add permission list api view

2025-08-06 16:50:09 +05:00
parent 2e9ddd5f8d
commit ce54f66a32
15 changed files with 196 additions and 9 deletions
--- a/core/apps/accounts/admin/permission.py
+++ b/core/apps/accounts/admin/permission.py
@@ -1,6 +1,6 @@
 from django.contrib import admin 

-from core.apps.accounts.models.permission import Permission, PermissionToTab
+from core.apps.accounts.models.permission import Permission, PermissionToTab, PermissionToAction


@admin.register(Permission)
@@ -11,3 +11,7 @@ class PermissionAdmin(admin.ModelAdmin):
@admin.register(PermissionToTab)
 class PermissionToTabAdmin(admin.ModelAdmin):
    list_display = ['name', 'code']
+
+@admin.register(PermissionToAction)
+class PermissionToActionAdmin(admin.ModelAdmin):
+    list_display = ['name', 'code']
--- a/core/apps/accounts/migrations/0008_permissiontoaction_and_more.py
+++ b/core/apps/accounts/migrations/0008_permissiontoaction_and_more.py
@@ -0,0 +1,33 @@
+# Generated by Django 5.2.4 on 2025-08-06 16:17
+
+import uuid
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0007_remove_role_permissions_tab_and_more'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='PermissionToAction',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('name', models.CharField(max_length=200)),
+                ('code', models.CharField(max_length=100, unique=True)),
+            ],
+            options={
+                'verbose_name': 'Harakatlar uchun ruxsatnoma',
+                'verbose_name_plural': 'Harakatlar uchun ruxsatnomalar',
+            },
+        ),
+        migrations.AddField(
+            model_name='permissiontotab',
+            name='permission_to_actions',
+            field=models.ManyToManyField(related_name='permission_to_tabs', to='accounts.permissiontoaction'),
+        ),
+    ]
--- a/core/apps/accounts/migrations/0009_role_permission_to_actions_role_permission_to_tabs.py
+++ b/core/apps/accounts/migrations/0009_role_permission_to_actions_role_permission_to_tabs.py
@@ -0,0 +1,23 @@
+# Generated by Django 5.2.4 on 2025-08-06 16:22
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0008_permissiontoaction_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='role',
+            name='permission_to_actions',
+            field=models.ManyToManyField(blank=True, related_name='roles', to='accounts.permissiontoaction'),
+        ),
+        migrations.AddField(
+            model_name='role',
+            name='permission_to_tabs',
+            field=models.ManyToManyField(blank=True, related_name='roles', to='accounts.permissiontotab'),
+        ),
+    ]
--- a/core/apps/accounts/migrations/0010_role_comment.py
+++ b/core/apps/accounts/migrations/0010_role_comment.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.2.4 on 2025-08-06 16:31
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0009_role_permission_to_actions_role_permission_to_tabs'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='role',
+            name='comment',
+            field=models.CharField(blank=True, max_length=200, null=True),
+        ),
+    ]
--- a/core/apps/accounts/migrations/0011_alter_user_role.py
+++ b/core/apps/accounts/migrations/0011_alter_user_role.py
@@ -0,0 +1,19 @@
+# Generated by Django 5.2.4 on 2025-08-06 16:48
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0010_role_comment'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='user',
+            name='role',
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='users', to='accounts.role'),
+        ),
+    ]
--- a/core/apps/accounts/models/permission.py
+++ b/core/apps/accounts/models/permission.py
@@ -4,9 +4,24 @@ from django.utils.translation import gettext_lazy as _
 from core.apps.shared.models import BaseModel


+class PermissionToAction(BaseModel):
+    name = models.CharField(max_length=200)
+    code = models.CharField(max_length=100, unique=True)
+
+    def __str__(self):
+        return self.name
+    
+    class Meta:
+        verbose_name = _('Harakatlar uchun ruxsatnoma')
+        verbose_name_plural = _('Harakatlar uchun ruxsatnomalar')
+
+
 class PermissionToTab(BaseModel):
    name = models.CharField(max_length=200)
    code = models.CharField(max_length=100, unique=True)
+    permission_to_actions = models.ManyToManyField(
+        PermissionToAction, related_name='permission_to_tabs'
+    )

    def __str__(self):
        return f'{self.name} - {self.code}'
--- a/core/apps/accounts/models/role.py
+++ b/core/apps/accounts/models/role.py
@@ -2,12 +2,17 @@ from django.db import models
 from django.utils.translation import gettext_lazy as _

 from core.apps.shared.models import BaseModel
-from core.apps.accounts.models.permission import Permission, PermissionToTab
+from core.apps.accounts.models.permission import Permission, PermissionToTab, PermissionToAction


 class Role(BaseModel):
    name = models.CharField(max_length=200, unique=True)
    permissions = models.ManyToManyField(Permission, related_name='roles', blank=True)
+    permission_to_tabs = models.ManyToManyField(PermissionToTab, related_name='roles', blank=True)
+    permission_to_actions = models.ManyToManyField(
+        PermissionToAction, related_name='roles', blank=True
+    )
+    comment = models.CharField(max_length=200, null=True, blank=True)

