first base of project-changed apps: Herd-livestock-tag-log-elasticsearch-

apps/authorization/api/v1/api.py

@@ -0,0 +1,36 @@
+from rest_framework_simplejwt.authentication import JWTAuthentication
+from rest_framework.permissions import AllowAny, IsAuthenticated
+from apps.authorization.api.v1.serializers import (
+    RoleSerializer,
+    PermissionSerializer,
+    UserRelationSerializer
+)
+from rest_framework.response import Response
+from apps.authorization.models import (
+    Role,
+    Permissions,
+    UserRelations
+)
+from rest_framework import viewsets
+
+
+class RoleViewSet(viewsets.ModelViewSet):
+    """ Crud Operations For User Roles """
+
+    queryset = Role.objects.all()
+    serializer_class = RoleSerializer
+
+
+class PermissionViewSet(viewsets.ModelViewSet):
+    """ Crud Operations for Permissions """
+
+    queryset = Permissions.objects.all()
+    serializer_class = PermissionSerializer
+
+
+class UserRelationViewSet(viewsets.ModelViewSet):
+    """ Crud Operations for User Relations """
+
+    queryset = UserRelations.objects.all()
+    serializer_class = UserRelationSerializer
+

apps/authorization/api/v1/serializers.py

@@ -0,0 +1,81 @@
+from rest_framework import serializers
+from apps.authorization.models import (
+    Role,
+    Permissions,
+    UserRelations
+)
+from apps.authentication.api.v1.serializers import serializer as auth_serializer
+from apps.authentication.models import Organization
+
+
+class PermissionSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Permissions
+        fields = [
+            'id',
+            'name',
+            'description'
+        ]
+
+
+class RoleSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Role
+        fields = [
+            'id',
+            'role_name',
+            'description',
+            'type',
+            'permissions'
+        ]
+        extra_kwargs = {
+            'permissions': {'required': False}  # permissions not required for some roles
+        }
+
+    def to_representation(self, instance):
+        """
+        using @to_representation for many_to_many permissions in response
+        """
+        representation = super().to_representation(instance)
+        representation['type'] = auth_serializer.OrganizationTypeSerializer(instance.type).data
+        representation['permissions'] = PermissionSerializer(instance.permissions, many=True).data
+        return representation
+
+
+class UserRelationSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = UserRelations
+        fields = [
+            'id',
+            'user',
+            'organization',
+            'role',
+            'permissions',
+        ]
+
+    def to_representation(self, instance):
+        representation = super().to_representation(instance)
+        if isinstance(instance, UserRelations):
+            if instance.user:
+                representation['user'] = auth_serializer.UserSerializer(instance.user).data
+            if instance.organization:
+                representation['organization'] = auth_serializer.OrganizationSerializer(instance.organization).data
+            if instance.role:
+                representation['role'] = RoleSerializer(instance.role).data
+            if instance.permissions:
+                representation['permissions'] = PermissionSerializer(instance.permissions, many=True).data
+
+        return representation
+
+    def update(self, instance, validated_data):
+        """ update user relation object """
+        if validated_data.get('role'):
+            instance.role = Role.objects.get(id=validated_data.get('role', instance.role))
+        if validated_data.get('organization'):
+            instance.organization = Organization.objects.get(id=validated_data.get(
+                'organization', instance.organization
+            ))
+        instance.save()
+        instance.permissions.clear()
+        instance.permissions.add(*(validated_data.get('permissions', instance.permissions)))
+        return instance

apps/authorization/api/v1/urls.py

@@ -0,0 +1,18 @@
+from rest_framework.routers import DefaultRouter
+from django.urls import path, include
+from .api import (
+    RoleViewSet,
+    PermissionViewSet,
+    UserRelationViewSet
+)
+
+router = DefaultRouter()  # set router
+
+# register route to router
+router.register(r'role', RoleViewSet, basename='role')
+router.register(r'permission', PermissionViewSet, basename='permission')
+router.register(r'user-relations', UserRelationViewSet, basename='organization-role')
+
+urlpatterns = [
+    path('', include(router.urls))
+]