groups WIP

2025-07-29 20:22:14 +03:00
parent 2ef27a9137
commit c203a890dc
9 changed files with 155 additions and 26 deletions
--- a/src/api/general.py
+++ b/src/api/general.py
@ -7,7 +7,7 @@ from api.models import User
 from api.utils import get_current_user
 from settings.settings import load_settings, reset_settings, save_settings

-general_router = APIRouter(prefix="/api", tags=["status"])
+general_router = APIRouter(prefix="/api", tags=["general"])


@general_router.get('/ping')
--- a/src/api/groups.py
+++ b/src/api/groups.py
@ -0,0 +1,72 @@
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from psycopg2._psycopg import connection
+
+import db.users as db
+import settings.settings as settings
+from api.models import User
+from api.utils import get_current_user
+from db.internal import get_db_connection
+
+groups_router = APIRouter(prefix="/api/groups", tags=["groups"])
+
+
+@groups_router.get("/my")
+async def read_users_groups(current_user: Annotated[User, Depends(get_current_user)]):
+    return current_user
+
+@groups_router.post("/user")
+async def read_users_any_groups(
+    username: str,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    if current_user.role not in settings.settings.admin_roles:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+    user = User()
+    user_data = db.get_user(conn, username)
+    if user_data is None:
+        return HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="No such user",
+        )
+    user.fill(user_data)
+    return user
+
+
+@groups_router.post("/add")
+async def add_group(
+    groupname: str,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    # TODO
+    pass
+    # if not settings.settings.allow_create_admins_by_admins:
+    #     if current_user.role not in settings.settings.admin_roles:
+    #         raise HTTPException(
+    #             status_code=status.HTTP_403_FORBIDDEN,
+    #             detail="Not allowed",
+    #         )
+    # return db.create_user(conn, username, hashed_password, "admin")
+
+
+@groups_router.post("/delete")
+async def delete_user(
+    groupname: str,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    # TODO
+    pass
+    # if current_user.username == username or current_user.role in settings.settings.admin_roles:
+    #     return db.delete_user(conn, groupname)
+    # else:
+    #     raise HTTPException(
+    #         status_code=status.HTTP_403_FORBIDDEN,
+    #         detail="Not allowed",
+    #     )
--- a/src/api/users.py
+++ b/src/api/users.py
@ -100,6 +100,21 @@ async def update_disabled(
            detail="Not allowed",
        )

+@users_router.post("/update/role")
+async def update_role(
+    username: str,
+    role: str,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    if current_user.role in settings.settings.admin_roles:
+        return db.update_user_role(conn, username, role)
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+

@users_router.post("/update/username")
 async def update_username(