaluationsAPIView.as_view(), name="admin-evaluations"),
|
||||
path('archive/', include(
|
||||
[
|
||||
path('<int:pk>/', views.AutoEvaluationArchiveAPIView.as_view()),
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
from django.db.models import Q
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django_core.mixins import BaseViewSetMixin
|
||||
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from drf_spectacular.utils import extend_schema, OpenApiParameter
|
||||
|
||||
from rest_framework import generics
|
||||
from rest_framework.filters import OrderingFilter, SearchFilter
|
||||
from rest_framework.generics import GenericAPIView, ListAPIView
|
||||
from rest_framework.permissions import AllowAny, IsAuthenticated
|
||||
@@ -12,10 +11,12 @@ from rest_framework.response import Response
|
||||
from rest_framework.views import APIView
|
||||
from rest_framework.viewsets import ModelViewSet
|
||||
|
||||
from core.apps.accounts.choices import RoleChoice
|
||||
from core.apps.accounts.serializers.user import UserSerializer
|
||||
from core.apps.evaluation.filters.auto import AutoevaluationFilter
|
||||
from core.apps.evaluation.models import AutoEvaluationModel
|
||||
from core.apps.evaluation.serializers import auto as serializers
|
||||
from core.apps.evaluation.serializers import auto as serializers, AutoEvaluationModelSerializer
|
||||
|
||||
|
||||
@extend_schema(tags=["AutoEvaluation"])
|
||||
class AutoEvaluationView(BaseViewSetMixin, ModelViewSet):
|
||||
@@ -175,3 +176,16 @@ class AutoEvaluationArchiveAPIView(APIView):
|
||||
},
|
||||
status=200
|
||||
)
|
||||
|
||||
@extend_schema(tags=["AutoEvaluation"])
|
||||
class AdminEvaluationsAPIView(generics.GenericAPIView):
|
||||
permission_classes = [IsAuthenticated]
|
||||
|
||||
def get(self, request):
|
||||
if request.user.role != RoleChoice.ADMIN:
|
||||
return Response({'detail': 'Forbidden'}, status=403)
|
||||
auto_eval = AutoEvaluationModel.objects.filter(
|
||||
created_by=self.request.user
|
||||
).select_related('appraisers').distinct()
|
||||
serializer = AutoEvaluationModelSerializer(auto_eval, many=True)
|
||||
return Response(serializer.data)
|
||||
|
||||
@@ -1,17 +1,13 @@
|
||||
# django
|
||||
from django.shortcuts import get_object_or_404
|
||||
|
||||
# django core
|
||||
from django_core.mixins import BaseViewSetMixin
|
||||
|
||||
# django filters
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
|
||||
# swagger
|
||||
from drf_spectacular.utils import extend_schema
|
||||
|
||||
# rest framework
|
||||
from rest_framework import status
|
||||
from rest_framework import status, generics
|
||||
from rest_framework.filters import OrderingFilter, SearchFilter
|
||||
from rest_framework.generics import ListAPIView
|
||||
from rest_framework.parsers import FormParser, MultiPartParser
|
||||
@@ -20,10 +16,11 @@ from rest_framework.response import Response
|
||||
from rest_framework.views import APIView
|
||||
from rest_framework.viewsets import ModelViewSet
|
||||
|
||||
from core.apps.accounts.choices import RoleChoice
|
||||
# core apps
|
||||
from core.apps.evaluation.filters.quick import QuickevaluationFilter
|
||||
from core.apps.evaluation.models import QuickEvaluationModel
|
||||
from core.apps.evaluation.serializers import quick as serializers
|
||||
from core.apps.evaluation.serializers import quick as serializers, QuickEvaluationModelSerializer
|
||||
|
||||
|
||||
@extend_schema(tags=["QuickEvaluation"])
|
||||
@@ -87,3 +84,18 @@ class QuickEvaluationArchivedListAPIView(ListAPIView):
|
||||
|
||||
def get_queryset(self):
|
||||
return QuickEvaluationModel.objects.filter(is_archive=True)
|
||||
|
||||
|
||||
@extend_schema(tags=["QuickEvaluation"])
|
||||
class AdminQuickEvalAPIView(generics.GenericAPIView):
|
||||
permission_classes = [IsAuthenticated]
|
||||
|
||||
def get(self, request):
|
||||
if request.user.role != RoleChoice.ADMIN:
|
||||
return Response({'detail': 'Forbidden'}, status=403)
|
||||
quick_eval = QuickEvaluationModel.objects.filter(
|
||||
created_by=self.request.user
|
||||
).select_related('created_by').distinct()
|
||||
serializer = QuickEvaluationModelSerializer(quick_eval, many=True)
|
||||
|
||||
return Response(serializer.data)
|
||||
|
||||
Reference in New Issue
Block a user