add delete task, update dep

src/api/dependacies/user_dep.py

@@ -8,6 +8,7 @@ from src.api.dependacies.db_dep import sessionDep
 from src.core.auth_manager import AuthManager
 from src.core.settings import settings
 from src.schemas.auth import TokenData
+from src.services.tasks import TaskService
 from src.services.users import UserService
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl=f"{settings.api.v1_login_url}/login")
@@ -51,14 +52,35 @@ async def get_admin_user(db: sessionDep, current_user: ActiveUser):
 AdminUser = Annotated[TokenData, Depends(get_admin_user)]
 
 
-async def user_or_admin(
-    db: sessionDep, current_user: ActiveUser, id: Annotated[int, Path()]
-):
-    if current_user.id == id:
+async def user_or_admin(db: sessionDep, current_user: ActiveUser, owner_id: int):
+    if current_user.id == owner_id:
         return current_user
     else:
         admin = await get_admin_user(db, current_user)
         return admin
 
 
-CurrentOrAdmin = Annotated[TokenData, Depends(user_or_admin)]
+async def CurrentOrAdminOwner(
+    db: sessionDep, current_user: ActiveUser, id: Annotated[int, Path()]
+):
+    authorized_user = await user_or_admin(db, current_user, id)
+    if not authorized_user:
+        raise HTTPException(status_code=403, detail="Not authorized")
+    return authorized_user
+
+
+async def CurrentOrAdminTask(
+    db: sessionDep,
+    id: Annotated[int, Path()],
+    current_user: ActiveUser,
+):
+    task = await TaskService(db).get_task(id)
+    if not task:
+        raise HTTPException(status_code=404, detail="Task not found")
+
+    return await CurrentOrAdminOwner(db, current_user, task.user_id)
+
+
+OwnerDep = Annotated[TokenData, Depends(CurrentOrAdminOwner)]
+
+TaskOwnerDep = Annotated[TokenData, Depends(CurrentOrAdminTask)]

src/api/v1/tasks.py

@@ -3,7 +3,8 @@ from typing import Annotated
 from fastapi import APIRouter, Depends
 
 from src.api.dependacies.db_dep import sessionDep
-from src.api.dependacies.user_dep import ActiveUser
+from src.api.dependacies.user_dep import ActiveUser, CurrentOrAdminTask, TaskOwnerDep
+from src.schemas.auth import TokenData
 from src.schemas.tasks import TaskADDRequest
 from src.services.tasks import TaskService
 from src.services.users import UserService
@@ -17,8 +18,8 @@ async def get_tasks(session: sessionDep, user: ActiveUser):
     return result
 
 
-@router.get("/{task_id}")
-async def get_task_id(task_id: int): ...
+@router.get("/{id}")
+async def get_task_id(id: int): ...
 
 
 @router.post("/")
@@ -33,13 +34,10 @@ async def post_task(
     return result
 
 
-@router.put("/{task_id}")
-async def put_task(task_id: int): ...
-
-
-@router.patch("/{task_id}")
-async def patch_task(task_id: int): ...
-
-
-@router.delete("/{task_id}")
-async def delete_task(task_id: int): ...
+@router.delete("/{id}")
+async def delete_task(
+    session: sessionDep,
+    id: int,
+    _: TaskOwnerDep,
+):
+    await TaskService(session).delete_task(id)

src/api/v1/users.py

@@ -1,7 +1,11 @@
 from fastapi import APIRouter, Body
 
 from src.api.dependacies.db_dep import sessionDep
-from src.api.dependacies.user_dep import ActiveUser, AdminUser, CurrentOrAdmin
+from src.api.dependacies.user_dep import (
+    ActiveUser,
+    AdminUser,
+    OwnerDep,
+)
 from src.core.settings import settings
 from src.schemas.users import UserUpdate
 from src.services.users import UserService
@@ -21,14 +25,17 @@ async def get_all_users(session: sessionDep, _: AdminUser):
 
 
 @router.get("/{id}")
-async def get_user_by_id(session: sessionDep, id: int, _: CurrentOrAdmin):
+async def get_user_by_id(session: sessionDep, id: int, _: OwnerDep):
     user = await UserService(session).get_user_by_filter_or_raise(id=id)
     return user
 
 
 @router.patch("/{id}")
 async def patch_user(
-    session: sessionDep, id: int, _: CurrentOrAdmin, user_update: UserUpdate = Body()
+    session: sessionDep,
+    id: int,
+    _: OwnerDep,
+    user_update: UserUpdate = Body(),
 ):
     updated_user = await UserService(session).update_user(
         id=id, update_data=user_update