Merge pull request #119 from pneumaticapp/backend/accounts/44398__users_crud_api

⚙️ 44398 backend [ users ] Add users manually

Author: pneumojoseph

backend/README.md

@@ -45,7 +45,12 @@ Open a terminal in the "backend" directory and run the following commands:
 1. Place the database dump file named ``dump.sql`` in the ``pneumaticworkflow/postgres/backups`` directory. 
 2. Recreate the pneumatic database with the command: ``docker exec -it pneumatic-postgres sh -c "dropdb -U postgres_user postgres_db && createdb -U postgres_user --owner postgres_user postgres_db"``.
 3. Load the dump file into the database with the command: ``docker exec -it pneumatic-postgres sh -c "psql -U postgres_user -h localhost postgres_db < /backups/dump.sql"``. This process will take several minutes.
-4. (Optional). Connect to the database and verify the schema. Command: ``docker exec -it pneumatic-postgres sh -c "psql -U postgres_user postgres_db"``
+
+#### Create a backup copy of the database
+Command: ``docker exec -it pneumatic-postgres sh -c "pg_dump -U postgres_user postgres_db > /backups/pneumatic-backup-$(date +%Y-%m-%d[%Hh:%Mm]%ZTZ).sql"``
+
+#### Connect to the database
+Command: ``docker exec -it pneumatic-postgres sh -c "psql -U postgres_user postgres_db"``
 
 ### Windows
 Open PowerShell in the backend directory and run the following commands:

backend/src/accounts/enums.py

@@ -92,6 +92,16 @@ class UserFirstDayWeek:
         (SATURDAY, 'Saturday'),
     )
 
+    LITERALS = Literal[
+        SUNDAY,
+        MONDAY,
+        TUESDAY,
+        WEDNESDAY,
+        THURSDAY,
+        FRIDAY,
+        SATURDAY,
+    ]
+
 
 class UserDateFormat:
 
@@ -137,6 +147,7 @@ class UserDateFormat:
         PY_USA_24: API_USA_24,
         PY_EUROPE_24: API_EUROPE_24,
     }
+    LITERALS = Literal[PY_USA_12, PY_EUROPE_12, PY_USA_24, PY_EUROPE_24]
 
 
 class LeaseLevel:

backend/src/accounts/filters.py

@@ -41,6 +41,24 @@ class Meta:
     )
 
 
+class PublicUsersListFilterSet(FilterSet):
+
+    class Meta:
+        model = User
+        fields = (
+            'ordering',
+        )
+
+    ordering = DefaultOrderingFilter(
+        fields=(
+            ('first_name', 'first_name'),
+            ('last_name', 'last_name'),
+            ('status', 'status'),
+        ),
+        default=('last_name',),
+    )
+
+
 class UsersListFilterSet(FilterSet):
 
     class Meta:

backend/src/accounts/messages.py

@@ -95,3 +95,9 @@
     _('Group with the name "{name}" already exists.'),
     name=name,
 )
+MSG_A_0046 = _(
+    'Permission denied. '
+    'Only an administrator can grant administrator privileges.',
+)
+MSG_A_0047 = _('You can\'t delete yourself.')
+MSG_A_0048 = _('You can\'t delete the account owner.')

backend/src/accounts/serializers/user.py

@@ -12,6 +12,7 @@
 from src.accounts.serializers.group import (
     GroupNameSerializer,
 )
+from src.accounts.messages import MSG_A_0036, MSG_A_0046
 from src.accounts.serializers.user_invites import (
     UserListInviteSerializer,
 )
@@ -56,7 +57,6 @@ class Meta:
             'photo',
             'status',
             'is_admin',
-            'date_joined',
             'date_joined_tsp',
             'is_account_owner',
             'is_tasks_digest_subscriber',
@@ -72,22 +72,21 @@ class Meta:
             'date_fdw',
             'invite',
             'groups',
+            'password',
         )
         read_only_fields = (
             'id',
             'type',
-            'email',
             'invite',
             'status',
-            'is_admin',
             'is_account_owner',
-            'groups',
+            'date_joined_tsp',
         )
 
     groups = RelatedListField(
         source='user_groups',
         child=serializers.IntegerField(),
-        read_only=True,
+        required=False,
     )
     date_joined_tsp = TimeStampField(source='date_joined', read_only=True)
     timezone = serializers.ChoiceField(
@@ -96,6 +95,7 @@ class Meta:
     )
     date_fmt = DateFormatField(required=False)
     invite = serializers.SerializerMethodField(allow_null=True, read_only=True)
+    password = serializers.CharField(write_only=True, required=False)
 
     def get_invite(self, instance: UserModel):
         if instance.status_invited and instance.invite:
@@ -109,6 +109,22 @@ def __init__(self, *args, **kwargs):
         else:
             self.fields['language'].choices = Language.EURO_CHOICES
 
+    def validate_is_admin(self, value):
+        if value is True and not self.context['user'].is_admin:
+            raise serializers.ValidationError(MSG_A_0046)
+        return value
+
+    def validate(self, attrs):
+        if 'password' in attrs:
+            attrs['raw_password'] = attrs.pop('password')
+        if (
+            self.instance
+            and self.instance.is_account_owner
+            and self.instance != self.context['user']
+        ):
+            raise serializers.ValidationError(MSG_A_0036)
+        return attrs
+
 
 class UserPrivilegesSerializer(UserSerializer):
     class Meta(UserSerializer.Meta):

backend/src/accounts/services/exceptions.py

@@ -14,6 +14,8 @@
     MSG_A_0042,
     MSG_A_0043,
     MSG_A_0044,
+    MSG_A_0047,
+    MSG_A_0048,
 )
 from src.generics.exceptions import BaseServiceException
 
@@ -66,22 +68,32 @@ class ExpiredTransferTokenException(BaseServiceException):
     default_message = MSG_A_0009
 
 
-class UserNotFoundException(BaseServiceException):
+class UserNotFoundException(UserServiceException):
 
     default_message = MSG_A_0010
 
 
-class UserIsPerformerException(BaseServiceException):
+class UserIsPerformerException(UserServiceException):
 
     default_message = MSG_A_0011
 
 
-class ReassignUserDoesNotExist(BaseServiceException):
+class ReassignUserDoesNotExist(UserServiceException):
 
     default_message = MSG_A_0012
 
 
-class InvalidOrExpiredToken(BaseServiceException):
+class PreventSelfDeletion(BaseServiceException):
+
+    default_message = MSG_A_0047
+
+
+class PreventAccountOwnerDeletion(BaseServiceException):
+
+    default_message = MSG_A_0048
+
+
+class InvalidOrExpiredToken(UserServiceException):
 
     default_message = MSG_A_0013