List consents
Mixin for ViewSets that handle organization-scoped resources.
This mixin provides automatic filtering of querysets based on the organizations a staff user has access to, and adjusts permission checks to allow list operations without requiring an explicit organization_id parameter.
Class Attributes: organization_filter_field: Field name to use for filtering queryset (default: "organization_id") organization_param_name: Query/path parameter name for organization (default: "organization_id") min_role_for_list: Minimum role required for list operation (default: "staff") Options: "admin", "manager", "staff", "guest"
Behavior: - For list operations: Returns resources from ALL organizations where user has sufficient role - For other operations: Uses standard organization-specific permission checks - If organization_id is provided as query/path param: Filters to that specific organization only
Example: >>> class FileViewSet(OrganizationAccessMixin, ModelViewSet): ... organization_filter_field = "organization_id" ... organization_param_name = "organization_id" ... min_role_for_list = "staff" ... permission_classes = (IsAuthenticated, IsOrganizationStaff) ... ... # List will now return files from all accessible organizations ... # GET /api/files/ - returns all accessible files ... # GET /api/files/?organization_id=org_xyz - returns only from that organization
Notes: - The mixin expects the viewset to have a StaffUser as request.user - The mixin works with both direct organization fields and related fields (e.g., "vendor__organization_id") - For create operations, organization_id should be validated in the serializer
query Parameters
edition_idenabledorderingOrdering
created- Created-created- Created (descending)modified- Modified-modified- Modified (descending)order- Order-order- Order (descending)title- Title-title- Title (descending)
organization_idpageA page number within the paginated result set.
page_sizeNumber of results to return per page (default: 100).
publishedscopeorganization- organizationedition- editionvendor- vendorproduct- product
typeterms- termsmarketing- marketingnotice- notice
List consents › Responses
countnextpreviousCreate consent
Mixin for ViewSets that handle organization-scoped resources.
This mixin provides automatic filtering of querysets based on the organizations a staff user has access to, and adjusts permission checks to allow list operations without requiring an explicit organization_id parameter.
Class Attributes: organization_filter_field: Field name to use for filtering queryset (default: "organization_id") organization_param_name: Query/path parameter name for organization (default: "organization_id") min_role_for_list: Minimum role required for list operation (default: "staff") Options: "admin", "manager", "staff", "guest"
Behavior: - For list operations: Returns resources from ALL organizations where user has sufficient role - For other operations: Uses standard organization-specific permission checks - If organization_id is provided as query/path param: Filters to that specific organization only
Example: >>> class FileViewSet(OrganizationAccessMixin, ModelViewSet): ... organization_filter_field = "organization_id" ... organization_param_name = "organization_id" ... min_role_for_list = "staff" ... permission_classes = (IsAuthenticated, IsOrganizationStaff) ... ... # List will now return files from all accessible organizations ... # GET /api/files/ - returns all accessible files ... # GET /api/files/?organization_id=org_xyz - returns only from that organization
Notes: - The mixin expects the viewset to have a StaffUser as request.user - The mixin works with both direct organization fields and related fields (e.g., "vendor__organization_id") - For create operations, organization_id should be validated in the serializer
Create consent › Request Body
organization_idtitletypeterms- termsmarketing- marketingnotice- notice
enabledpublishedrequirededition_idvendor_org_idproduct_idsCreate consent › Responses
idorganization_idtitlescopepublished_dateedition_idvendor_org_idproduct_idsordercreatedmodifiedenabledIs consent visible to new users?
publishedIs consent applicable to new and existing users? Note, that published consents can't be edited.
requiredIs consent required for new and existing users?
Retrieve consent
Mixin for ViewSets that handle organization-scoped resources.
This mixin provides automatic filtering of querysets based on the organizations a staff user has access to, and adjusts permission checks to allow list operations without requiring an explicit organization_id parameter.
