backend-collector/app/routers/users.py

from fastapi import APIRouter, Depends, HTTPException, status, Response
from fastapi.responses import JSONResponse
from datetime import datetime
from ..dependencies import users_token, permissions_checker, database
from ..models import users
from pydantic import EmailStr
from typing import Annotated
from bson import ObjectId
router = APIRouter()



@router.get("/users", tags=["users"], response_model=list[users.UserOut])
async def read_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], skip: int = 0, limit: int = 20, id_user: str | None = None, roles: str | None = None, status: int | None = None, email: EmailStr | None = None, name: str | None = None):
    if limit < 1 or skip < 0 or limit < skip:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="skip should be greater than 0 and limit should be greater than 1. Limit should be greater than skip"
        )
    limit = limit + skip
    listUsers = []
    user_repository = users.UserRepository(database=database.database)
    object_search = {}
    if status is not None and roles is not None:
        object_search = {"$and":[{"roles":{"$eq": roles}}, {"status":{"$eq":status}}]}
    else:
        if status is not None:
            object_search = {"status":{"$eq": status}}
        if roles is not None:
            object_search =  {"roles":{"$eq":roles}}
    if id_user is not None:
        userid = ObjectId(id_user)
        object_search = {"id": {"$regex": userid}}
        if status is not None and roles is not None:
            object_search = {"$and":[{"id":{"$regex": userid}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]}
        else:
            if status is not None:
                object_search = {"$and":[{"id":{"$regex": userid}}, {"status":{"$eq":status}}]}
            if roles is not None:
                object_search = {"$and":[{"id":{"$regex": userid}}, {"roles":{"$eq":roles}}]}
    if email is not None:
        object_search = {"email": {"$eq": email}}
        if status is not None and roles is not None:
            object_search = {"$and":[{"email":{"$eq": email}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]}
        else:
            if status is not None:
                object_search = {"$and":[{"email":{"$eq": email}}, {"status":{"$eq":status}}]}
            if roles is not None:
                object_search = {"$and":[{"email":{"$eq": email}}, {"roles":{"$eq":roles}}]}

    if name is not None:
        object_search = {"username": {"$regex": name}}
        if status is not None and roles is not None:
            object_search = {"$and":[{"username":{"$regex": name}}, {"roles":{"$eq": roles}}, {"status":{"$eq":status}}]}
        else:
            if status is not None:
                object_search = {"$and":[{"username":{"$regex": name}}, {"status":{"$eq":status}}]}
            if roles is not None:
                object_search = {"$and":[{"username":{"$regex": name}}, {"roles":{"$eq":roles}}]}


    for user_index in user_repository.find_by(object_search, limit=limit, skip=skip):
        user = users.UserOut(id=user_index.id, username=user_index.username, email=user_index.email, status=user_index.status, roles=user_index.roles, firstName=user_index.firstName, name=user_index.name)
        listUsers.append(user)
    return listUsers

@router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "status"])
async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]):
        return current_user

@router.get("/users/count", tags=["users"])
async def read_users_count(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
    count = database.database.get_collection("users").estimated_document_count()
    content = {"count":count}
    response = JSONResponse(content=content)
    return response


@router.get("/users/{item_id}", tags=["users"], response_model=users.User)
async def read_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
    user_repository = users.UserRepository(database=database.database)
    user = user_repository.find_one_by_id(ObjectId(item_id))
    return user


@router.delete("/users/me",tags=["users"])
async def delete_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], remove: bool = False):
    user_repository = users.UserRepository(database=database.database)
    
    if remove is True:
        current_user.deleted_at = datetime.today()
        current_user.status = -1
        content = {"message": "users are deleted"}
    else:
        current_user.status = 0
        current_user.deleted_at = datetime.today()
        content = {"message": "users are disabled"}
    user_repository.save(current_user)
    response = JSONResponse(content=content)
    return response

