# Python imports import copy import json # Django imports from django.contrib.postgres.aggregates import ArrayAgg from django.contrib.postgres.fields import ArrayField from django.core.serializers.json import DjangoJSONEncoder from django.db.models import ( Count, Exists, F, Func, OuterRef, Prefetch, Q, Subquery, UUIDField, Value, ) from django.db.models.functions import Coalesce from django.utils import timezone from django.utils.decorators import method_decorator from django.views.decorators.gzip import gzip_page # Third Party imports from rest_framework import status from rest_framework.response import Response # Module imports from plane.app.permissions import ROLE, allow_permission from plane.app.serializers import ( IssueCreateSerializer, IssueDetailSerializer, IssueListDetailSerializer, IssueSerializer, ProjectUserPropertySerializer, ) from plane.bgtasks.issue_activities_task import issue_activity from plane.bgtasks.issue_description_version_task import issue_description_version_task from plane.bgtasks.recent_visited_task import recent_visited_task from plane.bgtasks.webhook_task import model_activity from plane.db.models import ( CycleIssue, FileAsset, IntakeIssue, Issue, IssueAssignee, IssueLabel, IssueLink, IssueReaction, IssueRelation, IssueSubscriber, ProjectUserProperty, ModuleIssue, Project, ProjectMember, UserRecentVisit, ) from plane.utils.filters import ComplexFilterBackend, IssueFilterSet from plane.utils.global_paginator import paginate from plane.utils.grouper import ( issue_group_values, issue_on_results, issue_queryset_grouper, ) from plane.utils.host import base_host from plane.utils.issue_filters import issue_filters from plane.utils.order_queryset import order_issue_queryset from plane.utils.paginator import GroupedOffsetPaginator, SubGroupedOffsetPaginator from plane.utils.timezone_converter import user_timezone_converter from .. import BaseAPIView, BaseViewSet class IssueListEndpoint(BaseAPIView): filter_backends = (ComplexFilterBackend,) filterset_class = IssueFilterSet @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST]) def get(self, request, slug, project_id): issue_ids = request.GET.get("issues", False) if not issue_ids: return Response({"error": "Issues are required"}, status=status.HTTP_400_BAD_REQUEST) issue_ids = [issue_id for issue_id in issue_ids.split(",") if issue_id != ""] # Base queryset with basic filters queryset = Issue.issue_objects.filter(workspace__slug=slug, project_id=project_id, pk__in=issue_ids) # Apply filtering from filterset queryset = self.filter_queryset(queryset) # Apply legacy filters filters = issue_filters(request.query_params, "GET") issue_queryset = queryset.filter(**filters) # Add select_related, prefetch_related if fields or expand is not None if self.fields or self.expand: issue_queryset = issue_queryset.select_related("workspace", "project", "state", "parent").prefetch_related( "assignees", "labels", "issue_module__module" ) # Add annotations issue_queryset = ( issue_queryset.annotate( cycle_id=Subquery( CycleIssue.objects.filter(issue=OuterRef("id"), deleted_at__isnull=True).values("cycle_id")[:1] ) ) .annotate( link_count=IssueLink.objects.filter(issue=OuterRef("id")) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .annotate( attachment_count=FileAsset.objects.filter( issue_id=OuterRef("id"), entity_type=FileAsset.EntityTypeContext.ISSUE_ATTACHMENT, ) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .annotate( sub_issues_count=Issue.issue_objects.filter(parent=OuterRef("id")) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .distinct() ) order_by_param = request.GET.get("order_by", "-created_at") # Issue queryset issue_queryset, _ = order_issue_queryset(issue_queryset=issue_queryset, order_by_param=order_by_param) # Group by group_by = request.GET.get("group_by", False) sub_group_by = request.GET.get("sub_group_by", False) # issue queryset issue_queryset = issue_queryset_grouper(queryset=issue_queryset, group_by=group_by, sub_group_by=sub_group_by) recent_visited_task.delay( slug=slug, project_id=project_id, entity_name="project", entity_identifier=project_id, user_id=request.user.id, ) if self.fields or self.expand: issues = IssueSerializer(queryset, many=True, fields=self.fields, expand=self.expand).data