feat: added bulk approval endpoint for B&R

jajjibhai008 · jajjibhai008 · commit 4ed17e3be37c · 2025-09-11T15:48:29.000+05:00
diff --git a/enterprise_access/apps/api/serializers/__init__.py b/enterprise_access/apps/api/serializers/__init__.py
@@ -49,6 +49,7 @@
 from .subsidy_requests import (
     CouponCodeRequestSerializer,
     LearnerCreditRequestApproveRequestSerializer,
+    LearnerCreditRequestBulkApproveRequestSerializer,
     LearnerCreditRequestCancelSerializer,
     LearnerCreditRequestDeclineSerializer,
     LearnerCreditRequestRemindSerializer,
diff --git a/enterprise_access/apps/api/serializers/subsidy_requests.py b/enterprise_access/apps/api/serializers/subsidy_requests.py
@@ -309,6 +309,40 @@ def update(self, instance, validated_data):
         raise NotImplementedError("This serializer is for validation only")
 
 
+# pylint: disable=abstract-method
+class LearnerCreditRequestBulkApproveRequestSerializer(serializers.Serializer):
+    """
+    Request Serializer to validate learner-credit bulk ``approve`` endpoint POST data.
+
+    For view: LearnerCreditRequestViewSet.bulk_approve
+    """
+    policy_uuid = serializers.UUIDField(
+        required=True,
+        help_text='The UUID of the policy to which the requests belong.',
+    )
+    enterprise_customer_uuid = serializers.UUIDField(
+        required=True,
+        help_text='The UUID of the Enterprise Customer.',
+    )
+    subsidy_request_uuids = serializers.ListField(
+        child=serializers.UUIDField(),
+        allow_empty=False,
+        help_text='List of LearnerCreditRequest UUIDs to approve.',
+    )
+
+    def create(self, validated_data):
+        """
+        Not implemented - this serializer is for validation only
+        """
+        raise NotImplementedError("This serializer is for validation only")
+
+    def update(self, instance, validated_data):
+        """
+        Not implemented - this serializer is for validation only
+        """
+        raise NotImplementedError("This serializer is for validation only")
+
+
 # pylint: disable=abstract-method
 class LearnerCreditRequestCancelSerializer(serializers.Serializer):
     """
diff --git a/enterprise_access/apps/api/v1/tests/test_browse_and_request_views.py b/enterprise_access/apps/api/v1/tests/test_browse_and_request_views.py
@@ -31,7 +31,10 @@
     REASON_POLICY_SPEND_LIMIT_REACHED,
     REASON_SUBSIDY_EXPIRED
 )
-from enterprise_access.apps.subsidy_access_policy.exceptions import SubsidyAccessPolicyLockAttemptFailed
+from enterprise_access.apps.subsidy_access_policy.exceptions import (
+    SubisidyAccessPolicyRequestApprovalError,
+    SubsidyAccessPolicyLockAttemptFailed
+)
 from enterprise_access.apps.subsidy_access_policy.models import SubsidyAccessPolicy
 from enterprise_access.apps.subsidy_access_policy.tests.factories import (
     PerLearnerSpendCapLearnerCreditAccessPolicyFactory
@@ -2879,6 +2882,95 @@ def test_cancel_success(self, mock_cancel_assignments):
         ).first()
         assert success_action is not None
 
+    @mock.patch(
+        "enterprise_access.apps.api.v1.views.browse_and_request.approve_learner_credit_request_via_policy"
+    )
+    def test_bulk_approve_mixed_success(self, mock_approve):
+        """
+        Test bulk approve returns partial success without failing the whole request.
+        """
+        # Set admin context for the correct enterprise
+        self.set_jwt_cookie(
+            [
+                {
+                    "system_wide_role": SYSTEM_ENTERPRISE_ADMIN_ROLE,
+                    "context": str(self.enterprise_customer_uuid_1),
+                }
+            ]
+        )
+
+        # One request will approve, one will fail, one will be not_found, one skipped
+        requested_ok = self.user_request_1  # requested, will approve
+        requested_fail = LearnerCreditRequestFactory(
+            enterprise_customer_uuid=self.enterprise_customer_uuid_1,
+            user=self.user,
+            learner_credit_request_config=self.learner_credit_config,
+            course_price=1200,
+            state=SubsidyRequestStates.REQUESTED,
+            assignment=None,
+        )
+        skipped_req = LearnerCreditRequestFactory(
+            enterprise_customer_uuid=self.enterprise_customer_uuid_1,
+            learner_credit_request_config=self.learner_credit_config,
+            state=SubsidyRequestStates.APPROVED,
+        )
+
+        # Configure approve side effects
+        def approve_side_effect(
+            _policy_uuid,
+            content_key,
+            content_price_cents,
+            learner_email,
+            lms_user_id,
+        ):
+            if (str(requested_fail.user.lms_user_id) == str(lms_user_id) and
+                    content_price_cents == requested_fail.course_price):
+                raise SubisidyAccessPolicyRequestApprovalError(
+                    "policy validation failed", 422
+                )
+            # Return a basic assignment via factory
+            return LearnerContentAssignmentFactory(
+                assignment_configuration=self.assignment_config,
+                learner_email=learner_email,
+                lms_user_id=lms_user_id,
+                content_key=content_key,
+                content_quantity=-abs(content_price_cents),
+                state="allocated",
+            )
+
+        mock_approve.side_effect = approve_side_effect
+
+        url = reverse("api:v1:learner-credit-requests-bulk-approve")
+        payload = {
+            "enterprise_customer_uuid": str(self.enterprise_customer_uuid_1),
+            "policy_uuid": str(self.policy.uuid),
+            "subsidy_request_uuids": [
+                str(requested_ok.uuid),
+                str(requested_fail.uuid),
+                str(skipped_req.uuid),
+                str(uuid4()),  # not found
+            ],
+        }
+        response = self.client.post(url, payload)
+        assert response.status_code == status.HTTP_200_OK
+
+        data = response.json()
+        assert len(data["approved"]) == 1
+        assert len(data["failed"]) == 1
+        assert len(data["not_found"]) == 1
+        assert len(data["skipped"]) == 1
+
+        requested_ok.refresh_from_db()
+        requested_fail.refresh_from_db()
+        skipped_req.refresh_from_db()
+
+        assert requested_ok.state == SubsidyRequestStates.APPROVED
+        assert requested_fail.state in [
+            SubsidyRequestStates.REQUESTED,
+            SubsidyRequestStates.ERROR,
+        ]
+        assert skipped_req.state == SubsidyRequestStates.APPROVED
+
     @mock.patch('enterprise_access.apps.content_assignments.api.cancel_assignments')
     def test_cancel_failed_assignment_cancellation(self, mock_cancel_assignments):
         """
diff --git a/enterprise_access/apps/api/v1/views/browse_and_request.py b/enterprise_access/apps/api/v1/views/browse_and_request.py
@@ -734,6 +734,11 @@ def decline(self, *args, **kwargs):
         summary='Approve a learner credit request.',
         request=serializers.LearnerCreditRequestApproveRequestSerializer,
     ),
+    bulk_approve=extend_schema(
+        tags=['Learner Credit Requests'],
+        summary='Bulk approve learner credit requests.',
+        request=serializers.LearnerCreditRequestBulkApproveRequestSerializer,
+    ),
     overview=extend_schema(
         tags=['Learner Credit Requests'],
         summary='Learner credit request overview.',
@@ -1021,6 +1026,111 @@ def approve(self, request, *args, **kwargs):
             lc_request_action.save()
             return Response({"detail": error_msg}, exc.status_code)
 
