diff --git a/app/routers/log.py b/app/routers/log.py index 2af8c1f..29e5576 100644 --- a/app/routers/log.py +++ b/app/routers/log.py @@ -21,8 +21,10 @@ @router.get("/") async def read_logs( - skip: int = 0, limit: int = 10, - db: Session = Depends(get_db), current_user: User = Depends(get_current_user) + skip: int = 0, + limit: int = 10, + db: Session = Depends(get_db), + current_user: User = Depends(get_current_user), ): if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") @@ -76,7 +78,7 @@ async def delete_log( db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") if delete_log_by_time(db, delete_time.start_date, delete_time.end_date): return {"message": "Logs deleted successfully"} diff --git a/app/routers/super_admin.py b/app/routers/super_admin.py index af82575..0608e07 100644 --- a/app/routers/super_admin.py +++ b/app/routers/super_admin.py @@ -37,7 +37,7 @@ async def register_user_by_super_admin( db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") if get_user_by_email(db, user.email): raise HTTPException(status_code=400, detail="Email already registered") @@ -55,20 +55,18 @@ async def register_user_by_super_admin( async def read_users( skip: int = 0, limit: int = 10, - is_active: bool = None, # type: ignore + is_active: bool = None, # type: ignore db: Session = Depends(get_db), current_user: User = Depends( get_current_user, ), ): - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") return get_users(db, skip=skip, limit=limit, is_active=is_active) -@router.put( - "/users/{user_id}",response_model=User -) +@router.put("/users/{user_id}", response_model=User) async def update_user_by_id( user_id: str, user: updateUserBySuperAdmin, @@ -94,12 +92,12 @@ async def disable_user( current_user: User = Depends(get_current_user), ): try: - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") user = get_user_by_id(db, user_id) if not user: raise HTTPException(status_code=404, detail="User not found") - user.is_active = False # type: ignore + user.is_active = False # type: ignore db.commit() user_activity = f"User {current_user.email} disabled user {user_id}" create_log_info(db, str(current_user.id), user_activity, type_log="user") @@ -116,7 +114,7 @@ async def update_user_password_by_superadmin( db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") try: user = get_user_by_id(db, user_id) @@ -127,8 +125,10 @@ async def update_user_password_by_superadmin( user.hashed_password = password_hash(password.password) db.commit() user_activity = f"User {current_user.email} updated password for user {user_id}" - create_log_info(db, str(current_user.id), message=user_activity, type_log="user") + create_log_info( + db, str(current_user.id), message=user_activity, type_log="user" + ) return {"message": "Password updated successfully"} except Exception as e: print(e) - raise HTTPException(status_code=400, detail="Password not updated") from e \ No newline at end of file + raise HTTPException(status_code=400, detail="Password not updated") from e diff --git a/app/routers/topup.py b/app/routers/topup.py index 6b0a9a8..b656b5c 100644 --- a/app/routers/topup.py +++ b/app/routers/topup.py @@ -53,7 +53,7 @@ async def read_topups( db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") if topups := get_topups( db, skip=skip, limit=limit, status_approved=status_approved @@ -103,7 +103,7 @@ async def topup_user_balance_by_superadmin( ): if amount <= 0: raise HTTPException(status_code=400, detail="Amount should be greater than 0") - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") user = get_user_by_id(db, user_id) if not user: @@ -124,13 +124,13 @@ async def approve_topup_by_sueradmin( db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") user = get_user_by_id(db, user_id) if not user: raise HTTPException(status_code=404, detail="User not found") my_topup = get_topup_by_id(db, topup_id) - if my_topup.status_approved: # type: ignore + if my_topup.status_approved: # type: ignore raise HTTPException(status_code=400, detail="Topup already approved") my_approve_topup = approve_topup(db, topup_id) if is_approved and not my_approve_topup: @@ -143,7 +143,9 @@ async def approve_topup_by_sueradmin( "Topup approved", ) user_activity = f"User {current_user.email} approved topup {topup_id}" - create_log_info(db, str(current_user.id), user_activity, topup_id=topup_id, type_log="topup") + create_log_info( + db, str(current_user.id), user_activity, topup_id=topup_id, type_log="topup" + ) return {"message": "Transaction approved successfully"} diff --git a/app/routers/transaction.py b/app/routers/transaction.py index 7bd30c8..8dc94ca 100644 --- a/app/routers/transaction.py +++ b/app/routers/transaction.py @@ -34,26 +34,28 @@ async def read_transactions( transaction.email = users.email return transactions -@router.get("/all",response_model=list[responseTransaction]) + +@router.get("/all", response_model=list[responseTransaction]) async def read_transactions_all( skip: int = 0, limit: int = 10, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") transactions = get_transactions(db) user_all = get_users(db) # map user to transaction for transaction in transactions: for user in user_all: - if transaction.userId == user.id: # type: ignore + if transaction.userId == user.id: # type: ignore transaction.firstName = user.firstName transaction.lastName = user.lastName transaction.email = user.email return transactions + @router.get("/{user_id}", response_model=list[responseTransaction]) async def read_transactions_by_user_id( user_id: str, @@ -62,7 +64,7 @@ async def read_transactions_by_user_id( db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): - if current_user.role not in ["superadmin"]: + if current_user.role not in ["superadmin", "stationadmin"]: raise HTTPException(status_code=401, detail="Unauthorized") users = get_user_by_id(db, user_id) transactions = get_transaction_by_user_id(db, user_id)