From f0ae47dd20536b4d211a46650b57cf3eac630094 Mon Sep 17 00:00:00 2001 From: Anaz Date: Sat, 11 Jan 2025 10:01:13 +0400 Subject: [PATCH] minors corrections --- api/v1/need_requests.py | 8 ++++---- models/db.py | 4 ++-- models/schemas.py | 4 ++-- services/auth_service.py | 31 +++++++++++++++++++++++++------ services/message_service.py | 1 + services/need_request_service.py | 12 ++++++------ services/person_report_service.py | 2 +- services/role_service.py | 2 +- services/user_service.py | 6 +++--- 9 files changed, 45 insertions(+), 25 deletions(-) diff --git a/api/v1/need_requests.py b/api/v1/need_requests.py index 179aec1..85727fc 100644 --- a/api/v1/need_requests.py +++ b/api/v1/need_requests.py @@ -34,8 +34,8 @@ async def update_need( if not need: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Need request not found") - # Vérifie si l'utilisateur est l'auteur ou un administrateur - if need.requester_email != current_user.email and not await admin_required(db=db): + # V�rifie si l'utilisateur est l'auteur ou un administrateur + if need.requester_email != current_user.email and not await AuthService.admin_required(db=db): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="You do not have permission to update this need request", @@ -55,8 +55,8 @@ async def delete_need( if not need: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Need request not found") - # Vérifie si l'utilisateur est l'auteur ou un administrateur - if need.requester_email != current_user.email and not await admin_required(db=db): + # V�rifie si l'utilisateur est l'auteur ou un administrateur + if need.requester_email != current_user.email and not await AuthService.admin_required(db=db): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="You do not have permission to delete this need request", diff --git a/models/db.py b/models/db.py index f2164c0..749e3ac 100644 --- a/models/db.py +++ b/models/db.py @@ -16,8 +16,8 @@ users_table = Table( Column('organization', String(255)), Column('hashed_password', String(255), nullable=False), Column('role', String(50), nullable=False), - Column('is_active', Boolean, default=True), - Column('is_banned', Boolean, default=False) + Column('is_banned', Boolean, default=False), + Column('is_deleted', Boolean, default=False) ) # Table des rôles diff --git a/models/schemas.py b/models/schemas.py index 67f31dd..84ef250 100644 --- a/models/schemas.py +++ b/models/schemas.py @@ -33,8 +33,8 @@ class UserResponse(BaseModel): date_of_birth: str organization: Optional[str] = None role: RoleResponse - is_active: bool is_banned: bool + is_deleted: bool class Role(BaseModel): id: int @@ -43,7 +43,7 @@ class Role(BaseModel): class Config: orm_mode = True - + class UserUpdateRole(BaseModel): email: EmailStr new_role: str diff --git a/services/auth_service.py b/services/auth_service.py index 7e59887..067a93a 100644 --- a/services/auth_service.py +++ b/services/auth_service.py @@ -7,7 +7,7 @@ from fastapi.security import OAuth2PasswordBearer from config.settings import settings from models.schemas import TokenData, UserCreate, UserResponse from config.database import get_db -from models.db import users_table +from models.db import users_table, roles_table, role_permissions_table, permissions_table from sqlalchemy import select, update, insert from sqlalchemy.ext.asyncio import AsyncSession from utils.logging import logger @@ -19,7 +19,7 @@ logger.info("Test log message") pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") # Configuration pour OAuth2 -oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/token") +oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/token") class AuthService: @staticmethod @@ -81,9 +81,28 @@ class AuthService: query = select(users_table).where(users_table.c.email == email) result = await db.execute(query) - user = result.fetchone() + user = result.mappings().fetchone() if user is None: raise credentials_exception + + # Récupérer le rôle et ses permissions + role_query = select(roles_table.c.id, roles_table.c.name, permissions_table.c.name.label("permission")).join( + role_permissions_table, role_permissions_table.c.role_id == roles_table.c.id + ).join( + permissions_table, role_permissions_table.c.permission_id == permissions_table.c.id + ).where(roles_table.c.name == user["role"]) + + role_result = await db.execute(role_query) + role_data = role_result.mappings().all() + + if not role_data: + raise credentials_exception + + role = { + "id": role_data[0]["id"], + "name": role_data[0]["name"], + "permissions": [r["permission"] for r in role_data] + } # Préparez