# Routes for user. MAIN PART OF THE API from fastapi import APIRouter, HTTPException, status from sqlalchemy.orm import Session from fastapi import Depends from typing import List, Annotated from apis.v1.route_auth import get_current_user from db.models.user import User from schemas.user import UserCreate, ShowUser from db.session import get_db from db.repository.user import create_new_user, list_users, get_user_by_id router = APIRouter() @router.post("/", response_model=ShowUser, status_code=status.HTTP_201_CREATED) def create_user( user: UserCreate, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): if (current_user.Role != "Admin"): raise HTTPException(status_code=403, detail="You are not authorized to perform this action") # if current_user.Role != "Admin": # raise HTTPException(status_code=403, detail="You are not authorized to perform this action") user = create_new_user(user=user, db=db) return user @router.get("/", response_model=List[ShowUser], status_code=status.HTTP_200_OK) def get_all_users(db: Session = Depends(get_db), role: str = None): if role is None: users = list_users(db=db) return users users = list_users(db=db, role=role) return users @router.get("/me", response_model=ShowUser, status_code=status.HTTP_200_OK) def get_user_me( current_user: Annotated[User, Depends(get_current_user)], db: Annotated[Session, Depends(get_db)], ): print("Getting current user...") return current_user @router.get("/{user_id}", response_model=ShowUser, status_code=status.HTTP_200_OK) def get_user(user_id: int, db: Session = Depends(get_db)): user = get_user_by_id(user_id=user_id, db=db) if not user: raise HTTPException(status_code=404, detail="User not found") return user