access update

8 years ago · 13fce8f739
parent ba149cea46
commit 13fce8f739
5 changed files with 74 additions and 4 deletions
--- a/access/init_group.py
+++ b/access/init_group.py
@ -14,4 +14,5 @@ if __name__ == '__main__':
    Group.objects.get_or_create(name='lead_managers')
    Group.objects.get_or_create(name='curators')
    Group.objects.get_or_create(name='partners')
+    Group.objects.get_or_create(name='supports')
    Group.objects.get_or_create(name='project_managers')
--- a/access/serializers.py
+++ b/access/serializers.py
@ -32,6 +32,23 @@ class UserInitSerializer(serializers.ModelSerializer):
        return [group.name for group in self.groups.all()]


+class UserSearchSerializer(serializers.ModelSerializer):
+    pay = serializers.SerializerMethodField()
+    phone = serializers.SerializerMethodField()
+
+    class Meta:
+        model = get_user_model()
+        fields = ('id', 'email', 'first_name', 'last_name', 'phone', 'pay')
+
+    @staticmethod
+    def get_phone(self):
+        return self.account.phone
+
+    @staticmethod
+    def get_pay(self):
+        return sum([i.get_full_price() for i in self.bill_user.all()])
+
+
 class ExtraPrivilegeSerializer(serializers.ModelSerializer):
    class Meta:
        model = ExtraPrivilege
--- a/access/urls.py
+++ b/access/urls.py
@ -4,6 +4,8 @@ from access import views
 urlpatterns = [
    url(r'teachers/$', views.TeacherListView.as_view()),
    url(r'info/$', views.InfoUserView.as_view()),
+    url(r'detail/([0-9]{1,99})/$', views.DetailUserView.as_view()),
+    url(r'find/$', views.FindUserView.as_view()),
    url(r'check/$', views.CheckUserView.as_view()),
    url(r'registration/$', views.RegistrationView.as_view()),
    url(r'change_password/$', views.ChangePasswordView.as_view()),
--- a/access/views.py
+++ b/access/views.py
@ -4,9 +4,10 @@ from django.shortcuts import redirect
 from rest_framework.views import APIView
 from rest_framework.renderers import JSONRenderer
 from rest_framework.response import Response
+from django.db.models import Q

 from access.models import Invite
-from access.serializers import UserInitSerializer
+from access.serializers import UserInitSerializer, UserSearchSerializer


 class TeacherListView(APIView):
@ -37,6 +38,55 @@ class InfoUserView(APIView):
        return Response('anonymous', status=self.status_code)


+class FindUserView(APIView):
+    renderer_classes = (JSONRenderer,)
+    status_code = 200
+
+    def get(self, request):
+        if request.user.is_authenticated() and \
+                (request.user.is_superuser
+                 or 'managers' in request.user.groups.all() or 'lead_managers' in request.user.groups.all()):
+
+            key = request.GET.get('key', None)
+            count = int(request.GET.get('count', '10'))
+
+            if key:
+                res = get_user_model().objects.filter(
+                    Q(id__contains=key) | Q(email__contains=key.lower()) | Q(first_name__contains=key) |
+                    Q(last_name__contains=key) | Q(account__phone__contains=key), groups__name='students'
+                )
+
+            else:
+                res = get_user_model().objects.all()
+
+            res = res[:(count if len(res) > count else len(res))]
+
+            return Response([
+                UserSearchSerializer(i).data for i in res],
+                status=self.status_code
+            )
+
+        return Response('Permission denied', status=403)
+
+
+class DetailUserView(APIView):
+    renderer_classes = (JSONRenderer,)
+
+    @staticmethod
+    def get(request, pk):
+        if request.user.is_authenticated() and \
+                (request.user.is_superuser or request.user.is_staff or request.user.id == pk):
+
+            try:
+                user = get_user_model().objects.get(id=pk)
+            except get_user_model().DoesNotExist:
+                return Response("User doesn't exist", status=404)
+
+            return Response(UserInitSerializer(user).data, status=200)
+
+        return Response('Permission denied', status=403)
+
+
 class RegistrationView(APIView):
    renderer_classes = (JSONRenderer,)

@ -98,4 +148,4 @@ class LogoutView(APIView):
    def post(request):
        if request.user.is_authenticated():
            auth.logout(request)
-        return Response(status=204)
+        return Response(status=204)
--- a/finance/models.py
+++ b/finance/models.py
@ -6,9 +6,9 @@ from courses.models import Course, Vertex

 class Bill(models.Model):
    course = models.ForeignKey(to=Course, verbose_name='Курс', blank=True, null=True)
-    user = models.ForeignKey(settings.AUTH_USER_MODEL, verbose_name='Плательщик', related_name=u'bill_user')
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, verbose_name='Плательщик', related_name='bill_user')
    opener = models.ForeignKey(settings.AUTH_USER_MODEL, verbose_name='Ответственный сотрудник', null=True)
-    comment = models.TextField(verbose_name=u'Комментарий продавца', help_text=u'Будет показано пользователю',
+    comment = models.TextField(verbose_name='Комментарий продавца', help_text='Будет показано пользователю',
                               blank=True, editable=False)
    description = models.TextField(verbose_name='Внутренняя заметка', default='')