from fastapi import APIRouter, Depends, HTTPException, status, Response from fastapi.responses import JSONResponse from datetime import datetime from ..dependencies import users_token, permissions_checker, database from ..models import users from pydantic import EmailStr from typing import Annotated from bson import ObjectId router = APIRouter() @router.get("/users", tags=["users"], response_model=list[users.UserOut]) async def read_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], skip: int = 0, limit: int = 20, id_user: str | None = None, roles: str | None = None, status: int | None = None, email: EmailStr | None = None, name: str | None = None): if limit < 1 or skip < 0 or limit < skip: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="skip should be greater than 0 and limit should be greater than 1. Limit should be greater than skip" ) limit = limit + skip listUsers = [] user_repository = users.UserRepository(database=database.database) object_search = {} if status is not None and roles is not None: object_search = {"$and":[{"roles":{"$eq": roles}}, {"status":{"$eq":status}}]} else: if status is not None: object_search = {"status":{"$eq": status}} if roles is not None: object_search = {"roles":{"$eq":roles}} if id_user is not None: userid = ObjectId(id_user) object_search = {"id": {"$regex": userid}} if status is not None and roles is not None: object_search = {"$and":[{"id":{"$regex": userid}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]} else: if status is not None: object_search = {"$and":[{"id":{"$regex": userid}}, {"status":{"$eq":status}}]} if roles is not None: object_search = {"$and":[{"id":{"$regex": userid}}, {"roles":{"$eq":roles}}]} if email is not None: object_search = {"email": {"$eq": email}} if status is not None and roles is not None: object_search = {"$and":[{"email":{"$eq": email}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]} else: if status is not None: object_search = {"$and":[{"email":{"$eq": email}}, {"status":{"$eq":status}}]} if roles is not None: object_search = {"$and":[{"email":{"$eq": email}}, {"roles":{"$eq":roles}}]} if name is not None: object_search = {"username": {"$regex": name}} if status is not None and roles is not None: object_search = {"$and":[{"username":{"$regex": name}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]} else: if status is not None: object_search = {"$and":[{"username":{"$regex": name}}, {"status":{"$eq":status}}]} if roles is not None: object_search = {"$and":[{"username":{"$regex": name}}, {"roles":{"$eq":roles}}]} for user_index in user_repository.find_by(object_search, limit=limit, skip=skip): user = users.UserOut(id=user_index.id, username=user_index.username, email=user_index.email, status=user_index.status, roles=user_index.roles, firstName=user_index.firstName, name=user_index.name) listUsers.append(user) return listUsers @router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "status"]) async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]): return current_user @router.get("/users/count", tags=["users"]) async def read_users_count(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]): count = database.database.get_collection("users").estimated_document_count() content = {"count":count} response = JSONResponse(content=content) return response @router.get("/users/{item_id}", tags=["users"], response_model=users.User) async def read_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]): user_repository = users.UserRepository(database=database.database) user = user_repository.find_one_by_id(ObjectId(item_id)) return user @router.delete("/users/me",tags=["users"]) async def delete_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], remove: bool = False): user_repository = users.UserRepository(database=database.database) if remove is True: current_user.deleted_at = datetime.today() current_user.status = -1 content = {"message": "users are deleted"} else: current_user.status = 0 current_user.deleted_at = datetime.today() content = {"message": "users are disabled"} user_repository.save(current_user) response = JSONResponse(content=content) return response @router.delete("/users/groups",tags=["users"]) async def delete_users_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove: bool = False, userids: users.UserIDS | None = None): if len(userids.ids) == 0: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="userids should be greater than 0" ) user_repository = users.UserRepository(database=database.database) for i in userids.ids: user = user_repository.find_one_by_id(ObjectId(i)) if remove is True: user.status = -1 user.deleted_at = datetime.today() content = {"message": "users are deleted "} else: user.status = 0 user.disabled_at = datetime.today() content = {"message": "users are disabled"} user_repository.save(user) response = JSONResponse(content=content) return response @router.delete("/users/{item_id}", tags=["users"]) async def delete_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove : bool = False): user_repository = users.UserRepository(database=database.database) user = user_repository.find_one_by_id(ObjectId(item_id)) if remove is True: user.status = -1 user.deleted_at = datetime.today() content = {"message": "users are deleted"} else: user.status = 0 user.disabled_at = datetime.today() content = {"message": "users are disabled"} user_repository.save(user) response = JSONResponse(content=content) return response @router.put("/users/me",tags=["users"]) async def update_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], userSingle: users.UserIn | None = None): user_repository = users.UserRepository(database=database.database) current_user.username = userSingle.username if len(userSingle.password) > 0: current_user.password = user_token.get_password_hash(userSingle.password) current_user.email = userSingle.email current_user.name = userSingle.name current_user.firstName = userSingle.firstName current_user.birth = userSingle.birth user_repository.save(current_user) content = {"message": "user is updated"} response = JSONResponse(content=content) return current_user @router.put("/users", tags=["users"], status_code=status.HTTP_201_CREATED) async def update_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userSingle: users.UserIn | None = None): if userSingle is None: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Body request is empty" ) user_repository = users.UserRepository(database=database.database) user = user_repository.find_one_by({"$or":[{"username": {'$eq': userSingle.username}}, {"email": {"$eq": userSingle.email}}]}) if user is not None: if user.username == userSingle.username: raise HTTPException( status_code=status.HTTP_204_NO_CONTENT, detail="username" ) if user.email == userSingle.email: raise HTTPException( status_code=status.HTTP_204_NO_CONTENT, detail="email" ) user = users.User(username=userSingle.username, password=users_token.get_password_hash(userSingle.password), email=userSingle.email) user.roles = userSingle.roles user.firstName = userSingle.firstName user.name = userSingle.name user.birth = userSingle.birth user.created_at = datetime.today() user_repository.save(user) content = {"message": "user is created"} response = JSONResponse(content=content, status_code=status.HTTP_201_CREATED) return response @router.put("/users/{item_id}", tags=["users"], status_code=status.HTTP_200_OK) async def update_users_id(item_id: str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userSingle: users.UserIn | None = None, response: Response = Response): if userSingle is None: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Body request is empty" ) user_repository = users.UserRepository(database=database.database) user = user_repository.find_one_by({"id": {'$eq': ObjectId(item_id)}}) if user is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) user.username = userSingle.username if len(userSingle.password) > 0: user.password = users_token.get_password_hash(userSingle.password) user.roles = userSingle.roles user.email = userSingle.email user.firstName = userSingle.firstName user.name = userSingle.name user.birth = userSingle.birth user.updated_at = datetime.today() user_repository.save(user) content = {"message": "user is updated"} response = JSONResponse(content=content) return response @router.patch("/users/groups",tags=["users"]) async def patch_users_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userids: users.UserIDS | None = None): if len(userids.ids) == 0: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="userids should be greater than 0" ) user_repository = users.UserRepository(database=database.database) content = {"message": "users are enabled"} for i in userids.ids: user = user_repository.find_one_by_id(ObjectId(i)) user.status = 1 user.disabled_at = None user.deleted_at = None user_repository.save(user) response = JSONResponse(content=content) return response @router.patch("/users/{item_id}", tags=["users"], response_model=users.User) async def patch_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]): user_repository = users.UserRepository(database=database.database) user = user_repository.find_one_by_id(ObjectId(item_id)) user.status = 1 user.disabled_at = None user.deleted_at = None user_repository.save(user) content = {"message": "user is enabled"} response = JSONResponse(content=content) return response