From fdcb7cc9777d9efabad860ba4ce4ced7634cb096 Mon Sep 17 00:00:00 2001
From: Augustin-FL <Augustin-FL@users.noreply.github.com>
Date: Sun, 29 Dec 2024 23:55:57 +0100
Subject: [PATCH] API: allow filtering incidents NOT in a specific status, add
 option to order incidents based on last comment's date

---
 fir_api/README.md  |  1 -
 fir_api/filters.py |  3 +++
 fir_api/views.py   | 23 ++++++++++++++++++-----
 3 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/fir_api/README.md b/fir_api/README.md
index 313ef7de..cee4eafa 100644
--- a/fir_api/README.md
+++ b/fir_api/README.md
@@ -28,7 +28,6 @@ Python:
 ```
 import requests
 requests.post("http(s)://YOURFIRINSTALL/api/comments", headers={"X-API": "Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b"}, json={"comment": "This is a comment made via API", "incident": 1, "action": "Info"}).json()
-
 ```
 
 curl:
diff --git a/fir_api/filters.py b/fir_api/filters.py
index 5953b87a..6f5a164e 100644
--- a/fir_api/filters.py
+++ b/fir_api/filters.py
@@ -69,6 +69,9 @@ class IncidentFilter(FilterSet):
     created_after = DateTimeFilter(field_name="date", lookup_expr="gte")
     subject = CharFilter(field_name="subject", lookup_expr="icontains")
     status = ValueChoiceFilter(field_name="status", choices=STATUS_CHOICES)
+    status__not = ValueChoiceFilter(
+        field_name="status", choices=STATUS_CHOICES, exclude=True
+    )
     confidentiality = ValueChoiceFilter(
         field_name="confidentiality", choices=CONFIDENTIALITY_LEVEL
     )
diff --git a/fir_api/views.py b/fir_api/views.py
index 2c5c2157..4f93cc4d 100644
--- a/fir_api/views.py
+++ b/fir_api/views.py
@@ -8,7 +8,7 @@
 from django.shortcuts import get_object_or_404
 from django.core.files import File as FileWrapper
 from django.contrib.auth.models import User
-from django.db.models import Q
+from django.db.models import Q, Max
 
 from rest_framework.renderers import JSONRenderer
 from rest_framework.permissions import IsAuthenticated, IsAdminUser
@@ -94,16 +94,29 @@ class IncidentViewSet(
     API endpoints for viewing, creating and editing incidents
     """
 
-    queryset = Incident.objects.all()
+    queryset = (
+        Incident.objects.all()
+    )  # Will be overriden by get_queryset(). We still need to define this property as DRF use it to get the basename
     serializer_class = IncidentSerializer
     permission_classes = (IsAuthenticated, IsIncidentHandler)
     filter_backends = [DjangoFilterBackend, OrderingFilter]
-    ordering_fields = ["id", "date", "status", "subject", "concerned_business_lines"]
+    ordering_fields = [
+        "id",
+        "date",
+        "status",
+        "subject",
+        "concerned_business_lines",
+        "last_comment_date",
+    ]
     filterset_class = IncidentFilter
 
     def get_queryset(self):
-        queryset = Incident.authorization.for_user(
-            self.request.user, "incidents.view_incidents"
+        queryset = (
+            Incident.authorization.for_user(
+                self.request.user, "incidents.view_incidents"
+            )
+            .annotate(last_comment_date=Max("comments__date"))
+            .order_by("-id")
         )
         return queryset