✨(api/admin) add endpoint to create/udpate/delete organization accesses

Backoffice needs to create / update / delete organization accesses so we create
api endpoints to allow that.

#340

CHANGELOG.md

@@ -10,7 +10,7 @@ and this project adheres to
 
 ## Added
 
-- Add admin endpoint to create/update/delete course accesses
+- Add admin endpoints to create/update/delete organization/course accesses
 - Add admin endpoint to search users
 - Add endpoints to get course product relations and courses from organization
 - Add `max_validated_orders` field to CourseProductRelation model

src/backend/joanie/core/api/admin.py

@@ -134,3 +134,27 @@ def get_serializer_context(self):
         context = super().get_serializer_context()
         context["course_id"] = self.kwargs["course_id"]
         return context
+
+
+class OrganizationAccessViewSet(
+    mixins.CreateModelMixin,
+    mixins.UpdateModelMixin,
+    mixins.DestroyModelMixin,
+    viewsets.GenericViewSet,
+):
+    """
+    Write only Organization Access ViewSet
+    """
+
+    authentication_classes = [authentication.SessionAuthentication]
+    permission_classes = [permissions.IsAdminUser & permissions.DjangoModelPermissions]
+    serializer_class = serializers.AdminOrganizationAccessSerializer
+    queryset = models.OrganizationAccess.objects.all().select_related("user")
+
+    def get_serializer_context(self):
+        """
+        Extra context provided to the serializer class.
+        """
+        context = super().get_serializer_context()
+        context["organization_id"] = self.kwargs["organization_id"]
+        return context

src/backend/joanie/core/serializers/admin.py

@@ -45,10 +45,10 @@ class Meta:
 class AdminOrganizationAccessSerializer(serializers.ModelSerializer):
     """Serializer for OrganizationAccess model."""
 
-    user = AdminUserSerializer()
+    user = AdminUserSerializer(read_only=True)
 
     class Meta:
-        model = models.CourseAccess
+        model = models.OrganizationAccess
         fields = (
             "id",
             "user",
@@ -57,9 +57,35 @@ class Meta:
         read_only_fields = (
             "id",
             "user",
-            "role",
         )
 
+    def validate(self, attrs):
+        """
+        Validate that the organization access has at least a user id
+        and an organization id provided.
+        """
+        validated_data = super().validate(attrs)
+
+        # Retrieve organization instance from context and add it to validated_data
+        organization_id = self.context.get("organization_id")
+        validated_data["organization"] = get_object_or_404(
+            models.Organization, id=organization_id
+        )
+
+        # Retrieve user instance from context and add it to validated_data
+        user_id = self.initial_data.get("user")
+        if user_id is not None:
+            try:
+                validated_data["user"] = models.User.objects.get(id=user_id)
+            except models.User.DoesNotExist as exception:
+                raise serializers.ValidationError(
+                    {"user": "Resource does not exist."}
+                ) from exception
+        elif self.partial is False and user_id is None:
+            raise serializers.ValidationError({"user": "This field is required."})
+
+        return validated_data
+
 
 class AdminOrganizationSerializer(serializers.ModelSerializer):
     """Serializer for Organization model."""