gapguide-api / config /admin_urls.py
arifRB's picture
Deploy GapGuide backend (Docker)
ffd36e0 verified
Raw
History Blame Contribute Delete
1.66 kB
"""Admin-only DRF write endpoints.
Each viewset is guarded by IsAdminUser (see individual ModelViewSet
`permission_classes`). Student JWTs hit 403 here.
Mount:
config/urls.py → path('api/admin/', include('config.admin_urls'))
URL map (under /api/admin/):
skills/ CRUD on Skill catalog (409 on referenced delete)
roles/ CRUD on Role (soft delete)
role-skills/ CRUD on RoleSkill junction (?role=<id>)
resources/ CRUD on Resource (cascades to SkillResource + checkpoints)
checkpoints/ CRUD on ResourceCheckpoint (?resource=<id>)
checkpoints/bulk/ POST newline-separated titles to create N rows
skill-resources/ CRUD on SkillResource junction (?resource=<id>)
"""
from django.urls import include, path
from rest_framework.routers import DefaultRouter
from apps.resources.views import (
ResourceAdminViewSet,
ResourceCheckpointAdminViewSet,
SkillResourceAdminViewSet,
)
from apps.roles.views import RoleAdminViewSet, RoleSkillAdminViewSet
from apps.skills.views import SkillAdminViewSet
router = DefaultRouter()
router.register(r'skills', SkillAdminViewSet, basename='admin-skill')
router.register(r'roles', RoleAdminViewSet, basename='admin-role')
router.register(r'role-skills', RoleSkillAdminViewSet, basename='admin-role-skill')
router.register(r'resources', ResourceAdminViewSet, basename='admin-resource')
router.register(r'checkpoints', ResourceCheckpointAdminViewSet, basename='admin-checkpoint')
router.register(r'skill-resources', SkillResourceAdminViewSet, basename='admin-skill-resource')
urlpatterns = [
path('', include(router.urls)),
]