xoliqberdiyev/Qurilish-Boshqaruv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: xoliqberdiyev:24fb16b6e745564f18a7305dc2a905dfc52b323d
Branches Tags
xoliqberdiyev:main xoliqberdiyev:dev
...
compare: xoliqberdiyev:dev
Branches Tags
xoliqberdiyev:dev xoliqberdiyev:main

12 Commits
24fb16b6e7 ... dev

Author SHA1 Message Date
behruz
1a2550be74 accounts: role create and list apis add 2025-12-11 18:13:33 +05:00
behruz
0177084e95 accounts: user apis done 2025-12-11 16:31:23 +05:00
behruz
e3362670d7 config: add swagger protocol in base.py 2025-12-11 15:44:21 +05:00
behruz
4174bd06b8 accounts and config: add user list api, configurate swagger docs 2025-12-11 15:40:18 +05:00
behruz
19cc0dbb9c Merge branch 'main' of https://github.com/Behruz-s-organization/Uyqur into dev 2025-12-11 14:42:02 +05:00
behruz
c56bf6f585 accounts: user create api added 2025-12-10 19:07:08 +05:00
xolikberdiyev
0036fa67f9 Merge pull request #10 from Behruz-s-organization/dev 
config: ALLOWED_HOSTS ozgardi
 2025-12-09 23:41:24 +05:00
behruz
8ef6505262 config: ALLOWED_HOSTS ozgardi 2025-12-09 23:05:22 +05:00
xolikberdiyev
f7d2be7ea1 Merge pull request #9 from Behruz-s-organization/dev 
Dev
 2025-12-09 22:58:36 +05:00
behruz
90e46405d7 config: ortiga qaytarildig 2025-12-09 22:49:40 +05:00
xolikberdiyev
c7c47301a0 Merge pull request #8 from Behruz-s-organization/dev 
Dev
 2025-12-09 22:30:28 +05:00
xolikberdiyev
159fad56b0 Merge pull request #7 from Behruz-s-organization/dev 
Dev
 2025-12-07 18:10:27 +05:00
27 changed files with 1102 additions and 20 deletions
Expand all files Collapse all files

2
config/conf/djangorestframework.py
View File

@@ -4,4 +4,6 @@ REST_FRAMEWORK = {
'rest_framework.authentication.BasicAuthentication', 'rest_framework.authentication.BasicAuthentication',
'rest_framework_simplejwt.authentication.JWTAuthentication', 'rest_framework_simplejwt.authentication.JWTAuthentication',
], ],
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
'PAGE_SIZE': 10
} }

14
config/settings/base.py
View File

@@ -9,7 +9,7 @@ env.read_env(BASE_DIR / '.env')
SECRET_KEY = env.str('SECRET_KEY') SECRET_KEY = env.str('SECRET_KEY')
DEBUG = env.bool('DEBUG') DEBUG = env.bool('DEBUG')
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS') # ALLOWED_HOSTS = env.list('ALLOWED_HOSTS')
ALLOWED_HOSTS = ["*"] ALLOWED_HOSTS = ["*"]
@@ -114,11 +114,11 @@ USE_TZ = True
# Media and Static files # Media and Static files
STATIC_URL = 'resources/static/' STATIC_URL = "static/"
STATIC_ROOT = BASE_DIR / 'resources/static' STATIC_ROOT = BASE_DIR / "resources/static"
MEDIA_URL = 'resources/media/' MEDIA_URL = "media/"
MEDIA_ROOT = BASE_DIR / 'resources/media' MEDIA_ROOT = BASE_DIR / "resources/media"
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
@@ -130,5 +130,9 @@ TENANT_MODEL = "customers.Client"
TENANT_DOMAIN_MODEL = "customers.Domain" TENANT_DOMAIN_MODEL = "customers.Domain"
SECURE_PROXY_SSL_HEADER = (
"HTTP_X_FORWARDED_PROTO",
env.str("SWAGGER_PROTOCOL", "https"),
)
from config.conf import * from config.conf import *

