add priority filter

src/api/dependacies/task_dep.py

@@ -5,9 +5,7 @@ from fastapi import Depends, Query
 from fastapi.exceptions import HTTPException
 from pydantic import BaseModel, model_validator
 
-from src.schemas.tasks import TaskFilter
-
-TaskFilterDep = Annotated[TaskFilter, Depends()]
+from src.schemas.tasks import PriorityEnum, StatusEnum
 
 
 class Date(BaseModel):
@@ -23,4 +21,21 @@ class Date(BaseModel):
         return self
 
 
-DateDep = Annotated[Date, Depends()]
+class Page(BaseModel):
+    limit: int = Query(default=30, ge=1, le=100)
+    page: int | None = Query(default=1, ge=1)
+
+
+class Status(BaseModel):
+    status: StatusEnum | None = Query(default=None)
+
+
+class Priority(BaseModel):
+    priority: PriorityEnum | None = Query(default=None)
+
+
+class Filters(Date, Status, Priority, Page):
+    pass
+
+
+FilterDep = Annotated[Filters, Depends()]

src/api/dependacies/user_dep.py

@@ -1,6 +1,6 @@
 from typing import Annotated
 
-from fastapi import Depends, HTTPException, Path
+from fastapi import Depends, HTTPException
 from fastapi.security import (
     HTTPAuthorizationCredentials,
     HTTPBearer,
@@ -8,17 +8,13 @@ from fastapi.security import (
 )
 from jwt import InvalidTokenError
 
-from src.api.dependacies.db_dep import sessionDep
 from src.core.auth_manager import AuthManager
 from src.core.settings import settings
 from src.schemas.auth import TokenData
-from src.services.tasks import TaskService
-from src.services.users import UserService
 
 http_bearer = HTTPBearer(auto_error=False)
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl=f"{settings.api.v1_login_url}/login")
-# AccessTokenDep = Annotated[str, Depends(oauth2_scheme)]
 AccessTokenDep = Annotated[HTTPAuthorizationCredentials, Depends(http_bearer)]
 
 
@@ -54,48 +50,14 @@ async def get_current_user_for_refresh(token: AccessTokenDep):
     return await get_current_user(token, verify_exp=False, check_active=True)
 
 
-CurrentUser = Annotated[TokenData, Depends(get_current_user_basic)]
-ActiveUser = Annotated[TokenData, Depends(get_current_active_user)]
-RefreshUser = Annotated[TokenData, Depends(get_current_user_for_refresh)]
-
-
-async def get_admin_user(db: sessionDep, current_user: ActiveUser):
-    await UserService(db).validate_admin_user(current_user.sub)
-    return current_user
-
-
-AdminUser = Annotated[TokenData, Depends(get_admin_user)]
-
-
-async def user_or_admin(db: sessionDep, current_user: ActiveUser, owner_id: int):
-    if current_user.id == owner_id:
-        return current_user
-    else:
-        admin = await get_admin_user(db, current_user)
+async def get_current_user_for_admin(token: AccessTokenDep):
+    admin = await get_current_user(token, verify_exp=True, check_active=True)
+    if not admin.is_superuser:
+        raise HTTPException(status_code=403, detail="Admin access required")
     return admin
 
 
-async def CurrentOrAdminOwner(
-    db: sessionDep, current_user: ActiveUser, id: Annotated[int, Path()]
-):
-    authorized_user = await user_or_admin(db, current_user, id)
-    if not authorized_user:
-        raise HTTPException(status_code=403, detail="Not authorized")
-    return authorized_user
-
-
-async def CurrentOrAdminTask(
-    db: sessionDep,
-    id: Annotated[int, Path()],
-    current_user: ActiveUser,
-):
-    task = await TaskService(db).get_task(id)
-    if not task:
-        raise HTTPException(status_code=404, detail="Task not found")
-
-    return await CurrentOrAdminOwner(db, current_user, task.user_id)
-
-
-OwnerDep = Annotated[TokenData, Depends(CurrentOrAdminOwner)]
-
-TaskOwnerDep = Annotated[TokenData, Depends(CurrentOrAdminTask)]
+CurrentUser = Annotated[TokenData, Depends(get_current_user_basic)]
+ActiveUser = Annotated[TokenData, Depends(get_current_active_user)]
+RefreshUser = Annotated[TokenData, Depends(get_current_user_for_refresh)]
+AdminUser = Annotated[TokenData, Depends(get_current_user_for_admin)]

src/api/v1/tasks.py

@@ -1,28 +1,20 @@
 from typing import Annotated
 
-from fastapi import APIRouter, Body, Depends
+from fastapi import APIRouter, Body, Depends, HTTPException
 
 from src.api.dependacies.db_dep import sessionDep
-from src.api.dependacies.task_dep import TaskFilterDep
-from src.api.dependacies.user_dep import ActiveUser, TaskOwnerDep
+from src.api.dependacies.user_dep import ActiveUser
 from src.schemas.tasks import TaskADDRequest, TaskPATCHRequest
 from src.services.tasks import TaskService
-from src.services.users import UserService
 
 router = APIRouter(prefix="/tasks", tags=["Tasks"])
 
