Compare commits
No commits in common. "master" and "878fbbf5df5b23101b992f99a034dea098085f76" have entirely different histories.
master
...
878fbbf5df
@ -1,37 +0,0 @@
|
||||
from fastapi.security import OAuth2
|
||||
from fastapi.openapi.models import OAuthFlows as OAuthFlowsModel
|
||||
from fastapi import Request
|
||||
from fastapi.security.utils import get_authorization_scheme_param
|
||||
from fastapi import HTTPException
|
||||
from fastapi import status
|
||||
from typing import Optional
|
||||
from typing import Dict
|
||||
|
||||
|
||||
class OAuth2PasswordBearerWithCookie(OAuth2):
|
||||
def __init__(
|
||||
self,
|
||||
tokenUrl: str,
|
||||
scheme_name: Optional[str] = None,
|
||||
scopes: Optional[Dict[str, str]] = None,
|
||||
auto_error: bool = True,
|
||||
):
|
||||
if not scopes:
|
||||
scopes = {}
|
||||
flows = OAuthFlowsModel(password={"tokenUrl": tokenUrl, "scopes": scopes})
|
||||
super().__init__(flows=flows, scheme_name=scheme_name, auto_error=auto_error)
|
||||
|
||||
async def __call__(self, request: Request) -> Optional[str]:
|
||||
authorization: str = request.cookies.get("access_token") #changed to accept access token from httpOnly Cookie
|
||||
|
||||
scheme, param = get_authorization_scheme_param(authorization)
|
||||
if not authorization or scheme.lower() != "bearer":
|
||||
if self.auto_error:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail="Not authenticated",
|
||||
headers={"WWW-Authenticate": "Bearer"},
|
||||
)
|
||||
else:
|
||||
return None
|
||||
return param
|
||||
@ -4,17 +4,18 @@ from passlib.context import CryptContext
|
||||
from pydantic import EmailStr
|
||||
|
||||
|
||||
def add(username="", password="", roles="User", status=1, email="test@toto.com"):
|
||||
def add(username="", password="", roles="User", disabled=False, confirmed=True, email="test@toto.com"):
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
|
||||
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
||||
result = user_repository.find_one_by({'username': username})
|
||||
change = "added"
|
||||
user = users.User(username=username, password=pwd_context.hash(password), roles=roles, status=status, email=email)
|
||||
user = users.User(username=username, password=pwd_context.hash(password), roles=roles, disabled=disabled, confirmed=confirmed, email=email)
|
||||
if result is not None:
|
||||
result.password=pwd_context.hash(password)
|
||||
result.roles=roles
|
||||
result.status=status
|
||||
result.disabled=disabled
|
||||
result.confirmed=confirmed
|
||||
result.email=email
|
||||
user = result
|
||||
change = "updated"
|
||||
|
||||
@ -8,14 +8,14 @@ from jose import JWTError, jwt
|
||||
from passlib.context import CryptContext
|
||||
|
||||
from ..models import users, token
|
||||
from ..dependencies import database, cookie
|
||||
from ..dependencies import database
|
||||
|
||||
SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"
|
||||
ALGORITHM = "HS256"
|
||||
|
||||
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
||||
|
||||
oauth2_scheme = cookie.OAuth2PasswordBearerWithCookie(tokenUrl="token")
|
||||
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
|
||||
|
||||
def verify_password(plain_password, hashed_password):
|
||||
return pwd_context.verify(plain_password, hashed_password)
|
||||
@ -35,9 +35,6 @@ def authenticate_user(username: str, password: str):
|
||||
return False
|
||||
if not verify_password(password, user.password):
|
||||
return False
|
||||
user.connected_at = datetime.today()
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
user_repository.save(user)
|
||||
return user
|
||||
|
||||
def create_access_token(data: dict, expires_delta: timedelta | None = None):
|
||||
@ -73,6 +70,6 @@ async def get_current_user(token_str: Annotated[str, Depends(oauth2_scheme)]):
|
||||
async def get_current_active_user(
|
||||
current_user: Annotated[users.User, Depends(get_current_user)]
|
||||
):
|
||||
if current_user.status == 0:
|
||||
if current_user.disabled:
|
||||
raise HTTPException(status_code=400, detail="Inactive user")
|
||||
return current_user
|
||||
@ -1,7 +1,7 @@
|
||||
from fastapi import FastAPI
|
||||
from fastapi.middleware.cors import CORSMiddleware
|
||||
|
||||
from .routers import users, token, mail, events, tags
|
||||
from .routers import users, token, mail
|
||||
from .dependencies import user_add
|
||||
|
||||
import os
|
||||
@ -10,10 +10,6 @@ app = FastAPI()
|
||||
|
||||
origins = [
|
||||
"http://localhost:8084",
|
||||
"https://backend.valczeryba.ovh",
|
||||
"https://facebook.com",
|
||||
"https://fetlife.com",
|
||||
"https://backoffice.valczeryba.ovh"
|
||||
]
|
||||
|
||||
app.add_middleware(
|
||||
@ -28,8 +24,6 @@ app.add_middleware(
|
||||
app.include_router(users.router)
|
||||
app.include_router(token.router)
|
||||
app.include_router(mail.router)
|
||||
app.include_router(events.router)
|
||||
app.include_router(tags.router)
|
||||
|
||||
|
||||
@app.on_event("startup")
|
||||
|
||||
@ -1,53 +0,0 @@
|
||||
from pydantic import BaseModel, EmailStr
|
||||
from pydantic_mongo import AbstractRepository, ObjectIdField
|
||||
from datetime import datetime, date
|
||||
|
||||
class Event(BaseModel):
|
||||
