From a3d1bbad30c4f0f8f51d20d43ac9f6d983a11555 Mon Sep 17 00:00:00 2001 From: Sicherhaven Date: Wed, 25 Mar 2026 11:10:29 +0530 Subject: [PATCH] fix: scope users API to end-users and tag new registrations as customers - UserListView and UserMetricsView now filter is_superuser=False so only end-user accounts appear in the admin Users page (not admin/staff) - _serialize_user now returns avatarUrl from profile_picture field so the grid view renders profile images instead of broken img tags - RegisterForm and WebRegisterForm now set is_customer=True and role='customer' on save so future registrants are correctly classified --- admin_api/views.py | 20 +++++++++++++++----- mobile_api/forms/user_forms.py | 9 ++++++--- 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/admin_api/views.py b/admin_api/views.py index 8f8cf7c..9ab4663 100644 --- a/admin_api/views.py +++ b/admin_api/views.py @@ -491,12 +491,18 @@ _USER_ROLE_MAP = { def _serialize_user(u): full_name = f'{u.first_name} {u.last_name}'.strip() or u.username role_key = u.role if u.role else ('customer' if getattr(u, 'is_customer', False) else 'staff') + try: + pic = u.profile_picture + avatar = pic.url if pic and pic.name and pic.name != 'default.png' else '' + except Exception: + avatar = '' return { 'id': str(u.id), 'name': full_name, 'email': u.email, 'phone': getattr(u, 'phone_number', '') or '', 'countryCode': '+91', + 'avatarUrl': avatar, 'role': _USER_ROLE_MAP.get(role_key, 'User'), 'status': _user_status(u), 'tier': 'Bronze', @@ -527,16 +533,19 @@ class UserMetricsView(APIView): def get(self, request): from django.contrib.auth import get_user_model + from django.db.models import Q from django.utils import timezone import datetime User = get_user_model() today = timezone.now().date() week_ago = today - datetime.timedelta(days=7) + # Customers = all non-superuser accounts (end users registered via mobile/web) + customer_qs = User.objects.filter(is_superuser=False) return Response({ - 'total': User.objects.count(), - 'active': User.objects.filter(is_active=True).count(), - 'suspended': User.objects.filter(is_active=False).count(), - 'newThisWeek': User.objects.filter(date_joined__date__gte=week_ago).count(), + 'total': customer_qs.count(), + 'active': customer_qs.filter(is_active=True).count(), + 'suspended': customer_qs.filter(is_active=False).count(), + 'newThisWeek': customer_qs.filter(date_joined__date__gte=week_ago).count(), }) @@ -547,7 +556,8 @@ class UserListView(APIView): from django.contrib.auth import get_user_model from django.db.models import Q User = get_user_model() - qs = User.objects.all() + # Customers = all non-superuser accounts (end users registered via mobile/web) + qs = User.objects.filter(is_superuser=False) if s := request.GET.get('status'): if s == 'Active': qs = qs.filter(is_active=True) diff --git a/mobile_api/forms/user_forms.py b/mobile_api/forms/user_forms.py index 2ec5cca..805d2ce 100644 --- a/mobile_api/forms/user_forms.py +++ b/mobile_api/forms/user_forms.py @@ -31,6 +31,9 @@ class RegisterForm(forms.ModelForm): # Set username equal to email to avoid separate username errors user.username = self.cleaned_data['email'] user.set_password(self.cleaned_data['password']) + # Mark as a customer / end-user + user.is_customer = True + user.role = 'customer' if commit: user.save() return user @@ -70,9 +73,9 @@ class WebRegisterForm(forms.ModelForm): # Set username equal to email to avoid separate username errors user.username = self.cleaned_data['email'] user.set_password(self.cleaned_data['password']) - print('*' * 100) - print(user.username) - print('*' * 100) + # Mark as a customer / end-user + user.is_customer = True + user.role = 'customer' if commit: user.save() return user