 
-@router.get("/")
-async def get_tasks(session: sessionDep, user: ActiveUser, filter: TaskFilterDep):
-    result = await UserService(session).get_user_with_tasks(
-        user_id=user.id, **filter.model_dump(exclude_unset=True)
-    )
-    return result
-
-
 @router.get("/{id}")
-async def get_task_id(session: sessionDep, id: int, _: TaskOwnerDep):
+async def get_task_id(session: sessionDep, id: int, user: ActiveUser):
     task = await TaskService(session).get_task(id)
+    if task.user_id != user.id and user.is_superuser is False:
+        raise HTTPException(status_code=403, detail="Forbidden")
     return task
 
 
@@ -42,17 +34,26 @@ async def post_task(
 async def patch_task(
     session: sessionDep,
     id: int,
-    _: TaskOwnerDep,
+    user: ActiveUser,
     task_data: TaskPATCHRequest = Body(),
 ):
-    task = await TaskService(session).update_task(id, task_data)
-    return task
+    if user.is_superuser is False:
+        task = await TaskService(session).get_task(id)
+        if task.user_id != user.id:
+            raise HTTPException(status_code=403, detail="Forbidden")
+    updated_task = await TaskService(session).update_task(id, task_data)
+    return updated_task
 
 
 @router.delete("/{id}")
 async def delete_task(
     session: sessionDep,
     id: int,
-    _: TaskOwnerDep,
+    user: ActiveUser,
 ):
+    if user.is_superuser is False:
+        task = await TaskService(session).get_task(id)
+        if task.user_id != user.id:
+            raise HTTPException(status_code=403, detail="Forbidden")
     await TaskService(session).delete_task(id)
+    return {"message": "Task deleted successfully"}

src/api/v1/users.py

@@ -1,9 +1,10 @@
-from fastapi import APIRouter, Body
+from fastapi import APIRouter, Body, HTTPException
 
 from src.api.dependacies.db_dep import sessionDep
+from src.api.dependacies.task_dep import FilterDep
 from src.api.dependacies.user_dep import (
+    ActiveUser,
     AdminUser,
-    OwnerDep,
 )
 from src.core.settings import settings
 from src.schemas.users import UserUpdate
@@ -19,18 +20,30 @@ async def get_all_users(session: sessionDep, _: AdminUser):
 
 
 @router.get("/{id}")
-async def get_user_by_id(session: sessionDep, id: int, _: OwnerDep):
+async def get_user_by_id(session: sessionDep, id: int, _: AdminUser):
     user = await UserService(session).get_user_by_filter_or_raise(id=id)
     return user
 
 
+@router.get("/{id}/tasks")
+async def get_user_tasks(
+    session: sessionDep, id: int, user: ActiveUser, filters: FilterDep
+):
+    if user.id != id and user.is_superuser is False:
+        raise HTTPException(status_code=403, detail="Forbidden")
+    tasks = await UserService(session).get_user_with_tasks(id, **filters.model_dump())
+    return tasks.tasks
+
+
 @router.patch("/{id}")
 async def patch_user(
     session: sessionDep,
     id: int,
-    _: OwnerDep,
+    user: ActiveUser,
     user_update: UserUpdate = Body(),
 ):
+    if user.id != id and user.is_superuser is False:
+        raise HTTPException(status_code=403, detail="Forbidden")
     updated_user = await UserService(session).update_user(
         id=id, update_data=user_update
     )
@@ -38,6 +51,6 @@ async def patch_user(
 
 
 @router.delete("/{id}")
-async def delete_user(session: sessionDep, id: int, _: AdminUser):
+async def delete_user(session: sessionDep, id: int, user: AdminUser):
     await UserService(session).delete_user(id)
     return {"message": "User deleted successfully"}

src/core/interfaces.py

@@ -8,10 +8,6 @@ if TYPE_CHECKING:
     from src.repository.users import UsersRepo
 
 
-class HasId(Protocol):
-    id: Any
-
-
 class IUOWDB(Protocol):
     session: AsyncSession
     user: "UsersRepo"

src/repository/auth.py

@@ -2,5 +2,5 @@ from src.models.tokens import RefreshTokensORM
 from src.repository.base import BaseRepo
 
 
-class AuthRepo(BaseRepo):
+class AuthRepo(BaseRepo[RefreshTokensORM]):
     model: type[RefreshTokensORM] = RefreshTokensORM

src/repository/base.py

@@ -3,9 +3,7 @@ from typing import Any, Generic, Mapping, Sequence, Type, TypeVar
 from sqlalchemy import delete, insert, select, update
 from sqlalchemy.ext.asyncio import AsyncSession
 
-from src.core.interfaces import HasId
-
-ModelType = TypeVar("ModelType", bound=HasId)
+ModelType = TypeVar("ModelType")
 
 
 class BaseRepo(Generic[ModelType]):
@@ -45,12 +43,9 @@ class BaseRepo(Generic[ModelType]):
     async def delete_one(self, **filter_by) -> None:
         await self.session.execute(delete(self.model).filter_by(**filter_by))
 
