dmitriy/prod-end-2026
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

upload

Browse Source
This commit is contained in:
Dmitriy Chuchin
2026-03-17 18:32:44 +03:00
commit efcd4a8dfd
209 changed files with 33355 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app/api/users/delete_user.py
+54
View File
@@ -0,0 +1,54 @@
from uuid import UUID
from fastapi import APIRouter, Depends, HTTPException, Request, status
from sqlalchemy.ext.asyncio import AsyncSession
from app.core.database.session import get_session
from app.models import User, UserRole
from app.utils.business_logger import log_business_event
from app.utils.token_manager import get_current_user
router = APIRouter(tags=["Users"])
@router.delete("/{user_id}", status_code=status.HTTP_200_OK)
async def delete_user(
user_id: UUID,
request: Request,
session: AsyncSession = Depends(get_session),
current_user: User = Depends(get_current_user),
):
trace_id = getattr(request.state, "traceId", None)
if current_user.role != UserRole.ADMIN and current_user.id != user_id:
log_business_event(
"user_deactivation_rejected",
trace_id=trace_id,
user_id=str(current_user.id),
target_user_id=str(user_id),
reason="forbidden",
)
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Нет доступа")
user = await session.get(User, user_id)
if user is None:
log_business_event(
"user_deactivation_rejected",
trace_id=trace_id,
user_id=str(current_user.id),
target_user_id=str(user_id),
reason="target_user_not_found",
)
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
user.is_active = False
await session.commit()
log_business_event(
"user_deactivated",
trace_id=trace_id,
user_id=str(current_user.id),
target_user_id=str(user.id),
)
return {"message": "Пользователь успешно деактивирован"}
backend/app/api/users/get_me.py
+21
View File
@@ -0,0 +1,21 @@
from fastapi import APIRouter, Depends, Request
from app.models import User
from app.schemas.users_sch import UserResponse
from app.utils.business_logger import log_business_event
from app.utils.token_manager import get_current_user
router = APIRouter(tags=["Users"])
@router.get("/me", response_model=UserResponse)
async def get_me(
request: Request,
current_user: User = Depends(get_current_user),
):
trace_id = getattr(request.state, "traceId", None)
log_business_event(
"user_profile_viewed",
trace_id=trace_id,
user_id=str(current_user.id),
)
return current_user
backend/app/api/users/list_users.py
+27
View File
@@ -0,0 +1,27 @@
from fastapi import APIRouter, Depends, Request
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy import select
from app.core.database.session import get_session
from app.models import User, UserRole
from app.utils.business_logger import log_business_event
from app.utils.token_manager import check_permissions
from app.schemas.users_sch import UserResponse
router = APIRouter(tags=["Users"])
@router.get("/", response_model=list[UserResponse])
async def list_users(
request: Request,
session: AsyncSession = Depends(get_session),
current_user: User = Depends(check_permissions([UserRole.ADMIN])),
):
result = await session.execute(select(User))
users = result.scalars().all()
trace_id = getattr(request.state, "traceId", None)
log_business_event(
"users_listed",
trace_id=trace_id,
user_id=str(current_user.id),
result_count=len(users),
)
return users
backend/app/api/users/update_me.py
+51
View File
@@ -0,0 +1,51 @@
from fastapi import APIRouter, Depends, HTTPException, Request, status
from sqlalchemy import select
from sqlalchemy.ext.asyncio import AsyncSession
from app.core.database.session import get_session
from app.models import User
from app.schemas.users_sch import UserResponse, UserUpdateMe
from app.utils.business_logger import log_business_event
from app.utils.token_manager import get_current_user
router = APIRouter(tags=["Users"])
@router.patch("/me", response_model=UserResponse)
async def update_me(
data: UserUpdateMe,
request: Request,
session: AsyncSession = Depends(get_session),
current_user: User = Depends(get_current_user),
):
trace_id = getattr(request.state, "traceId", None)
if data.email and data.email != current_user.email:
stmt = select(User).where(User.email == data.email)
result = await session.execute(stmt)
if result.scalar_one_or_none():
log_business_event(
"user_profile_update_rejected",
trace_id=trace_id,
user_id=str(current_user.id),
reason="email_already_exists",
requested_email=data.email,
)
raise HTTPException(
status_code=status.HTTP_409_CONFLICT,
detail="Пользователь с таким email уже существует",
)
update_data = data.model_dump(exclude_unset=True)
for key, value in update_data.items():
setattr(current_user, key, value)
await session.commit()
await session.refresh(current_user)
log_business_event(
"user_profile_updated",
trace_id=trace_id,
user_id=str(current_user.id),
updated_fields=sorted(update_data.keys()),
)
return current_user
backend/app/api/users/update_password.py
+44
View File
@@ -0,0 +1,44 @@
from fastapi import APIRouter, Depends, HTTPException, Request, status
from sqlalchemy.ext.asyncio import AsyncSession
from app.core.database.session import get_session
from app.models import User
from app.schemas.users_sch import PasswordUpdate
from app.utils.business_logger import log_business_event
from app.utils.hashing import hash_password, verify_password
from app.utils.token_manager import get_current_user
router = APIRouter(tags=["Users"])
@router.patch("/me/password", status_code=status.HTTP_200_OK)
async def update_password(
data: PasswordUpdate,
request: Request,
session: AsyncSession = Depends(get_session),
current_user: User = Depends(get_current_user),
):
trace_id = getattr(request.state, "traceId", None)
if not verify_password(data.old_password, current_user.hashed_password):
log_business_event(
"user_password_update_rejected",
trace_id=trace_id,
user_id=str(current_user.id),
reason="invalid_current_password",
)
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Неверный текущий пароль",
)
current_user.hashed_password = hash_password(data.new_password)
await session.commit()
log_business_event(
"user_password_updated",
trace_id=trace_id,
user_id=str(current_user.id),
)
return {"message": "Пароль успешно обновлен"}
backend/app/api/users/update_user.py
+51
View File
@@ -0,0 +1,51 @@
from uuid import UUID
from fastapi import APIRouter, Depends, HTTPException, Request, status
from sqlalchemy.ext.asyncio import AsyncSession
from app.core.database.session import get_session
from app.models import User, UserRole
from app.schemas.users_sch import UserResponse, UserUpdate
from app.utils.business_logger import log_business_event
from app.utils.token_manager import check_permissions
router = APIRouter(tags=["Users"])
@router.patch("/{user_id}", response_model=UserResponse)
async def update_user(
user_id: UUID,
data: UserUpdate,
request: Request,
session: AsyncSession = Depends(get_session),
current_user: User = Depends(check_permissions([UserRole.ADMIN])),
):
trace_id = getattr(request.state, "traceId", None)
user = await session.get(User, user_id)
if user is None:
log_business_event(
"user_update_rejected",
trace_id=trace_id,
user_id=str(current_user.id),
target_user_id=str(user_id),
reason="target_user_not_found",
)
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
update_data = data.model_dump(exclude_unset=True)
for key, value in update_data.items():
setattr(user, key, value)
await session.commit()
await session.refresh(user)
log_business_event(
"user_updated",
trace_id=trace_id,
user_id=str(current_user.id),
target_user_id=str(user.id),
updated_fields=sorted(update_data.keys()),
)
return user