|
- # Routes for user. MAIN PART OF THE API
- from fastapi import APIRouter, HTTPException, status
- from sqlalchemy.orm import Session
- from fastapi import Depends
- from typing import List, Annotated
- from apis.v1.route_auth import get_current_user
- from core.config import settings
- from db.models.user import User
- from schemas.user import UserCreate, ShowUser, ShowDriver, DriverCreate
- from db.session import get_db
- from db.repository.user import (
- create_new_user,
- list_users,
- get_user_by_id,
- replace_user_data,
- create_new_driver,
- delete_user_data,
- )
-
-
- router = APIRouter()
-
-
- @router.post("/", response_model=ShowUser, status_code=status.HTTP_201_CREATED)
- def create_user(
- user: UserCreate,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if user.Role not in settings.ALLOWED_ROLES:
- raise HTTPException(
- status_code=400,
- detail=f"Status {status} is not allowed. Allowed status are {settings.ALLOWED_TASK_STATUS}",
- )
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- # if current_user.Role != "Admin":
- # raise HTTPException(status_code=403, detail="You are not authorized to perform this action")
- user = create_new_user(user=user, db=db)
- return user
-
-
- @router.post("/driver", response_model=ShowDriver, status_code=status.HTTP_201_CREATED)
- def create_driver(
- driver: DriverCreate,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- driver = create_new_driver(driver=driver, db=db)
- return driver
-
-
- @router.get("/", response_model=List[ShowUser], status_code=status.HTTP_200_OK)
- def get_all_users(db: Session = Depends(get_db), role: str = None):
- if role is None:
- users = list_users(db=db)
- return users
- users = list_users(db=db, role=role)
- return users
-
-
- @router.put("/{user_id}", response_model=ShowUser, status_code=status.HTTP_202_ACCEPTED)
- def update_user(
- user_id: int,
- user: UserCreate,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- user = replace_user_data(user_id=user_id, user=user, db=db)
- return user
-
-
- @router.get("/me", response_model=ShowUser, status_code=status.HTTP_200_OK)
- def get_user_me(
- current_user: Annotated[User, Depends(get_current_user)],
- db: Annotated[Session, Depends(get_db)],
- ):
- print("Getting current user...")
- return current_user
-
-
- @router.get("/{user_id}", response_model=ShowUser, status_code=status.HTTP_200_OK)
- def get_user(user_id: int, db: Session = Depends(get_db)):
- user = get_user_by_id(user_id=user_id, db=db)
- if not user:
- raise HTTPException(status_code=404, detail="User not found")
- return user
-
-
- @router.get(
- "/driver/{driver_id}", response_model=ShowDriver, status_code=status.HTTP_200_OK
- )
- def get_driver(driver_id: int, db: Session = Depends(get_db)):
- driver = get_user_by_id(user_id=driver_id, role="Driver", db=db)
- if not driver:
- raise HTTPException(status_code=404, detail="Driver not found")
- res = driver.__dict__
- res["AssignedVehicle"] = driver.vehicle
-
- return driver
-
-
- @router.delete("/{user_id}", status_code=status.HTTP_200_OK)
- def delete_user(
- user_id: int,
- db: Session = Depends(get_db),
- current_user: User = Depends(get_current_user),
- ):
- if current_user.Role != "Admin":
- raise HTTPException(
- status_code=403, detail="You are not authorized to perform this action"
- )
- result = delete_user_data(id=user_id, db=db)
- if result == "userNotFound":
- raise HTTPException(status_code=404, detail="User not found")
- return result
|