xoliqberdiyev/ibapp-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change permission

Browse Source
This commit is contained in:
behruz-dev
2025-08-06 14:53:00 +05:00
parent 18ff76aaa6
commit b1f4de1ea5
10 changed files with 119 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/conf/cors_headers.py
View File

@@ -5,4 +5,6 @@ CORS_ALLOWED_ORIGINS = [
CSRF_TRUSTED_ORIGINS = [ CSRF_TRUSTED_ORIGINS = [
"https://uyqur.felixits.uz", "https://uyqur.felixits.uz",
'http://localhost:8001',
'http://127.0.0.1:8001',
] ]

6
core/apps/accounts/admin/permission.py
View File

@@ -1,9 +1,13 @@
from django.contrib import admin from django.contrib import admin
from core.apps.accounts.models.permission import Permission from core.apps.accounts.models.permission import Permission, PermissionToTab
@admin.register(Permission) @admin.register(Permission)
class PermissionAdmin(admin.ModelAdmin): class PermissionAdmin(admin.ModelAdmin):
list_display = ['name', 'code'] list_display = ['name', 'code']
@admin.register(PermissionToTab)
class PermissionToTabAdmin(admin.ModelAdmin):
list_display = ['name', 'code']

34
core/apps/accounts/migrations/0005_alter_permission_options_permissiontotab.py Normal file
View File

@@ -0,0 +1,34 @@
# Generated by Django 5.2.4 on 2025-08-06 14:34
import django.db.models.deletion
import uuid
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('accounts', '0004_remove_user_first_name_remove_user_last_name_and_more'),
]
operations = [
migrations.AlterModelOptions(
name='permission',
options={'verbose_name': 'Sahifa uchun ruxsatnoma', 'verbose_name_plural': 'Sahifa uchun ruxsatnomalar'},
),
migrations.CreateModel(
name='PermissionToTab',
fields=[
('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True)),
('created_at', models.DateTimeField(auto_now_add=True)),
('updated_at', models.DateTimeField(auto_now=True)),
('name', models.CharField(max_length=200)),
('code', models.CharField(max_length=100, unique=True)),
('permission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='permission_tabs', to='accounts.permission')),
],
options={
'verbose_name': "Bo'lim uchun ruxsatnoma",
'verbose_name_plural': "Bo'lim uchun ruxsatnomalar",
},
),
]

22
core/apps/accounts/migrations/0006_remove_permissiontotab_permission_and_more.py Normal file
View File

@@ -0,0 +1,22 @@
# Generated by Django 5.2.4 on 2025-08-06 14:37
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('accounts', '0005_alter_permission_options_permissiontotab'),
]
operations = [
migrations.RemoveField(
model_name='permissiontotab',
name='permission',
),
migrations.AddField(
model_name='role',
name='permissions_tab',
field=models.ManyToManyField(blank=True, related_name='roles', to='accounts.permissiontotab'),
),
]

22
core/apps/accounts/migrations/0007_remove_role_permissions_tab_and_more.py Normal file
View File

@@ -0,0 +1,22 @@
# Generated by Django 5.2.4 on 2025-08-06 14:46
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('accounts', '0006_remove_permissiontotab_permission_and_more'),
]
operations = [
migrations.RemoveField(
model_name='role',
name='permissions_tab',
),
migrations.AddField(
model_name='permission',
name='permission_tab',
field=models.ManyToManyField(related_name='permissions', to='accounts.permissiontotab'),
),
]

19
core/apps/accounts/models/permission.py
View File

@@ -4,7 +4,7 @@ from django.utils.translation import gettext_lazy as _
from core.apps.shared.models import BaseModel from core.apps.shared.models import BaseModel
class Permission(BaseModel): class PermissionToTab(BaseModel):
name = models.CharField(max_length=200) name = models.CharField(max_length=200)
code = models.CharField(max_length=100, unique=True) code = models.CharField(max_length=100, unique=True)
@@ -12,5 +12,18 @@ class Permission(BaseModel):
return f'{self.name} - {self.code}' return f'{self.name} - {self.code}'
class Meta: class Meta:
verbose_name = _('Ruxsatnoma') verbose_name = _("Bo'lim uchun ruxsatnoma")
verbose_name_plural = _('Ruxsatnomalar') verbose_name_plural = _("Bo'lim uchun ruxsatnomalar")
class Permission(BaseModel):
name = models.CharField(max_length=200)
code = models.CharField(max_length=100, unique=True)
permission_tab = models.ManyToManyField(PermissionToTab, related_name='permissions')
def __str__(self):
return f'{self.name} - {self.code}'
class Meta:
verbose_name = _('Sahifa uchun ruxsatnoma')
verbose_name_plural = _('Sahifa uchun ruxsatnomalar')

2
core/apps/accounts/models/role.py
View File

@@ -2,7 +2,7 @@ from django.db import models
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from core.apps.shared.models import BaseModel from core.apps.shared.models import BaseModel
from core.apps.accounts.models.permission import Permission from core.apps.accounts.models.permission import Permission, PermissionToTab
class Role(BaseModel): class Role(BaseModel):

5
core/apps/accounts/serializers/user.py
View File

@@ -20,9 +20,10 @@ class UserProfileSerializer(serializers.ModelSerializer):
return None return None
def update(self, instance, validated_data): def update(self, instance, validated_data):
instance.first_name = validated_data.get('first_name', instance.first_name) instance.role = validated_data.get('role', instance.role)
instance.last_name = validated_data.get('last_name', instance.last_name) instance.full_name = validated_data.get('full_name', instance.full_name)
instance.username = validated_data.get('username', instance.username) instance.username = validated_data.get('username', instance.username)
instance.phone_number = validated_data.get('phone_number', instance.phone_number)
instance.profile_image = validated_data.get('profile_image', instance.profile_image) instance.profile_image = validated_data.get('profile_image', instance.profile_image)
instance.save() instance.save()
return instance return instance

12
core/apps/accounts/utils/permission.py Normal file
View File

@@ -0,0 +1,12 @@
def get_permissions_with_tabs(user):
if not user.role:
return {}
permissions = user.role.permissions.all()
result = {}
for perm in permissions:
tab_codes = list(perm.permission_tab.values_list('code', flat=True))
result[perm.code] = tab_codes
return result

3
core/apps/accounts/views/login.py
View File

@@ -6,6 +6,7 @@ from rest_framework_simplejwt.tokens import RefreshToken
from core.apps.accounts.models.user import User from core.apps.accounts.models.user import User
from core.apps.accounts.serializers.login import LoginSerializer from core.apps.accounts.serializers.login import LoginSerializer
from core.apps.accounts.permissions.permissions import HasRolePermission from core.apps.accounts.permissions.permissions import HasRolePermission
from core.apps.accounts.utils.permission import get_permissions_with_tabs
class LoginApiView(generics.GenericAPIView): class LoginApiView(generics.GenericAPIView):
@@ -19,7 +20,7 @@ class LoginApiView(generics.GenericAPIView):
token = RefreshToken.for_user(user) token = RefreshToken.for_user(user)
user_data = { user_data = {
'role': user.role.name if user.role else None, 'role': user.role.name if user.role else None,
'permissions': user.role.permissions.values_list('code', flat=True) if user.role else None, 'permissions_to_page': get_permissions_with_tabs(user)
} }
return Response( return Response(
{"access": str(token.access_token), "refresh": str(token), 'user_data': user_data}, {"access": str(token.access_token), "refresh": str(token), 'user_data': user_data},