taskmanagementtool-h96umq/app/api/api_v1/endpoints/users.py

from typing import Any, List

from fastapi import APIRouter, Depends
from sqlalchemy.ext.asyncio import AsyncSession

from app.core import auth
from app.core.exceptions import (
    EmailAlreadyExistsException,
    ForbiddenException,
    NotFoundException,
    UsernameAlreadyExistsException,
)
from app.crud.crud_user import user
from app.db.session import get_db
from app.schemas.user import User, UserCreate, UserUpdate

router = APIRouter()


@router.get("/", response_model=List[User])
async def read_users(
    db: AsyncSession = Depends(get_db),
    skip: int = 0,
    limit: int = 100,
    current_user: User = Depends(auth.get_current_active_superuser),
) -> Any:
    """
    Retrieve users.
    """
    users = await user.get_multi(db, skip=skip, limit=limit)
    return users


@router.post("/", response_model=User)
async def create_user(
    *,
    db: AsyncSession = Depends(get_db),
    user_in: UserCreate,
) -> Any:
    """
    Create new user.
    """
    user_obj = await user.get_by_email(db, email=user_in.email)
    if user_obj:
        raise EmailAlreadyExistsException()
    username_obj = await user.get_by_username(db, username=user_in.username)
    if username_obj:
        raise UsernameAlreadyExistsException()
    user_obj = await user.create(db, obj_in=user_in)
    return user_obj


@router.put("/me", response_model=User)
async def update_user_me(
    *,
    db: AsyncSession = Depends(get_db),
    user_in: UserUpdate,
    current_user: User = Depends(auth.get_current_active_user),
) -> Any:
    """
    Update own user.
    """
    if user_in.email and user_in.email != current_user.email:
        user_obj = await user.get_by_email(db, email=user_in.email)
        if user_obj:
            raise EmailAlreadyExistsException()
    if user_in.username and user_in.username != current_user.username:
        username_obj = await user.get_by_username(db, username=user_in.username)
        if username_obj:
            raise UsernameAlreadyExistsException()
    user_obj = await user.update(db, db_obj=current_user, obj_in=user_in)
    return user_obj


@router.get("/me", response_model=User)
async def read_user_me(
    current_user: User = Depends(auth.get_current_active_user),
) -> Any:
    """
    Get current user.
    """
    return current_user


@router.get("/{user_id}", response_model=User)
async def read_user_by_id(
    user_id: str,
    current_user: User = Depends(auth.get_current_active_user),
    db: AsyncSession = Depends(get_db),
) -> Any:
    """
    Get a specific user by id.
    """
    user_obj = await user.get(db, id_=user_id)
    if not user_obj:
        raise NotFoundException("The user with this id does not exist in the system")
    if user_obj.id != current_user.id and not current_user.is_superuser:
        raise ForbiddenException("The user doesn't have enough privileges")
    return user_obj