2024-04-14 17:34:46 +02:00
|
|
|
from uuid import UUID
|
2025-03-13 16:34:41 +00:00
|
|
|
from fastapi import APIRouter, HTTPException
|
2024-04-14 17:34:46 +02:00
|
|
|
from fastapi.params import Depends
|
2025-03-13 16:34:41 +00:00
|
|
|
from sqlalchemy import select
|
2024-04-14 17:34:46 +02:00
|
|
|
from sqlalchemy.orm import Session
|
|
|
|
|
|
|
|
from app.database import get_db
|
2025-03-13 16:34:41 +00:00
|
|
|
from app.schemas.auth_token import AccessToken
|
2024-04-14 17:34:46 +02:00
|
|
|
from app.schemas.id_token import IdToken, IdTokenCreate, IdTokenUpdate
|
|
|
|
from app.models.id_token import IdToken as DbIdToken
|
|
|
|
from app.models.user import User as DbUser
|
2025-03-13 16:34:41 +00:00
|
|
|
from app.schemas.user import Role
|
|
|
|
from app.security.jwt_bearer import JWTBearer
|
2024-04-14 17:34:46 +02:00
|
|
|
|
|
|
|
router = APIRouter(
|
|
|
|
prefix="/id-tokens",
|
|
|
|
tags=["IdToken (v1)"]
|
|
|
|
)
|
|
|
|
|
|
|
|
@router.get(path="", response_model=list[IdToken])
|
2025-03-13 16:34:41 +00:00
|
|
|
async def get_id_tokens(
|
2024-04-14 17:34:46 +02:00
|
|
|
skip: int = 0,
|
|
|
|
limit: int = 20,
|
2025-03-13 16:34:41 +00:00
|
|
|
db: Session = Depends(get_db),
|
|
|
|
token: AccessToken = Depends(JWTBearer()),
|
2024-04-14 17:34:46 +02:00
|
|
|
):
|
2025-03-13 16:34:41 +00:00
|
|
|
stmt = select(Session)
|
|
|
|
if token.role != Role.ADMINISTRATOR:
|
|
|
|
stmt = stmt.where(DbIdToken.owner_id == token.subject)
|
|
|
|
stmt = stmt.order_by(DbIdToken.id).offset(skip).limit(limit)
|
|
|
|
result = db.execute(stmt)
|
|
|
|
return result.scalars().all()
|
2024-04-14 17:34:46 +02:00
|
|
|
|
|
|
|
@router.get(path="/{id_token_id}", response_model=IdToken)
|
|
|
|
async def get_id_token(
|
|
|
|
id_token_id: UUID,
|
2025-03-13 16:34:41 +00:00
|
|
|
db: Session = Depends(get_db),
|
|
|
|
token: AccessToken = Depends(JWTBearer()),
|
2024-04-14 17:34:46 +02:00
|
|
|
):
|
2025-03-13 16:34:41 +00:00
|
|
|
stmt = select(DbIdToken).where(DbIdToken.id == id_token_id)
|
|
|
|
result = db.execute(stmt)
|
|
|
|
id_token = result.scalars().first()
|
2024-04-14 17:34:46 +02:00
|
|
|
if id_token == None:
|
|
|
|
raise HTTPException(status_code=404, detail="IdToken not found")
|
2025-03-13 16:34:41 +00:00
|
|
|
if token.role != Role.ADMINISTRATOR & id_token.owner_id != token.subject:
|
|
|
|
raise HTTPException(status_code=404, detail="IdToken not found")
|
2024-04-14 17:34:46 +02:00
|
|
|
return id_token
|
|
|
|
|
|
|
|
@router.post(path="", status_code=201, response_model=IdToken)
|
|
|
|
async def create_id_token(
|
|
|
|
create_id_token: IdTokenCreate,
|
2025-03-13 16:34:41 +00:00
|
|
|
db: Session = Depends(get_db),
|
|
|
|
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
2024-04-14 17:34:46 +02:00
|
|
|
):
|
2025-03-13 16:34:41 +00:00
|
|
|
stmt = select(DbUser).where(DbUser.id == create_id_token.owner_id)
|
|
|
|
result = db.execute(stmt)
|
|
|
|
owner = result.scalars().first()
|
2024-04-14 17:34:46 +02:00
|
|
|
if owner == None:
|
|
|
|
raise HTTPException(status_code=422, detail=[{
|
|
|
|
"loc": ["body", "owner_id"],
|
|
|
|
"msg": "Owner not found",
|
|
|
|
"type": "invalid_relation"
|
|
|
|
}])
|
|
|
|
id_token = DbIdToken(
|
|
|
|
friendly_name=create_id_token.friendly_name,
|
|
|
|
is_active=create_id_token.is_active,
|
|
|
|
token=create_id_token.token,
|
|
|
|
owner_id=create_id_token.owner_id
|
|
|
|
)
|
|
|
|
db.add(id_token)
|
|
|
|
db.commit()
|
|
|
|
db.refresh(id_token)
|
|
|
|
return id_token
|
|
|
|
|
|
|
|
@router.patch(path="/{id_token_id}", response_model=IdToken)
|
|
|
|
async def update_id_token(
|
|
|
|
id_token_id: UUID,
|
|
|
|
id_token_update: IdTokenUpdate,
|
2025-03-13 16:34:41 +00:00
|
|
|
db: Session = Depends(get_db),
|
|
|
|
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
2024-04-14 17:34:46 +02:00
|
|
|
):
|
2025-03-13 16:34:41 +00:00
|
|
|
stmt = select(DbIdToken).where(DbIdToken.id == id_token_id)
|
|
|
|
result = db.execute(stmt)
|
|
|
|
id_token = result.scalars().first()
|
2024-04-14 17:34:46 +02:00
|
|
|
if id_token is None:
|
|
|
|
raise HTTPException(status_code=404, detail="IdToken not found")
|
|
|
|
for key, value in id_token_update.model_dump(exclude_unset=True).items():
|
|
|
|
if key == "owner_id":
|
2025-03-13 16:34:41 +00:00
|
|
|
stmt = select(DbUser).where(DbUser.id == id_token_update.owner_id)
|
|
|
|
result = db.execute(stmt)
|
|
|
|
owner = result.scalars().first()
|
2024-04-14 17:34:46 +02:00
|
|
|
if owner == None:
|
|
|
|
raise HTTPException(status_code=422, detail=[{
|
|
|
|
"loc": ["body", "owner_id"],
|
|
|
|
"msg": "Owner not found",
|
|
|
|
"type": "invalid_relation"
|
|
|
|
}])
|
|
|
|
setattr(id_token, key, value)
|
|
|
|
db.commit()
|
|
|
|
return id_token
|
|
|
|
|
|
|
|
@router.delete(path="/{id_token_id}", response_model=None)
|
|
|
|
async def delete_id_token(
|
|
|
|
id_token_id: UUID,
|
2025-03-13 16:34:41 +00:00
|
|
|
db: Session = Depends(get_db),
|
|
|
|
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
2024-04-14 17:34:46 +02:00
|
|
|
):
|
2025-03-13 16:34:41 +00:00
|
|
|
stmt = select(DbIdToken).where(DbIdToken.id == id_token_id)
|
|
|
|
result = db.execute(stmt)
|
|
|
|
id_token = result.scalars().first()
|
2024-04-14 17:34:46 +02:00
|
|
|
if id_token == None:
|
|
|
|
raise HTTPException(status_code=404, detail="IdToken not found")
|
|
|
|
db.delete(id_token)
|
|
|
|
db.commit()
|
|
|
|
return []
|