diff --git a/app/models/users.py b/app/models/users.py index de11fcd..36e15b1 100644 --- a/app/models/users.py +++ b/app/models/users.py @@ -8,5 +8,11 @@ class User(BaseModel): roles: str disabled: bool +class UserOut(BaseModel): + id: int + username: str + roles: str + disabled: bool + class UserInDB(User): password: str \ No newline at end of file diff --git a/app/routers/users.py b/app/routers/users.py index 0ec1ccf..33952f7 100644 --- a/app/routers/users.py +++ b/app/routers/users.py @@ -6,10 +6,14 @@ from typing import Annotated router = APIRouter() -@router.get("/users/", tags=["users"], response_model=list[users.User]) -async def read_users(current_user: Annotated[users.User, Depends(users_active.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]): - return users_active.fake_users +@router.get("/users/", tags=["users"], response_model=list[users.UserOut]) +async def read_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]): + listUsers = [] + for fake in users_active.fake_users: + user = users.UserOut(id=fake["id"], username=fake["username"], disabled=fake["disabled"], roles=fake["roles"]) + listUsers.append(user) + return listUsers -@router.get("/users/me",tags=["users"], response_model=users.User) +@router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["password"]) async def read_users_me(current_user: Annotated[users.User, Depends(users_active.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]): return current_user \ No newline at end of file