else: issues = issue_queryset.values( "id", "name", "state_id", "sort_order", "completed_at", "estimate_point", "priority", "start_date", "target_date", "sequence_id", "project_id", "parent_id", "cycle_id", "module_ids", "label_ids", "assignee_ids", "sub_issues_count", "created_at", "updated_at", "created_by", "updated_by", "attachment_count", "link_count", "is_draft", "archived_at", "deleted_at", ) datetime_fields = ["created_at", "updated_at"] issues = user_timezone_converter(issues, datetime_fields, request.user.user_timezone) return Response(issues, status=status.HTTP_200_OK) class IssueViewSet(BaseViewSet): model = Issue webhook_event = "issue" search_fields = ["name"] filter_backends = (ComplexFilterBackend,) filterset_class = IssueFilterSet def get_serializer_class(self): return IssueCreateSerializer if self.action in ["create", "update", "partial_update"] else IssueSerializer def get_queryset(self): issues = Issue.issue_objects.filter( project_id=self.kwargs.get("project_id"), workspace__slug=self.kwargs.get("slug"), ).distinct() return issues def apply_annotations(self, issues): issues = ( issues.annotate( cycle_id=Subquery( CycleIssue.objects.filter(issue=OuterRef("id"), deleted_at__isnull=True).values("cycle_id")[:1] ) ) .annotate( link_count=Subquery( IssueLink.objects.filter(issue=OuterRef("id")) .values("issue") .annotate(count=Count("id")) .values("count") ) ) .annotate( attachment_count=Subquery( FileAsset.objects.filter( issue_id=OuterRef("id"), entity_type=FileAsset.EntityTypeContext.ISSUE_ATTACHMENT, ) .values("issue_id") .annotate(count=Count("id")) .values("count") ) ) .annotate( sub_issues_count=Subquery( Issue.issue_objects.filter(parent=OuterRef("id")) .values("parent") .annotate(count=Count("id")) .values("count") ) ) ) return issues @method_decorator(gzip_page) @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST]) def list(self, request, slug, project_id): extra_filters = {} if request.GET.get("updated_at__gt", None) is not None: extra_filters = {"updated_at__gt": request.GET.get("updated_at__gt")} project = Project.objects.get(pk=project_id, workspace__slug=slug) query_params = request.query_params.copy() filters = issue_filters(query_params, "GET") order_by_param = request.GET.get("order_by", "-created_at") issue_queryset = self.get_queryset() # Apply rich filters issue_queryset = self.filter_queryset(issue_queryset) # Apply legacy filters issue_queryset = issue_queryset.filter(**filters, **extra_filters) # Keeping a copy of the queryset before applying annotations filtered_issue_queryset = copy.deepcopy(issue_queryset) # Applying annotations to the issue queryset issue_queryset = self.apply_annotations(issue_queryset) # Issue queryset issue_queryset, order_by_param = order_issue_queryset( issue_queryset=issue_queryset, order_by_param=order_by_param ) # Group by group_by = request.GET.get("group_by", False) sub_group_by = request.GET.get("sub_group_by", False) # issue queryset issue_queryset = issue_queryset_grouper(queryset=issue_queryset, group_by=group_by, sub_group_by=sub_group_by) recent_visited_task.delay( slug=slug, project_id=project_id, entity_name="project", entity_identifier=project_id, user_id=request.user.id, ) if ( ProjectMember.objects.filter( workspace__slug=slug, project_id=project_id, member=request.user, role=5, is_active=True, ).exists() and not project.guest_view_all_features ): issue_queryset = issue_queryset.filter(created_by=request.user) filtered_issue_queryset = filtered_issue_queryset.filter(created_by=request.user) if group_by: if sub_group_by: if group_by == sub_group_by: return Response( { "error": "Group by and sub group by cannot have same parameters" # noqa: E501 }, status=status.HTTP_400_BAD_REQUEST, ) else: return self.paginate( request=request, order_by=order_by_param, queryset=issue_queryset, total_count_queryset=filtered_issue_queryset, on_results=lambda issues: issue_on_results( group_by=group_by, issues=issues, sub_group_by=sub_group_by ), paginator_cls=SubGroupedOffsetPaginator, group_by_fields=issue_group_values( field=group_by, slug=slug, project_id=project_id, filters=filters, queryset=filtered_issue_queryset, ), sub_group_by_fields=issue_group_values( field=sub_group_by, slug=slug, project_id=project_id, filters=filters, queryset=filtered_issue_queryset, ), group_by_field_name=group_by, sub_group_by_field_name=sub_group_by, count_filter=Q( Q(issue_intake__status=1) | Q(issue_intake__status=-1) | Q(issue_intake__status=2) | Q(issue_intake__isnull=True), archived_at__isnull=True, is_draft=False, ), ) else: # Group paginate return self.paginate( request=request, order_by=order_by_param, queryset=issue_queryset, total_count_queryset=filtered_issue_queryset, on_results=lambda issues: issue_on_results( group_by=group_by, issues=issues, sub_group_by=sub_group_by ), paginator_cls=GroupedOffsetPaginator, group_by_fields=issue_group_values( field=group_by, slug=slug, project_id=project_id, filters=filters, queryset=filtered_issue_queryset, ), group_by_field_name=group_by, count_filter=Q( Q(issue_intake__status=1) | Q(issue_intake__status=-1) | Q(issue_intake__status=2) | Q(issue_intake__isnull=True), archived_at__isnull=True, is_draft=False, ), ) else: return self.paginate( order_by=order_by_param, request=request, queryset=issue_queryset, total_count_queryset=filtered_issue_queryset, on_results=lambda issues: issue_on_results(group_by=group_by, issues=issues, sub_group_by=sub_group_by), ) @allow_permission([ROLE.ADMIN, ROLE.MEMBER]) def create(self, request, slug, project_id): project = Project.objects.get(pk=project_id) serializer = IssueCreateSerializer( data=request.data, context={ "project_id": project_id, "workspace_id": project.workspace_id, "default_assignee_id": project.default_assignee_id, }, ) if serializer.is_valid(): serializer.save() # Track the issue issue_activity.delay( type="issue.activity.created", requested_data=json.dumps(self.request.data, cls=DjangoJSONEncoder), actor_id=str(request.user.id), issue_id=str(serializer.data.get("id", None)), project_id=str(project_id), current_instance=None, epoch=int(timezone.now().timestamp()), notification=True, origin=base_host(request=request, is_app=True), ) queryset = self.get_queryset() queryset = self.apply_annotations(queryset) issue = ( issue_queryset_grouper( queryset=queryset.filter(pk=serializer.data["id"]), group_by=None, sub_group_by=None, ) .values( "id", "name", "state_id", "sort_order", "completed_at", "estimate_point", "priority", "start_date", "target_date", "sequence_id", "project_id", "parent_id", "cycle_id", "module_ids", "label_ids", "assignee_ids", "sub_issues_count", "created_at", "updated_at", "created_by", "updated_by", "attachment_count", "link_count", "is_draft", "archived_at", "deleted_at", ) .first() ) datetime_fields = ["created_at", "updated_at"] issue = user_timezone_converter(issue, datetime_fields, request.user.user_timezone) # Send the model activity model_activity.delay( model_name="issue", model_id=str(serializer.data["id"]), requested_data=request.data, current_instance=None, actor_id=request.user.id, slug=slug, origin=base_host(request=request, is_app=True), ) # updated issue description version issue_description_version_task.delay( updated_issue=json.dumps(request.data, cls=DjangoJSONEncoder), issue_id=str(serializer.data["id"]), user_id=request.user.id, is_creating=True, ) return Response(issue, status=status.HTTP_201_CREATED) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) @allow_permission(allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], creator=True, model=Issue) def retrieve(self, request, slug, project_id, pk=None): project = Project.objects.get(pk=project_id, workspace__slug=slug) issue = ( Issue.objects.filter( project_id=self.kwargs.get("project_id"), workspace__slug=self.kwargs.get("slug"), pk=pk, ) .select_related("state") .annotate(cycle_id=Subquery(CycleIssue.objects.filter(issue=OuterRef("id")).values("cycle_id")[:1])) .annotate( link_count=Subquery( IssueLink.objects.filter(issue=OuterRef("id")) .values("issue") .annotate(count=Count("id")) .values("count") ) ) .annotate( attachment_count=Subquery( FileAsset.objects.filter( issue_id=OuterRef("id"), entity_type=FileAsset.EntityTypeContext.ISSUE_ATTACHMENT, ) .values("issue_id") .annotate(count=Count("id")) .values("count") ) ) .annotate( sub_issues_count=Subquery( Issue.issue_objects.filter(parent=OuterRef("id")) .values("parent") .annotate(count=Count("id")) .values("count") ) ) .annotate( label_ids=Coalesce( Subquery( IssueLabel.objects.filter(issue_id=OuterRef("pk")) .values("issue_id") .annotate(arr=ArrayAgg("label_id", distinct=True)) .values("arr") ), Value([], output_field=ArrayField(UUIDField())), ), assignee_ids=Coalesce( Subquery( IssueAssignee.objects.filter( issue_id=OuterRef("pk"), assignee__member_project__is_active=True, ) .values("issue_id") .annotate(arr=ArrayAgg("assignee_id", distinct=True)) .values("arr") ), Value([], output_field=ArrayField(UUIDField())), ), module_ids=Coalesce( Subquery( ModuleIssue.objects.filter( issue_id=OuterRef("pk"), module__archived_at__isnull=True, ) .values("issue_id") .annotate(arr=ArrayAgg("module_id", distinct=True)) .values("arr") ), Value([], output_field=ArrayField(UUIDField())), ), ) .prefetch_related( Prefetch( "issue_reactions", queryset=IssueReaction.objects.select_related("issue", "actor"), ) ) .prefetch_related( Prefetch( "issue_link", queryset=IssueLink.objects.select_related("created_by"), ) ) .annotate( is_subscribed=Exists( IssueSubscriber.objects.filter( workspace__slug=slug, project_id=project_id, issue_id=OuterRef("pk"), subscriber=request.user, ) ) ) ).first() if not issue: return Response( {"error": "The required object does not exist."}, status=status.HTTP_404_NOT_FOUND, ) """ if the role is guest and guest_view_all_features is false and owned by is not the requesting user then dont show the issue """ if ( ProjectMember.objects.filter( workspace__slug=slug, project_id=project_id, member=request.user, role=5, is_active=True, ).exists() and not project.guest_view_all_features and not issue.created_by == request.user ): return Response( {"error": "You are not allowed to view this issue"}, status=status.HTTP_403_FORBIDDEN, ) recent_visited_task.delay( slug=slug, entity_name="issue", entity_identifier=pk, user_id=request.user.id, project_id=project_id, ) serializer = IssueDetailSerializer(issue, expand=self.expand) return Response(serializer.data, status=status.HTTP_200_OK) @allow_permission(allowed_roles=[ROLE.ADMIN, ROLE.MEMBER], creator=True, model=Issue) def partial_update(self, request, slug, project_id, pk=None): queryset = self.get_queryset() queryset = self.apply_annotations(queryset) skip_activity = request.data.pop("skip_activity", False) is_description_update = request.data.get("description_html") is not None issue = ( queryset.annotate( label_ids=Coalesce( ArrayAgg( "labels__id", distinct=True, filter=Q(~Q(labels__id__isnull=True) & Q(label_issue__deleted_at__isnull=True)), ), Value([], output_field=ArrayField(UUIDField())), ), assignee_ids=Coalesce( ArrayAgg( "assignees__id", distinct=True, filter=Q( ~Q(assignees__id__isnull=True) & Q(assignees__member_project__is_active=True) & Q(issue_assignee__deleted_at__isnull=True) ), ), Value([], output_field=ArrayField(UUIDField())), ), module_ids=Coalesce( ArrayAgg( "issue_module__module_id", distinct=True, filter=Q( ~Q(issue_module__module_id__isnull=True) & Q(issue_module__module__archived_at__isnull=True) & Q(issue_module__deleted_at__isnull=True) ), ), Value([], output_field=ArrayField(UUIDField())), ), ) .filter(pk=pk) .first() ) if not issue: return Response({"error": "Issue not found"}, status=status.HTTP_404_NOT_FOUND) current_instance = json.dumps(IssueDetailSerializer(issue).data, cls=DjangoJSONEncoder) requested_data = json.dumps(self.request.data, cls=DjangoJSONEncoder) serializer = IssueCreateSerializer(issue, data=request.data, partial=True, context={"project_id": project_id}) if serializer.is_valid(): serializer.save() # Check if the update is a migration description update is_migration_description_update = skip_activity and is_description_update # Log all the updates if not is_migration_description_update: issue_activity.delay( type="issue.activity.updated", requested_data=requested_data, actor_id=str(request.user.id), issue_id=str(pk), project_id=str(project_id), current_instance=current_instance, epoch=int(timezone.now().timestamp()), notification=True, origin=base_host(request=request, is_app=True), ) model_activity.delay( model_name="issue", model_id=str(serializer.data.get("id", None)), requested_data=request.data, current_instance=current_instance, actor_id=request.user.id, slug=slug, origin=base_host(request=request, is_app=True), ) # updated issue description version