    def __str__(self):
        return self.name
--- a/core/apps/accounts/models/user.py
+++ b/core/apps/accounts/models/user.py
@@ -10,7 +10,7 @@ class User(BaseModel, AbstractUser):
    profile_image = models.ImageField(
        upload_to="users/profile_images/", null=True, blank=True, verbose_name=_('profil rasmi')
    )
-    role = models.ForeignKey(Role, on_delete=models.DO_NOTHING, null=True, related_name="users")
+    role = models.ForeignKey(Role, on_delete=models.SET_NULL, null=True, related_name="users")
    full_name = models.CharField(max_length=200, null=True)
    is_blocked = models.BooleanField(default=False)
    phone_number = models.CharField(max_length=15, null=True)
--- a/core/apps/accounts/serializers/permission.py
+++ b/core/apps/accounts/serializers/permission.py
@@ -0,0 +1,31 @@
+from rest_framework import serializers
+
+from core.apps.accounts.models.permission import PermissionToTab, PermissionToAction, Permission
+
+
+class PermissionToActionListSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = PermissionToAction
+        fields = [
+            'id', 'name', 'code'
+        ]
+
+
+class PermissionToTabListSerializer(serializers.ModelSerializer):
+    permission_to_actions = PermissionToActionListSerializer(many=True)
+
+    class Meta:
+        model = PermissionToTab
+        fields = [
+            'id', 'name', 'code', 'permission_to_actions'
+        ]
+
+
+class PermissionListSerializer(serializers.ModelSerializer):
+    permission_tab = PermissionToTabListSerializer(many=True)
+
+    class Meta:
+        model = Permission
+        fields = [
+            'id', 'name', 'code', 'permission_tab'
+        ]
--- a/core/apps/accounts/serializers/role.py
+++ b/core/apps/accounts/serializers/role.py
@@ -6,4 +6,4 @@ from core.apps.accounts.models.role import Role
 class RoleListSerializer(serializers.ModelSerializer):
    class Meta:
        model = Role
-        fields = ['id', 'name']
+        fields = ['id', 'name', 'comment']
--- a/core/apps/accounts/urls.py
+++ b/core/apps/accounts/urls.py
@@ -3,6 +3,7 @@ from django.urls import path, include
 from core.apps.accounts.views.login import LoginApiView
 from core.apps.accounts.views import user as user_views
 from core.apps.accounts.views import role as role_views
+from core.apps.accounts.views import permission as permission_views


 urlpatterns = [
@@ -19,11 +20,17 @@ urlpatterns = [
            path('create/', user_views.UserCreateApiView.as_view()),
            path('list/', user_views.UserListApiView.as_view()),
            path('<uuid:id>/', user_views.UserUpdateApiView.as_view()),
+            path('permissions/', user_views.UserPermissionListApiView.as_view()),
        ]
    )),
    path('role/', include(
        [
            path('list/', role_views.RoleListApiView.as_view()),
        ]
-    ))
+    )),
+    path('permission/', include(
+        [
+            path('list/', permission_views.PermissionListApiView.as_view()),
+        ]
+    )),
 ]
--- a/core/apps/accounts/views/login.py
+++ b/core/apps/accounts/views/login.py
@@ -19,8 +19,7 @@ class LoginApiView(generics.GenericAPIView):
            user = serializer.validated_data.get('user')
            token = RefreshToken.for_user(user)
            user_data = {
-                'role': user.role.name if user.role else None,
-                'permissions_to_page': get_permissions_with_tabs(user)
+                'role': user.role.name if user.role else None
            }
            return Response(
                {"access": str(token.access_token), "refresh": str(token), 'user_data': user_data},
--- a/core/apps/accounts/views/permission.py
+++ b/core/apps/accounts/views/permission.py
@@ -0,0 +1,13 @@
+from rest_framework import generics
+from rest_framework.response import Response
+
+from core.apps.accounts.serializers import permission as serializers
+from core.apps.accounts.models.permission import Permission
+from core.apps.accounts.permissions.permissions import HasRolePermission
+
+
+class PermissionListApiView(generics.ListAPIView):
+    queryset = Permission.objects.prefetch_related('permission_tab')
+    serializer_class = serializers.PermissionListSerializer
+    permission_classes = [HasRolePermission]
+    required_permissions = ['settings', 'permissions', 'role']
--- a/core/apps/accounts/views/user.py
+++ b/core/apps/accounts/views/user.py
@@ -8,6 +8,8 @@ from core.apps.accounts.serializers import user as serializers
 from core.apps.accounts.permissions.permissions import HasRolePermission
 from core.apps.accounts.utils.permission import get_permissions_with_tabs
 from core.apps.shared.paginations.custom import CustomPageNumberPagination
+from core.apps.accounts.serializers.permission import PermissionListSerializer
+from core.apps.accounts.models.permission import Permission


 class UserProfileApiView(generics.GenericAPIView):
@@ -95,3 +97,21 @@ class UserUpdateApiView(generics.GenericAPIView):
            serializer.save()
            return Response({'success': True, 'message': 'updated'}, status=200)
        return Response({"success": False, "message": serializer.errors}, status=400)
+
+
+class UserPermissionListApiView(generics.GenericAPIView):
+    serializer_class = PermissionListSerializer
+    queryset = None
+    permission_classes = [HasRolePermission]
+
+    def get(self, request):
+        user = request.user
+
+        if not user.role:
+            return Response({'success': False, 'message': 'User has no role assigned'}, status=400)
+
+        serializer = self.serializer_class(user.role.permissions, many=True)
+        return Response(
+            {'success': True, 'permissions': serializer.data},
+            status=200
+        )