fix - cant delete admin role

2025-10-28 13:51:05 +03:30
parent a333a5e5a8
commit 7ffaff2c11
4 changed files with 24 additions and 2 deletions
--- a/apps/authentication/api/v1/api.py
+++ b/apps/authentication/api/v1/api.py
@@ -349,7 +349,7 @@ class OrganizationViewSet(BaseViewSet, SoftDeleteMixin, ModelViewSet, DynamicSea

        page = self.paginate_queryset(queryset)  # paginate queryset

-        if page is not None:
+        if page is not None:  # noqa
            serializer = self.serializer_class(page, many=True)
            return self.get_paginated_response(serializer.data)

@@ -396,7 +396,7 @@ class GeneralOTPViewSet(SoftDeleteMixin, ModelViewSet):
                role__role_name='Management').first().user.mobile
            return user_mobile

-        if data['get_mobile_type'] == 'general':
+        if data['get_mobile_type'] == 'general':  # noqa
            return data['mobile']

    @action(
--- a/apps/authorization/api/v1/api.py
+++ b/apps/authorization/api/v1/api.py
@@ -13,6 +13,7 @@ from apps.authorization.api.v1.serializers import (
    UserRelationSerializer,
    PageSerializer
 )
+from apps.authorization.exception import AdminRoleDeleteException
 from apps.authorization.models import (
    Role,
    Permissions,
@@ -41,6 +42,15 @@ class RoleViewSet(BaseViewSet, SoftDeleteMixin, viewsets.ModelViewSet):
            serializer = self.get_serializer(role, many=True)
            return self.get_paginated_response(serializer.data)

+    def destroy(self, request, pk=None, *args, **kwargs):
+        """ soft delete of role except Admin """
+
+        role = self.get_object()
+        if role.type.key == 'ADM':
+            raise AdminRoleDeleteException()
+        role.soft_delete()
+        return Response(status=status.HTTP_200_OK)
+

 class PageViewSet(SoftDeleteMixin, viewsets.ModelViewSet):
    """ add website pages to system to set permission on it """
--- a/apps/authorization/exception.py
+++ b/apps/authorization/exception.py
@@ -0,0 +1,8 @@
+from rest_framework import status
+from rest_framework.exceptions import APIException
+
+
+class AdminRoleDeleteException(APIException):
+    status_code = status.HTTP_403_FORBIDDEN
+    default_detail = 'نقش ادمین قابلیت حذف شدن ندارد'  # noqa
+    default_code = 'admin_role_delete_exception'