# Routes for user. MAIN PART OF THE API from math import ceil from fastapi import APIRouter, HTTPException, status, Query from sqlalchemy.orm import Session from sqlalchemy import or_ from fastapi import Depends from typing import List, Annotated from apis.v1.route_auth import get_current_user from core.config import settings from db.models.user import User from schemas.user import ( UserCreate, ShowUser, ShowDriver, DriverCreate, OutputUser, UsersPage, ) from db.session import get_db from db.repository.user import ( create_new_user, list_users, get_user_by_id, replace_user_data, create_new_driver, delete_user_data, get_users_by_name, user_search_query, ) router = APIRouter() @router.post("/", response_model=ShowUser, status_code=status.HTTP_201_CREATED) def create_user( user: UserCreate, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): if user.Role not in settings.ALLOWED_ROLES: raise HTTPException( status_code=400, detail=f"Role {user.Role} is not allowed. Allowed roles are {settings.ALLOWED_ROLES}", ) if current_user.Role != "Admin": raise HTTPException( status_code=403, detail="You are not authorized to perform this action" ) # if current_user.Role != "Admin": # raise HTTPException(status_code=403, detail="You are not authorized to perform this action") user = create_new_user(user=user, db=db) if user == "userExists": raise HTTPException( status_code=400, detail=f"User with this email already exists" ) return user @router.post("/driver", response_model=ShowDriver, status_code=status.HTTP_201_CREATED) def create_driver( driver: DriverCreate, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): if current_user.Role != "Admin": raise HTTPException( status_code=403, detail="You are not authorized to perform this action" ) driver = create_new_driver(driver=driver, db=db) if driver == "userExists": raise HTTPException( status_code=400, detail=f"User with this email already exists" ) return driver @router.get("/", response_model=List[ShowUser], status_code=status.HTTP_200_OK) def get_all_users(db: Session = Depends(get_db), role: str = None): if role is None: users = list_users(db=db) return users users = list_users(db=db, role=role) return users @router.put("/{user_id}", response_model=ShowUser, status_code=status.HTTP_202_ACCEPTED) def update_user( user_id: int, user: UserCreate, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): if current_user.Role != "Admin" and current_user.id != user_id: print(current_user.Role, current_user.id, user_id) raise HTTPException( status_code=403, detail="You are not authorized to perform this action" ) user = replace_user_data(user_id=user_id, user_data=user, db=db) if user == "userNotFound": raise HTTPException(status_code=404, detail="User not found") return user @router.get("/me", response_model=ShowUser, status_code=status.HTTP_200_OK) def get_user_me( current_user: Annotated[User, Depends(get_current_user)], db: Annotated[Session, Depends(get_db)], ): return current_user @router.get("/{user_id}", response_model=ShowUser, status_code=status.HTTP_200_OK) def get_user(user_id: int, db: Session = Depends(get_db)): user = get_user_by_id(user_id=user_id, role="Any", db=db) if not user: raise HTTPException(status_code=404, detail="User not found") return user @router.get( "/driver/{driver_id}", response_model=ShowDriver, status_code=status.HTTP_200_OK ) def get_driver(driver_id: int, db: Session = Depends(get_db)): driver = get_user_by_id(user_id=driver_id, role="Driver", db=db) if not driver: raise HTTPException(status_code=404, detail="Driver not found") res = driver.__dict__ res["AssignedVehicle"] = driver.vehicle return driver @router.delete("/{user_id}", status_code=status.HTTP_200_OK) def delete_user( user_id: int, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): if current_user.Role != "Admin": raise HTTPException( status_code=403, detail="You are not authorized to perform this action" ) result = delete_user_data(id=user_id, db=db) if result == "userNotFound": raise HTTPException(status_code=404, detail="User not found") return result @router.get("/search/", response_model=UsersPage) def search_users( db: Session = Depends(get_db), name: str = None, role: str = None, page: int = 1, per_page: int = 20, ): return user_search_query(db=db, name=name, role=role, page=page, per_page=per_page)