-    async def update_one(self, id: int, data: dict[str, Any]) -> ModelType:
+    async def update_one(self, data: dict[str, Any], **filter_by: Any) -> ModelType:
         stmt = (
-            update(self.model)
-            .where(self.model.id == id)
-            .values(data)
-            .returning(self.model)
+            update(self.model).filter_by(**filter_by).values(data).returning(self.model)
         )
         result = await self.session.execute(stmt)
         model = result.scalar_one()

src/repository/tasks.py

@@ -2,5 +2,5 @@ from src.models.tasks import TasksORM
 from src.repository.base import BaseRepo
 
 
-class TasksRepo(BaseRepo):
+class TasksRepo(BaseRepo[TasksORM]):
     model: type[TasksORM] = TasksORM

src/repository/users.py

@@ -1,5 +1,4 @@
 from datetime import date
-from typing import Optional
 
 from sqlalchemy import func, select
 from sqlalchemy.orm import selectinload
@@ -9,21 +8,24 @@ from src.models.tasks import TasksORM
 from src.repository.base import BaseRepo
 
 
-class UsersRepo(BaseRepo):
+class UsersRepo(BaseRepo[UsersORM]):
     model: type[UsersORM] = UsersORM
 
     async def get_one_with_load(
         self,
         user_id: int,
         status: str | None = None,
-        tasks_limit: Optional[int] = None,
-        tasks_offset: Optional[int] = 0,
-        date_to: Optional[date] = None,
-        date_from: Optional[date] = None,
+        priority: str | None = None,
+        tasks_limit: int | None = None,
+        tasks_offset: int | None = 0,
+        date_to: date | None = None,
+        date_from: date | None = None,
     ) -> UsersORM | None:
         filters_sq: dict = {"user_id": user_id}
         if status:
             filters_sq["status"] = status
+        if priority:
+            filters_sq["priority"] = priority
         tasks_subquery = self._tasks_subquary(
             date_from=date_from, date_to=date_to, **filters_sq
         )

src/schemas/tasks.py

@@ -50,11 +50,3 @@ class Task(TaskADDRequest):
     time_spent: int
 
     model_config = ConfigDict(from_attributes=True)
-
-
-class TaskFilter(BaseModel):
-    status: StatusEnum | None = None
-    limit: int | None = 30
-    offset: int | None = None
-    date_from: date | None = None
-    date_to: date | None = None

src/services/tasks.py

@@ -1,13 +1,10 @@
 from fastapi import HTTPException
 
-from src.models.tasks import TasksORM
 from src.schemas.tasks import Task, TaskADDRequest, TaskPATCHRequest
 from src.services.base import BaseService
 
 
 class TaskService(BaseService):
-    model = TasksORM
-
     async def create_task(self, user_id: int, task_data: TaskADDRequest) -> Task:
         user = await self.session.user.get_one_or_none(id=user_id)
         if user is None:
@@ -29,10 +26,13 @@ class TaskService(BaseService):
         await self.session.commit()
 
     async def update_task(
-        self, task_id: int, task_data: TaskPATCHRequest, exclude_unset: bool = True
+        self,
+        task_id: int,
+        task_data: TaskPATCHRequest,
+        exclude_unset: bool = True,
     ):
         task = await self.session.task.update_one(
-            id=task_id, data=task_data.model_dump(exclude_unset=exclude_unset)
+            data=task_data.model_dump(exclude_unset=exclude_unset), id=task_id
         )
         await self.session.commit()
         return Task.model_validate(task)

src/services/users.py

@@ -1,5 +1,3 @@
-from datetime import date
-
 from fastapi import HTTPException
 
 from src.schemas.users import User, UserUpdate, UserWithTasks
@@ -36,27 +34,24 @@ class UserService(BaseService):
     async def update_user(self, id: int, update_data: UserUpdate) -> User:
         await self.get_user_by_filter_or_raise(id=id)
         user = await self.session.user.update_one(
-            id=id, data=update_data.model_dump(exclude_unset=True)
+            data=update_data.model_dump(exclude_unset=True), id=id
         )
         await self.session.commit()
         return User.model_validate(user)
 
-    async def get_user_with_tasks(
-        self,
-        user_id: int,
-        status: str | None,
-        limit: int | None,
-        offset: int | None,
-        date_to: date | None,
-        date_from: date | None,
-    ):
+    async def get_user_with_tasks(self, user_id: int, **attrs):
+        if attrs.get("page") and attrs.get("limit"):
+            tasks_offset = (attrs.get("page", 0) - 1) * attrs.get("limit")
+        else:
+            tasks_offset = None
         user = await self.session.user.get_one_with_load(
             user_id=user_id,
-            status=status,
-            tasks_limit=limit,
-            tasks_offset=offset,
-            date_from=date_from,
-            date_to=date_to,
+            status=attrs.get("status"),
+            priority=attrs.get("priority"),
+            tasks_limit=attrs.get("limit"),
+            tasks_offset=tasks_offset,
+            date_from=attrs.get("date_from"),
+            date_to=attrs.get("date_to"),
         )
         if user is None:
             raise HTTPException(status_code=404, detail="User not found.")