37
config/urls.py
View File

@@ -10,11 +10,46 @@ from rest_framework import permissions
from drf_yasg.views import get_schema_view from drf_yasg.views import get_schema_view
from drf_yasg import openapi from drf_yasg import openapi
description = """
This API provides backend services for the application, allowing users to authenticate, manage their profiles, and interact with various system resources.
Authentication:
- The API uses JWT-based authentication.
- To access protected endpoints, include the header: `Authorization: Bearer <access_token>`.
- Tokens can be obtained from the authentication endpoints (login, refresh).
Request Format:
- All requests must be sent in JSON format unless otherwise specified.
- File uploads should use multipart/form-data.
Response Format:
- All responses follow a unified structure containing:
- status_code
- status (success, failure, error, not_found, created, deleted)
- message
- data (optional)
- Error responses include detailed validation messages if applicable.
Pagination:
- Pagination is supported using `limit` and `offset` query parameters.
- Default limit and maximum allowed limit may vary per endpoint.
Versioning:
- Current API version: v1.
Notes:
- Some endpoints require elevated permissions (e.g., admin access).
- All timestamps are returned in ISO 8601 format.
- For secure token storage, avoid exposing refresh tokens on client-side environments.
Use this documentation to explore available endpoints, inspect request/response formats, and test API calls interactively.
"""
schema_view = get_schema_view( schema_view = get_schema_view(
openapi.Info( openapi.Info(
title="Qurilish Boshqaruv API", title="Qurilish Boshqaruv API",
default_version='v1', default_version='v1',
description="Qurilish boshqaruv api", description=description,
terms_of_service="https://www.google.com/policies/terms/", terms_of_service="https://www.google.com/policies/terms/",
contact=openapi.Contact(email="xoliqberdiyevbehruz12@gmail.com"), contact=openapi.Contact(email="xoliqberdiyevbehruz12@gmail.com"),
license=openapi.License(name="Behruz's-Organization License"), license=openapi.License(name="Behruz's-Organization License"),

3
core/apps/accounts/admin/__init__.py
View File

@@ -1 +1,2 @@
from .user import * from .user import *
from .role import *

11
core/apps/accounts/admin/role.py Normal file
View File

@@ -0,0 +1,11 @@
# django
from django.contrib import admin
# accounts
from core.apps.accounts.models import Role
@admin.register(Role)
class RoleAdmin(admin.ModelAdmin):
list_display = ['id', 'name']
search_fields = ['name']

32
core/apps/accounts/migrations/0002_role_user_role.py Normal file
View File

@@ -0,0 +1,32 @@
# Generated by Django 5.2 on 2025-12-10 13:23
import django.db.models.deletion
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('accounts', '0001_initial'),
]
operations = [
migrations.CreateModel(
name='Role',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('created_at', models.DateTimeField(auto_now_add=True)),
('updated_at', models.DateTimeField(auto_now=True)),
('is_deleted', models.BooleanField(default=False)),
('name', models.CharField(db_index=True, max_length=200, unique=True)),
],
options={
'abstract': False,
},
),
migrations.AddField(
model_name='user',
name='role',
field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='users', to='accounts.role'),
),
]

18
core/apps/accounts/migrations/0003_role_comment.py Normal file
View File

@@ -0,0 +1,18 @@
# Generated by Django 5.2 on 2025-12-11 11:43
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('accounts', '0002_role_user_role'),
]
operations = [
migrations.AddField(
model_name='role',
name='comment',
field=models.TextField(blank=True, null=True),
),
]

3
core/apps/accounts/models/__init__.py
View File

@@ -1 +1,2 @@
from .user import * from .user import *
from .role import *

14
core/apps/accounts/models/role.py Normal file
View File

@@ -0,0 +1,14 @@
# django
from django.db import models
# shared
from core.apps.shared.models import BaseModel
class Role(BaseModel):
name = models.CharField(max_length=200, unique=True, db_index=True)
comment = models.TextField(null=True, blank=True)
def __str__(self):
return self.name

4
core/apps/accounts/models/user.py
View File

@@ -9,9 +9,6 @@ from rest_framework_simplejwt.tokens import RefreshToken
# shared # shared
from core.apps.shared.models import BaseModel from core.apps.shared.models import BaseModel
# customers
from core.apps.customers.models import Client
# utils # utils
from core.utils.validators.phone_number import uz_phone_validator from core.utils.validators.phone_number import uz_phone_validator
@@ -21,6 +18,7 @@ class User(AbstractUser, BaseModel):
phone_number = models.CharField( phone_number = models.CharField(
max_length=15, null=True, blank=True, validators=[uz_phone_validator] max_length=15, null=True, blank=True, validators=[uz_phone_validator]
) )
role = models.ForeignKey('accounts.Role', on_delete=models.CASCADE, related_name='users', null=True)
def __str__(self): def __str__(self):
return f"#{self.id}: {self.first_name} {self.last_name}" return f"#{self.id}: {self.first_name} {self.last_name}"