+    @permission_required(
+        constants.REQUESTS_ADMIN_ACCESS_PERMISSION,
+        fn=get_enterprise_uuid_from_request_data,
+    )
+    @action(detail=False, url_path="bulk-approve", methods=["post"])
+    def bulk_approve(self, request, *args, **kwargs):
+        """
+        Bulk approve learner credit requests.
+
+        Processes each request independently and returns a summary with
+        approved and failed items. Partial success is allowed.
+        """
+        serializer = (
+            serializers.LearnerCreditRequestBulkApproveRequestSerializer(
+                data=request.data
+            )
+        )
+        serializer.is_valid(raise_exception=True)
+        policy_uuid = serializer.validated_data["policy_uuid"]
+        subsidy_request_uuids = serializer.validated_data[
+            "subsidy_request_uuids"
+        ]
+
+        # Fetch all requests upfront to limit queries
+        requests_by_uuid = {
+            str(req.uuid): req
+            for req in LearnerCreditRequest.objects.select_related(
+                "user"
+            ).filter(uuid__in=subsidy_request_uuids)
+        }
+
+        results = {
+            "approved": [],
+            "failed": [],
+            "not_found": [],
+            "skipped": [],
+        }
+
+        # Validate presence
+        for uuid_val in map(str, subsidy_request_uuids):
+            if uuid_val not in requests_by_uuid:
+                results["not_found"].append(
+                    {"uuid": uuid_val, "detail": "Request not found"}
+                )
+
+        for uuid_val, lc_request in requests_by_uuid.items():
+            if lc_request.state not in [SubsidyRequestStates.REQUESTED]:
+                results["skipped"].append(
+                    {"uuid": uuid_val, "state": lc_request.state}
+                )
+                continue
+
+            learner_email = lc_request.user.email
+            content_key = lc_request.course_id
+            content_price_cents = lc_request.course_price
+
+            lc_request_action = LearnerCreditRequestActions.create_action(
+                learner_credit_request=lc_request,
+                recent_action=get_action_choice(
+                    SubsidyRequestStates.APPROVED
+                ),
+                status=get_user_message_choice(SubsidyRequestStates.APPROVED),
+            )
+
+            try:
+                with transaction.atomic():
+                    assignment = approve_learner_credit_request_via_policy(
+                        policy_uuid,
+                        content_key,
+                        content_price_cents,
+                        learner_email,
+                        lc_request.user.lms_user_id,
+                    )
+                    lc_request.assignment = assignment
+                    lc_request.save()
+                    lc_request.approve(request.user)
+                    send_learner_credit_bnr_request_approve_task.delay(
+                        assignment.uuid
+                    )
+                results["approved"].append(
+                    serializers.LearnerCreditRequestSerializer(
+                        lc_request
+                    ).data
+                )
+            except SubisidyAccessPolicyRequestApprovalError as exc:
+                error_msg = (
+                    f"[LC REQUEST BULK APPROVAL] Failed to approve learner credit request "
+                    f"with UUID {uuid_val}. Reason: {exc.message}."
+                )
+                logger.exception(error_msg)
+                # Update action with error
+                lc_request_action.status = get_user_message_choice(
+                    SubsidyRequestStates.REQUESTED
+                )
+                lc_request_action.error_reason = get_error_reason_choice(
+                    LearnerCreditRequestActionErrorReasons.FAILED_APPROVAL
+                )
+                lc_request_action.traceback = format_traceback(exc)
+                lc_request_action.save()
+                results["failed"].append(
+                    {"uuid": uuid_val, "detail": exc.message}
+                )
+
+        return Response(results, status=status.HTTP_200_OK)
+
     @permission_required(
         constants.REQUESTS_ADMIN_ACCESS_PERMISSION,
         fn=get_enterprise_uuid_from_request_data,
