♻️ [#390] Refactor endpoint to use new permissions

maykinmedia · Oct 1, 2024 · 9c4ab13 · 9c4ab13
1 parent ba0f3b7
commit 9c4ab13
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 7 deletions.
diff --git a/backend/src/openarchiefbeheer/accounts/api/serializers.py b/backend/src/openarchiefbeheer/accounts/api/serializers.py
@@ -1,22 +1,49 @@
+from django.utils.translation import gettext_lazy as _
+
+from drf_spectacular.utils import extend_schema_field
 from rest_framework import serializers
 
 from ..models import User
 
 
 class RoleSerializer(serializers.Serializer):
+    can_start_destruction = serializers.BooleanField()
+    can_review_destruction = serializers.BooleanField()
+    can_review_final_list = serializers.BooleanField()
+
     class Meta:
         fields = (
-            "name",
             "can_start_destruction",
             "can_review_destruction",
             "can_review_final_list",
-            "can_view_case_details",
         )
 
 
 class UserSerializer(serializers.ModelSerializer):
-    role = RoleSerializer()
+    role = serializers.SerializerMethodField(
+        help_text=_("The role of the user within the application logic."),
+        allow_null=True,
+    )
 
     class Meta:
         model = User
         fields = ("pk", "username", "first_name", "last_name", "email", "role")
+
+    @extend_schema_field(RoleSerializer)
+    def get_role(self, user: User) -> dict | None:
+        serializer = RoleSerializer(
+            data={
+                "can_review_destruction": user.has_perm(
+                    "accounts.can_review_destruction"
+                ),
+                "can_start_destruction": user.has_perm(
+                    "accounts.can_start_destruction"
+                ),
+                "can_review_final_list": user.has_perm(
+                    "accounts.can_review_final_list"
+                ),
+            }
+        )
+        serializer.is_valid()
+
+        return serializer.data
diff --git a/backend/src/openarchiefbeheer/accounts/managers.py b/backend/src/openarchiefbeheer/accounts/managers.py
@@ -1,4 +1,10 @@
-from django.contrib.auth.models import BaseUserManager
+from typing import TYPE_CHECKING
+
+from django.contrib.auth.models import BaseUserManager, Group
+from django.db.models import QuerySet
+
+if TYPE_CHECKING:
+    from .models import User
 
 
 class UserManager(BaseUserManager):
@@ -32,3 +38,11 @@ def create_superuser(self, username, email, password, **extra_fields):
             raise ValueError("Superuser must have is_superuser=True.")
 
         return self._create_user(username, email, password, **extra_fields)
+
+    def reviewers(self) -> QuerySet["User"]:
+        reviewers_group = Group.objects.get(name="Reviewer")
+        return reviewers_group.user_set.all()
+
+    def archivists(self) -> QuerySet["User"]:
+        archivists_group = Group.objects.get(name="Archivist")
+        return archivists_group.user_set.all()
diff --git a/frontend/src/lib/format/user.ts b/frontend/src/lib/format/user.ts
@@ -20,8 +20,5 @@ export function formatUser(
       ? `${user.firstName} ${user.lastName}${userNameSuffix}`
       : user.username;
 
-  if (showRole && user.role.name) {
-    return `${displayName} (${user.role.name})`;
-  }
   return displayName;
 }