groups and fix

backend/config/settings/base.py

@@ -44,6 +44,7 @@ INSTALLED_APPS = [
     "projects",
     "metrics",
     "users",
+    "groups",
     "data_import",
     "data_export",
     "auto_labeling",
@@ -288,6 +289,29 @@ CELERY_ACCEPT_CONTENT = ["application/json"]
 CELERY_TASK_SERIALIZER = "json"
 CELERY_RESULT_SERIALIZER = "json"
 
+# Fix for macOS Celery fork() issue
+import os
+import platform
+if platform.system() == 'Darwin':  # macOS
+    os.environ['OBJC_DISABLE_INITIALIZE_FORK_SAFETY'] = 'YES'
+
+# Configure Celery to use 'spawn' instead of 'fork' on macOS
+CELERY_WORKER_CONCURRENCY = env.int('CELERY_WORKER_CONCURRENCY', 2)
+if platform.system() == 'Darwin':
+    CELERY_TASK_CREATE_MISSING_QUEUES = True
+    CELERY_WORKER_MAX_TASKS_PER_CHILD = 1000
+    CELERY_WORKER_PREFETCH_MULTIPLIER = 1
+    CELERY_WORKER_FORCE_EXECV = True
+    # Make Celery explicitly use spawn method on macOS
+    CELERY_WORKER_POOL = 'solo'  # Use 'solo' pool to avoid forking issues
+    
+    # SQLAlchemy broker options (remove incompatible options)
+    # CELERY_BROKER_TRANSPORT_OPTIONS = {'visibility_timeout': 3600}  # Remove this line
+    
+    # Also set these for command-line options
+    import multiprocessing
+    multiprocessing.set_start_method('spawn')
+
 DEFAULT_AUTO_FIELD = "django.db.models.AutoField"
 
 SOCIALACCOUNT_PROVIDERS = {

backend/config/urls.py

@@ -58,6 +58,7 @@ urlpatterns += [
     path("v1/", include("api.urls")),
     path("v1/", include("roles.urls")),
     path("v1/", include("users.urls")),
+    path("v1/", include("groups.urls")),
     path("v1/", include("data_import.urls")),
     path("v1/", include("data_export.urls")),
     path("v1/", include("projects.urls")),

backend/groups/admin.py

@@ -0,0 +1,6 @@
+from django.contrib import admin
+
+# Register your models here.
+from .models import Group
+
+admin.site.register(Group)

backend/groups/apps.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class GroupsConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "groups"

backend/groups/models.py

@@ -0,0 +1,41 @@
+from django.db import models
+
+class Group(models.Model):
+    # Define fields exactly as they exist in auth_group
+    id = models.AutoField(primary_key=True)
+    name = models.CharField(max_length=150, unique=True)
+
+    class Meta:
+        db_table = 'auth_group'  # Explicitly map to existing table
+        managed = False  # Prevent Django from modifying the table
+
+class GroupPermissions(models.Model):
+    # Define fields exactly as they exist in auth_group_permissions
+    id = models.AutoField(primary_key=True)
+    group = models.ForeignKey(Group, on_delete=models.CASCADE)
+    permission = models.ForeignKey('auth.Permission', on_delete=models.CASCADE)
+
+    class Meta:
+        db_table = 'auth_group_permissions'  # Explicitly map to existing table
+        managed = False  # Prevent Django from modifying the table
+
+class Permission(models.Model):
+    # Define fields exactly as they exist in auth_permission
+    id = models.AutoField(primary_key=True)
+    name = models.CharField(max_length=255)
+    content_type = models.ForeignKey('ContentType', on_delete=models.CASCADE)
+    codename = models.CharField(max_length=100)
+
+    class Meta:
+        db_table = 'auth_permission'  # Explicitly map to existing table
+        managed = False  # Prevent Django from modifying the table
+
+class ContentType(models.Model):
+    # Define fields exactly as they exist in django_content_type
+    id = models.AutoField(primary_key=True)
+    app_label = models.CharField(max_length=100)
+    model = models.CharField(max_length=100)
+
+    class Meta:
+        db_table = 'django_content_type'  # Explicitly map to existing table
+        managed = False  # Prevent Django from modifying the table

