PROCOLLAB-github
diff --git a/‎industries/permissions.py‎
Lines changed: 19 additions & 0 deletions b/‎industries/permissions.py‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎industries/tests.py‎
Lines changed: 1 addition & 0 deletions b/‎industries/tests.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎industries/views.py‎
Lines changed: 3 additions & 4 deletions b/‎industries/views.py‎
Lines changed: 3 additions & 4 deletions
diff --git a/‎news/serializers.py‎
Lines changed: 13 additions & 1 deletion b/‎news/serializers.py‎
Lines changed: 13 additions & 1 deletion
diff --git a/‎news/tests.py‎
Lines changed: 0 additions & 1 deletion b/‎news/tests.py‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎news/views.py‎
Lines changed: 3 additions & 3 deletions b/‎news/views.py‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎procollab/settings.py‎
Lines changed: 1 addition & 0 deletions b/‎procollab/settings.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎projects/admin.py‎
Lines changed: 6 additions & 1 deletion b/‎projects/admin.py‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎projects/managers.py‎
Lines changed: 61 additions & 0 deletions b/‎projects/managers.py‎
Lines changed: 61 additions & 0 deletions
diff --git a/‎projects/models.py‎
Lines changed: 6 additions & 1 deletion b/‎projects/models.py‎
Lines changed: 6 additions & 1 deletion
@@ -0,0 +1,19 @@
+from rest_framework.permissions import BasePermission
+
+from core.constants import SAFE_METHODS
+
+
+class IndustryPermission(BasePermission):
+    """
+    Allows access to update only to staff users.
+    """
+
+    def has_permission(self, request, view) -> bool:
+        if request.method in SAFE_METHODS or request.user and request.user.is_staff:
+            return True
+        return False
+
+    def has_object_permission(self, request, view, obj) -> bool:
+        if request.method in SAFE_METHODS or request.user and request.user.is_staff:
+            return True
+        return False
@@ -103,5 +103,6 @@ def _user_create(self):
         user_id = response.data["id"]
         user = CustomUser.objects.get(id=user_id)
         user.is_active = True
+        user.is_staff = True
         user.save()
         return user
@@ -1,18 +1,17 @@
 from rest_framework import generics
 
+from core.permissions import IsStaffOrReadOnly
 from industries.models import Industry
 from industries.serializers import IndustrySerializer
 
 
 class IndustryList(generics.ListCreateAPIView):
     queryset = Industry.objects.all()
     serializer_class = IndustrySerializer
-    # TODO check permissions using JWT
-    # permission_classes = [permissions.IsAuthenticatedOrReadOnly]
+    permission_classes = [IsStaffOrReadOnly]
 
 
 class IndustryDetail(generics.RetrieveUpdateDestroyAPIView):
     queryset = Industry.objects.all()
     serializer_class = IndustrySerializer
-    # TODO check permissions using JWT
-    # permission_classes = [permissions.IsAuthenticatedOrReadOnly]
+    permission_classes = [IsStaffOrReadOnly]
@@ -3,7 +3,7 @@
 from news.models import News, NewsTag
 
 
-class NewsSerializer(serializers.ModelSerializer):
+class NewsDetailSerializer(serializers.ModelSerializer):
     class Meta:
         model = News
         fields = [
@@ -18,6 +18,18 @@ class Meta:
         ]
 
 
+class NewsListSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = News
+        fields = [
+            "id",
+            "title",
+            "short_text",
+            "cover_url",
+            "datetime_created",
+        ]
+
+
 class NewsTagSerializer(serializers.ModelSerializer):
     class Meta:
         model = NewsTag
 
@@ -36,7 +36,6 @@ def test_news_creation(self):
 
         self.assertEqual(response.status_code, 201)
         self.assertEqual(response.data["title"], self.TITLE)
-        self.assertEqual(response.data["text"], self.TEXT)
         self.assertEqual(response.data["short_text"], self.SHORT_TEXT)
         self.assertEqual(response.data["cover_url"], self.COVER_URL)
 