issue_description_version_task.delay( updated_issue=current_instance, issue_id=str(serializer.data.get("id", None)), user_id=request.user.id, ) return Response(status=status.HTTP_204_NO_CONTENT) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) @allow_permission([ROLE.ADMIN], creator=True, model=Issue) def destroy(self, request, slug, project_id, pk=None): issue = Issue.objects.get(workspace__slug=slug, project_id=project_id, pk=pk) issue.delete() # delete the issue from recent visits UserRecentVisit.objects.filter( project_id=project_id, workspace__slug=slug, entity_identifier=pk, entity_name="issue", ).delete(soft=False) issue_activity.delay( type="issue.activity.deleted", requested_data=json.dumps({"issue_id": str(pk)}), actor_id=str(request.user.id), issue_id=str(pk), project_id=str(project_id), current_instance={}, epoch=int(timezone.now().timestamp()), notification=True, origin=base_host(request=request, is_app=True), subscriber=False, ) return Response(status=status.HTTP_204_NO_CONTENT) class ProjectUserDisplayPropertyEndpoint(BaseAPIView): @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST]) def patch(self, request, slug, project_id): try: issue_property = ProjectUserProperty.objects.get( user=request.user, project_id=project_id ) except ProjectUserProperty.DoesNotExist: issue_property = ProjectUserProperty.objects.create( user=request.user, project_id=project_id ) serializer = ProjectUserPropertySerializer( issue_property, data=request.data, partial=True ) serializer.is_valid(raise_exception=True) serializer.save() return Response(serializer.data, status=status.HTTP_200_OK) @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST]) def get(self, request, slug, project_id): issue_property, _ = ProjectUserProperty.objects.get_or_create(user=request.user, project_id=project_id) serializer = ProjectUserPropertySerializer(issue_property) return Response(serializer.data, status=status.HTTP_200_OK) class BulkDeleteIssuesEndpoint(BaseAPIView): @allow_permission([ROLE.ADMIN]) def delete(self, request, slug, project_id): issue_ids = request.data.get("issue_ids", []) if not len(issue_ids): return Response({"error": "Issue IDs are required"}, status=status.HTTP_400_BAD_REQUEST) issues = Issue.issue_objects.filter(workspace__slug=slug, project_id=project_id, pk__in=issue_ids) total_issues = len(issues) # First, delete all related cycle issues CycleIssue.objects.filter(issue_id__in=issue_ids).delete() # Then, delete all related module issues ModuleIssue.objects.filter(issue_id__in=issue_ids).delete() # Finally, delete the issues themselves issues.delete() return Response( {"message": f"{total_issues} issues were deleted"}, status=status.HTTP_200_OK, ) class DeletedIssuesListViewSet(BaseAPIView): @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST]) def get(self, request, slug, project_id): filters = {} if request.GET.get("updated_at__gt", None) is not None: filters = {"updated_at__gt": request.GET.get("updated_at__gt")} deleted_issues = ( Issue.all_objects.filter(workspace__slug=slug, project_id=project_id) .filter(Q(archived_at__isnull=False) | Q(deleted_at__isnull=False)) .filter(**filters) .values_list("id", flat=True) ) return Response(deleted_issues, status=status.HTTP_200_OK) class IssuePaginatedViewSet(BaseViewSet): def get_queryset(self): workspace_slug = self.kwargs.get("slug") project_id = self.kwargs.get("project_id") issue_queryset = Issue.issue_objects.filter(workspace__slug=workspace_slug, project_id=project_id) return ( issue_queryset.select_related("state") .annotate(cycle_id=Subquery(CycleIssue.objects.filter(issue=OuterRef("id")).values("cycle_id")[:1])) .annotate( link_count=Subquery( IssueLink.objects.filter(issue=OuterRef("id")) .values("issue") .annotate(count=Count("id")) .values("count") ) ) .annotate( attachment_count=Subquery( FileAsset.objects.filter( issue_id=OuterRef("id"), entity_type=FileAsset.EntityTypeContext.ISSUE_ATTACHMENT, ) .values("issue_id") .annotate(count=Count("id")) .values("count") ) ) .annotate( sub_issues_count=Subquery( Issue.issue_objects.filter(parent=OuterRef("id")) .values("parent") .annotate(count=Count("id")) .values("count") ) ) ) def process_paginated_result(self, fields, results, timezone): paginated_data = results.values(*fields) # converting