backend/groups/serializers.py

@@ -0,0 +1,54 @@
+from rest_framework import serializers
+from .models import Group, GroupPermissions, Permission
+
+class GroupSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Group
+        fields = ['id', 'name']  # Include only the fields you need
+
+class GroupCreateSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Group
+        fields = ['name']
+        extra_kwargs = {
+            'name': {'required': True}
+        }
+    def create(self, validated_data):
+        group = Group(**validated_data)
+        group.save()
+        return group
+    def update(self, instance, validated_data):
+        instance.name = validated_data.get('name', instance.name)
+        instance.save()
+        return instance
+    def delete(self, instance):
+        instance.delete()
+        return instance
+    def validate(self, data):
+        if 'name' in data and not data['name']:
+            raise serializers.ValidationError("Group name cannot be empty.")
+        return data
+
+class GroupPermissionsSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = GroupPermissions
+        fields = ['id', 'group_id', 'permission_id']  # Include only the fields you need
+
+class PermissionSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Permission
+        fields = ['id', 'name', 'content_type_id', 'codename']  # Include only the fields you need
+    extra_kwargs = {
+        'name': {'required': True},
+        'content_type_id': {'required': True},
+        'codename': {'required': True}
+    }
+
+class ContentTypeSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = 'ContentType'
+        fields = ['id', 'app_label', 'model']  # Include only the fields you need
+    extra_kwargs = {
+        'app_label': {'required': True},
+        'model': {'required': True}
+    }

backend/groups/urls.py

@@ -0,0 +1,23 @@
+from django.urls import path
+from .views import (
+    Groups, GroupDetail, GroupCreate,
+    GroupPermissionsList, GroupPermissionsCreate, GroupPermissionsDetail,
+    PermissionList, PermissionCreate, PermissionDetail
+)
+
+urlpatterns = [
+    # Group URLs
+    path(route="groups/<int:id>", view=GroupDetail.as_view(), name="group_detail"), 
+    path(route="groups/create/", view=GroupCreate.as_view(), name="group_create"),
+    path(route="groups", view=Groups.as_view(), name="group_list"),
+    
+    # GroupPermissions URLs
+    path(route="group-permissions/<int:id>", view=GroupPermissionsDetail.as_view(), name="group_permissions_detail"),
+    path(route="group-permissions/create/", view=GroupPermissionsCreate.as_view(), name="group_permissions_create"),
+    path(route="group-permissions", view=GroupPermissionsList.as_view(), name="group_permissions_list"),
+    
+    # Permission URLs
+    path(route="permissions/<int:id>", view=PermissionDetail.as_view(), name="permission_detail"),
+    path(route="permissions/create/", view=PermissionCreate.as_view(), name="permission_create"),
+    path(route="permissions", view=PermissionList.as_view(), name="permission_list"),
+]

backend/groups/views.py

@@ -0,0 +1,66 @@
+from django.shortcuts import render
+from django_filters.rest_framework import DjangoFilterBackend
+from rest_framework import filters, generics
+from rest_framework.permissions import IsAuthenticated
+from .models import Group, GroupPermissions, Permission
+from .serializers import GroupSerializer, GroupCreateSerializer, GroupPermissionsSerializer, PermissionSerializer
+from projects.permissions import IsProjectAdmin
+
+class Groups(generics.ListAPIView):
+    queryset = Group.objects.all()
+    serializer_class = GroupSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+    filter_backends = (DjangoFilterBackend, filters.SearchFilter, filters.OrderingFilter)
+    search_fields = ("name",)
+    ordering_fields = ("id", "name")
+    ordering = ("name",)  # Default ordering
+
+class GroupCreate(generics.CreateAPIView):
+    queryset = Group.objects.all()
+    serializer_class = GroupCreateSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+    
+class GroupDetail(generics.RetrieveUpdateDestroyAPIView):
+    queryset = Group.objects.all()
+    serializer_class = GroupSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+    lookup_field = 'id'
+
+class GroupPermissionsList(generics.ListAPIView):
+    queryset = GroupPermissions.objects.all()
+    serializer_class = GroupPermissionsSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+    filter_backends = (DjangoFilterBackend, filters.SearchFilter, filters.OrderingFilter)
+    filterset_fields = ('group_id', 'permission_id')
+    ordering_fields = ('id',)
+
+class GroupPermissionsCreate(generics.CreateAPIView):
+    queryset = GroupPermissions.objects.all()
+    serializer_class = GroupPermissionsSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+
+class GroupPermissionsDetail(generics.RetrieveUpdateDestroyAPIView):
+    queryset = GroupPermissions.objects.all()
+    serializer_class = GroupPermissionsSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+    lookup_field = 'id'
+
+class PermissionList(generics.ListAPIView):
+    queryset = Permission.objects.all()
+    serializer_class = PermissionSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+    filter_backends = (DjangoFilterBackend, filters.SearchFilter, filters.OrderingFilter)
+    search_fields = ('name', 'codename')
+    ordering_fields = ('id', 'name', 'codename')
+    ordering = ('name',)
+
+class PermissionCreate(generics.CreateAPIView):
+    queryset = Permission.objects.all()
+    serializer_class = PermissionSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+
+class PermissionDetail(generics.RetrieveUpdateDestroyAPIView):
+    queryset = Permission.objects.all()
+    serializer_class = PermissionSerializer
+    permission_classes = [IsAuthenticated & IsProjectAdmin]
+    lookup_field = 'id'