id: ObjectIdField = None
|
||||
name: str
|
||||
place: str
|
||||
description: str
|
||||
imgUrl: str | None = None
|
||||
status: int = 0
|
||||
latitude: float = 0.0
|
||||
longitude: float = 0.0
|
||||
organizers: list[str] = []
|
||||
tags: list[str] = []
|
||||
start_date: datetime | None = None
|
||||
end_date: datetime | None = None
|
||||
created_at: datetime = datetime.today()
|
||||
updated_at: datetime | None = None
|
||||
deleted_at: datetime | None = None
|
||||
disabled_at: datetime | None = None
|
||||
|
||||
class EventOut(BaseModel):
|
||||
id: ObjectIdField = None
|
||||
name: str
|
||||
place: str
|
||||
description: str
|
||||
imgUrl: str | None = None
|
||||
status: int = 0
|
||||
start_date: datetime | None = None
|
||||
end_date: datetime | None = None
|
||||
tags: list[str] = []
|
||||
|
||||
class EventIn(BaseModel):
|
||||
name: str
|
||||
place: str
|
||||
description: str
|
||||
imgUrl: str | None = None
|
||||
status: int = 0
|
||||
organizers: list[str] = []
|
||||
tags: list[str] = []
|
||||
start_date: datetime | None = None
|
||||
end_date: datetime | None = None
|
||||
latitude: float = 0.0
|
||||
longitude: float = 0.0
|
||||
|
||||
class EventIDS(BaseModel):
|
||||
ids: list[str]
|
||||
|
||||
|
||||
class EventRepository(AbstractRepository[Event]):
|
||||
class Meta:
|
||||
collection_name = "events"
|
||||
@ -1,24 +0,0 @@
|
||||
from pydantic import BaseModel, EmailStr
|
||||
from pydantic_mongo import AbstractRepository, ObjectIdField
|
||||
from datetime import datetime, date
|
||||
|
||||
class Tags(BaseModel):
|
||||
id: ObjectIdField = None
|
||||
name: str
|
||||
created_at: datetime = datetime.today()
|
||||
|
||||
class TagsOut(BaseModel):
|
||||
id: ObjectIdField = None
|
||||
name: str
|
||||
|
||||
|
||||
class TagsIn(BaseModel):
|
||||
name: str
|
||||
|
||||
class TagsIDS(BaseModel):
|
||||
ids: list[str]
|
||||
|
||||
|
||||
class TagsRepository(AbstractRepository[Tags]):
|
||||
class Meta:
|
||||
collection_name = "tags"
|
||||
@ -1,40 +1,30 @@
|
||||
from pydantic import BaseModel, EmailStr
|
||||
from pydantic_mongo import AbstractRepository, ObjectIdField
|
||||
from datetime import datetime, date
|
||||
|
||||
class User(BaseModel):
|
||||
id: ObjectIdField = None
|
||||
username: str
|
||||
password: str
|
||||
firstName: str = ""
|
||||
name: str = ""
|
||||
roles: str = "User"
|
||||
status: int = 0
|
||||
disabled: bool = False
|
||||
removed: bool = False
|
||||
confirmed: bool = False
|
||||
email: EmailStr
|
||||
birth: datetime | None = None
|
||||
created_at: datetime = datetime.today()
|
||||
connected_at: datetime | None = None
|
||||
updated_at: datetime | None = None
|
||||
deleted_at: datetime | None = None
|
||||
disabled_at: datetime | None = None
|
||||
|
||||
class UserOut(BaseModel):
|
||||
id: ObjectIdField = None
|
||||
username: str
|
||||
roles: str
|
||||
firstName: str
|
||||
name: str
|
||||
status: int = 0
|
||||
disabled: bool
|
||||
removed: bool
|
||||
confirmed: bool
|
||||
email: EmailStr
|
||||
|
||||
|
||||
class UserIn(BaseModel):
|
||||
username: str
|
||||
name: str
|
||||
firstName: str
|
||||
roles: str
|
||||
password: str
|
||||
birth: str
|
||||
email: EmailStr
|
||||
|
||||
|
||||
@ -42,16 +32,11 @@ class UserCreate(BaseModel):
|
||||
username: str
|
||||
password: str
|
||||
email: EmailStr
|
||||
birth: str
|
||||
firstName: str
|
||||
name: str
|
||||
|
||||
|
||||
class UserInDB(User):
|
||||
password: str
|
||||
|
||||
class UserIDS(BaseModel):
|
||||
ids: list[str]
|
||||
|
||||
class UserRepository(AbstractRepository[User]):
|
||||
class Meta:
|
||||
collection_name = "users"
|
||||
@ -1,436 +0,0 @@
|
||||
from fastapi import APIRouter, Depends, HTTPException, status, Response
|
||||
from fastapi.responses import JSONResponse
|
||||
from datetime import datetime
|
||||
from ..dependencies import users_token, permissions_checker, database
|
||||
from ..models import events, users, tags
|
||||
from pydantic import EmailStr
|
||||
from typing import Annotated, Union
|
||||
from bson import ObjectId
|
||||
from datetime import datetime
|
||||
router = APIRouter()
|
||||
|
||||
def build_location_filter(min_lat, max_lat, min_lon, max_lon):
|
||||
"""Build location-based query filters."""
|
||||
if min_lat is not None and max_lat is not None and min_lon is not None and max_lon is not None:
|
||||
return [
|
||||
{"latitude": {"$gte": min_lat}},
|
||||
{"latitude": {"$lte": max_lat}},
|
||||
{"longitude": {"$gte": min_lon}},
|
||||
{"longitude": {"$lte": max_lon}},
|
||||
]
|
||||
return []
|
||||
|
||||
def build_datetime_filter(current_datetime):
|
||||
"""Build filters for current datetime."""
|
||||
if current_datetime:
|
||||
return {
|
||||
"$or": [
|
||||
{"start_date": {"$gte": current_datetime}}, # Upcoming events
|
||||
{
|
||||
"$and": [
|
||||
{"start_date": {"$lte": current_datetime}}, # Already started
|
||||
{"$or": [
|
||||
{"end_date": {"$gte": current_datetime}}, # Ongoing
|
||||
{"end_date": None}, # No end date
|
||||
]},
|
||||
],
|
||||
},
|
||||
],
|
||||
}
|
||||
return None
|
||||
|
||||
def build_date_filter(start_date, end_date):
|
||||
"""Build date range filters."""
