feat: Allow all users to view requests and filter by name

- Display "Not Provided" if approval user is missing
- Set selected user to logged-in user initially
- Fetch users for all users to explore
- Allow viewing requests for any user via targetUserId
- Enable filtering user requests by full name in backend

Author: Mahmoud-Emad

client/src/views/RequestsView.vue

@@ -98,6 +98,9 @@
                       <strong>{{ request.approval_user.full_name }}</strong>
                     </router-link>
                   </p>
+                  <p v-else>
+                    Managed by: <strong>Not Provided</strong>
+                  </p>
                 </div>
               </template>
               <v-divider v-if="canManage(request)"></v-divider>
@@ -188,27 +191,32 @@ export default defineComponent({
       userRequests.value.some(req => req.status === 'pending' || req.status === 'requested_to_cancel')
     );
 
+    // Fetch logged-in user profile
     // Fetch logged-in user profile
     const loggedInUserTask = useAsyncState(async () => {
       const result = await $api.myprofile.getUser();
-      if (tab.value === 'personal') {
+      // Default selected user to self for all contexts initially
+      if (result) {
         selectedUser.value = result;
       }
+      // Load users list for everyone so they can explore
+      fetchUsers();
       return result;
     }, null);
 
+    // Fetch users list (for explore tab)
     // Fetch users list (for explore tab)
     const fetchUsers = async () => {
       isLoadingUsers.value = true;
-      if (isAdmin.value) {
+      try {
+        // Now any user can check any user requests
+        // Since we want consistency and listAllActiveOfficeUsers is handy:
         users.value = await listAllActiveOfficeUsers($api);
-      } else {
-        const result = await $api.users.list();
-        if (result) {
-          users.value = result.results;
-        }
+      } catch (e) {
+        console.error("Failed to fetch users", e)
+      } finally {
+        isLoadingUsers.value = false;
       }
-      isLoadingUsers.value = false;
     };
 
     // Fetch vacations based on current tab and filters
@@ -240,12 +248,16 @@ export default defineComponent({
           result = await $api.vacations.myTeamPendingRequests(query);
         } else {
           // Explore tab
-          if (!selectedUser.value) {
-            userRequests.value = [];
-            vacationsCount.value = 0;
-            return;
+          const personalId = ApiClientBase.user.value?.fullUser.id;
+          let targetUserId = personalId;
+
+          if (selectedUser.value) {
+            targetUserId = selectedUser.value.id;
+          }
+
+          if (targetUserId) {
+            result = await $api.vacations.listUserRequests({ ...query, user_id: targetUserId });
           }
-          result = await $api.vacations.listUserRequests({ ...query, user_id: selectedUser.value.id });
         }
 
         if (result) {
@@ -268,6 +280,11 @@ export default defineComponent({
     };
 
     const canManage = (request: Api.Vacation) => {
+      // Only admins and supervisors can manage requests
+      if (!isAdmin.value && !isSupervisor.value) {
+        return false;
+      }
+
       const status = request.status;
       const isPending = status === 'pending' || status === 'requested_to_cancel';
       if (!isPending) return false;

server/cshr/views/users.py

@@ -60,6 +60,11 @@ def get_queryset(self) -> Response:
             query_set = get_all_of_users(options)
         else:
             query_set = get_all_of_users()
+
+        full_name = self.request.query_params.get("full_name")
+        if full_name:
+             query_set = query_set.filter(first_name__icontains=full_name)
+
         return query_set