diff --git a/core/apps/accounts/serializers/permission.py b/core/apps/accounts/serializers/permission.py index 903548c..7d5ec16 100644 --- a/core/apps/accounts/serializers/permission.py +++ b/core/apps/accounts/serializers/permission.py @@ -12,16 +12,20 @@ class PermissionToActionListSerializer(serializers.ModelSerializer): class PermissionToTabListSerializer(serializers.ModelSerializer): + permission_to_actions = PermissionToActionListSerializer(many=True) + class Meta: model = PermissionToTab fields = [ - 'id', 'name', 'code' + 'id', 'name', 'code', 'permission_to_actions' ] class PermissionListSerializer(serializers.ModelSerializer): + permission_tab = PermissionToTabListSerializer(many=True) + class Meta: model = Permission fields = [ - 'id', 'name', 'code' + 'id', 'name', 'code', 'permission_tab' ] \ No newline at end of file diff --git a/core/apps/accounts/serializers/role.py b/core/apps/accounts/serializers/role.py index 2638716..1321f7e 100644 --- a/core/apps/accounts/serializers/role.py +++ b/core/apps/accounts/serializers/role.py @@ -6,4 +6,12 @@ from core.apps.accounts.models.role import Role class RoleListSerializer(serializers.ModelSerializer): class Meta: model = Role - fields = ['id', 'name', 'comment'] \ No newline at end of file + fields = ['id', 'name', 'comment'] + + +class RoleSerializer(serializers.ModelSerializer): + class Meta: + model = Role + fields = [ + 'name', 'comment', 'permissions', 'permission_to_tabs', 'permission_to_actions' + ] \ No newline at end of file diff --git a/core/apps/accounts/urls.py b/core/apps/accounts/urls.py index c8f11c1..cbf171e 100644 --- a/core/apps/accounts/urls.py +++ b/core/apps/accounts/urls.py @@ -27,6 +27,9 @@ urlpatterns = [ path('role/', include( [ path('list/', role_views.RoleListApiView.as_view()), + path('create/', role_views.RoleCreateApiView.as_view()), + path('/update/', role_views.RoleUpdateApiView.as_view()), + path('/delete/', role_views.RoleDeleteApiView.as_view()), ] )), path('permission/', include( diff --git a/core/apps/accounts/views/role.py b/core/apps/accounts/views/role.py index 0b545b4..3708f21 100644 --- a/core/apps/accounts/views/role.py +++ b/core/apps/accounts/views/role.py @@ -1,4 +1,6 @@ -from rest_framework import generics +from django.shortcuts import get_object_or_404 + +from rest_framework import generics, views from rest_framework.response import Response from core.apps.accounts.permissions.permissions import HasRolePermission @@ -11,3 +13,62 @@ class RoleListApiView(generics.ListAPIView): queryset = Role.objects.all() permission_classes = [HasRolePermission] + +class RoleCreateApiView(generics.GenericAPIView): + serializer_class = serializers.RoleSerializer + queryset = Role.objects.all() + permission_classes = [HasRolePermission] + + def post(self, request): + serializer = self.serializer_class(data=request.data) + if serializer.is_valid(raise_exception=True): + serializer.save() + return Response( + { + 'success': True, 'message': 'Role created', + }, + status=201 + ) + return Response( + { + 'success': False, + 'error': serializer.errors, + }, + status=400 + ) + + +class RoleUpdateApiView(generics.GenericAPIView): + serializer_class = serializers.RoleSerializer + queryset = Role.objects.all() + permission_classes = [HasRolePermission] + + def patch(self, request, id): + obj = get_object_or_404(Role, id=id) + serializer = self.serializer_class(data=request.data, instance=obj, partial=True) + if serializer.is_valid(raise_exception=True): + serializer.save() + return Response( + { + 'success': True, + 'message': 'Role updated', + }, + status=200 + ) + return Response( + { + 'success': False, + 'error': serializer.errors + }, + status=400 + ) + + +class RoleDeleteApiView(views.APIView): + permissions_classes = [HasRolePermission] + + def delete(self, request, id): + obj = get_object_or_404(Role, id=id) + obj.delete() + return Response({'success': True, 'message': 'deleted'}, status=204) + \ No newline at end of file