26
core/apps/accounts/serializers/role/create.py Normal file
View File

@@ -0,0 +1,26 @@
# django
from django.db import transaction
# rest framework
from rest_framework import serializers
# accounts
from core.apps.accounts.models import Role
class CreateRoleSerializer(serializers.Serializer):
name = serializers.CharField()
comment = serializers.CharField(required=False)
def validate(self, data):
if Role.objects.filter(name=data['name']).exists():
raise serializers.ValidationError({"name": "Role with this name already exists"})
return data
def create(self, validated_data):
with transaction.atomic():
return Role.objects.create(
name=validated_data.get('name'),
comment=validated_data.get('comment'),
)

18
core/apps/accounts/serializers/role/list.py Normal file
View File

@@ -0,0 +1,18 @@
# rest framework
from rest_framework import serializers
# accounts
from core.apps.accounts.models import Role
class ListRoleSerializer(serializers.ModelSerializer):
class Meta:
model = Role
fields = [
'id',
'name',
'comment',
'created_at',
'updated_at',
]

26
core/apps/accounts/serializers/role/update.py Normal file
View File

@@ -0,0 +1,26 @@
# django
from django.db import transaction
# rest framework
from rest_framework import serializers
# accounts
from core.apps.accounts.models import Role
class UpdateRoleSerializer(serializers.Serializer):
name = serializers.CharField()
comment = serializers.CharField()
def validate(self, data):
if Role.objects.filter(name=data['name']).exists():
raise serializers.ValidationError({"name": "Role with this name already exists"})
return data
def update(self, instance, validated_data):
with transaction.atomic():
instance.name = validated_data.get('name', instance.name)
instance.comment = validated_data.get('comment', instance.comment)
instance.save()
return instance

45
core/apps/accounts/serializers/user/create.py Normal file
View File

@@ -0,0 +1,45 @@
# django
from django.db import transaction
# rest framework
from rest_framework import serializers
# accounts
from core.apps.accounts.models import User, Role
class CreateUserSerializer(serializers.Serializer):
profile_image = serializers.ImageField(required=False)
first_name = serializers.CharField()
last_name = serializers.CharField()
phone_number = serializers.CharField()
username = serializers.CharField()
password = serializers.CharField()
is_active = serializers.BooleanField(default=True)
role_id = serializers.IntegerField()
def validate(self, data):
if User.objects.filter(username=data['username'], is_deleted=False).exists():
raise serializers.ValidationError({"username": "User with this username already exists"})
role = Role.objects.filter(id=data['role_id'], is_deleted=False).first()
if not role:
raise serializers.ValidationError({"role": "Role not found"})
data['role'] = role
return data
def create(self, validated_data):
with transaction.atomic():
user = User.objects.create(
first_name=validated_data.get('first_name'),
last_name=validated_data.get('last_name'),
username=validated_data.get('username'),
phone_number=validated_data.get('phone_number'),
is_active=validated_data.get('is_active'),
profile_image=validated_data.get('profile_image'),
role=validated_data.get('role'),
)
user.set_password(validated_data.get('password'))
user.save()
return user

46
core/apps/accounts/serializers/user/update.py Normal file
View File

@@ -0,0 +1,46 @@
# django
from django.db import transaction
# rest framework
from rest_framework import serializers
# accounts
from core.apps.accounts.models import User, Role
class UpdateUserSerializer(serializers.Serializer):
first_name = serializers.CharField(required=False)
last_name = serializers.CharField(required=False)
role_id = serializers.IntegerField()
phone_number = serializers.CharField(required=False)
username = serializers.CharField(required=False)
password = serializers.CharField(required=False)
is_active = serializers.BooleanField(default=True)
profile_image = serializers.ImageField(required=False)
def validate(self, data):
role = Role.objects.filter(id=data['role_id']).first()
if not role:
raise serializers.ValidationError({"role": "Role not found"})
if data.get('username'):
if User.objects.filter(username=data['username']).exists():
raise serializers.ValidationError({"username": "User with this username already exist, please try another username"})
data['role'] = role
return data
def update(self, instance, validated_data):
with transaction.atomic():
instance.first_name = validated_data.get('first_name', instance.first_name)
instance.last_name = validated_data.get('last_name', instance.last_name)
instance.role = validated_data.get('role', instance.role)
instance.phone_number = validated_data.get('phone_number', instance.phone_number)
instance.username = validated_data.get('username', instance.username)
instance.is_active = validated_data.get('is_active', instance.is_active)
instance.profile_image = validated_data.get('profile_image', instance.profile_image)
if validated_data.get('password'):
instance.set_password(validated_data.get('password'))
instance.save()
return instance