|
||||
if start_date and end_date:
|
||||
return [
|
||||
{"start_date": {"$gte": datetime.combine(start_date, datetime.min.time())}},
|
||||
{"start_date": {"$lte": datetime.combine(end_date, datetime.max.time())}},
|
||||
]
|
||||
return []
|
||||
|
||||
def build_text_filter(item):
|
||||
"""Build text-based search filters."""
|
||||
if item:
|
||||
return {
|
||||
"$or": [
|
||||
{"name": {"$regex": item, "$options": "i"}},
|
||||
{"tags": {"$regex": item, "$options": "i"}},
|
||||
{"organizers": {"$regex": item, "$options": "i"}},
|
||||
]
|
||||
}
|
||||
return None
|
||||
|
||||
|
||||
|
||||
|
||||
@router.get("/events", tags=["events"], response_model=list[events.EventOut])
|
||||
async def read_events(
|
||||
authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))],
|
||||
skip: int = 0,
|
||||
limit: int = 20,
|
||||
id_event: str | None = None,
|
||||
name: str | None = None,
|
||||
status: int = 1,
|
||||
tags: str | None = None,
|
||||
organizers: str | None = None,
|
||||
current_datetime: datetime | None = None,
|
||||
date_event: datetime | None = None,
|
||||
start_date: datetime | None = None,
|
||||
end_date: datetime | None = None,
|
||||
):
|
||||
# Validate `skip` and `limit`
|
||||
if limit < 1 or skip < 0 or limit < skip:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="`skip` should be >= 0 and `limit` should be > 0 and greater than `skip`.",
|
||||
)
|
||||
limit = limit + skip
|
||||
|
||||
# Initialize filters
|
||||
filters = []
|
||||
|
||||
# Add status filter
|
||||
filters.append({"status": {"$eq": status}})
|
||||
|
||||
# Add date filters
|
||||
if date_event:
|
||||
start_of_day = datetime.combine(date_event, datetime.min.time())
|
||||
end_of_day = datetime.combine(date_event, datetime.max.time())
|
||||
filters.extend(build_date_filter(start_of_day, end_of_day))
|
||||
elif start_date and end_date:
|
||||
filters.extend(build_date_filter(start_date, end_date))
|
||||
|
||||
# Add current datetime filter
|
||||
datetime_filter = build_datetime_filter(current_datetime)
|
||||
if datetime_filter:
|
||||
filters.append(datetime_filter)
|
||||
|
||||
# Add text-based filters
|
||||
if name:
|
||||
filters.append(build_text_filter(name))
|
||||
if tags:
|
||||
filters.append({"tags": {"$eq": tags}})
|
||||
if organizers:
|
||||
filters.append({"organizers": {"$eq": organizers}})
|
||||
|
||||
# Add ID filter
|
||||
if id_event:
|
||||
try:
|
||||
event_id = ObjectId(id_event)
|
||||
filters.append({"_id": {"$eq": event_id}})
|
||||
except Exception:
|
||||
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid event ID format.")
|
||||
|
||||
# Combine all filters
|
||||
object_search = {"$and": filters} if filters else {}
|
||||
|
||||
# Fetch and return results
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
list_events = []
|
||||
for event_index in event_repository.find_by(object_search, limit=limit, skip=skip):
|
||||
event = events.EventOut(
|
||||
id=event_index.id,
|
||||
tags=event_index.tags,
|
||||
imgUrl=event_index.imgUrl,
|
||||
name=event_index.name,
|
||||
description=event_index.description,
|
||||
place=event_index.place,
|
||||
status=event_index.status,
|
||||
start_date=event_index.start_date,
|
||||
end_date=event_index.end_date,
|
||||
)
|
||||
list_events.append(event)
|
||||
|
||||
return list_events
|
||||
|
||||
|
||||
@router.get("/events/search", tags=["events"], response_model=list[events.EventOut])
|
||||
async def search_events(
|
||||
authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))],
|
||||
skip: int = 0,
|
||||
limit: int = 20,
|
||||
item: Union[str, None] = None,
|
||||
status: int = 1,
|
||||
min_lat: Union[float, None] = None,
|
||||
max_lat: Union[float, None] = None,
|
||||
min_lon: Union[float, None] = None,
|
||||
max_lon: Union[float, None] = None,
|
||||
current_datetime: Union[datetime, None] = None,
|
||||
date_event: Union[datetime, None] = None,
|
||||
start_date: Union[datetime, None] = None,
|
||||
end_date: Union[datetime, None] = None,
|
||||
tags: Union[str, None] = None,
|
||||
):
|
||||
if limit < 1 or skip < 0 or limit < skip:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="`skip` should be >= 0 and `limit` should be > 0 and greater than `skip`.",
|
||||
)
|
||||
limit = limit + skip
|
||||
|
||||
# Initialize filters
|
||||
filters = [{"status": {"$eq": status}}]
|
||||
|
||||
# Date filters
|
||||
if date_event:
|
||||
start_of_day = datetime.combine(date_event, datetime.min.time())
|
||||
end_of_day = datetime.combine(date_event, datetime.max.time())
|
||||
filters.extend(build_date_filter(start_of_day, end_of_day))
|
||||
else:
|
||||
filters.extend(build_date_filter(start_date, end_date))
|
||||
|
||||
# Add location filter
|
||||
filters.extend(build_location_filter(min_lat, max_lat, min_lon, max_lon))
|
||||
|
||||
# Add datetime filter
|
||||
datetime_filter = build_datetime_filter(current_datetime)
|
||||
if datetime_filter:
|
||||
filters.append(datetime_filter)
|
||||
|
||||
# Add text filter
|
||||
text_filter = build_text_filter(item)
|
||||
if text_filter:
|
||||
filters.append(text_filter)
|
||||
|
||||
if tags is not None:
|
||||
filters.append({"tags": {"$eq": tags}})
|
||||
|
||||
# Combine filters
|
||||
object_search = {"$and": filters} if filters else {}
|
||||
|
||||
# Fetch and return results
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
list_events = []
|
||||
for event_index in event_repository.find_by(object_search, limit=limit, skip=skip):
|
||||
event = events.EventOut(
|
||||
id=event_index.id,
|
||||
tags=event_index.tags,
|
||||
imgUrl=event_index.imgUrl,
|
||||
name=event_index.name,
|
||||
description=event_index.description,
|
||||
place=event_index.place,
|
||||
status=event_index.status,
|
||||
start_date=event_index.start_date,
|
||||
end_date=event_index.end_date,
|
||||
)
|
||||