the datetime fields in paginated data datetime_fields = ["created_at", "updated_at"] paginated_data = user_timezone_converter(paginated_data, datetime_fields, timezone) return paginated_data @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST]) def list(self, request, slug, project_id): cursor = request.GET.get("cursor", None) is_description_required = request.GET.get("description", "false") updated_at = request.GET.get("updated_at__gt", None) # required fields required_fields = [ "id", "name", "state_id", "state__group", "sort_order", "completed_at", "estimate_point", "priority", "start_date", "target_date", "sequence_id", "project_id", "parent_id", "cycle_id", "created_at", "updated_at", "created_by", "updated_by", "is_draft", "archived_at", "module_ids", "label_ids", "assignee_ids", "link_count", "attachment_count", "sub_issues_count", ] if str(is_description_required).lower() == "true": required_fields.append("description_html") # querying issues base_queryset = Issue.issue_objects.filter(workspace__slug=slug, project_id=project_id) base_queryset = base_queryset.order_by("updated_at") queryset = self.get_queryset().order_by("updated_at") # validation for guest user project = Project.objects.get(pk=project_id, workspace__slug=slug) project_member = ProjectMember.objects.filter( workspace__slug=slug, project_id=project_id, member=request.user, role=5, is_active=True, ) if project_member.exists() and not project.guest_view_all_features: base_queryset = base_queryset.filter(created_by=request.user) queryset = queryset.filter(created_by=request.user) # filtering issues by greater then updated_at given by the user if updated_at: base_queryset = base_queryset.filter(updated_at__gt=updated_at) queryset = queryset.filter(updated_at__gt=updated_at) queryset = queryset.annotate( label_ids=Coalesce( Subquery( IssueLabel.objects.filter(issue_id=OuterRef("pk")) .values("issue_id") .annotate(arr=ArrayAgg("label_id", distinct=True)) .values("arr") ), Value([], output_field=ArrayField(UUIDField())), ), assignee_ids=Coalesce( Subquery( IssueAssignee.objects.filter( issue_id=OuterRef("pk"), assignee__member_project__is_active=True, ) .values("issue_id") .annotate(arr=ArrayAgg("assignee_id", distinct=True)) .values("arr") ), Value([], output_field=ArrayField(UUIDField())), ), module_ids=Coalesce( Subquery( ModuleIssue.objects.filter( issue_id=OuterRef("pk"), module__archived_at__isnull=True, ) .values("issue_id") .annotate(arr=ArrayAgg("module_id", distinct=True)) .values("arr") ), Value([], output_field=ArrayField(UUIDField())), ), ) paginated_data = paginate( base_queryset=base_queryset, queryset=queryset, cursor=cursor, on_result=lambda results: self.process_paginated_result( required_fields, results, request.user.user_timezone ), ) return Response(paginated_data, status=status.HTTP_200_OK) class IssueDetailEndpoint(BaseAPIView): filter_backends = (ComplexFilterBackend,) filterset_class = IssueFilterSet def apply_annotations(self, issues): return ( issues.annotate( cycle_id=Subquery( CycleIssue.objects.filter(issue=OuterRef("id"), deleted_at__isnull=True).values("cycle_id")[:1] ) ) .annotate( link_count=IssueLink.objects.filter(issue=OuterRef("id")) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .annotate( attachment_count=FileAsset.objects.filter( issue_id=OuterRef("id"), entity_type=FileAsset.EntityTypeContext.ISSUE_ATTACHMENT, ) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .annotate( sub_issues_count=Issue.issue_objects.filter(parent=OuterRef("id")) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .prefetch_related( Prefetch( "issue_assignee", queryset=IssueAssignee.objects.all(), ) ) .prefetch_related( Prefetch( "label_issue", queryset=IssueLabel.objects.all(), ) ) .prefetch_related( Prefetch( "issue_module", queryset=ModuleIssue.objects.all(), ) ) ) @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST]) def get(self, request, slug, project_id): filters = issue_filters(request.query_params, "GET") # check for the project member role, if the role is 5 then check for the guest_view_all_features # if it is true then show all the issues else show only the issues created by the user permission_subquery = ( Issue.issue_objects.filter(workspace__slug=slug, project_id=project_id, id=OuterRef("id")) .filter( Q( project__project_projectmember__member=self.request.user, project__project_projectmember__is_active=True, project__project_projectmember__role__gt=ROLE.GUEST.value, ) | Q( project__project_projectmember__member=self.request.user, project__project_projectmember__is_active=True, project__project_projectmember__role=ROLE.GUEST.value, project__guest_view_all_features=True, ) | Q( project__project_projectmember__member=self.request.user, project__project_projectmember__is_active=True, project__project_projectmember__role=ROLE.GUEST.value, project__guest_view_all_features=False, created_by=self.request.user, ) ) .values("id") ) # Main issue query issue = Issue.issue_objects.filter(workspace__slug=slug, project_id=project_id).filter( Exists(permission_subquery) ) # Add additional prefetch based on expand parameter if self.expand: if "issue_relation" in self.expand: issue = issue.prefetch_related( Prefetch( "issue_relation", queryset=IssueRelation.objects.select_related("related_issue"), ) ) if "issue_related" in self.expand: issue = issue.prefetch_related( Prefetch( "issue_related", queryset=IssueRelation.objects.select_related("issue"), ) ) # Apply filtering from filterset issue = self.filter_queryset(issue) # Apply legacy filters issue = issue.filter(**filters) # Total count queryset total_issue_queryset = copy.deepcopy(issue) # Applying annotations to the issue queryset issue = self.apply_annotations(issue) order_by_param = request.GET.get("order_by", "-created_at") # Issue queryset issue, order_by_param = order_issue_queryset(issue_queryset=issue, order_by_param=order_by_param) return self.paginate( request=request, order_by=order_by_param, queryset=issue, total_count_queryset=total_issue_queryset, on_results=lambda issue: IssueListDetailSerializer( issue, many=True, fields=self.fields, expand=self.expand ).data, ) class IssueBulkUpdateDateEndpoint(BaseAPIView): def validate_dates(self, current_start, current_target, new_start, new_target): """ Validate that start date is before target date. """ from datetime import datetime start = new_start or current_start target = new_target or current_target # Convert string dates to datetime objects if they're strings if isinstance(start, str): start = datetime.strptime(start, "%Y-%m-%d").date() if isinstance(target, str): target = datetime.strptime(target, "%Y-%m-%d").date() if start and target and start > target: return False return True @allow_permission([ROLE.ADMIN, ROLE.MEMBER]) def post(self, request, slug, project_id): updates = request.data.get("updates", []) issue_ids = [update["id"] for update in updates] epoch = int(timezone.now().timestamp()) # Fetch all relevant issues in a single query issues = list(Issue.objects.filter(id__in=issue_ids)) issues_dict = {str(issue.id): issue for issue in issues} issues_to_update = [] for update in updates: issue_id = update["id"] issue = issues_dict.get(issue_id) if not issue: continue start_date = update.get("start_date") target_date = update.get("target_date") validate_dates = self.validate_dates(issue.start_date, issue.target_date, start_date, target_date) if not validate_dates: return Response( {"message": "Start date cannot exceed target date"}, status=status.HTTP_400_BAD_REQUEST, ) if start_date: issue_activity.delay( type="issue.activity.updated", requested_data=json.dumps({"start_date": update.get("start_date")}), current_instance=json.dumps({"start_date": str(issue.start_date)}), issue_id=str(issue_id), actor_id=str(request.user.id), project_id=str(project_id), epoch=epoch, ) issue.start_date = start_date issues_to_update.append(issue) if target_date: issue_activity.delay( type="issue.activity.updated", requested_data=json.dumps({"target_date": update.get("target_date")}), current_instance=json.dumps({"target_date": str(issue.target_date)}), issue_id=str(issue_id), actor_id=str(request.user.id), project_id=str(project_id), epoch=epoch, ) issue.target_date = target_date issues_to_update.append(issue) # Bulk update issues Issue.objects.bulk_update(issues_to_update, ["start_date", "target_date"]) return Response({"message": "Issues updated successfully"}, status=status.HTTP_200_OK) class IssueMetaEndpoint(BaseAPIView): @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="PROJECT") def