Class Attributes: organization_filter_field: Field name to use for filtering queryset (default: "organization_id") organization_param_name: Query/path parameter name for organization (default: "organization_id") min_role_for_list: Minimum role required for list operation (default: "staff") Options: "admin", "manager", "staff", "guest"
Behavior: - For list operations: Returns resources from ALL organizations where user has sufficient role - For other operations: Uses standard organization-specific permission checks - If organization_id is provided as query/path param: Filters to that specific organization only
Example: >>> class FileViewSet(OrganizationAccessMixin, ModelViewSet): ... organization_filter_field = "organization_id" ... organization_param_name = "organization_id" ... min_role_for_list = "staff" ... permission_classes = (IsAuthenticated, IsOrganizationStaff) ... ... # List will now return files from all accessible organizations ... # GET /api/files/ - returns all accessible files ... # GET /api/files/?organization_id=org_xyz - returns only from that organization
Notes: - The mixin expects the viewset to have a StaffUser as request.user - The mixin works with both direct organization fields and related fields (e.g., "vendor__organization_id") - For create operations, organization_id should be validated in the serializer
path Parameters
idA unique value identifying this consent.
Retrieve consent › Responses
idorganization_idtitlescopepublished_dateedition_idvendor_org_idproduct_idsordercreatedmodifiedenabledIs consent visible to new users?
publishedIs consent applicable to new and existing users? Note, that published consents can't be edited.
requiredIs consent required for new and existing users?
Delete consent
Mixin for ViewSets that handle organization-scoped resources.
This mixin provides automatic filtering of querysets based on the organizations a staff user has access to, and adjusts permission checks to allow list operations without requiring an explicit organization_id parameter.
Class Attributes: organization_filter_field: Field name to use for filtering queryset (default: "organization_id") organization_param_name: Query/path parameter name for organization (default: "organization_id") min_role_for_list: Minimum role required for list operation (default: "staff") Options: "admin", "manager", "staff", "guest"
Behavior: - For list operations: Returns resources from ALL organizations where user has sufficient role - For other operations: Uses standard organization-specific permission checks - If organization_id is provided as query/path param: Filters to that specific organization only
Example: >>> class FileViewSet(OrganizationAccessMixin, ModelViewSet): ... organization_filter_field = "organization_id" ... organization_param_name = "organization_id" ... min_role_for_list = "staff" ... permission_classes = (IsAuthenticated, IsOrganizationStaff) ... ... # List will now return files from all accessible organizations ... # GET /api/files/ - returns all accessible files ... # GET /api/files/?organization_id=org_xyz - returns only from that organization
Notes: - The mixin expects the viewset to have a StaffUser as request.user - The mixin works with both direct organization fields and related fields (e.g., "vendor__organization_id") - For create operations, organization_id should be validated in the serializer
path Parameters
idA unique value identifying this consent.
Delete consent › Responses
No response body
Update consent
Mixin for ViewSets that handle organization-scoped resources.
This mixin provides automatic filtering of querysets based on the organizations a staff user has access to, and adjusts permission checks to allow list operations without requiring an explicit organization_id parameter.
Class Attributes: organization_filter_field: Field name to use for filtering queryset (default: "organization_id") organization_param_name: Query/path parameter name for organization (default: "organization_id") min_role_for_list: Minimum role required for list operation (default: "staff") Options: "admin", "manager", "staff", "guest"
Behavior: - For list operations: Returns resources from ALL organizations where user has sufficient role - For other operations: Uses standard organization-specific permission checks - If organization_id is provided as query/path param: Filters to that specific organization only
Example: >>> class FileViewSet(OrganizationAccessMixin, ModelViewSet): ... organization_filter_field = "organization_id" ... organization_param_name = "organization_id" ... min_role_for_list = "staff" ... permission_classes = (IsAuthenticated, IsOrganizationStaff) ... ... # List will now return files from all accessible organizations ... # GET /api/files/ - returns all accessible files ... # GET /api/files/?organization_id=org_xyz - returns only from that organization
Notes: - The mixin expects the viewset to have a StaffUser as request.user - The mixin works with both direct organization fields and related fields (e.g., "vendor__organization_id") - For create operations, organization_id should be validated in the serializer
path Parameters
idA unique value identifying this consent.
Update consent › Request Body
titletypeterms- termsmarketing- marketingnotice- notice
enabledpublishedrequirededition_idvendor_org_idproduct_idsUpdate consent › Responses
idorganization_idtitlescopepublished_dateedition_idvendor_org_idproduct_idsordercreatedmodifiedenabledIs consent visible to new users?
publishedIs consent applicable to new and existing users? Note, that published consents can't be edited.
requiredIs consent required for new and existing users?