18
core/apps/accounts/serializers/user/user.py
View File

@@ -19,4 +19,20 @@ class UserSerializer(serializers.ModelSerializer):
'created_at', 'created_at',
'updated_at', 'updated_at',
] ]
class ListUserSerializer(UserSerializer):
role = serializers.SerializerMethodField(method_name='get_role')
class Meta:
model = User
fields = UserSerializer.Meta.fields + [
'is_active',
'role'
]
def get_role(self, obj):
return {
'id': obj.role.id,
'name': obj.role.name,
} if obj.role else {}

25
core/apps/accounts/urls.py
View File

@@ -6,16 +6,28 @@ from rest_framework.routers import DefaultRouter
# accounts # accounts
# ------- user ------ # ------- user -------
from core.apps.accounts.views.user import UserViewSet from core.apps.accounts.views.user import UserViewSet
# ------- auth ------ from core.apps.accounts.views.user.create import CreateUserApiView
from core.apps.accounts.views.user.list import ListUserApiView
from core.apps.accounts.views.user.update import UpdateUserApiView
from core.apps.accounts.views.user.delete import SoftDeleteUserApiView, HardDeleteUserApiView
# ------- auth -------
from core.apps.accounts.views.auth.login import LoginApiView from core.apps.accounts.views.auth.login import LoginApiView
# ------- role -------
from core.apps.accounts.views.role.create import CreateRoleApiView
from core.apps.accounts.views.role.list import ListRoleApiView
urlpatterns = [ urlpatterns = [
# ------ user ------
path('user/', include( path('user/', include(
[ [
path('create/', CreateUserApiView.as_view(), name='user-create-api'),
path('list/', ListUserApiView.as_view(), name='user-list-api'),
path('<int:id>/update/', UpdateUserApiView.as_view(), name='user-update-api'),
path('<int:id>/soft_delete/', SoftDeleteUserApiView.as_view(), name='user-soft-delete-api'),
path('<int:id>/hard_delete/', HardDeleteUserApiView.as_view(), name='user-soft-delete-api'),
] ]
)), )),
# ------ authentication ------ # ------ authentication ------
@@ -24,6 +36,13 @@ urlpatterns = [
path('login/', LoginApiView.as_view(), name='login'), path('login/', LoginApiView.as_view(), name='login'),
] ]
)), )),
# ------ role ------
path('role/', include(
[
path('create/', CreateRoleApiView.as_view(), name='create-role-api'),
path('list/', ListRoleApiView.as_view(), name='list-role-api'),
]
)),
] ]
router = DefaultRouter() router = DefaultRouter()

28
core/apps/accounts/views/auth/login.py
View File

@@ -20,7 +20,33 @@ class LoginApiView(generics.GenericAPIView, ResponseMixin):
queryset = User.objects.all() queryset = User.objects.all()
@swagger_auto_schema( @swagger_auto_schema(
tags=["Authentication and Authorization"], tags=["auth"],
operation_summary="Authenticate a user and returns access/refresh tokens",
operation_description="""
Authenticate a user using their login credentials and return JWT tokens.
Request:
- Accepts user login credentials in JSON format.
- The payload is validated using the LoginSerializer.
Process:
- If the credentials are valid, the corresponding user is retrieved.
- A pair of JWT tokens (access and refresh) is generated for the user.
- User data and tokens are returned in the response.
Response:
- 200 OK: Returns authenticated user details along with access and refresh tokens.
- 400 Bad Request: Returned when validation fails (e.g., invalid credentials or missing fields).
- 500 Internal Server Error: Returned if an unexpected error occurs during authentication.
Authentication:
- This endpoint does not require authentication.
- It is used to obtain new JWT tokens for authorized access to protected endpoints.
Notes:
- The response includes both user profile data and JWT token pair.
- Make sure to store the refresh token securely for token renewal flows.
""",
responses={ responses={
200: openapi.Response( 200: openapi.Response(
description="Success", description="Success",

