From ce54f66a324eb026ca940571bd0bd1a5db38e464 Mon Sep 17 00:00:00 2001 From: behruz-dev Date: Wed, 6 Aug 2025 16:50:09 +0500 Subject: [PATCH] add permission list api view --- config/conf/rest_framework.py | 4 +-- core/apps/accounts/admin/permission.py | 6 +++- .../0008_permissiontoaction_and_more.py | 33 +++++++++++++++++++ ...sion_to_actions_role_permission_to_tabs.py | 23 +++++++++++++ .../accounts/migrations/0010_role_comment.py | 18 ++++++++++ .../migrations/0011_alter_user_role.py | 19 +++++++++++ core/apps/accounts/models/permission.py | 15 +++++++++ core/apps/accounts/models/role.py | 7 +++- core/apps/accounts/models/user.py | 2 +- core/apps/accounts/serializers/permission.py | 31 +++++++++++++++++ core/apps/accounts/serializers/role.py | 2 +- core/apps/accounts/urls.py | 9 ++++- core/apps/accounts/views/login.py | 3 +- core/apps/accounts/views/permission.py | 13 ++++++++ core/apps/accounts/views/user.py | 20 +++++++++++ 15 files changed, 196 insertions(+), 9 deletions(-) create mode 100644 core/apps/accounts/migrations/0008_permissiontoaction_and_more.py create mode 100644 core/apps/accounts/migrations/0009_role_permission_to_actions_role_permission_to_tabs.py create mode 100644 core/apps/accounts/migrations/0010_role_comment.py create mode 100644 core/apps/accounts/migrations/0011_alter_user_role.py create mode 100644 core/apps/accounts/serializers/permission.py create mode 100644 core/apps/accounts/views/permission.py diff --git a/config/conf/rest_framework.py b/config/conf/rest_framework.py index 1d6598a..b2837b3 100644 --- a/config/conf/rest_framework.py +++ b/config/conf/rest_framework.py @@ -1,7 +1,7 @@ REST_FRAMEWORK = { "DEFAULT_AUTHENTICATION_CLASSES": [ - # 'rest_framework.authentication.SessionAuthentication', - # 'rest_framework.authentication.BasicAuthentication', + 'rest_framework.authentication.SessionAuthentication', + 'rest_framework.authentication.BasicAuthentication', 'rest_framework_simplejwt.authentication.JWTAuthentication', ], 'DEFAULT_PAGINATION_CLASS': 'core.apps.shared.paginations.custom.CustomPageNumberPagination', diff --git a/core/apps/accounts/admin/permission.py b/core/apps/accounts/admin/permission.py index 448e164..bf4a0eb 100644 --- a/core/apps/accounts/admin/permission.py +++ b/core/apps/accounts/admin/permission.py @@ -1,6 +1,6 @@ from django.contrib import admin -from core.apps.accounts.models.permission import Permission, PermissionToTab +from core.apps.accounts.models.permission import Permission, PermissionToTab, PermissionToAction @admin.register(Permission) @@ -11,3 +11,7 @@ class PermissionAdmin(admin.ModelAdmin): @admin.register(PermissionToTab) class PermissionToTabAdmin(admin.ModelAdmin): list_display = ['name', 'code'] + +@admin.register(PermissionToAction) +class PermissionToActionAdmin(admin.ModelAdmin): + list_display = ['name', 'code'] \ No newline at end of file diff --git a/core/apps/accounts/migrations/0008_permissiontoaction_and_more.py b/core/apps/accounts/migrations/0008_permissiontoaction_and_more.py new file mode 100644 index 0000000..6e0ddac --- /dev/null +++ b/core/apps/accounts/migrations/0008_permissiontoaction_and_more.py @@ -0,0 +1,33 @@ +# Generated by Django 5.2.4 on 2025-08-06 16:17 + +import uuid +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('accounts', '0007_remove_role_permissions_tab_and_more'), + ] + + operations = [ + migrations.CreateModel( + name='PermissionToAction', + fields=[ + ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True)), + ('created_at', models.DateTimeField(auto_now_add=True)), + ('updated_at', models.DateTimeField(auto_now=True)), + ('name', models.CharField(max_length=200)), + ('code', models.CharField(max_length=100, unique=True)), + ], + options={ + 'verbose_name': 'Harakatlar uchun ruxsatnoma', + 'verbose_name_plural': 'Harakatlar uchun ruxsatnomalar', + }, + ), + migrations.AddField( + model_name='permissiontotab', + name='permission_to_actions', + field=models.ManyToManyField(related_name='permission_to_tabs', to='accounts.permissiontoaction'), + ), + ] diff --git a/core/apps/accounts/migrations/0009_role_permission_to_actions_role_permission_to_tabs.py b/core/apps/accounts/migrations/0009_role_permission_to_actions_role_permission_to_tabs.py new file mode 100644 index 0000000..e5d531a --- /dev/null +++ b/core/apps/accounts/migrations/0009_role_permission_to_actions_role_permission_to_tabs.py @@ -0,0 +1,23 @@ +# Generated by Django 5.2.4 on 2025-08-06 16:22 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('accounts', '0008_permissiontoaction_and_more'), + ] + + operations = [ + migrations.AddField( + model_name='role', + name='permission_to_actions', + field=models.ManyToManyField(blank=True, related_name='roles', to='accounts.permissiontoaction'), + ), + migrations.AddField( + model_name='role', + name='permission_to_tabs', + field=models.ManyToManyField(blank=True, related_name='roles', to='accounts.permissiontotab'), + ), + ] diff --git a/core/apps/accounts/migrations/0010_role_comment.py b/core/apps/accounts/migrations/0010_role_comment.py new file mode 100644 index 0000000..28f5c23 --- /dev/null +++ b/core/apps/accounts/migrations/0010_role_comment.py @@ -0,0 +1,18 @@ +# Generated by Django 5.2.4 on 2025-08-06 16:31 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('accounts', '0009_role_permission_to_actions_role_permission_to_tabs'), + ] + + operations = [ + migrations.AddField( + model_name='role', + name='comment', + field=models.CharField(blank=True, max_length=200, null=True), + ), + ] diff --git a/core/apps/accounts/migrations/0011_alter_user_role.py b/core/apps/accounts/migrations/0011_alter_user_role.py new file mode 100644 index 0000000..7db5891 --- /dev/null +++ b/core/apps/accounts/migrations/0011_alter_user_role.py @@ -0,0 +1,19 @@ +# Generated by Django 5.2.4 on 2025-08-06 16:48 + +import django.db.models.deletion +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('accounts', '0010_role_comment'), + ] + + operations = [ + migrations.AlterField( + model_name='user', + name='role', + field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='users', to='accounts.role'), + ), + ] diff --git a/core/apps/accounts/models/permission.py b/core/apps/accounts/models/permission.py index db99ea6..68ff956 100644 --- a/core/apps/accounts/models/permission.py +++ b/core/apps/accounts/models/permission.py @@ -4,9 +4,24 @@ from django.utils.translation import gettext_lazy as _ from core.apps.shared.models import BaseModel +class PermissionToAction(BaseModel): + name = models.CharField(max_length=200) + code = models.CharField(max_length=100, unique=True) + + def __str__(self): + return self.name + + class Meta: + verbose_name = _('Harakatlar uchun ruxsatnoma') + verbose_name_plural = _('Harakatlar uchun ruxsatnomalar') + + class PermissionToTab(BaseModel): name = models.CharField(max_length=200) code = models.CharField(max_length=100, unique=True) + permission_to_actions = models.ManyToManyField( + PermissionToAction, related_name='permission_to_tabs' + ) def __str__(self): return f'{self.name} - {self.code}' diff --git a/core/apps/accounts/models/role.py b/core/apps/accounts/models/role.py index dbfb5a9..361304f 100644 --- a/core/apps/accounts/models/role.py +++ b/core/apps/accounts/models/role.py @@ -2,12 +2,17 @@ from django.db import models from django.utils.translation import gettext_lazy as _ from core.apps.shared.models import BaseModel -from core.apps.accounts.models.permission import Permission, PermissionToTab +from core.apps.accounts.models.permission import Permission, PermissionToTab, PermissionToAction class Role(BaseModel): name = models.CharField(max_length=200, unique=True) permissions = models.ManyToManyField(Permission, related_name='roles', blank=True) + permission_to_tabs = models.ManyToManyField(PermissionToTab, related_name='roles', blank=True) + permission_to_actions = models.ManyToManyField( + PermissionToAction, related_name='roles', blank=True + ) + comment = models.CharField(max_length=200, null=True, blank=True) def __str__(self): return self.name diff --git a/core/apps/accounts/models/user.py b/core/apps/accounts/models/user.py index b04d6d1..14f58de 100644 --- a/core/apps/accounts/models/user.py +++ b/core/apps/accounts/models/user.py @@ -10,7 +10,7 @@ class User(BaseModel, AbstractUser): profile_image = models.ImageField( upload_to="users/profile_images/", null=True, blank=True, verbose_name=_('profil rasmi') ) - role = models.ForeignKey(Role, on_delete=models.DO_NOTHING, null=True, related_name="users") + role = models.ForeignKey(Role, on_delete=models.SET_NULL, null=True, related_name="users") full_name = models.CharField(max_length=200, null=True) is_blocked = models.BooleanField(default=False) phone_number = models.CharField(max_length=15, null=True) diff --git a/core/apps/accounts/serializers/permission.py b/core/apps/accounts/serializers/permission.py new file mode 100644 index 0000000..684a93e --- /dev/null +++ b/core/apps/accounts/serializers/permission.py @@ -0,0 +1,31 @@ +from rest_framework import serializers + +from core.apps.accounts.models.permission import PermissionToTab, PermissionToAction, Permission + + +class PermissionToActionListSerializer(serializers.ModelSerializer): + class Meta: + model = PermissionToAction + fields = [ + 'id', 'name', 'code' + ] + + +class PermissionToTabListSerializer(serializers.ModelSerializer): + permission_to_actions = PermissionToActionListSerializer(many=True) + + class Meta: + model = PermissionToTab + fields = [ + 'id', 'name', 'code', 'permission_to_actions' + ] + + +class PermissionListSerializer(serializers.ModelSerializer): + permission_tab = PermissionToTabListSerializer(many=True) + + class Meta: + model = Permission + fields = [ + 'id', 'name', 'code', 'permission_tab' + ] \ No newline at end of file diff --git a/core/apps/accounts/serializers/role.py b/core/apps/accounts/serializers/role.py index 34d9b5a..2638716 100644 --- a/core/apps/accounts/serializers/role.py +++ b/core/apps/accounts/serializers/role.py @@ -6,4 +6,4 @@ from core.apps.accounts.models.role import Role class RoleListSerializer(serializers.ModelSerializer): class Meta: model = Role - fields = ['id', 'name'] \ No newline at end of file + fields = ['id', 'name', 'comment'] \ No newline at end of file diff --git a/core/apps/accounts/urls.py b/core/apps/accounts/urls.py index d9d6a57..de6428e 100644 --- a/core/apps/accounts/urls.py +++ b/core/apps/accounts/urls.py @@ -3,6 +3,7 @@ from django.urls import path, include from core.apps.accounts.views.login import LoginApiView from core.apps.accounts.views import user as user_views from core.apps.accounts.views import role as role_views +from core.apps.accounts.views import permission as permission_views urlpatterns = [ @@ -19,11 +20,17 @@ urlpatterns = [ path('create/', user_views.UserCreateApiView.as_view()), path('list/', user_views.UserListApiView.as_view()), path('/', user_views.UserUpdateApiView.as_view()), + path('permissions/', user_views.UserPermissionListApiView.as_view()), ] )), path('role/', include( [ path('list/', role_views.RoleListApiView.as_view()), ] - )) + )), + path('permission/', include( + [ + path('list/', permission_views.PermissionListApiView.as_view()), + ] + )), ] \ No newline at end of file diff --git a/core/apps/accounts/views/login.py b/core/apps/accounts/views/login.py index 9b21fb9..bfe930f 100644 --- a/core/apps/accounts/views/login.py +++ b/core/apps/accounts/views/login.py @@ -19,8 +19,7 @@ class LoginApiView(generics.GenericAPIView): user = serializer.validated_data.get('user') token = RefreshToken.for_user(user) user_data = { - 'role': user.role.name if user.role else None, - 'permissions_to_page': get_permissions_with_tabs(user) + 'role': user.role.name if user.role else None } return Response( {"access": str(token.access_token), "refresh": str(token), 'user_data': user_data}, diff --git a/core/apps/accounts/views/permission.py b/core/apps/accounts/views/permission.py new file mode 100644 index 0000000..3208f53 --- /dev/null +++ b/core/apps/accounts/views/permission.py @@ -0,0 +1,13 @@ +from rest_framework import generics +from rest_framework.response import Response + +from core.apps.accounts.serializers import permission as serializers +from core.apps.accounts.models.permission import Permission +from core.apps.accounts.permissions.permissions import HasRolePermission + + +class PermissionListApiView(generics.ListAPIView): + queryset = Permission.objects.prefetch_related('permission_tab') + serializer_class = serializers.PermissionListSerializer + permission_classes = [HasRolePermission] + required_permissions = ['settings', 'permissions', 'role'] diff --git a/core/apps/accounts/views/user.py b/core/apps/accounts/views/user.py index 755d498..923cfa0 100644 --- a/core/apps/accounts/views/user.py +++ b/core/apps/accounts/views/user.py @@ -8,6 +8,8 @@ from core.apps.accounts.serializers import user as serializers from core.apps.accounts.permissions.permissions import HasRolePermission from core.apps.accounts.utils.permission import get_permissions_with_tabs from core.apps.shared.paginations.custom import CustomPageNumberPagination +from core.apps.accounts.serializers.permission import PermissionListSerializer +from core.apps.accounts.models.permission import Permission class UserProfileApiView(generics.GenericAPIView): @@ -95,3 +97,21 @@ class UserUpdateApiView(generics.GenericAPIView): serializer.save() return Response({'success': True, 'message': 'updated'}, status=200) return Response({"success": False, "message": serializer.errors}, status=400) + + +class UserPermissionListApiView(generics.GenericAPIView): + serializer_class = PermissionListSerializer + queryset = None + permission_classes = [HasRolePermission] + + def get(self, request): + user = request.user + + if not user.role: + return Response({'success': False, 'message': 'User has no role assigned'}, status=400) + + serializer = self.serializer_class(user.role.permissions, many=True) + return Response( + {'success': True, 'permissions': serializer.data}, + status=200 + ) \ No newline at end of file