From c3d6c2af6834e22fdb84b02ecac830da085cfdab Mon Sep 17 00:00:00 2001
From: jordankdu <kdu.jordan@gmail.com>
Date: Fri, 1 May 2026 12:20:53 +0300
Subject: [PATCH] feat: enhance permissions for workplace and academic
 supervisors in UserDetailView

---
 logify-backend/apps/accounts/views.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/logify-backend/apps/accounts/views.py b/logify-backend/apps/accounts/views.py
index 7f8a585..a0d350b 100644
--- a/logify-backend/apps/accounts/views.py
+++ b/logify-backend/apps/accounts/views.py
@@ -259,6 +259,26 @@ def get_object(self, pk):
                 return target
             raise PermissionDenied("You can only view your assigned supervisors.")
 
+        if requester.role == User.WORKPLACE_SUPERVISOR:
+            is_assigned = (
+                InternshipPlacements.objects.filter(workplace_supervisor=requester)
+                .filter(intern=target)
+                .exists()
+            )
+            if is_assigned:
+                return target
+            raise PermissionDenied("You can only view interns assigned to you.")
+
+        if requester.role == User.ACADEMIC_SUPERVISOR:
+            is_assigned = (
+                InternshipPlacements.objects.filter(academic_supervisor=requester)
+                .filter(intern=target)
+                .exists()
+            )
+            if is_assigned:
+                return target
+            raise PermissionDenied("You can only view interns assigned to you.")
+
         if requester.role != User.INTERNSHIP_ADMIN:
             raise PermissionDenied("You do not have permission to access this user.")