110
core/apps/accounts/views/role/create.py Normal file
View File

@@ -0,0 +1,110 @@
# rest framework
from rest_framework import generics, permissions
# drf yasg
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
# accounts
from core.apps.accounts.models import Role
from core.apps.accounts.serializers.role.create import CreateRoleSerializer
from core.apps.accounts.serializers.role.list import ListRoleSerializer
# utils
from core.utils.response.mixin import ResponseMixin
class CreateRoleApiView(generics.GenericAPIView, ResponseMixin):
serializer_class = CreateRoleSerializer
queryset = Role.objects.all()
permission_classes = [permissions.IsAuthenticated]
@swagger_auto_schema(
tags=['role'],
operation_summary="Create a new role in the system",
operation_description="""
Create a new role with a name and optional comment.
Authentication:
- Requires a valid Bearer access token.
Process:
- Accepts role details in JSON format, validated using CreateRoleSerializer.
- If the data is valid, a new role is created and returned.
Request:
- Fields can include:
- name (string, required): The name of the role.
- comment (string, optional): Additional information about the role.
Response:
- 200 OK: Role successfully created and returned.
- 400 Bad Request: Validation failed, invalid input data.
- 500 Internal Server Error: Unexpected error occurred while creating the role.
Notes:
- Only authenticated users can create roles.
- The response includes the newly created role's details with timestamps.
""",
responses={
200: openapi.Response(
schema=None,
description="Success",
examples={
"application/json": {
"status_code": 200,
"status": "success",
"message": "Role successfully created",
"data": {
"id": 0,
"name": "string",
"comment": "string",
"created_at": "string",
"updated_at": "string"
}
}
}
),
400: openapi.Response(
schema=None,
description="Failure",
examples={
"application/json": {
"status_code": 400,
"status": "failure",
"message": "Kiritayotgan malumotingizni tekshirib ko'ring",
"data": "string"
}
}
),
500: openapi.Response(
schema=None,
description="Error",
examples={
"application/json": {
"status_code": 500,
"status": "error",
"message": "Xatolik, Iltimos backend dasturchiga murojaat qiling",
"data": "string"
}
}
)
}
)
def post(self, request):
try:
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
obj = serializer.save()
return self.created_response(
data=ListRoleSerializer(obj).data,
message="Role successfully created"
)
return self.failure_response(
data=serializer.errors
)
except Exception as e:
return self.error_response(
data=str(e)
)

106
core/apps/accounts/views/role/list.py Normal file
View File

@@ -0,0 +1,106 @@
# rest framework
from rest_framework import generics, permissions
# drf yasg
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
# accounts
from core.apps.accounts.models import Role
from core.apps.accounts.serializers.role.list import ListRoleSerializer
# utils
from core.utils.response.mixin import ResponseMixin
class ListRoleApiView(generics.GenericAPIView, ResponseMixin):
serializer_class = ListRoleSerializer
queryset = Role.objects.all()
permission_classes = [permissions.IsAuthenticated]
@swagger_auto_schema(
tags=['role'],
operation_summary="Retrieve a paginated list of roles.",
operation_description="""
Get a list of all roles in the system, with optional pagination.
Authentication:
- Requires a valid Bearer access token.
Process:
- Retrieves all roles that are not marked as deleted.
- Supports pagination using the configured pagination class (limit/offset).
- Returns serialized role data along with pagination metadata.
Response:
- 200 OK: Successfully returns a paginated list of roles.
- Includes fields: count, next, previous, results.
- Each role includes id, name, comment, created_at, and updated_at.
- 500 Internal Server Error: Unexpected error occurred while fetching roles.
Notes:
- Only authenticated users can access this endpoint.
- Roles marked as deleted (`is_deleted=True`) are excluded from the response.
- Pagination fields (`next` and `previous`) provide URLs to navigate pages if results exceed page limit.
""",
responses={
200: openapi.Response(
description="Succes",
schema=None,
examples={
"application/json": {
"status_code": 200,
"status": "success",
"message": "Roles list",
"data": {
"count": 0,
"next": "string",
"previous": "string",
"results": [
{
"id": 1,
"name": "string",
"comment": "string",
"created_at": "string",
"updated_at": "string"
},
]
}
}
}
),
500: openapi.Response(
description="Error",
schema=None,
examples={
"application/json": {
"status_code": 500,
"status": "error",
"message": "Xatolik, Iltimos backend dasturchiga murojaat qiling",
"data": "string"
}
}
),
}
)
def get(self, request):
try:
queryset = self.queryset.filter(is_deleted=False)
page = self.paginate_queryset(queryset)
if page is not None:
serializer = self.serializer_class(page, many=True)
return self.success_response(
data=self.get_paginated_response(serializer.data).data,
message="Roles list"
)
serializer = self.serializer_class(queryset, many=True)
return self.success_response(
data=serializer.data,
message="Roles list"
)
except Exception as e:
return self.error_response(
data=str(e)
)

