|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157 |
- # Routes for user. MAIN PART OF THE API
- from math import ceil
- from fastapi import APIRouter, HTTPException, status, Query
- from sqlalchemy.orm import Session
- from sqlalchemy import or_
- from fastapi import Depends
- from typing import List, Annotated
- from apis.v1.route_auth import get_current_user
- from core.config import settings
- from db.models.user import User
- from schemas.user import (
- UserCreate,
- ShowUser,
- ShowDriver,
- DriverCreate,
- OutputUser,
- UsersPage,
- )
- from db.session import get_db
- from db.repository.user import (
- create_new_user,
- list_users,
- get_user_by_id,
- replace_user_data,
- create_new_driver,
- delete_user_data,
- get_users_by_name,
- user_search_query,
- )
-
-
- router = APIRouter()
-
-
- @router.post("/", response_model=ShowUser, status_code=status.HTTP_201_CREATED)
- def create_user(
- user: UserCreate,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if user.Role not in settings.ALLOWED_ROLES:
- raise HTTPException(
- status_code=400,
- detail=f"Role {user.Role} is not allowed. Allowed roles are {settings.ALLOWED_ROLES}",
- )
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- # if current_user.Role != "Admin":
- # raise HTTPException(status_code=403, detail="You are not authorized to perform this action")
- user = create_new_user(user=user, db=db)
- if user == "userExists":
- raise HTTPException(
- status_code=400, detail=f"User with this email already exists"
- )
- return user
-
-
- @router.post("/driver", response_model=ShowDriver, status_code=status.HTTP_201_CREATED)
- def create_driver(
- driver: DriverCreate,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- driver = create_new_driver(driver=driver, db=db)
- if driver == "userExists":
- raise HTTPException(
- status_code=400, detail=f"User with this email already exists"
- )
- return driver
-
-
- @router.get("/", response_model=List[ShowUser], status_code=status.HTTP_200_OK)
- def get_all_users(db: Session = Depends(get_db), role: str = None):
- if role is None:
- users = list_users(db=db)
- return users
- users = list_users(db=db, role=role)
- return users
-
-
- @router.put("/{user_id}", response_model=ShowUser, status_code=status.HTTP_202_ACCEPTED)
- def update_user(
- user_id: int,
- user: UserCreate,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- user = replace_user_data(user_id=user_id, user_data=user, db=db)
- if user == "userNotFound":
- raise HTTPException(status_code=404, detail="User not found")
- return user
-
-
- @router.get("/me", response_model=ShowUser, status_code=status.HTTP_200_OK)
- def get_user_me(
- current_user: Annotated[User, Depends(get_current_user)],
- db: Annotated[Session, Depends(get_db)],
- ):
- return current_user
-
-
- @router.get("/{user_id}", response_model=ShowUser, status_code=status.HTTP_200_OK)
- def get_user(user_id: int, db: Session = Depends(get_db)):
- user = get_user_by_id(user_id=user_id, role="Any", db=db)
- if not user:
- raise HTTPException(status_code=404, detail="User not found")
- return user
-
-
- @router.get(
- "/driver/{driver_id}", response_model=ShowDriver, status_code=status.HTTP_200_OK
- )
- def get_driver(driver_id: int, db: Session = Depends(get_db)):
- driver = get_user_by_id(user_id=driver_id, role="Driver", db=db)
- if not driver:
- raise HTTPException(status_code=404, detail="Driver not found")
- res = driver.__dict__
- res["AssignedVehicle"] = driver.vehicle
-
- return driver
-
-
- @router.delete("/{user_id}", status_code=status.HTTP_200_OK)
- def delete_user(
- user_id: int,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- result = delete_user_data(id=user_id, db=db)
- if result == "userNotFound":
- raise HTTPException(status_code=404, detail="User not found")
- return result
-
-
- @router.get("/search/", response_model=UsersPage)
- def search_users(
- db: Session = Depends(get_db),
- name: str = None,
- role: str = None,
- page: int = 1,
- per_page: int = 20,
- ):
- return user_search_query(db=db, name=name, role=role, page=page, per_page=per_page)
|