From 39f20310795dbc05ec93437e06f5bbd6e7523a5a Mon Sep 17 00:00:00 2001
From: Valentin CZERYBA <valcze80@gmail.com>
Date: Sat, 14 Oct 2023 21:28:21 +0200
Subject: [PATCH] add put method

---
 app/models/users.py  |  5 +++++
 app/routers/users.py | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/app/models/users.py b/app/models/users.py
index 01dd92b..d0b45cf 100644
--- a/app/models/users.py
+++ b/app/models/users.py
@@ -18,6 +18,11 @@ class UserOut(BaseModel):
     removed: bool
     confirmed: bool
 
+class UserIn(BaseModel):
+    username: str
+    roles: str
+    password: str
+
 class UserInDB(User):
     password: str
 
diff --git a/app/routers/users.py b/app/routers/users.py
index 2b69f95..d392cce 100644
--- a/app/routers/users.py
+++ b/app/routers/users.py
@@ -3,6 +3,8 @@ from ..dependencies import users_token, permissions_checker, database
 from ..models import users
 from typing import Annotated
 from bson import ObjectId
+from passlib.context import CryptContext
+
 
 router = APIRouter()
 
@@ -74,3 +76,33 @@ async def read_users_id(item_id : str, authorize: Annotated[bool, Depends(permis
         user.removed = True
     user_repository.save(user)
     return user
+
+@router.put("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "disabled"])
+async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], userSingle: users.UserIn | None = None):
+    user_repository = users.UserRepository(database=database.database)
+    pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+    current_user.username = userSingle.username
+    current_user.password = pwd_context.hash(userSingle.password)
+    current_user.roles = userSingle.roles
+    user_repository.save(current_user)
+    return current_user
+
+@router.put("/users", tags=["users"], response_model=users.User, status_code=status.HTTP_200_OK)
+async def read_users_id(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userSingle: users.UserIn | None = None):
+    user_repository = users.UserRepository(database=database.database)
+    if userSingle is None:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Body request is empty"
+        )        
+    user = user_repository.find_one_by({"username": {'$eq': userSingle.username}})
+    if user is None:
+        response.status_code = status.HTTP_201_CREATED
+        user = users.User()
+    user.username = userSingle.username
+    pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+    user.password = pwd_context.hash(userSingle.password)
+    user.roles = userSingle.roles
+    user_repository.save(user)
+    return user