list_events.append(event)
|
||||
|
||||
return list_events
|
||||
|
||||
|
||||
|
||||
@router.get("/events/me",tags=["events"])
|
||||
async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]):
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
listOrganizers = []
|
||||
|
||||
for event_index in event_repository.find_by({"organizers":{"$eq": current_user.username}}, limit=limit, skip=skip):
|
||||
event = events.EventOut(id=event_index.id, name=event_index.name, tags=event_index.tags, imgUrl=event_index.imgUrl, description=event_index.description, place=event_index.place, status=event_index.status, start_date=event_index.start_date, end_date=event_index.end_date)
|
||||
listOrganizers.append(event)
|
||||
|
||||
content = {"organizers":listOrganizers}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.get("/events/count", tags=["events"])
|
||||
async def read_events_count(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]):
|
||||
count = database.database.get_collection("events").estimated_document_count()
|
||||
content = {"count":count}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
|
||||
@router.get("/events/{item_id}", tags=["events"], response_model=events.Event)
|
||||
async def read_events_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
event = event_repository.find_one_by_id(ObjectId(item_id))
|
||||
return event
|
||||
|
||||
|
||||
@router.delete("/events/me/{item_id}", tags=["events"])
|
||||
async def delete_event_me(item_id: str, current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], remove: bool = False):
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
event = event_repository.find_one_by_id(ObjectId(item_id))
|
||||
if remove is True:
|
||||
event.deleted_at = datetime.today()
|
||||
event.status = -1
|
||||
content = {"message": "event is deleted"}
|
||||
else:
|
||||
event.status = 0
|
||||
event.deleted_at = datetime.today()
|
||||
content = {"message": "event is disabled"}
|
||||
event_repository.save(event)
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.delete("/events/groups",tags=["events"])
|
||||
async def delete_events_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove: bool = False, eventids: events.EventIDS | None = None):
|
||||
if len(eventids.ids) == 0:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="eventids should be greater than 0"
|
||||
)
|
||||
|
||||
event_repository = event.EventRepository(database=database.database)
|
||||
for i in eventids.ids:
|
||||
event = event_repository.find_one_by_id(ObjectId(i))
|
||||
if remove is True:
|
||||
event.status = -1
|
||||
event.deleted_at = datetime.today()
|
||||
content = {"message": "events are deleted "}
|
||||
else:
|
||||
event.status = 0
|
||||
event.disabled_at = datetime.today()
|
||||
content = {"message": "events are disabled"}
|
||||
event_repository.save(event)
|
||||
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.delete("/events/{item_id}", tags=["events"])
|
||||
async def delete_events_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove : bool = False):
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
event = event_repository.find_one_by_id(ObjectId(item_id))
|
||||
if remove is True:
|
||||
event.status = -1
|
||||
event.deleted_at = datetime.today()
|
||||
content = {"message": "events are deleted"}
|
||||
else:
|
||||
event.status = 0
|
||||
event.disabled_at = datetime.today()
|
||||
content = {"message": "events are disabled"}
|
||||
event_repository.save(event)
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.put("/events/me/{item_id}",tags=["events"])
|
||||
async def update_events_me(item_id: str, current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], eventSingle: events.EventIn | None = None):
|
||||
event_repository = event.EventRepository(database=database.database)
|
||||
event = event_repository.find_one_by_id(ObjectId(item_id))
|
||||
event.name = eventSingle.name
|
||||
event.description = eventSingle.description
|
||||
event.place = eventSingle.place
|
||||
event.start_date = eventSingle.start_date
|
||||
event.tags = eventSingle.tags
|
||||
event.end_date = eventSingle.end_date
|
||||
event.latitude = eventSingle.latitude
|
||||
event.longitude = eventSingle.longitude
|
||||
event.updated_at = datetime.today()
|
||||
event.imgUrl = eventSingle.imgUrl
|
||||
event_repository.save(event)
|
||||
content = {"message": "event is updated"}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.put("/events", tags=["events"], status_code=status.HTTP_201_CREATED)
|
||||
async def update_events(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], eventSingle: events.EventIn | None = None):
|
||||
if eventSingle is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Body request is empty"
|
||||
)
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
tags_repository = tags.TagsRepository(database=database.database)
|
||||
|
||||
event = event_repository.find_one_by( {"$and": [
|
||||
{"start_date": {"$eq": eventSingle.start_date}}, # Already started
|
||||
{"name": {"$eq": eventSingle.name}},
|
||||
]})
|
||||
if event is not None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_204_NO_CONTENT,
|
||||
detail="name"
|
||||
)
|
||||
|
||||
|
||||
event = events.Event(name=eventSingle.name, description=eventSingle.description, place=eventSingle.place)
|
||||
event.start_date = eventSingle.start_date
|
||||
event.end_date = eventSingle.end_date
|
||||
event.organizers = eventSingle.organizers
|
||||
event.latitude = eventSingle.latitude
|
||||
event.longitude = eventSingle.longitude
|
||||
event.imgUrl = eventSingle.imgUrl
|
||||
event.tags = eventSingle.tags
|
||||
for tag_name in eventSingle.tags:
|
||||
tag = tags_repository.find_one_by({"name": {'$eq': tag_name}})
|
||||
if tag is None:
|
||||
tag = tags.Tags(name=tag_name)
|
||||
tags_repository.save(tag)
