add user apis

core/apps/accounts/management/commands/seed_permissions.py

@@ -12,7 +12,8 @@ class Command(BaseCommand):
             {
                 "code": "project_folder",
                 "name": "project folder all access"
-            }
+            },
+            {'code': 'delete_user', "name": 'can delete user permissions'}
         ]
 
         for perm in permissions:

core/apps/accounts/serializers/user.py

@@ -0,0 +1,28 @@
+from rest_framework import serializers
+
+from core.apps.accounts.models import User
+
+
+class UserProfileSerializer(serializers.ModelSerializer):
+    permissions = serializers.SerializerMethodField(method_name='get_permissions')
+
+    class Meta:
+        model = User
+        fields = [
+            'id', 'first_name', 'last_name', 'username', 'role', 'profile_image', 'permissions'
+        ]
+        extra_kwargs = {'role': {'read_only': True}, "permissions": {'read_only': True}}
+
+    def get_permissions(self, obj):
+        if obj.role:
+            return obj.role.permissions.values_list('code', flat=True)
+        else:
+            return None
+        
+    def update(self, instance, validated_data):
+        instance.first_name = validated_data.get('first_name', instance.first_name)
+        instance.last_name = validated_data.get('last_name', instance.last_name)
+        instance.username = validated_data.get('first_name', instance.username)
+        instance.profile_image = validated_data.get('profile_image', instance.profile_image)
+        instance.save()
+        return instance

core/apps/accounts/urls.py

@@ -1,7 +1,16 @@
 from django.urls import path, include 
 
 from core.apps.accounts.views.login import LoginApiView
+from core.apps.accounts.views.user import UserProfileApiView, UserProfileUpdateApiView, UserDeleteApiView
+
 
 urlpatterns = [
     path('auth/login/', LoginApiView.as_view(), name='login'),
+    path('user/', include(
+        [
+            path('profile/', UserProfileApiView.as_view()),
+            path('profile/update/', UserProfileUpdateApiView.as_view()),
+            path('delete/<uuid:id>/', UserDeleteApiView.as_view()),
+        ]
+    ))
 ]

core/apps/accounts/views/user.py

@@ -0,0 +1,47 @@
+from django.shortcuts import get_object_or_404
+
+from rest_framework import generics, views
+from rest_framework.response import Response
+
+from core.apps.accounts.models import User
+from core.apps.accounts.serializers import user as serializers
+from core.apps.accounts.permissions.permissions import HasRolePermission
+
+
+class UserProfileApiView(generics.GenericAPIView):
+    serializer_class = serializers.UserProfileSerializer
+    queryset = User.objects.all()
+    permission_classes = [HasRolePermission]
+    required_permissions = []
+
+    def get(self, request):
+        user = request.user
+        serializer = self.serializer_class(user)
+        return Response({
+            "success": True, 'user_data': serializer.data 
+        }, status=200)
+    
+
+class UserProfileUpdateApiView(generics.GenericAPIView):
+    serializer_class = serializers.UserProfileSerializer
+    queryset = User.objects.all()
+    permission_classes = [HasRolePermission]
+    required_permissions = []
+
+    def patch(self, request):
+        user = request.user
+        serializer = self.serializer_class(data=request.data, instance=user, partial=True)
+        if serializer.is_valid():
+            serializer.save()
+            return Response({'success': True, 'message': 'updated'}, status=200)
+        return Response({"success": False, "message": serializer.errors}, status=400)
+
+
+class UserDeleteApiView(views.APIView):
+    permission_classes = [HasRolePermission]
+    required_permissions = ['delete_user']
+
+    def delete(self, request, id):
+        user = get_object_or_404(User, id=id)
+        user.delete()
+        return Response(status=204)