52
core/apps/accounts/views/role/update.py Normal file
View File

@@ -0,0 +1,52 @@
# rest framework
from rest_framework import generics, permissions
# drf yasg
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
# accounts
from core.apps.accounts.models import Role
from core.apps.accounts.serializers.role.update import UpdateRoleSerializer
from core.apps.accounts.serializers.role.list import ListRoleSerializer
# utils
from core.utils.response.mixin import ResponseMixin
class UpdateRoleApiView(generics.GenericAPIView, ResponseMixin):
serializer_class = UpdateRoleSerializer
queryset = Role.objects.filter(is_deleted=False)
permission_classes = [permissions.IsAuthenticated]
@swagger_auto_schema(
tags=['role'],
operation_summary="",
operation_description="""
""",
responses={}
)
def patch(self, request, id):
try:
instance = Role.objects.filter(id=id).first()
if not instance:
return self.not_found_response(data={}, message="Role not found with this id")
serializer = self.serializer_class(data=request.data, instance=instance, partial=True)
if serializer.is_valid():
updated_instance = serializer.save()
return self.success_response(
data=ListRoleSerializer(updated_instance).data,
message="Role successfully updated"
)
return self.failure_response(
data=serializer.errors,
)
except Exception as e:
return self.error_response(
data=str(e)
)

103
core/apps/accounts/views/user/create.py Normal file
View File

@@ -0,0 +1,103 @@
# rest framework
from rest_framework import generics, permissions, parsers
# drf yasg
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
# accounts
from core.apps.accounts.models import User
from core.apps.accounts.serializers.user.create import CreateUserSerializer
from core.apps.accounts.serializers.user.user import UserSerializer
# utils
from core.utils.response.mixin import ResponseMixin
class CreateUserApiView(generics.GenericAPIView, ResponseMixin):
serializer_class = CreateUserSerializer
queryset = User.objects.all()
permission_classes = [permissions.IsAuthenticated]
parser_classes = [parsers.MultiPartParser, parsers.FormParser]
@swagger_auto_schema(
tags=['user'],
operation_summary="Api for create employees",
operation_description="""
Create a new user account.
Request Body:
- Requires user details based on the serializer fields.
- All required fields must be provided in MULTIPART/DATA format.
Behavior:
- Validates the incoming data using the serializer.
- If validation succeeds, a new user is created and returned.
- If validation fails, an appropriate error message is returned.
Response:
- On success: Returns the newly created user object with a success message.
- On error: Returns validation or processing error details.
""",
responses={
201: openapi.Response(
description="Created",
schema=None,
examples={
"application/json": {
"status": "created",
"status_code": 201,
"message": "User successfully created!",
"data": {
"id": 0,
"first_name": "string",
"last_name": "string",
"username": "string",
"phone_number": "string",
"profile_image": "string",
"created_at": "string",
"updated_at": "string",
}
}
}
),
400: openapi.Response(
description="Failure",
schema=None,
examples={
"application/json": {
"status_code": 400,
"status": "failure",
"message": "Kiritayotgan malumotingizni tekshirib ko'ring",
"data": "string"
}
}
),
500: openapi.Response(
description="Error",
schema=None,
examples={
"application/json": {
"status_code": 500,
"status": "error",
"message": "Xatolik, Iltimos backend dasturchiga murojaat qiling",
"data": "string"
}
}
),
}
)
def post(self, request):
try:
serializer = self.serializer_class(data=request.data)
if serializer.is_valid(raise_exception=True):
user = serializer.save()
return self.created_response(
data=UserSerializer(user).data,
message="User successfully created!"
)
except Exception as e:
return self.error_response(
data=str(e)
)