|
||||
event.status = 1
|
||||
event.created_at = datetime.today()
|
||||
event_repository.save(event)
|
||||
content = {"message": "event is created"}
|
||||
response = JSONResponse(content=content, status_code=status.HTTP_201_CREATED)
|
||||
return response
|
||||
|
||||
|
||||
@router.put("/events/{item_id}", tags=["events"], status_code=status.HTTP_200_OK)
|
||||
async def update_events_id(item_id: str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], eventSingle: events.EventIn | None = None, response: Response = Response):
|
||||
if eventSingle is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Body request is empty"
|
||||
)
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
tags_repository = tags.TagsRepository(database=database)
|
||||
event = event_repository.find_one_by({"id": {'$eq': ObjectId(item_id)}})
|
||||
if event is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="Event not found"
|
||||
)
|
||||
|
||||
event.name = eventSingle.name
|
||||
event.place = eventSingle.place
|
||||
event.description = eventSingle.description
|
||||
event.start_date = eventSingle.start_date
|
||||
event.end_date = eventSingle.end_date
|
||||
event.organizers = eventSingle.organizers
|
||||
event.tags = eventSingle.tags
|
||||
for tag_name in eventSingle:
|
||||
tag = tags_repository.find_one_by({"name": {'$eq': tag_name}})
|
||||
if tag is None:
|
||||
tag = Tags(name=tag_name)
|
||||
tags_repository.save(tag)
|
||||
event.latitude = eventSingle.latitude
|
||||
event.longitude = eventSingle.longitude
|
||||
event.updated_at = datetime.today()
|
||||
event.imgUrl = eventSingle.imgUrl
|
||||
event_repository.save(event)
|
||||
content = {"message": "event is updated"}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
|
||||
@router.patch("/events/groups",tags=["events"])
|
||||
async def patch_events_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], eventids: events.EventIDS | None = None):
|
||||
if len(eventids.ids) == 0:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="eventids should be greater than 0"
|
||||
)
|
||||
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
content = {"message": "events are enabled"}
|
||||
for i in eventids.ids:
|
||||
event = event_repository.find_one_by_id(ObjectId(i))
|
||||
event.status = 1
|
||||
event.disabled_at = None
|
||||
event.deleted_at = None
|
||||
event_repository.save(event)
|
||||
|
||||
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.patch("/events/{item_id}", tags=["events"])
|
||||
async def patch_events_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
|
||||
event_repository = events.EventRepository(database=database.database)
|
||||
event = event_repository.find_one_by_id(ObjectId(item_id))
|
||||
event.status = 1
|
||||
event.disabled_at = None
|
||||
event.deleted_at = None
|
||||
event_repository.save(event)
|
||||
content = {"message": "event is enabled"}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
@ -19,7 +19,7 @@ async def create_user(userSingle: users.UserCreate | None = None):
|
||||
if user is not None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_204_NO_CONTENT,
|
||||
detail="User already exists"
|
||||
detail="User is already exist"
|
||||
)
|
||||
|
||||
fm = FastMail(mail.conf)
|
||||
@ -35,8 +35,7 @@ async def create_user(userSingle: users.UserCreate | None = None):
|
||||
)
|
||||
|
||||
await fm.send_message(message, template_name="mailer.html")
|
||||
current_user = users.User(username=userSingle.username, password=users_token.get_password_hash(userSingle.password), email=userSingle.email, name=userSingle.name, firstName=userSingle.firstName)
|
||||
current_user.status = 0
|
||||
current_user = users.User(username=userSingle.username, password=users_token.get_password_hash(userSingle.password), email=userSingle.email)
|
||||
user_repository.save(current_user)
|
||||
database.connect_redis.set(userSingle.username, key_hashed)
|
||||
return JSONResponse(status_code=status.HTTP_200_OK, content={"message": "email has been sent"})
|
||||
@ -56,6 +55,6 @@ async def confirm_user(key: str | None = None, username: str | None = None):
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Key is invalid"
|
||||
)
|
||||
user.status = 1
|
||||
user.confirmed = True
|
||||
user_repository.save(user)
|
||||
return JSONResponse(status_code=status.HTTP_200_OK, content={"message": "user account confirmed"})
|
||||
@ -1,119 +0,0 @@
|
||||
from fastapi import APIRouter, Depends, HTTPException, status, Response
|
||||
from fastapi.responses import JSONResponse
|
||||
from datetime import datetime
|
||||
from ..dependencies import users_token, permissions_checker, database
|
||||
from ..models import tags, users
|
||||
from pydantic import EmailStr
|
||||
from typing import Annotated, Union
|
||||
from bson import ObjectId
|
||||
from datetime import datetime
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get("/tags", tags=["tags"], response_model=list[tags.TagsOut])
|
||||
async def read_tags(
|
||||
authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))],
|
||||
skip: int = 0,
|
||||
limit: int = 20,
|
||||
id_tags: str | None = None,
|
||||
name: str | None = None
|
||||
):
|
||||
# Validate `skip` and `limit`
|
||||
if limit < 1 or skip < 0 or limit < skip:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="`skip` should be >= 0 and `limit` should be > 0 and greater than `skip`.",
|
||||
)
|
||||
limit = limit + skip
|
||||
|
||||
# Initialize filters
|
||||
filters = []
|
||||
|
||||
|
||||
if name:
|
||||
filters.append({"name": {"$regex": name, "$options": "i"}})
|
||||
|
||||
# Add ID filter
|
||||
if id_tags:
|
||||
try:
|
||||
tags_id = ObjectId(id_tags)
|
||||
filters.append({"_id": {"$eq": event_id}})
|
||||
except Exception:
|
||||
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid event ID format.")
