filter all apis of organization city & province - cant remove own user or organoization

apps/authentication/api/v1/api.py

@@ -1,7 +1,19 @@
+import random
+import typing
+
+from django.contrib.auth.hashers import make_password
+from django.core.cache import cache
+from django.db import transaction
+from rest_framework import filters
+from rest_framework import status
+from rest_framework.decorators import action
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.views import APIView
+from rest_framework.viewsets import ModelViewSet
+from rest_framework_simplejwt.views import TokenObtainPairView
+
 from apps.authentication.api.v1.serializers.jwt import CustomizedTokenObtainPairSerializer
-from apps.core.mixins.soft_delete_mixin import SoftDeleteMixin
-from rest_framework.decorators import action, permission_classes
-from apps.authentication import permissions as auth_permissions
 from apps.authentication.api.v1.serializers.serializer import (
     CitySerializer,
     ProvinceSerializer,
@@ -10,16 +22,6 @@ from apps.authentication.api.v1.serializers.serializer import (
     UserSerializer,
     BankAccountSerializer,
 )
-from rest_framework_simplejwt.views import TokenObtainPairView
-from apps.core.mixins.search_mixin import DynamicSearchMixin
-from apps.core.pagination import CustomPageNumberPagination
-from apps.authorization.api.v1 import api as authorize_view
-from rest_framework.permissions import IsAuthenticated
-from django.contrib.auth.hashers import make_password
-from apps.authentication.tools import get_token_jti
-from common.helpers import get_organization_by_user
-from rest_framework.viewsets import ModelViewSet
-from rest_framework.permissions import AllowAny
 from apps.authentication.models import (
     User,
     City,
@@ -29,16 +31,14 @@ from apps.authentication.models import (
     BankAccountInformation,
     BlacklistedAccessToken
 )
-from rest_framework.response import Response
-from common.tools import CustomOperations
-from rest_framework.views import APIView
-from django.core.cache import cache
-from rest_framework import filters
-from rest_framework import status
-from django.db import transaction
+from apps.authentication.tools import get_token_jti
+from apps.authorization.api.v1 import api as authorize_view
+from apps.core.api import BaseViewSet
+from apps.core.mixins.search_mixin import DynamicSearchMixin
+from apps.core.mixins.soft_delete_mixin import SoftDeleteMixin
+from common.helpers import get_organization_by_user
 from common.sms import send_sms
-import random
-import typing
+from common.tools import CustomOperations
 
 
 class CustomizedTokenObtainPairView(TokenObtainPairView):
@@ -148,11 +148,6 @@ class UserViewSet(SoftDeleteMixin, ModelViewSet):
         else:
             return Response(serializer.errors, status=status.HTTP_403_FORBIDDEN)
 
-    def destroy(self, request, *args, **kwargs):
-        instance = self.get_object()
-        self.perform_destroy(instance)
-        return Response(status=status.HTTP_204_NO_CONTENT)
-
     @action(
         methods=['get'],
         detail=False,
@@ -168,18 +163,24 @@ class UserViewSet(SoftDeleteMixin, ModelViewSet):
         return Response(serializer.data, status.HTTP_200_OK)
 
 
-class CityViewSet(SoftDeleteMixin, ModelViewSet):
+class CityViewSet(BaseViewSet, SoftDeleteMixin, ModelViewSet):
     """ Crud operations for city model """  #
     queryset = City.objects.all()
     serializer_class = CitySerializer
 
     def list(self, request, *args, **kwargs):
         """ return list of cities by province """
+        param = request.query_params
+
+        if param.get('province'):
+            queryset = self.queryset.filter(
+                province_id=int(request.GET['province'])
+            )
+        else:
+            queryset = self.get_queryset()
 
         serializer = self.serializer_class(
-            self.queryset.filter(
-                province_id=int(request.GET['province'])
-            ), many=True
+            queryset, many=True
         )
         return Response(serializer.data, status=status.HTTP_200_OK)
 
@@ -196,7 +197,7 @@ class OrganizationTypeViewSet(SoftDeleteMixin, ModelViewSet):
     serializer_class = OrganizationTypeSerializer
 
 
-class OrganizationViewSet(SoftDeleteMixin, ModelViewSet, DynamicSearchMixin):
+class OrganizationViewSet(BaseViewSet, SoftDeleteMixin, ModelViewSet, DynamicSearchMixin):
     """ Crud operations for organization model """  #
     queryset = Organization.objects.all()
     serializer_class = OrganizationSerializer
@@ -221,12 +222,13 @@ class OrganizationViewSet(SoftDeleteMixin, ModelViewSet, DynamicSearchMixin):
 
     def list(self, request, *args, **kwargs):
         """ all organization """
+        queryset = self.get_queryset()
 
-        query = self.filter_query(self.queryset)
+        query = self.filter_query(queryset)
 
         page = self.paginate_queryset(query.order_by('-create_date'))  # paginate queryset
 
-        if page is not None:
+        if page is not None:  # noqa
             serializer = self.serializer_class(page, many=True)
             return self.get_paginated_response(serializer.data)
 
@@ -328,7 +330,8 @@ class OrganizationViewSet(SoftDeleteMixin, ModelViewSet, DynamicSearchMixin):
         child_organizations = self.get_all_org_child(organization)
 
         # search & filter
-        queryset = self.filter_query(self.queryset.filter(id__in={instance.id for instance in child_organizations}))
+        queryset = self.filter_query(
+            self.get_queryset().filter(id__in={instance.id for instance in child_organizations}))
 
         page = self.paginate_queryset(queryset)  # paginate queryset