Anaz
/
After_Chido_Api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
After_Chido_Api/api/v1/need_requests.py

66 lines
2.3 KiB
Python
Raw Blame History

from fastapi import APIRouter, Depends, HTTPException, status
from services.need_request_service import NeedRequestService
from models.schemas import NeedRequestCreate, NeedRequestUpdate
from config.database import get_db
from services.auth_service import AuthService
router = APIRouter()
@router.post("/", status_code=status.HTTP_201_CREATED)
async def request_need(need: NeedRequestCreate, db=Depends(get_db)):
return await NeedRequestService.create_need(need, db)
@router.get("/{need_id}", status_code=status.HTTP_200_OK)
async def get_need(need_id: int, db=Depends(get_db)):
need = await NeedRequestService.get_need_by_id(need_id, db)
if not need:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Need request not found")
return need
@router.put("/{need_id}", status_code=status.HTTP_200_OK)
async def update_need(
need_id: int,
need_update: NeedRequestUpdate,
db=Depends(get_db),
current_user=Depends(AuthService.get_current_user),
):
need = await NeedRequestService.get_need_by_id(need_id, db)
if not need:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Need request not found")
# Vérifie si l'utilisateur est l'auteur ou un administrateur
if need.requester_email != current_user.email and not await admin_required(db=db):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="You do not have permission to update this need request",
)
return await NeedRequestService.update_need(need_id, need_update, db)
@router.delete("/{need_id}", status_code=status.HTTP_200_OK)
async def delete_need(
need_id: int,
db=Depends(get_db),
current_user=Depends(AuthService.get_current_user),
):
need = await NeedRequestService.get_need_by_id(need_id, db)
if not need:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Need request not found")
# Vérifie si l'utilisateur est l'auteur ou un administrateur
if need.requester_email != current_user.email and not await admin_required(db=db):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="You do not have permission to delete this need request",
)
return await NeedRequestService.delete_need(need_id, db)
Reference in New Issue View Git Blame Copy Permalink