la réponse avec tous les champs requis return { @@ -92,9 +111,9 @@ class AuthService: "full_name": user["full_name"], "phone": user["phone"], "date_of_birth": user["date_of_birth"].isoformat(), - "role": user["role"], - "is_active": not user["is_blocked"], - "is_banned": user["is_deleted"], + "role": role, + "is_banned": user["is_banned"], + "is_deleted": user["is_deleted"], } @staticmethod diff --git a/services/message_service.py b/services/message_service.py index 2169e1e..c1d4cd1 100644 --- a/services/message_service.py +++ b/services/message_service.py @@ -1,3 +1,4 @@ +from fastapi import HTTPException from sqlalchemy import insert from models.schemas import TechnicalIssue from config.database import get_db diff --git a/services/need_request_service.py b/services/need_request_service.py index dbfd737..54b2b90 100644 --- a/services/need_request_service.py +++ b/services/need_request_service.py @@ -9,7 +9,7 @@ from config.settings import settings from jose import jwt, JWTError from datetime import datetime -oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/token") +oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/token") class NeedRequestService: @@ -53,7 +53,7 @@ class NeedRequestService: @staticmethod async def update_need(need_id: int, data: dict, db, token: str): user = await NeedRequestService.verify_requester_or_admin(need_id, token, db) - if "deleted" in data: # Empêche la mise à jour directe du champ `deleted` + if "deleted" in data: # Emp�che la mise � jour directe du champ `deleted` raise HTTPException(status_code=400, detail="Invalid update field") query = ( @@ -97,7 +97,7 @@ class NeedRequestService: detail="You do not have permission to perform this action.", ) try: - # Décodage du token JWT + # D�codage du token JWT payload = jwt.decode(token, settings.secret_key, algorithms=[settings.algorithm]) email: str = payload.get("sub") if email is None: @@ -106,21 +106,21 @@ class NeedRequestService: except JWTError: raise credentials_exception - # Récupère l'utilisateur depuis la base de données + # R�cup�re l'utilisateur depuis la base de donn�es user_query = select(users_table).where(users_table.c.email == token_data.email) result = await db.execute(user_query) user = result.fetchone() if user is None: raise credentials_exception - # Récupère la demande de besoin + # R�cup�re la demande de besoin need_query = select(need_requests_table).where(need_requests_table.c.id == need_id) result = await db.execute(need_query) need = result.fetchone() if need is None: raise HTTPException(status_code=404, detail="Need request not found") - # Vérifie si l'utilisateur est l'auteur ou un administrateur + # V�rifie si l'utilisateur est l'auteur ou un administrateur if need["requester_email"] != user["email"] and user["role"] != "admin": raise credentials_exception diff --git a/services/person_report_service.py b/services/person_report_service.py index 04ffc84..dafc1b8 100644 --- a/services/person_report_service.py +++ b/services/person_report_service.py @@ -7,7 +7,7 @@ from typing import Optional from fastapi import Depends from fastapi.security import OAuth2PasswordBearer -oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/token") +oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/token") class PersonReportService: diff --git a/services/role_service.py b/services/role_service.py index 8f7e48a..c23b81f 100644 --- a/services/role_service.py +++ b/services/role_service.py @@ -8,7 +8,7 @@ from config.settings import settings from jose import jwt, JWTError from sqlalchemy.ext.asyncio import AsyncSession -oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/token") +oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/token") class RoleService: diff --git a/services/user_service.py b/services/user_service.py index d1f1790..a674a03 100644 --- a/services/user_service.py +++ b/services/user_service.py @@ -1,4 +1,4 @@ -from sqlalchemy import update, select +from sqlalchemy import select, update, insert from fastapi import Depends, HTTPException, status from sqlalchemy.ext.asyncio import AsyncSession from models.schemas import UserCreate, UserResponse, UserUpdateRole, UserBlockBan @@ -12,11 +12,11 @@ class UserService: @staticmethod async def list_users(status: Optional[str] = None, db=Depends(get_db)): - query = select(person_reports_table) + query = select(users_table) if status: query = query.where(users_table.c.status == status) result = await db.execute(query) - users = result.fetchall() + users = result.mappings().all() return [UserResponse(**user) for user in users] @staticmethod