add permission list api view

2025-08-06 16:50:09 +05:00
parent 2e9ddd5f8d
commit ce54f66a32
15 changed files with 196 additions and 9 deletions
--- a/core/apps/accounts/views/login.py
+++ b/core/apps/accounts/views/login.py
@@ -19,8 +19,7 @@ class LoginApiView(generics.GenericAPIView):
            user = serializer.validated_data.get('user')
            token = RefreshToken.for_user(user)
            user_data = {
-                'role': user.role.name if user.role else None,
-                'permissions_to_page': get_permissions_with_tabs(user)
+                'role': user.role.name if user.role else None
            }
            return Response(
                {"access": str(token.access_token), "refresh": str(token), 'user_data': user_data},
--- a/core/apps/accounts/views/permission.py
+++ b/core/apps/accounts/views/permission.py
@@ -0,0 +1,13 @@
+from rest_framework import generics
+from rest_framework.response import Response
+
+from core.apps.accounts.serializers import permission as serializers
+from core.apps.accounts.models.permission import Permission
+from core.apps.accounts.permissions.permissions import HasRolePermission
+
+
+class PermissionListApiView(generics.ListAPIView):
+    queryset = Permission.objects.prefetch_related('permission_tab')
+    serializer_class = serializers.PermissionListSerializer
+    permission_classes = [HasRolePermission]
+    required_permissions = ['settings', 'permissions', 'role']
--- a/core/apps/accounts/views/user.py
+++ b/core/apps/accounts/views/user.py
@@ -8,6 +8,8 @@ from core.apps.accounts.serializers import user as serializers
 from core.apps.accounts.permissions.permissions import HasRolePermission
 from core.apps.accounts.utils.permission import get_permissions_with_tabs
 from core.apps.shared.paginations.custom import CustomPageNumberPagination
+from core.apps.accounts.serializers.permission import PermissionListSerializer
+from core.apps.accounts.models.permission import Permission


 class UserProfileApiView(generics.GenericAPIView):
@@ -95,3 +97,21 @@ class UserUpdateApiView(generics.GenericAPIView):
            serializer.save()
            return Response({'success': True, 'message': 'updated'}, status=200)
        return Response({"success": False, "message": serializer.errors}, status=400)
+
+
+class UserPermissionListApiView(generics.GenericAPIView):
+    serializer_class = PermissionListSerializer
+    queryset = None
+    permission_classes = [HasRolePermission]
+
+    def get(self, request):
+        user = request.user
+
+        if not user.role:
+            return Response({'success': False, 'message': 'User has no role assigned'}, status=400)
+
+        serializer = self.serializer_class(user.role.permissions, many=True)
+        return Response(
+            {'success': True, 'permissions': serializer.data},
+            status=200
+        )