From 9346aae5efec2d61408ff33ed14b05f381e2e881 Mon Sep 17 00:00:00 2001 From: IluaAir Date: Sat, 16 Aug 2025 11:52:53 +0300 Subject: [PATCH] add delete task, update dep --- src/api/dependacies/user_dep.py | 32 +++++++++++++++++++++++++++----- src/api/v1/tasks.py | 24 +++++++++++------------- src/api/v1/users.py | 13 ++++++++++--- src/services/tasks.py | 7 +++++++ 4 files changed, 55 insertions(+), 21 deletions(-) diff --git a/src/api/dependacies/user_dep.py b/src/api/dependacies/user_dep.py index d8597fa..d5e8e5d 100644 --- a/src/api/dependacies/user_dep.py +++ b/src/api/dependacies/user_dep.py @@ -8,6 +8,7 @@ from src.api.dependacies.db_dep import sessionDep from src.core.auth_manager import AuthManager from src.core.settings import settings from src.schemas.auth import TokenData +from src.services.tasks import TaskService from src.services.users import UserService oauth2_scheme = OAuth2PasswordBearer(tokenUrl=f"{settings.api.v1_login_url}/login") @@ -51,14 +52,35 @@ async def get_admin_user(db: sessionDep, current_user: ActiveUser): AdminUser = Annotated[TokenData, Depends(get_admin_user)] -async def user_or_admin( - db: sessionDep, current_user: ActiveUser, id: Annotated[int, Path()] -): - if current_user.id == id: +async def user_or_admin(db: sessionDep, current_user: ActiveUser, owner_id: int): + if current_user.id == owner_id: return current_user else: admin = await get_admin_user(db, current_user) return admin -CurrentOrAdmin = Annotated[TokenData, Depends(user_or_admin)] +async def CurrentOrAdminOwner( + db: sessionDep, current_user: ActiveUser, id: Annotated[int, Path()] +): + authorized_user = await user_or_admin(db, current_user, id) + if not authorized_user: + raise HTTPException(status_code=403, detail="Not authorized") + return authorized_user + + +async def CurrentOrAdminTask( + db: sessionDep, + id: Annotated[int, Path()], + current_user: ActiveUser, +): + task = await TaskService(db).get_task(id) + if not task: + raise HTTPException(status_code=404, detail="Task not found") + + return await CurrentOrAdminOwner(db, current_user, task.user_id) + + +OwnerDep = Annotated[TokenData, Depends(CurrentOrAdminOwner)] + +TaskOwnerDep = Annotated[TokenData, Depends(CurrentOrAdminTask)] diff --git a/src/api/v1/tasks.py b/src/api/v1/tasks.py index d4ef4dd..096815c 100644 --- a/src/api/v1/tasks.py +++ b/src/api/v1/tasks.py @@ -3,7 +3,8 @@ from typing import Annotated from fastapi import APIRouter, Depends from src.api.dependacies.db_dep import sessionDep -from src.api.dependacies.user_dep import ActiveUser +from src.api.dependacies.user_dep import ActiveUser, CurrentOrAdminTask, TaskOwnerDep +from src.schemas.auth import TokenData from src.schemas.tasks import TaskADDRequest from src.services.tasks import TaskService from src.services.users import UserService @@ -17,8 +18,8 @@ async def get_tasks(session: sessionDep, user: ActiveUser): return result -@router.get("/{task_id}") -async def get_task_id(task_id: int): ... +@router.get("/{id}") +async def get_task_id(id: int): ... @router.post("/") @@ -33,13 +34,10 @@ async def post_task( return result -@router.put("/{task_id}") -async def put_task(task_id: int): ... - - -@router.patch("/{task_id}") -async def patch_task(task_id: int): ... - - -@router.delete("/{task_id}") -async def delete_task(task_id: int): ... +@router.delete("/{id}") +async def delete_task( + session: sessionDep, + id: int, + _: TaskOwnerDep, +): + await TaskService(session).delete_task(id) diff --git a/src/api/v1/users.py b/src/api/v1/users.py index 95f8246..fb5f0bd 100644 --- a/src/api/v1/users.py +++ b/src/api/v1/users.py @@ -1,7 +1,11 @@ from fastapi import APIRouter, Body from src.api.dependacies.db_dep import sessionDep -from src.api.dependacies.user_dep import ActiveUser, AdminUser, CurrentOrAdmin +from src.api.dependacies.user_dep import ( + ActiveUser, + AdminUser, + OwnerDep, +) from src.core.settings import settings from src.schemas.users import UserUpdate from src.services.users import UserService @@ -21,14 +25,17 @@ async def get_all_users(session: sessionDep, _: AdminUser): @router.get("/{id}") -async def get_user_by_id(session: sessionDep, id: int, _: CurrentOrAdmin): +async def get_user_by_id(session: sessionDep, id: int, _: OwnerDep): user = await UserService(session).get_user_by_filter_or_raise(id=id) return user @router.patch("/{id}") async def patch_user( - session: sessionDep, id: int, _: CurrentOrAdmin, user_update: UserUpdate = Body() + session: sessionDep, + id: int, + _: OwnerDep, + user_update: UserUpdate = Body(), ): updated_user = await UserService(session).update_user( id=id, update_data=user_update diff --git a/src/services/tasks.py b/src/services/tasks.py index 0c11fb0..bf978b0 100644 --- a/src/services/tasks.py +++ b/src/services/tasks.py @@ -17,3 +17,10 @@ class TaskService(BaseService): created_task_orm = await self.session.task.create_one(data_to_insert) await self.session.commit() return Task.model_validate(created_task_orm) + + async def get_task(self, task_id: int): + return await self.session.task.get_one_or_none(id=task_id) + + async def delete_task(self, task_id: int): + await self.session.task.delete_one(id=task_id) + await self.session.commit()