Add delete user endpoint

docmanager_backend/accounts/permissions.py

@@ -29,3 +29,12 @@ class IsHead(BasePermission):
 
     def has_permission(self, request, view):
         return bool(request.user and request.user.role == "head")
+
+
+class IsAdmin(BasePermission):
+    """
+    Allows access only to users with admin role
+    """
+
+    def has_permission(self, request, view):
+        return bool(request.user and request.user.role == "admin")

docmanager_backend/accounts/urls.py

@@ -1,7 +1,8 @@
 from django.urls import include, path
-
+from .views import CustomUserDeleteView
 
 urlpatterns = [
     path("", include("djoser.urls")),
     path("", include("djoser.urls.jwt")),
+    path("users/delete/<int:pk>/", CustomUserDeleteView.as_view()),
 ]

docmanager_backend/accounts/views.py

@@ -0,0 +1,16 @@
+from rest_framework import generics
+from .serializers import CustomUserSerializer
+from rest_framework.permissions import IsAuthenticated
+from accounts.permissions import IsAdmin
+from .models import CustomUser
+
+
+class CustomUserDeleteView(generics.DestroyAPIView):
+    """
+    Used by admin to delete users. Accepts the user id as a URL parameter
+    """
+
+    http_method_names = ["delete"]
+    serializer_class = CustomUserSerializer
+    queryset = CustomUser.objects.all()
+    permission_classes = [IsAuthenticated, IsAdmin]