65 lines
1.8 KiB
Python
65 lines
1.8 KiB
Python
from typing import Annotated
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from psycopg2._psycopg import connection
|
|
|
|
import db.pictures as db
|
|
import settings.settings as settings
|
|
from api.models import Picture, User
|
|
from api.utils import get_current_user
|
|
from db.internal import get_db_connection
|
|
|
|
pictures_router = APIRouter(prefix="/api/pictures", tags=["pictures"])
|
|
|
|
|
|
@pictures_router.post("/picture")
|
|
async def read_picture(
|
|
id: int,
|
|
conn: Annotated[connection, Depends(get_db_connection)],
|
|
current_user: Annotated[User, Depends(get_current_user)]
|
|
):
|
|
picture = Picture()
|
|
picture_data = db.get_picture(conn, id)
|
|
if picture_data is None:
|
|
return HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="No such picture",
|
|
)
|
|
picture.fill(picture_data)
|
|
return picture
|
|
|
|
|
|
@pictures_router.post("/add")
|
|
async def add_picture(
|
|
conn: Annotated[connection, Depends(get_db_connection)],
|
|
current_user: Annotated[User, Depends(get_current_user)],
|
|
source: str,
|
|
external_id: str,
|
|
url: str,
|
|
metadata: dict
|
|
):
|
|
if not settings.settings.allow_create_pictures and current_user.role not in settings.settings.admin_roles:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_403_FORBIDDEN,
|
|
detail="Not allowed",
|
|
)
|
|
|
|
return {
|
|
"id": db.create_picture(conn, source, external_id, url, metadata)
|
|
}
|
|
|
|
|
|
@pictures_router.post("/delete")
|
|
async def delete_picture(
|
|
picture_id: int,
|
|
conn: Annotated[connection, Depends(get_db_connection)],
|
|
current_user: Annotated[User, Depends(get_current_user)]
|
|
):
|
|
if current_user.role in settings.settings.admin_roles:
|
|
return db.delete_picture(conn, picture_id)
|
|
else:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_403_FORBIDDEN,
|
|
detail="Not allowed",
|
|
)
|