|
||||
|
||||
# Combine all filters
|
||||
object_search = {"$and": filters} if filters else {}
|
||||
|
||||
# Fetch and return results
|
||||
tags_repository = tags.TagsRepository(database=database.database)
|
||||
list_tags = []
|
||||
for tag_index in tags_repository.find_by(object_search, limit=limit, skip=skip):
|
||||
tag = tags.TagsOut(
|
||||
id=tag_index.id,
|
||||
name=tag_index.name
|
||||
)
|
||||
list_tags.append(tag)
|
||||
|
||||
return list_tags
|
||||
|
||||
@router.get("/tags/count", tags=["tags"])
|
||||
async def read_tags_count(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]):
|
||||
count = database.database.get_collection("tags").estimated_document_count()
|
||||
content = {"count":count}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
|
||||
@router.get("/tags/{item_id}", tags=["tags"], response_model=tags.Tags)
|
||||
async def read_tags_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
|
||||
tags_repository = tags.TagsRepository(database=database.database)
|
||||
tag = tags_repository.find_one_by_id(ObjectId(item_id))
|
||||
return tag
|
||||
|
||||
|
||||
@router.delete("/tags/groups",tags=["tags"])
|
||||
async def delete_tags_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], tagsids: tags.TagsIDS | None = None):
|
||||
if len(tagsids.ids) == 0:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="eventids should be greater than 0"
|
||||
)
|
||||
|
||||
tag_repository = tags.TagsRepository(database=database.database)
|
||||
for i in tagsids.ids:
|
||||
tag = tag_repository.find_one_by_id(ObjectId(i))
|
||||
tag_repository.delete_one(tag)
|
||||
content = {"message": "tags removed"}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.delete("/tags/{item_id}", tags=["tags"])
|
||||
async def delete_tags_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
|
||||
tag_repository = tags.TagsRepository(database=database.database)
|
||||
tag = tag_repository.find_one_by_id(ObjectId(item_id))
|
||||
event_repository.delete_one(event)
|
||||
content = {"message": "tags delete"}
|
||||
response = JSONResponse(content=content)
|
||||
return responsed
|
||||
|
||||
@router.put("/tags", tags=["tags"], status_code=status.HTTP_201_CREATED)
|
||||
async def update_tags(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], tagSingle: tags.TagsIn | None = None):
|
||||
if tagSingle is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Body request is empty"
|
||||
)
|
||||
tag_repository = tags.TagsRepository(database=database.database)
|
||||
|
||||
tag = tag_repository.find_one_by({"name": {'$eq': tagSingle.name}})
|
||||
if tag is not None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_204_NO_CONTENT,
|
||||
detail="name"
|
||||
)
|
||||
tag = tags.Tags(name=tagSingle.name)
|
||||
tag.created_at = datetime.today()
|
||||
tag_repository.save(event)
|
||||
content = {"message": "tags created"}
|
||||
response = JSONResponse(content=content, status_code=status.HTTP_201_CREATED)
|
||||
return response
|
||||
@ -7,13 +7,13 @@ from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
|
||||
from ..dependencies import users_token, permissions_checker
|
||||
from ..models import token, users
|
||||
|
||||
|
||||
router = APIRouter()
|
||||
ACCESS_TOKEN_EXPIRE_MINUTES = 30
|
||||
|
||||
@router.post("/token", tags=["token"])
|
||||
async def login_for_access_token(
|
||||
form_data: Annotated[OAuth2PasswordRequestForm, Depends()]):
|
||||
form_data: Annotated[OAuth2PasswordRequestForm, Depends()]
|
||||
):
|
||||
user = users_token.authenticate_user(form_data.username, form_data.password)
|
||||
if not user:
|
||||
raise HTTPException(
|
||||
@ -25,9 +25,9 @@ async def login_for_access_token(
|
||||
access_token = users_token.create_access_token(
|
||||
data={"sub": user.username}, expires_delta=access_token_expires
|
||||
)
|
||||
content = {"roles":user.roles,"message": "Access token generated"}
|
||||
content = {"message": "Access token generated"}
|
||||
response = JSONResponse(content=content)
|
||||
response.set_cookie(key="access_token", value="Bearer {0}".format(access_token), httponly=True)
|
||||
response.set_cookie(key="jwt", value=access_token)
|
||||
return response
|
||||
|
||||
@router.get("/token",tags=["token"])
|
||||
@ -35,10 +35,3 @@ async def check_token(current_user: Annotated[users.User, Depends(users_token.ge
|
||||
content = {"message": "Check token"}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.delete("/token",tags=["token"])
|
||||
async def check_token(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]):
|
||||
content = {"message": "Token deleted"}
|
||||
response = JSONResponse(content=content)
|
||||
response.set_cookie(key="access_token", value="", httponly=True)
|
||||
return response
|
||||
@ -1,9 +1,6 @@
|
||||
from fastapi import APIRouter, Depends, HTTPException, status, Response
|
||||
from fastapi.responses import JSONResponse
|
||||
from datetime import datetime
|
||||
from fastapi import APIRouter, Depends, HTTPException, status
|
||||
from ..dependencies import users_token, permissions_checker, database
|
||||
from ..models import users
|
||||
from pydantic import EmailStr
|
||||
from typing import Annotated
|
||||
from bson import ObjectId
|
||||
router = APIRouter()
|
||||
@ -11,7 +8,7 @@ router = APIRouter()
|
||||
|
||||
|
||||
@router.get("/users", tags=["users"], response_model=list[users.UserOut])
|
||||
async def read_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], skip: int = 0, limit: int = 20, id_user: str | None = None, roles: str | None = None, status: int | None = None, email: EmailStr | None = None, name: str | None = None):
|
||||
async def read_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], skip: int = 0, limit: int = 20):
|
||||
if limit < 1 or skip < 0 or limit < skip:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
@ -20,62 +17,36 @@ async def read_users(authorize: Annotated[bool, Depends(permissions_checker.Perm
|
||||
limit = limit + skip
|
||||
listUsers = []
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
object_search = {}
|
||||
if status is not None and roles is not None:
|
||||
object_search = {"$and":[{"roles":{"$eq": roles}}, {"status":{"$eq":status}}]}
|
||||
else:
|
||||
if status is not None:
|
||||
object_search = {"status":{"$eq": status}}
|
||||
if roles is not None:
