admin users can not be deleted

apps/authentication/api/v1/api.py

@@ -13,6 +13,9 @@ from rest_framework.views import APIView
 from rest_framework.viewsets import ModelViewSet
 from rest_framework_simplejwt.views import TokenObtainPairView
 
+from apps.authentication.exceptions import AdminDeleteException
+from apps.core.api import BaseViewSet
+
 from apps.authentication.api.v1.serializers.jwt import CustomizedTokenObtainPairSerializer
 from apps.authentication.api.v1.serializers.serializer import (
     CitySerializer,
@@ -22,6 +25,7 @@ from apps.authentication.api.v1.serializers.serializer import (
     UserSerializer,
     BankAccountSerializer,
 )
+from apps.authentication.mixins.region_filter import RegionFilterMixin
 from apps.authentication.models import (
     User,
     City,
@@ -33,7 +37,6 @@ from apps.authentication.models import (
 )
 from apps.authentication.tools import get_token_jti
 from apps.authorization.api.v1 import api as authorize_view
-from apps.core.api import BaseViewSet
 from apps.core.mixins.search_mixin import DynamicSearchMixin
 from apps.core.mixins.soft_delete_mixin import SoftDeleteMixin
 from common.helpers import get_organization_by_user
@@ -162,6 +165,19 @@ class UserViewSet(SoftDeleteMixin, ModelViewSet):
         )
         return Response(serializer.data, status.HTTP_200_OK)
 
+    def destroy(self, request, pk=None, *args, **kwargs):
+        """
+        remove user from system except admin users
+        """
+        user = self.get_object()
+        user_relations = authorize_view.UserRelations.objects.filter(user=user).first()
+        if user_relations.role.type.key != 'ADM':
+            raise AdminDeleteException()
+        else:
+            user_relations.objects.update(trash=True)
+
+        return Response(status=status.HTTP_204_NO_CONTENT)
+
 
 class CityViewSet(BaseViewSet, SoftDeleteMixin, ModelViewSet):
     """ Crud operations for city model """  #