 
@@ -4,20 +4,20 @@
 from core.permissions import IsStaffOrReadOnly
 from news.filters import NewsFilter
 from news.models import News, NewsTag
-from news.serializers import NewsSerializer, NewsTagSerializer
+from news.serializers import NewsDetailSerializer, NewsListSerializer, NewsTagSerializer
 
 
 class NewsList(generics.ListCreateAPIView):
     queryset = News.objects.all()
-    serializer_class = NewsSerializer
+    serializer_class = NewsListSerializer
     permission_classes = [IsStaffOrReadOnly]
     filter_backends = (filters.DjangoFilterBackend,)
     filterset_class = NewsFilter
 
 
 class NewsDetail(generics.RetrieveUpdateDestroyAPIView):
     queryset = News.objects.all()
-    serializer_class = NewsSerializer
+    serializer_class = NewsDetailSerializer
     permission_classes = [IsStaffOrReadOnly]
 
 
 
@@ -120,6 +120,7 @@
         "rest_framework.renderers.AdminRenderer",
     ],
 }
+
 # Database
 if DEBUG:
     DATABASES = {
 
@@ -1,6 +1,6 @@
 from django.contrib import admin
 
-from projects.models import Project
+from projects.models import Project, Achievement
 
 
 @admin.register(Project)
@@ -13,3 +13,8 @@ class ProjectAdmin(admin.ModelAdmin):
         "id",
         "name",
     )
+
+
+@admin.register(Achievement)
+class AchievementAdmin(admin.ModelAdmin):
+    list_display = ("id", "title", "status", "project")
@@ -0,0 +1,61 @@
+from django.db.models import Manager
+from django.db.models import Prefetch
+
+from industries.models import Industry
+from users.models import CustomUser
+
+
+class ProjectManager(Manager):
+    def get_projects_for_list_view(self):
+        return (
+            self.get_queryset()
+            .prefetch_related(
+                Prefetch(
+                    "industry",
+                    queryset=Industry.objects.only("name").all(),
+                ),
+                Prefetch(
+                    "leader",
+                    queryset=CustomUser.objects.only("id").all(),
+                ),
+            )
+            .only(
+                "id",
+                "name",
+                "leader__id",
+                "description",
+                "short_description",
+                "step",
+                "industry__name",
+                "image_address",
+                "draft",
+                "datetime_created",
+            )
+            .all()
+        )
+
+    def get_projects_for_detail_view(self):
+        return (
+            self.get_queryset()
+            .prefetch_related(
+                "collaborators",
+                "achievements",
+            )
+            .all()
+        )
+
+
+class AchievementManager(Manager):
+    def get_achievements_for_list_view(self):
+        return (
+            self.get_queryset()
+            .select_related("project")
+            .only("id", "title", "status", "project__id")
+        )
+
+    def get_achievements_for_detail_view(self):
+        return (
+            self.get_queryset()
+            .select_related("project")
+            .only("id", "title", "status", "project")
+        )
@@ -1,8 +1,9 @@
 from django.contrib.auth import get_user_model
 from django.db import models
-from industries.models import Industry
 
+from industries.models import Industry
 from projects.helpers import VERBOSE_STEPS
+from projects.managers import ProjectManager, AchievementManager
 
 User = get_user_model()
 
@@ -66,6 +67,8 @@ class Project(models.Model):
         verbose_name="Дата изменения", null=False, auto_now=True
     )
 
+    objects = ProjectManager()
+
     def __str__(self):
         return f"Project<{self.id}> - {self.name}"
 
@@ -94,6 +97,8 @@ class Achievement(models.Model):
         related_name="achievements",
     )
 
+    objects = AchievementManager()
+
     def __str__(self):
         return f"Achievement<{self.id}>"
Original file line number	Diff line number	Diff line change
`@@ -120,6 +120,7 @@`
`120`	`120`	`"rest_framework.renderers.AdminRenderer",`
`121`	`121`	`],`
`122`	`122`	`}`
	`123`	`+`
`123`	`124`	`# Database`
`124`	`125`	`if DEBUG:`
`125`	`126`	`DATABASES = {`