|
||||
object_search = {"roles":{"$eq":roles}}
|
||||
if id_user is not None:
|
||||
userid = ObjectId(id_user)
|
||||
object_search = {"id": {"$regex": userid}}
|
||||
if status is not None and roles is not None:
|
||||
object_search = {"$and":[{"id":{"$regex": userid}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]}
|
||||
else:
|
||||
if status is not None:
|
||||
object_search = {"$and":[{"id":{"$regex": userid}}, {"status":{"$eq":status}}]}
|
||||
if roles is not None:
|
||||
object_search = {"$and":[{"id":{"$regex": userid}}, {"roles":{"$eq":roles}}]}
|
||||
if email is not None:
|
||||
object_search = {"email": {"$eq": email}}
|
||||
if status is not None and roles is not None:
|
||||
object_search = {"$and":[{"email":{"$eq": email}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]}
|
||||
else:
|
||||
if status is not None:
|
||||
object_search = {"$and":[{"email":{"$eq": email}}, {"status":{"$eq":status}}]}
|
||||
if roles is not None:
|
||||
object_search = {"$and":[{"email":{"$eq": email}}, {"roles":{"$eq":roles}}]}
|
||||
|
||||
if name is not None:
|
||||
object_search = {"username": {"$regex": name}}
|
||||
if status is not None and roles is not None:
|
||||
object_search = {"$and":[{"username":{"$regex": name}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]}
|
||||
else:
|
||||
if status is not None:
|
||||
object_search = {"$and":[{"username":{"$regex": name}}, {"status":{"$eq":status}}]}
|
||||
if roles is not None:
|
||||
object_search = {"$and":[{"username":{"$regex": name}}, {"roles":{"$eq":roles}}]}
|
||||
|
||||
|
||||
for user_index in user_repository.find_by(object_search, limit=limit, skip=skip):
|
||||
user = users.UserOut(id=user_index.id, username=user_index.username, email=user_index.email, status=user_index.status, roles=user_index.roles, firstName=user_index.firstName, name=user_index.name)
|
||||
for user_index in user_repository.find_by({}, limit=limit, skip=skip):
|
||||
user = users.UserOut(id=user_index.id, username=user_index.username, email=user_index.email, disabled=user_index.disabled, roles=user_index.roles, removed=user_index.removed, confirmed=user_index.confirmed)
|
||||
listUsers.append(user)
|
||||
return listUsers
|
||||
|
||||
@router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "status"])
|
||||
@router.get("/users/search", tags=["users"], response_model=list[users.UserOut])
|
||||
async def read_users_id(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], skip: int = 0, limit: int = 20, key: str | None = None, value: str | None= None):
|
||||
if limit < 1 or skip < 0 or limit < skip:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="skip should be greater than 0 and limit should be greater than 1. Limit should be greater than skip"
|
||||
)
|
||||
if key is None or value is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Key or/and value parameter is empty"
|
||||
)
|
||||
limit = limit + skip
|
||||
listUsers = []
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
for user_index in user_repository.find_by({key: {'$regex': value}}, limit=limit, skip=skip):
|
||||
user = users.UserOut(id=user_index.id, username=user_index.username, disabled=user_index.disabled, roles=user_index.roles, email=user_index.email, removed=user_index.removed, confirmed=user_index.confirmed)
|
||||
listUsers.append(user)
|
||||
return listUsers
|
||||
|
||||
|
||||
@router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "disabled"])
|
||||
async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]):
|
||||
return current_user
|
||||
|
||||
@router.get("/users/count", tags=["users"])
|
||||
async def read_users_count(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
|
||||
count = database.database.get_collection("users").estimated_document_count()
|
||||
content = {"count":count}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
|
||||
@router.get("/users/{item_id}", tags=["users"], response_model=users.User)
|
||||
async def read_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
@ -83,172 +54,52 @@ async def read_users_id(item_id : str, authorize: Annotated[bool, Depends(permis
|
||||
return user
|
||||
|
||||
|
||||
@router.delete("/users/me",tags=["users"])
|
||||
async def delete_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], remove: bool = False):
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
|
||||
@router.delete("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "disabled"])
|
||||
async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], remove: bool = False):
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
current_user.disabled = True
|
||||
if remove is True:
|
||||
current_user.deleted_at = datetime.today()
|
||||
current_user.status = -1
|
||||
content = {"message": "users are deleted"}
|
||||
else:
|
||||
current_user.status = 0
|
||||
current_user.deleted_at = datetime.today()
|
||||
content = {"message": "users are disabled"}
|
||||
current_user.removed = True
|
||||
user_repository.save(current_user)
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.delete("/users/groups",tags=["users"])
|
||||
async def delete_users_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove: bool = False, userids: users.UserIDS | None = None):
|
||||
if len(userids.ids) == 0:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="userids should be greater than 0"
|
||||
)
|
||||
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
for i in userids.ids:
|
||||
user = user_repository.find_one_by_id(ObjectId(i))
|
||||
if remove is True:
|
||||
user.status = -1
|
||||
user.deleted_at = datetime.today()
|
||||
content = {"message": "users are deleted "}
|
||||
else:
|
||||
user.status = 0
|
||||
user.disabled_at = datetime.today()
|
||||
content = {"message": "users are disabled"}
|
||||
user_repository.save(user)
|
||||
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.delete("/users/{item_id}", tags=["users"])
|
||||
async def delete_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove : bool = False):
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
user = user_repository.find_one_by_id(ObjectId(item_id))
|
||||
if remove is True:
|
||||
user.status = -1
|
||||
user.deleted_at = datetime.today()
|
||||
content = {"message": "users are deleted"}
|
||||
else:
|
||||
user.status = 0
|
||||
