|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139 |
- from fastapi import Depends, APIRouter, HTTPException, status
- from sqlalchemy.orm import Session
- from db.session import get_db
- from core.config import settings
- from db.repository.drivetask import (
- create_new_task,
- get_task_driver,
- change_task_status,
- get_all_tasks,
- get_task_by_id,
- get_tasks_by_driver,
- edit_task
- )
- from schemas.drivetask import CreateTask
- from db.models.user import User
- from apis.v1.route_auth import get_current_user
-
- router = APIRouter()
-
-
- @router.post("/", status_code=status.HTTP_201_CREATED)
- def create_task(
- task: CreateTask,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- task_res = create_new_task(task=task, db=db)
- if task_res == "notdriver":
- raise HTTPException(
- status_code=404, detail=f"Driver with id {task.DriverId} not found"
- )
- return task
-
-
- @router.patch("/", status_code=status.HTTP_200_OK)
- def changeStatus(
- task_id: int,
- status: str,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role == "Admin" or current_user.Role == "Driver":
- if status not in settings.ALLOWED_TASK_STATUS:
- raise HTTPException(
- status_code=400,
- detail=f"Status {status} is not allowed. Allowed status are {settings.ALLOWED_TASK_STATUS}",
- )
- if current_user.Role == "Driver":
- verification = get_task_driver(task_id, db)
- if verification.Id != current_user.Id:
- raise HTTPException(
- status_code=403,
- detail="You are not authorized to perform this action",
- )
- task = change_task_status(task_id, status, db)
- if task == "notaskfound":
- raise HTTPException(
- status_code=404, detail=f"Task with id {task_id} not found"
- )
- return task
- else:
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
-
-
- @router.get("/", status_code=status.HTTP_200_OK)
- def getAllTasks(
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role == "Admin":
- tasks = get_all_tasks(db)
- return tasks
- else:
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
-
-
- @router.get("/{task_id}", status_code=status.HTTP_200_OK)
- def getTaskById(
- task_id: int,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- task = get_task_by_id(task_id, db)
- if task == "notaskfound":
- raise HTTPException(status_code=404, detail=f"Task with id {task_id} not found")
- return task
-
-
- @router.get("/driver/{driver_id}", status_code=status.HTTP_200_OK)
- def getTasksByDriver(
- driver_id: int,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin" and current_user.Role != "Driver":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- if current_user.Role == "Driver":
- if current_user.Id != driver_id:
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- tasks = get_tasks_by_driver(driver_id, db)
- if tasks == "notdriver":
- raise HTTPException(
- status_code=404, detail=f"Driver with id {driver_id} not found"
- )
- return tasks
-
- @router.put("/{task_id}", status_code=status.HTTP_200_OK)
- def updateTask(
- task_id: int,
- task: CreateTask,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- task = edit_task(task_id, task, db)
- if task == "notaskfound":
- raise HTTPException(
- status_code=404, detail=f"Task with id {task_id} not found"
- )
- return task
|