From 6a146c5fb499cdc7a7c2ed3fe23bc70af5300b16 Mon Sep 17 00:00:00 2001
From: Mojtaba-z <mojtaba.zolfaghari30@gmail.com>
Date: Sat, 25 Oct 2025 12:09:00 +0330
Subject: [PATCH] fix permisions

---
 apps/authorization/api/v1/serializers.py | 42 +++++++++++++++---------
 1 file changed, 26 insertions(+), 16 deletions(-)

diff --git a/apps/authorization/api/v1/serializers.py b/apps/authorization/api/v1/serializers.py
index 515a111..7d22f0d 100644
--- a/apps/authorization/api/v1/serializers.py
+++ b/apps/authorization/api/v1/serializers.py
@@ -1,14 +1,16 @@
 import typing
+from collections import defaultdict
 
+from django.db.models.query import QuerySet
 from rest_framework import serializers
+
+from apps.authentication.api.v1.serializers import serializer as auth_serializer
 from apps.authorization.models import (
     Role,
     Permissions,
     UserRelations,
     Page
 )
-from apps.authentication.api.v1.serializers import serializer as auth_serializer
-import itertools
 
 
 class PageSerializer(serializers.ModelSerializer):
@@ -55,19 +57,28 @@ class PermissionSerializer(serializers.ModelSerializer):
         return representation
 
     @classmethod
-    def permissions_structure_output(cls, permissions) -> typing.Any:
+    def permissions_structure_output(cls, permissions) -> typing.List[dict]:
         """ set a structure for permissions """
 
-        structure = []
-        pages_list = []
-        for counter, permission in enumerate(permissions):
-            if permission.page.name not in pages_list:
-                pages_list.append(permission.page.name)
-                structure.append({
-                    'page_name': permission.page.name,
-                    'page_access': itertools.chain(*list(
-                        permissions.filter(page=permission.page).values_list('name')))
-                })
+        if isinstance(permissions, QuerySet):
+            permissions = permissions.select_related('page')
+
+        grouped = defaultdict(set)
+
+        for permission in permissions:
+            if getattr(permission, 'is_active', True):
+                page_name = getattr(permission.page, 'name', None)
+                if page_name:
+                    grouped[page_name].add(permission.name)
+
+        structure = [
+            {
+                'page_name': page,
+                'page_access': sorted(list(access))
+            }
+            for page, access in grouped.items()
+        ]
+
         return structure
 
 
@@ -139,9 +150,8 @@ class UserRelationSerializer(serializers.ModelSerializer):
                 # set permissions by a default structure like:
                 # 'page permission':[element permissions]
                 permissions = instance.permissions.filter(is_active=True)
-                representation['permissions'] = (
-                    PermissionSerializer().permissions_structure_output(permissions) +
-                    PermissionSerializer().permissions_structure_output(instance.role.permissions.all())
+                representation['permissions'] = PermissionSerializer.permissions_structure_output(
+                    list(permissions) + list(instance.role.permissions.all())
                 )
 
         return representation