user.disabled_at = datetime.today()
|
||||
content = {"message": "users are disabled"}
|
||||
user_repository.save(user)
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
|
||||
@router.put("/users/me",tags=["users"])
|
||||
async def update_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], userSingle: users.UserIn | None = None):
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
current_user.username = userSingle.username
|
||||
if len(userSingle.password) > 0:
|
||||
current_user.password = user_token.get_password_hash(userSingle.password)
|
||||
current_user.email = userSingle.email
|
||||
current_user.name = userSingle.name
|
||||
current_user.firstName = userSingle.firstName
|
||||
current_user.birth = userSingle.birth
|
||||
user_repository.save(current_user)
|
||||
content = {"message": "user is updated"}
|
||||
response = JSONResponse(content=content)
|
||||
return current_user
|
||||
|
||||
@router.put("/users", tags=["users"], status_code=status.HTTP_201_CREATED)
|
||||
async def update_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userSingle: users.UserIn | None = None):
|
||||
if userSingle is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Body request is empty"
|
||||
)
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
|
||||
user = user_repository.find_one_by({"$or":[{"username": {'$eq': userSingle.username}}, {"email": {"$eq": userSingle.email}}]})
|
||||
if user is not None:
|
||||
if user.username == userSingle.username:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_204_NO_CONTENT,
|
||||
detail="username"
|
||||
)
|
||||
if user.email == userSingle.email:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_204_NO_CONTENT,
|
||||
detail="email"
|
||||
)
|
||||
|
||||
user = users.User(username=userSingle.username, password=users_token.get_password_hash(userSingle.password), email=userSingle.email)
|
||||
user.roles = userSingle.roles
|
||||
user.firstName = userSingle.firstName
|
||||
user.name = userSingle.name
|
||||
user.birth = userSingle.birth
|
||||
user.created_at = datetime.today()
|
||||
user_repository.save(user)
|
||||
content = {"message": "user is created"}
|
||||
response = JSONResponse(content=content, status_code=status.HTTP_201_CREATED)
|
||||
return response
|
||||
|
||||
|
||||
@router.put("/users/{item_id}", tags=["users"], status_code=status.HTTP_200_OK)
|
||||
async def update_users_id(item_id: str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userSingle: users.UserIn | None = None, response: Response = Response):
|
||||
if userSingle is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Body request is empty"
|
||||
)
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
|
||||
user = user_repository.find_one_by({"id": {'$eq': ObjectId(item_id)}})
|
||||
if user is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="User not found"
|
||||
)
|
||||
|
||||
user.username = userSingle.username
|
||||
if len(userSingle.password) > 0:
|
||||
user.password = users_token.get_password_hash(userSingle.password)
|
||||
user.roles = userSingle.roles
|
||||
user.email = userSingle.email
|
||||
user.firstName = userSingle.firstName
|
||||
user.name = userSingle.name
|
||||
user.birth = userSingle.birth
|
||||
user.updated_at = datetime.today()
|
||||
user_repository.save(user)
|
||||
content = {"message": "user is updated"}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
|
||||
@router.patch("/users/groups",tags=["users"])
|
||||
async def patch_users_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userids: users.UserIDS | None = None):
|
||||
if len(userids.ids) == 0:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="userids should be greater than 0"
|
||||
)
|
||||
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
content = {"message": "users are enabled"}
|
||||
for i in userids.ids:
|
||||
user = user_repository.find_one_by_id(ObjectId(i))
|
||||
user.status = 1
|
||||
user.disabled_at = None
|
||||
user.deleted_at = None
|
||||
user_repository.save(user)
|
||||
|
||||
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
|
||||
@router.patch("/users/{item_id}", tags=["users"], response_model=users.User)
|
||||
async def patch_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
|
||||
@router.delete("/users/{item_id}", tags=["users"], response_model=users.User)
|
||||
async def read_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove : bool = False):
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
user = user_repository.find_one_by_id(ObjectId(item_id))
|
||||
user.status = 1
|
||||
user.disabled_at = None
|
||||
user.deleted_at = None
|
||||
user.disabled = True
|
||||
if remove is True:
|
||||
user.removed = True
|
||||
user_repository.save(user)
|
||||
content = {"message": "user is enabled"}
|
||||
response = JSONResponse(content=content)
|
||||
return response
|
||||
return user
|
||||
|
||||
@router.put("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "disabled"])
|
||||
async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], userSingle: users.UserIn | None = None):
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
current_user.username = userSingle.username
|
||||
current_user.password = user_token.get_password_hash(userSingle.password)
|
||||
current_user.roles = userSingle.roles
|
||||
current_user.email = userSingle.email
|
||||
user_repository.save(current_user)
|
||||
return current_user
|
||||
|
||||
@router.put("/users", tags=["users"], response_model=users.User, status_code=status.HTTP_200_OK)
|
||||
async def read_users_id(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userSingle: users.UserIn | None = None):
|
||||
if userSingle is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Body request is empty"
|
||||
)
|
||||
user_repository = users.UserRepository(database=database.database)
|
||||
|
||||
user = user_repository.find_one_by({"username": {'$eq': userSingle.username}})
|
||||
if user is None:
|
||||
response.status_code = status.HTTP_201_CREATED
|
||||
user = users.User()
|
||||
user.username = userSingle.username
|
||||
user.password = user_token.get_password_hash(userSingle.password)
|
||||
user.roles = userSingle.roles
|
||||
user.email = userSingle.email
|
||||
user_repository.save(user)
|
||||
return user
|
||||
Loading…
x
Reference in New Issue
Block a user