add delete task, update dep

src/api/dependacies/user_dep.py

@@ -8,6 +8,7 @@ from src.api.dependacies.db_dep import sessionDep
 from src.core.auth_manager import AuthManager
 from src.core.settings import settings
 from src.schemas.auth import TokenData
+from src.services.tasks import TaskService
 from src.services.users import UserService
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl=f"{settings.api.v1_login_url}/login")
@@ -51,14 +52,35 @@ async def get_admin_user(db: sessionDep, current_user: ActiveUser):
 AdminUser = Annotated[TokenData, Depends(get_admin_user)]
 
 
-async def user_or_admin(
-    db: sessionDep, current_user: ActiveUser, id: Annotated[int, Path()]
-):
-    if current_user.id == id:
+async def user_or_admin(db: sessionDep, current_user: ActiveUser, owner_id: int):
+    if current_user.id == owner_id:
         return current_user
     else:
         admin = await get_admin_user(db, current_user)
         return admin
 
 
-CurrentOrAdmin = Annotated[TokenData, Depends(user_or_admin)]
+async def CurrentOrAdminOwner(
+    db: sessionDep, current_user: ActiveUser, id: Annotated[int, Path()]
+):
+    authorized_user = await user_or_admin(db, current_user, id)
+    if not authorized_user:
+        raise HTTPException(status_code=403, detail="Not authorized")
+    return authorized_user
+
+
+async def CurrentOrAdminTask(
+    db: sessionDep,
+    id: Annotated[int, Path()],
+    current_user: ActiveUser,
+):
+    task = await TaskService(db).get_task(id)
+    if not task:
+        raise HTTPException(status_code=404, detail="Task not found")
+
+    return await CurrentOrAdminOwner(db, current_user, task.user_id)
+
+
+OwnerDep = Annotated[TokenData, Depends(CurrentOrAdminOwner)]
+
+TaskOwnerDep = Annotated[TokenData, Depends(CurrentOrAdminTask)]