fix permisions

2025-10-25 12:09:00 +03:30
parent e82e67cc4d
commit 6a146c5fb4
1 changed files with 26 additions and 16 deletions
--- a/apps/authorization/api/v1/serializers.py
+++ b/apps/authorization/api/v1/serializers.py
@@ -1,14 +1,16 @@
 import typing
+from collections import defaultdict

+from django.db.models.query import QuerySet
 from rest_framework import serializers
+
+from apps.authentication.api.v1.serializers import serializer as auth_serializer
 from apps.authorization.models import (
    Role,
    Permissions,
    UserRelations,
    Page
 )
-from apps.authentication.api.v1.serializers import serializer as auth_serializer
-import itertools


 class PageSerializer(serializers.ModelSerializer):
@@ -55,19 +57,28 @@ class PermissionSerializer(serializers.ModelSerializer):
        return representation

    @classmethod
-    def permissions_structure_output(cls, permissions) -> typing.Any:
+    def permissions_structure_output(cls, permissions) -> typing.List[dict]:
        """ set a structure for permissions """

-        structure = []
-        pages_list = []
-        for counter, permission in enumerate(permissions):
-            if permission.page.name not in pages_list:
-                pages_list.append(permission.page.name)
-                structure.append({
-                    'page_name': permission.page.name,
-                    'page_access': itertools.chain(*list(
-                        permissions.filter(page=permission.page).values_list('name')))
-                })
+        if isinstance(permissions, QuerySet):
+            permissions = permissions.select_related('page')
+
+        grouped = defaultdict(set)
+
+        for permission in permissions:
+            if getattr(permission, 'is_active', True):
+                page_name = getattr(permission.page, 'name', None)
+                if page_name:
+                    grouped[page_name].add(permission.name)
+
+        structure = [
+            {
+                'page_name': page,
+                'page_access': sorted(list(access))
+            }
+            for page, access in grouped.items()
+        ]
+
        return structure


@@ -139,9 +150,8 @@ class UserRelationSerializer(serializers.ModelSerializer):
                # set permissions by a default structure like:
                # 'page permission':[element permissions]
                permissions = instance.permissions.filter(is_active=True)
-                representation['permissions'] = (
-                    PermissionSerializer().permissions_structure_output(permissions) +
-                    PermissionSerializer().permissions_structure_output(instance.role.permissions.all())
+                representation['permissions'] = PermissionSerializer.permissions_structure_output(
+                    list(permissions) + list(instance.role.permissions.all())
                )

        return representation