100
core/apps/accounts/views/user/delete.py Normal file
View File

@@ -0,0 +1,100 @@
# rest framework
from rest_framework import views, permissions
# drf yasg
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
# accounts
from core.apps.accounts.models import User
# utils
from core.utils.response.mixin import ResponseMixin
class SoftDeleteUserApiView(views.APIView, ResponseMixin):
permission_classes = [permissions.IsAuthenticated]
@swagger_auto_schema(
tags=['user'],
operation_summary="Soft delete a user by ID",
operation_description="""
Mark a user as deleted without permanently removing them from the database.
Authentication:
- Requires a valid Bearer access token.
Process:
- The system retrieves the user by the provided ID.
- If the user exists, the `is_deleted` flag is set to True.
- The user record remains in the database but is considered inactive/deleted.
Response:
- 200 OK: User successfully soft deleted.
- 404 Not Found: No user found with the given ID.
- 500 Internal Server Error: Unexpected error occurred during deletion.
Notes:
- This endpoint only marks the user as deleted and does not remove related data.
- Only authenticated users with proper permissions can perform this action.
""",
)
def delete(self, request, id):
try:
user = User.objects.filter(id=id).first()
if not user:
return self.not_found_response(message="User not found with this id")
user.is_deleted = True
user.save()
return self.deleted_response(
message="User successfully deleted",
)
except Exception as e:
return self.error_response(
data=str(e)
)
class HardDeleteUserApiView(views.APIView, ResponseMixin):
permission_classes = [permissions.IsAuthenticated]
@swagger_auto_schema(
tags=['user'],
operation_summary="Permanently delete a user by ID.",
operation_description="""
Permanently remove a user from the database by their ID.
Authentication:
- Requires a valid Bearer access token.
Process:
- The system retrieves the user by the provided ID.
- If the user exists, the user record is permanently deleted from the database.
Response:
- 200 OK: User successfully deleted.
- 404 Not Found: No user found with the given ID.
- 500 Internal Server Error: Unexpected error occurred during deletion.
Notes:
- This action permanently removes the user and cannot be undone.
- Only authenticated users with proper permissions can perform this action.
- All related data handling (foreign keys, constraints) depends on the database setup.
""",
)
def delete(self, request, id):
try:
user = User.objects.filter(id=id).first()
if not user:
return self.not_found_response(message="User not found with this id")
user.delete()
return self.deleted_response(
message="User successfully deleted",
)
except Exception as e:
return self.error_response(
data=str(e)
)

107
core/apps/accounts/views/user/list.py Normal file
View File

@@ -0,0 +1,107 @@
# rest framework
from rest_framework import generics, permissions
# drf yasg
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
# accounts
from core.apps.accounts.models import User
from core.apps.accounts.serializers.user import ListUserSerializer
# utils
from core.utils.response.mixin import ResponseMixin
class ListUserApiView(generics.GenericAPIView, ResponseMixin):
serializer_class = ListUserSerializer
queryset = User.objects.all()
permission_classes = [permissions.IsAuthenticated]
@swagger_auto_schema(
tags=['user'],
operation_summary="Api for get list of employees",
operation_description="""
Retrieve a paginated list of employees.
Authentication:
- This endpoint requires a valid Bearer access token in the Authorization header.
Query Parameters:
- limit (integer, optional): Maximum number of results per page. Default: 10.
- offset (integer, optional): Position of the page to start retrieving results from. Default: 0.
Response:
- Returns a list of employees, including basic employee information and pagination details (count, next, previous).
- Data is returned in JSON format.
""",
responses={
200: openapi.Response(
description="Success",
schema=None,
examples={
"application/json": {
"status_code": 200,
"status": "success",
"message": "Users list",
"data": {
"count": 0,
"next": "string",
"previous": "string",
"results": [
{
"id": 0,
"first_name": "string",
"last_name": "string",
"username": "string",
"phone_number": "string",
"profile_image": "string",
"created_at": "string",
"updated_at": "string",
"is_active": True,
"role": {
"id": 0,
"name": "string",
},
}
]
}
}
}
),
500: openapi.Response(
description="Error",
schema=None,
examples={
"application/json": {
"status_code": 500,
"status": "error",
"message": "Xatolik, Iltimos backend dasturchiga murojaat qiling",
"data": "string"
}
}
)
},
manual_parameters=[],
)
def get(self, request):
try:
queryset = self.queryset.select_related('role')
page = self.paginate_queryset(queryset)
print(page)
if page is not None:
serializer = self.serializer_class(page, many=True)
return self.success_response(
data=self.get_paginated_response(serializer.data).data,
message="Users list"
)
serializer = self.serializer_class(queryset, many=True)
return self.success_response(
data=serializer.data,
message="Users list"
)
except Exception as e:
return self.error_response(
data=str(e),
)

