开发了多角色登录与鉴权接口：实现了普通用户、企业和管理员的登录分流，并支持Token验证。

开发了权限控制接口：实现了通过数据库分配菜单权限节点，控制接口访问安全。开发了实名认证中心：实现了个人身份证信息与企业营业执照的提交与审核接口。开发了任务与协作大厅核心业务：实现了任务的发布、接单、状态流转以及专家邀约接口。配置了全局环境变量与数据库引擎：集成了 PostgreSQL 数据库、Redis 缓存与 MinIO 对象存储。
2026-04-28 16:32:02 +08:00
commit 23855ef0e4
94 changed files with 4950 additions and 0 deletions
--- a/reservations/views.py
+++ b/reservations/views.py
@@ -0,0 +1,61 @@
+from rest_framework import viewsets, permissions, status
+from rest_framework.response import Response
+from rest_framework.decorators import action
+from .models import ReservationResource, ReservationOrder, OrderStatus
+from .serializers import ReservationResourceSerializer, ReservationOrderSerializer
+import uuid
+import datetime
+
+class ReservationResourceViewSet(viewsets.ModelViewSet):
+    """
+    @author: xujl
+    Api说明: 预约资源（工位、会议室等物理资源）接口视图。用于资源空间的增删改查及上下架管理，控制开放时段。
+    """
+    queryset = ReservationResource.objects.filter(is_active=True)
+    serializer_class = ReservationResourceSerializer
+    
+    def get_permissions(self):
+        if self.action in ['create', 'update', 'partial_update', 'destroy']:
+            return [permissions.IsAdminUser()]
+        return [permissions.AllowAny()]
+
+class ReservationOrderViewSet(viewsets.ModelViewSet):
+    """
+    @author: xujl
+    Api说明: 预约订单接口视图。用于用户发起资源预约、取消预约，以及后台管理员对订单进行状态流转和支付确认管理。
+    """
+    queryset = ReservationOrder.objects.filter(is_deleted=False)
+    serializer_class = ReservationOrderSerializer
+    permission_classes = [permissions.IsAuthenticated]
+
+    def get_queryset(self):
+        return ReservationOrder.objects.filter(user=self.request.user, is_deleted=False)
+
+    def perform_create(self, serializer):
+        resource = serializer.validated_data['resource']
+        quantity = serializer.validated_data.get('quantity', 1)
+        total_amount = resource.price_per_unit * quantity
+        
+        # 简单生成订单号
+        order_no = f"RES{datetime.datetime.now().strftime('%Y%m%d%H%M%S')}{str(uuid.uuid4())[:4].upper()}"
+        
+        serializer.save(
+            user=self.request.user,
+            order_no=order_no,
+            unit_price=resource.price_per_unit,
+            total_amount=total_amount,
+            status=OrderStatus.PENDING_PAY
+        )
+
+    @action(detail=True, methods=['post'])
+    def pay(self, request, pk=None):
+        order = self.get_object()
+        if order.status != OrderStatus.PENDING_PAY:
+            return Response({'detail': '订单状态不允许支付'}, status=status.HTTP_400_BAD_REQUEST)
+        
+        order.status = OrderStatus.PAID
+        order.paid_at = datetime.datetime.now()
+        order.qr_code_url = f"https://api.opc-platform.com/qr/{order.order_no}"
+        order.save()
+        
+        return Response({'status': '支付成功', 'qr_code_url': order.qr_code_url})