完善简历权限相关的接口

2025-04-17 13:04:52 +08:00 · 2025-04-17 13:04:52 +08:00 · d4714d3f43
commit d4714d3f43
parent 273b9713e0
1 changed files with 63 additions and 4 deletions
--- a/authorize/api/resume_authorize.py
+++ b/authorize/api/resume_authorize.py
@ -1,17 +1,15 @@
 from ninja import Router, Query
 from django.shortcuts import get_object_or_404
-from accounts.models import User
 from authorize.models import ResumeDetailAccessRequest
 from authorize.schemas import ResumeAccessRequestIn
 from resumes.models import ResumeDetail
 from utils.auth import jwt_auth
-from utils.permissions import login_required
+from utils.permissions import login_required, manager_required

 resume_authorize_router = Router(tags=["简历授权管理"])


-@resume_authorize_router.post("/apply", auth=jwt_auth, summary="申请简历详情[普]",
-                              description="普通用户申请查看某一份简历详情")
+@resume_authorize_router.post("/apply", auth=jwt_auth, summary="申请简历详情[普]", description="普通用户申请查看某一份简历详情")
@login_required
 def apply_resume_access(request, data: ResumeAccessRequestIn):
    user = request.user
@ -35,3 +33,64 @@ def apply_resume_access(request, data: ResumeAccessRequestIn):
    )

    return {"success": True, "message": "申请已提交，等待审批"}
+
+
+@resume_authorize_router.get("/pending", auth=jwt_auth, summary="待审批简历[分]", description="分管理查看自己网站下的待审批简历详情申请")
+@manager_required
+def list_pending_resume_requests(request):
+    manager = request.user
+    manageable_ids = manager.managed_websites.values_list("id", flat=True)
+
+    requests = ResumeDetailAccessRequest.objects.filter(
+        resume__source_id__in=manageable_ids,
+        status="pending"
+    )
+
+    data = [
+        {
+            "id": r.id,
+            "user": r.user.username,
+            "resume_id": r.resume.id,
+            "reason": r.reason,
+            "created_at": r.created_at,
+        }
+        for r in requests
+    ]
+
+    return {"success": True, "items": data}
+
+
+@resume_authorize_router.post("/approve", auth=jwt_auth, summary="审批简历详情[分]", description="分管理审批某个用户的简历查看申请")
+@manager_required
+def approve_resume_request(request, request_id: int = Query(...), approve: bool = Query(...)):
+    req = get_object_or_404(ResumeDetailAccessRequest, id=request_id)
+
+    if req.resume.source not in request.user.managed_websites.all():
+        return {"success": False, "message": "无权审批该申请"}
+
+    req.status = "approved" if approve else "rejected"
+    req.save()
+
+    return {"success": True, "message": f"已{'通过' if approve else '拒绝'}对简历 {req.resume.id} 的访问申请"}
+
+
+@resume_authorize_router.get("/history", auth=jwt_auth, summary="我的简历申请记录[普]", description="普通用户查看自己申请的简历详情访问记录")
+@login_required
+def my_resume_request_history(request):
+    user = request.user
+    if not user.is_user():
+        return {"success": False, "message": "仅普通用户可查看"}
+
+    records = ResumeDetailAccessRequest.objects.filter(user=user).order_by("-created_at")
+
+    data = [
+        {
+            "resume_id": r.resume.id,
+            "reason": r.reason,
+            "status": r.status,
+            "created_at": r.created_at,
+        }
+        for r in records
+    ]
+
+    return {"success": True, "items": data}