@router.delete("/users/groups",tags=["users"])
async def delete_users_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove: bool = False, userids: users.UserIDS | None = None):
    if len(userids.ids) == 0:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="userids should be greater than 0"
        )
    
    user_repository = users.UserRepository(database=database.database)
    for i in userids.ids:
        user = user_repository.find_one_by_id(ObjectId(i))
        if remove is True:
            user.status = -1
            user.deleted_at = datetime.today()
            content = {"message": "users are deleted "}
        else:
            user.status = 0
            user.disabled_at = datetime.today()
            content = {"message": "users are disabled"}
        user_repository.save(user)
    
    response = JSONResponse(content=content)
    return response

@router.delete("/users/{item_id}", tags=["users"])
async def delete_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], remove : bool = False):
    user_repository = users.UserRepository(database=database.database)
    user = user_repository.find_one_by_id(ObjectId(item_id))
    if remove is True:
        user.status = -1
        user.deleted_at = datetime.today()
        content = {"message": "users are deleted"}
    else:
        user.status = 0
        user.disabled_at = datetime.today()
        content = {"message": "users are disabled"}
    user_repository.save(user)
    response = JSONResponse(content=content)  
    return response

@router.put("/users/me",tags=["users"])
async def update_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))], userSingle: users.UserIn | None = None):
    user_repository = users.UserRepository(database=database.database)
    current_user.username = userSingle.username
    current_user.password = user_token.get_password_hash(userSingle.password)
    current_user.roles = userSingle.roles
    current_user.email = userSingle.email
    user_repository.save(current_user)
    content = {"message": "user is updated"}
    response = JSONResponse(content=content)  
    return current_user

@router.put("/users", tags=["users"], status_code=status.HTTP_201_CREATED)
async def update_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userSingle: users.UserIn | None = None):
    if userSingle is None:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="Body request is empty"
        )
    user_repository = users.UserRepository(database=database.database)

    user = user_repository.find_one_by({"$or":[{"username": {'$eq': userSingle.username}}, {"email": {"$eq": userSingle.email}}]})
    if user is not None:
        if user.username == userSingle.username:
            raise HTTPException(
                status_code=status.HTTP_204_NO_CONTENT,
                detail="username"
            )
        if user.email == userSingle.email:
            raise HTTPException(
                status_code=status.HTTP_204_NO_CONTENT,
                detail="email"
            )

    user = users.User(username=userSingle.username, password=users_token.get_password_hash(userSingle.password), email=userSingle.email)
    user.roles = userSingle.roles
    user.firstName = userSingle.firstName
    user.name = userSingle.name
    user.birth = userSingle.birth
    user.created_at = datetime.today()
    user_repository.save(user)
    content = {"message": "user is created"}
    response = JSONResponse(content=content, status_code=status.HTTP_201_CREATED)  
    return response


@router.put("/users/{item_id}", tags=["users"], status_code=status.HTTP_200_OK)
async def update_users_id(item_id: str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userSingle: users.UserIn | None = None, response: Response = Response):
    if userSingle is None:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="Body request is empty"
        )
    user_repository = users.UserRepository(database=database.database)

    user = user_repository.find_one_by({"id": {'$eq': ObjectId(item_id)}})
    if user is None:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found"
        )
        
    user.username = userSingle.username
    user.password = users_token.get_password_hash(userSingle.password)
    user.roles = userSingle.roles
    user.email = userSingle.email
    user.firstName = userSingle.firstName
    user.name = userSingle.name
    user.birth = userSingle.birth
    user.updated_at = datetime.today()
    user_repository.save(user)
    content = {"message": "user is updated"}
    response = JSONResponse(content=content)  
    return response


@router.patch("/users/groups",tags=["users"])
async def patch_users_groups(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], userids: users.UserIDS | None = None):
    if len(userids.ids) == 0:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="userids should be greater than 0"
        )
    
    user_repository = users.UserRepository(database=database.database)
    content = {"message": "users are enabled"}
    for i in userids.ids:
        user = user_repository.find_one_by_id(ObjectId(i))
        user.status = 1
        user.disabled_at = None
        user.deleted_at = None
        user_repository.save(user)
    
    
    response = JSONResponse(content=content)
    return response

@router.patch("/users/{item_id}", tags=["users"], response_model=users.User)
async def patch_users_id(item_id : str, authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
    user_repository = users.UserRepository(database=database.database)
    user = user_repository.find_one_by_id(ObjectId(item_id))
    user.status = 1
    user.disabled_at = None
    user.deleted_at = None
    user_repository.save(user)
    content = {"message": "user is enabled"}
    response = JSONResponse(content=content)  
    return response