99 lines
2.9 KiB
Python
99 lines
2.9 KiB
Python
from fastapi import APIRouter, Depends, HTTPException
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
from sqlalchemy import select
|
|
|
|
from app.core.database import get_db
|
|
from app.core.deps import get_admin_user
|
|
from app.models.user import User, UserRole
|
|
from app.schemas.user import UserOut, AdminUserUpdate
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.get("/queue", response_model=list[UserOut])
|
|
async def get_queue(
|
|
db: AsyncSession = Depends(get_db),
|
|
_: User = Depends(get_admin_user),
|
|
):
|
|
result = await db.execute(select(User).where(User.role == UserRole.pending))
|
|
return result.scalars().all()
|
|
|
|
|
|
@router.get("/users", response_model=list[UserOut])
|
|
async def list_users(
|
|
role: str | None = None,
|
|
db: AsyncSession = Depends(get_db),
|
|
_: User = Depends(get_admin_user),
|
|
):
|
|
query = select(User)
|
|
if role:
|
|
query = query.where(User.role == role)
|
|
result = await db.execute(query)
|
|
return result.scalars().all()
|
|
|
|
|
|
@router.post("/users/{user_id}/approve", response_model=UserOut)
|
|
async def approve_user(
|
|
user_id: int,
|
|
db: AsyncSession = Depends(get_db),
|
|
_: User = Depends(get_admin_user),
|
|
):
|
|
result = await db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
user.role = UserRole.approved
|
|
await db.commit()
|
|
await db.refresh(user)
|
|
return user
|
|
|
|
|
|
@router.post("/users/{user_id}/deny", response_model=UserOut)
|
|
async def deny_user(
|
|
user_id: int,
|
|
db: AsyncSession = Depends(get_db),
|
|
_: User = Depends(get_admin_user),
|
|
):
|
|
result = await db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
user.is_active = False
|
|
await db.commit()
|
|
await db.refresh(user)
|
|
return user
|
|
|
|
|
|
@router.patch("/users/{user_id}", response_model=UserOut)
|
|
async def update_user(
|
|
user_id: int,
|
|
data: AdminUserUpdate,
|
|
db: AsyncSession = Depends(get_db),
|
|
_: User = Depends(get_admin_user),
|
|
):
|
|
result = await db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
if data.role is not None:
|
|
user.role = data.role
|
|
if data.is_active is not None:
|
|
user.is_active = data.is_active
|
|
await db.commit()
|
|
await db.refresh(user)
|
|
return user
|
|
|
|
|
|
@router.delete("/users/{user_id}", status_code=204)
|
|
async def delete_user(
|
|
user_id: int,
|
|
db: AsyncSession = Depends(get_db),
|
|
_: User = Depends(get_admin_user),
|
|
):
|
|
result = await db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
await db.delete(user)
|
|
await db.commit()
|