138 lines
4.6 KiB
Python
138 lines
4.6 KiB
Python
from typing import Any, List
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app import crud, models, schemas
|
|
from app.api import deps
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.get("/", response_model=List[schemas.patient.Patient])
|
|
def read_patients(
|
|
db: Session = Depends(deps.get_db),
|
|
skip: int = 0,
|
|
limit: int = 100,
|
|
current_user: models.User = Depends(deps.get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Retrieve patients.
|
|
"""
|
|
if crud.crud_user.user.is_superuser(current_user):
|
|
patients = crud.crud_patient.patient.get_multi(db, skip=skip, limit=limit)
|
|
else:
|
|
# Regular users can only access their own patient data
|
|
if current_user.patient:
|
|
patients = [current_user.patient]
|
|
else:
|
|
# If the user is a doctor, we could potentially show all their patients
|
|
if current_user.doctor:
|
|
# This would require a more complex query to get all patients that have appointments with this doctor
|
|
# For simplicity, we'll just return an empty list for now
|
|
patients = []
|
|
else:
|
|
patients = []
|
|
return patients
|
|
|
|
|
|
@router.post("/", response_model=schemas.patient.Patient)
|
|
def create_patient(
|
|
*,
|
|
db: Session = Depends(deps.get_db),
|
|
patient_in: schemas.patient.PatientCreate,
|
|
current_user: models.User = Depends(deps.get_current_active_superuser),
|
|
) -> Any:
|
|
"""
|
|
Create new patient.
|
|
"""
|
|
# Check if user exists
|
|
user = crud.crud_user.user.get(db, id=patient_in.user_id)
|
|
if not user:
|
|
raise HTTPException(
|
|
status_code=404,
|
|
detail="The user with this id does not exist in the system",
|
|
)
|
|
|
|
# Check if patient already exists for this user
|
|
patient = crud.crud_patient.patient.get_by_user_id(db, user_id=patient_in.user_id)
|
|
if patient:
|
|
raise HTTPException(
|
|
status_code=400,
|
|
detail="The patient with this user_id already exists in the system",
|
|
)
|
|
|
|
patient = crud.crud_patient.patient.create(db, obj_in=patient_in)
|
|
return patient
|
|
|
|
|
|
@router.get("/{patient_id}", response_model=schemas.patient.Patient)
|
|
def read_patient(
|
|
*,
|
|
db: Session = Depends(deps.get_db),
|
|
patient_id: int,
|
|
current_user: models.User = Depends(deps.get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Get patient by ID.
|
|
"""
|
|
patient = crud.crud_patient.patient.get(db, id=patient_id)
|
|
if not patient:
|
|
raise HTTPException(status_code=404, detail="Patient not found")
|
|
|
|
# Check permissions
|
|
if not crud.crud_user.user.is_superuser(current_user):
|
|
# Regular users can only access their own patient data
|
|
if not current_user.patient or current_user.patient.id != patient_id:
|
|
# If the user is a doctor, we could potentially allow them to see their patients
|
|
if current_user.doctor:
|
|
# For simplicity, we'll allow doctors to see all patients for now
|
|
# In a real application, you would check if the patient has an appointment with this doctor
|
|
pass
|
|
else:
|
|
raise HTTPException(status_code=403, detail="Not enough permissions")
|
|
|
|
return patient
|
|
|
|
|
|
@router.put("/{patient_id}", response_model=schemas.patient.Patient)
|
|
def update_patient(
|
|
*,
|
|
db: Session = Depends(deps.get_db),
|
|
patient_id: int,
|
|
patient_in: schemas.patient.PatientUpdate,
|
|
current_user: models.User = Depends(deps.get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Update a patient.
|
|
"""
|
|
patient = crud.crud_patient.patient.get(db, id=patient_id)
|
|
if not patient:
|
|
raise HTTPException(status_code=404, detail="Patient not found")
|
|
|
|
# Check permissions
|
|
if not crud.crud_user.user.is_superuser(current_user):
|
|
# Regular users can only update their own patient data
|
|
if not current_user.patient or current_user.patient.id != patient_id:
|
|
raise HTTPException(status_code=403, detail="Not enough permissions")
|
|
|
|
patient = crud.crud_patient.patient.update(db, db_obj=patient, obj_in=patient_in)
|
|
return patient
|
|
|
|
|
|
@router.delete("/{patient_id}", response_model=schemas.patient.Patient)
|
|
def delete_patient(
|
|
*,
|
|
db: Session = Depends(deps.get_db),
|
|
patient_id: int,
|
|
current_user: models.User = Depends(deps.get_current_active_superuser),
|
|
) -> Any:
|
|
"""
|
|
Delete a patient.
|
|
"""
|
|
patient = crud.crud_patient.patient.get(db, id=patient_id)
|
|
if not patient:
|
|
raise HTTPException(status_code=404, detail="Patient not found")
|
|
|
|
patient = crud.crud_patient.patient.remove(db, id=patient_id)
|
|
return patient |