from typing import Annotated, List from sqlalchemy.orm import Session from fastapi import APIRouter, Depends, HTTPException from app.db import get_db from app.core import schemas, crud from app.security import get_current_user router = APIRouter() @router.post("/create-user/", response_model=schemas.User) def create_user( user: schemas.UserCreate, db: Annotated[Session, Depends(get_db)], current_user: Annotated[schemas.User, Depends(get_current_user)], ): if not current_user.is_superuser: raise HTTPException(status_code=403, detail="Forbidden") user_exists = crud.get_user_by_username(username=user.username, db=db) if user_exists: raise HTTPException(status_code=400, detail="Username already registered") return crud.create_user(user=user, db=db) @router.put("/update-user/", response_model=schemas.User) def update_user( user: schemas.UserUpdate, db: Annotated[Session, Depends(get_db)], current_user: Annotated[schemas.User, Depends(get_current_user)], ): if not current_user.is_superuser: raise HTTPException(status_code=403, detail="Forbidden") user_exists = crud.get_user_by_user_id(user_id=user.user_id, db=db) if not user_exists: raise HTTPException(status_code=404, detail="User not found") return crud.update_user(user=user, db=db) @router.get("/get-all-users/", response_model=List[schemas.User]) def get_all_users( db: Annotated[Session, Depends(get_db)], current_user: Annotated[schemas.User, Depends(get_current_user)], ): if not current_user.is_superuser: raise HTTPException(status_code=403, detail="Forbidden") return crud.get_all_users(db=db) @router.get("/get-user_by_user_id/{user_id}/", response_model=schemas.User) def get_user_by_user_id( user_id: int, db: Annotated[Session, Depends(get_db)], current_user: Annotated[schemas.User, Depends(get_current_user)], ): if not current_user.is_superuser: raise HTTPException(status_code=403, detail="Forbidden") user = crud.get_user_by_user_id(user_id=user_id, db=db) if user is None: raise HTTPException(status_code=404, detail="User not found") return user