get(self, request, slug, project_id, issue_id): issue = Issue.issue_objects.only("sequence_id", "project__identifier").get( id=issue_id, project_id=project_id, workspace__slug=slug ) return Response( { "sequence_id": issue.sequence_id, "project_identifier": issue.project.identifier, }, status=status.HTTP_200_OK, ) class IssueDetailIdentifierEndpoint(BaseAPIView): def strict_str_to_int(self, s): if not s.isdigit() and not (s.startswith("-") and s[1:].isdigit()): raise ValueError("Invalid integer string") return int(s) def get(self, request, slug, project_identifier, issue_identifier): # Check if the issue identifier is a valid integer try: issue_identifier = self.strict_str_to_int(issue_identifier) except ValueError: return Response( {"error": "Invalid issue identifier"}, status=status.HTTP_400_BAD_REQUEST, ) # Fetch the project project = Project.objects.get(identifier__iexact=project_identifier, workspace__slug=slug) # Check if the user is a member of the project if not ProjectMember.objects.filter( workspace__slug=slug, project_id=project.id, member=request.user, is_active=True, ).exists(): return Response( {"error": "You are not allowed to view this issue"}, status=status.HTTP_403_FORBIDDEN, ) # Fetch the issue issue = ( Issue.objects.filter(project_id=project.id) .filter(workspace__slug=slug) .select_related("workspace", "project", "state", "parent") .prefetch_related("assignees", "labels", "issue_module__module") .annotate(cycle_id=Subquery(CycleIssue.objects.filter(issue=OuterRef("id")).values("cycle_id")[:1])) .annotate( link_count=IssueLink.objects.filter(issue=OuterRef("id")) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .annotate( attachment_count=FileAsset.objects.filter( issue_id=OuterRef("id"), entity_type=FileAsset.EntityTypeContext.ISSUE_ATTACHMENT, ) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .annotate( sub_issues_count=Issue.issue_objects.filter(parent=OuterRef("id")) .order_by() .annotate(count=Func(F("id"), function="Count")) .values("count") ) .filter(sequence_id=issue_identifier) .annotate( label_ids=Coalesce( ArrayAgg( "labels__id", distinct=True, filter=Q(~Q(labels__id__isnull=True) & Q(label_issue__deleted_at__isnull=True)), ), Value([], output_field=ArrayField(UUIDField())), ), assignee_ids=Coalesce( ArrayAgg( "assignees__id", distinct=True, filter=Q( ~Q(assignees__id__isnull=True) & Q(assignees__member_project__is_active=True) & Q(issue_assignee__deleted_at__isnull=True) ), ), Value([], output_field=ArrayField(UUIDField())), ), module_ids=Coalesce( ArrayAgg( "issue_module__module_id", distinct=True, filter=Q( ~Q(issue_module__module_id__isnull=True) & Q(issue_module__module__archived_at__isnull=True) & Q(issue_module__deleted_at__isnull=True) ), ), Value([], output_field=ArrayField(UUIDField())), ), ) .prefetch_related( Prefetch( "issue_reactions", queryset=IssueReaction.objects.select_related("issue", "actor"), ) ) .prefetch_related( Prefetch( "issue_link", queryset=IssueLink.objects.select_related("created_by"), ) ) .annotate( is_subscribed=Exists( IssueSubscriber.objects.filter( workspace__slug=slug, project_id=project.id, issue__sequence_id=issue_identifier, subscriber=request.user, ) ) ) .annotate( is_intake=Exists( IntakeIssue.objects.filter( issue=OuterRef("id"), status__in=[-2, 0], workspace__slug=slug, project_id=project.id, ) ) ) ).first() # Check if the issue exists if not issue: return Response( {"error": "The required object does not exist."}, status=status.HTTP_404_NOT_FOUND, ) """ if the role is guest and guest_view_all_features is false and owned by is not the requesting user then dont show the issue """ if ( ProjectMember.objects.filter( workspace__slug=slug, project_id=project.id, member=request.user, role=5, is_active=True, ).exists() and not project.guest_view_all_features and not issue.created_by == request.user ): return Response( {"error": "You are not allowed to view this issue"}, status=status.HTTP_403_FORBIDDEN, ) recent_visited_task.delay( slug=slug, entity_name="issue", entity_identifier=str(issue.id), user_id=str(request.user.id), project_id=str(project.id), ) # Serialize the issue serializer = IssueDetailSerializer(issue, expand=self.expand) return Response(serializer.data, status=status.HTTP_200_OK)