134
core/apps/accounts/views/user/update.py Normal file
View File

@@ -0,0 +1,134 @@
# rest framework
from rest_framework import generics, permissions, parsers
# drf yasg
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
# accounts
from core.apps.accounts.models import User
from core.apps.accounts.serializers.user.update import UpdateUserSerializer
from core.apps.accounts.serializers.user.user import UserSerializer
# utils
from core.utils.response.mixin import ResponseMixin
class UpdateUserApiView(generics.GenericAPIView, ResponseMixin):
serializer_class = UpdateUserSerializer
queryset = User.objects.all()
permission_classes = [permissions.IsAuthenticated]
parser_classes = [parsers.MultiPartParser, parsers.FormParser]
@swagger_auto_schema(
tags=['user'],
operation_summary="Api for update user with id",
operation_description="""
Update the information of an existing user using their ID.
Authentication:
- Requires a valid Bearer access token.
Process:
- The system retrieves the user by the provided ID.
- If the user exists, the incoming data is validated using the UpdateUserSerializer.
- Valid fields are updated and saved.
- Returns the updated user data on success.
Request:
- Accepts partial user data (PATCH).
- Request format is multipart/form-data
- Fields can include first_name, last_name, username, phone_number, profile_image, and others defined in the serializer.
Response:
- 200 OK: Successfully updates and returns the updated user information.
- 400 Bad Request: Returned when input validation fails.
- 404 Not Found: Returned when there is no user associated with the given ID.
- 500 Internal Server Error: Returned when an unexpected error occurs.
Notes:
- Only authenticated users can access this endpoint.
- Supports partial updates, meaning not all fields are required.
""",
responses={
200: openapi.Response(
schema=None,
description="Success",
examples={
"application/json": {
"status_code": 200,
"status": "success",
"message": "User successfully updated",
"data": {
"id": 0,
"first_name": "sting",
"last_name": "sting",
"phone_number": "sting",
"username": "sting",
"profile_image": "sting",
"created_at": "sting",
"updated_at": "sting",
}
}
}
),
404: openapi.Response(
schema=None,
description="Not Found",
examples={
"application/json": {
"status_code": 404,
"status": "not_found",
"message": "User not found with given id",
"data": {}
}
}
),
400: openapi.Response(
schema=None,
description="Failure",
examples={
"application/json": {
"status_code": 400,
"status": "failure",
"message": "Kiritayotgan malumotingizni tekshirib ko'ring",
"data": "string",
}
}
),
500: openapi.Response(
schema=None,
description="Error",
examples={
"application/json": {
"status_code": 500,
"status": "error",
"message": "Xatolik, Iltimos backend dasturchiga murojaat qiling",
"data": "string",
}
}
),
}
)
def patch(self, request, id):
try:
instance = User.objects.filter(id=id).first()
if not instance:
return self.not_found_response(data={}, message="User not found with given id")
serializer = self.serializer_class(
data=request.data, instance=instance, partial=True
)
if serializer.is_valid():
updated_instance = serializer.save()
return self.success_response(
data=UserSerializer(updated_instance).data,
message="User successfully updated"
)
return self.failure_response(
data=serializer.errors,
)
except Exception as e:
return self.error_response(
data=str(e)
)

38
core/apps/accounts/views/user/user.py
View File

@@ -29,8 +29,28 @@ class UserViewSet(viewsets.GenericViewSet, ResponseMixin):
return serializers.UserSerializer return serializers.UserSerializer
@swagger_auto_schema( @swagger_auto_schema(
tags=['User'], tags=['user'],
operation_description="User malumotlarini olish uchun api", operation_summary="Get currently authenticated user's profile",
operation_description="""
Get information about the currently authenticated user.
Authentication:
- This endpoint requires an active Bearer access token.
Process:
- The system retrieves the user associated with the provided token.
- The user's information is serialized using the configured serializer.
- Returns the authenticated user's profile data.
Response:
- 200 OK: Successfully returns user details.
- 401 Unauthorized: Authorization header is missing or token is invalid.
- 500 Internal Server Error: An unexpected error occurred.
Notes:
- This endpoint does not require any request parameters.
- Useful for fetching the current user's profile without needing an ID.
""",
responses={ responses={
200: openapi.Response( 200: openapi.Response(
description="Success", description="Success",
@@ -52,7 +72,19 @@ class UserViewSet(viewsets.GenericViewSet, ResponseMixin):
} }
} }
} }
) ),
500: openapi.Response(
description="Error",
schema=None,
examples={
"application/json": {
"status_code": 500,
"status": "error",
"message": "Xatolik, Iltimos backend dasturchiga murojaat qiling",
"data": "string",
}
}
),
} }
) )
@action( @action(

2
core/utils/response/mixin.py
View File

@@ -46,7 +46,7 @@ class ResponseMixin:
response_data["message"] = "Kiritayotgan malumotingizni tekshirib ko'ring" response_data["message"] = "Kiritayotgan malumotingizni tekshirib ko'ring"
if data is not None: if data is not None:
response_data["data"] = data response_data["data"] = data
return return Response(response_data, status=status.HTTP_400_BAD_REQUEST)
@classmethod @classmethod
def not_found_response(cls, data=None, message=None): def not_found_response(cls, data=None, message=None):