Hugging Face's logo

Spaces:
ashwinR
/
Gurucool_Test
Build error

App Files Community
Gurucool_Test
File size: 6,508 Bytes 
b7a7f32
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
 
from typing import Any, List

from fastapi import APIRouter, Depends
from sqlalchemy.orm import Session

from utils import deps
from cruds import crud_personal_note
from schemas import PersonalNote, PersonalNoteUpdate, PersonalNoteCreate
from models import User
from core import settings
from fastapi import HTTPException

router = APIRouter()


# get personal note:
# student: get only theirs
# teacher: get only theirs
# admin: none
# super admin: all
@router.get("/", response_model=List[PersonalNote])
def get_personal_note(
    db: Session = Depends(deps.get_db),
    skip: int = 0,
    limit: int = 100,
    current_user: User = Depends(deps.get_current_active_user),
) -> Any:

    if not current_user:
        # user not found!
        raise HTTPException(status_code=404, detail="Error ID: 116")

    if current_user.user_type >= settings.UserType.TEACHER.value:
        personal_note_list = []
        personal_notes = current_user.personalnote
        for note in personal_notes:
            personal_note = crud_personal_note.get(db, id=note.id)
            personal_note_list.append(personal_note)
        return personal_note_list

    if current_user.user_type == settings.UserType.ADMIN.value:
        raise HTTPException(
            status_code=403,
            detail="Error ID: 117",
        )  # user has no authorization for retrieving personal notes, cause they personal fam!

    if current_user.user_type == settings.UserType.SUPERADMIN.value:
        personal_note = crud_personal_note.get_multi(db, skip=skip, limit=limit)
        return personal_note


# Create new personal note
# student: can create only theirs
# teacher: can create only theirs
# admin: no create previlege
# superadmin: can create all
@router.post("/", response_model=PersonalNote)
def create_personal_note(
    db: Session = Depends(deps.get_db),
    *,
    obj_in: PersonalNoteCreate,
    current_user: User = Depends(deps.get_current_active_user),
) -> Any:
    if not current_user:
        # user not found!
        raise HTTPException(status_code=404, detail="Error ID: 119")

    if current_user.user_type >= settings.UserType.TEACHER.value:
        if obj_in.user_id != current_user.id:
            raise HTTPException(
                status_code=403,
                detail="Error ID: 118",
            )  # user has no authorization to create personal note for another user
        else:
            personal_note = crud_personal_note.create(db, obj_in=obj_in)
            return personal_note

    if current_user.user_type == settings.UserType.ADMIN.value:
        raise HTTPException(
            status_code=403,
            detail="Error ID: 120",
        )  # user has no authorization to create personal notes

    if current_user.user_type == settings.UserType.SUPERADMIN.value:
        personal_note = crud_personal_note.create(db, obj_in=obj_in)
        return personal_note


# get specific personal note,
# student and teacher can only get that specific note if they own it
# admin can has no permission
# superadmin can get it
@router.get("/{id}/", response_model=PersonalNote)
def get_specific_personal_note(
    db: Session = Depends(deps.get_db),
    *,
    id: int,
    current_user: User = Depends(deps.get_current_active_user),
) -> Any:
    if not current_user:
        # user not found!
        raise HTTPException(status_code=404, detail="Error ID: 121")

    if current_user.user_type == settings.UserType.ADMIN.value:
        raise HTTPException(
            status_code=403,
            detail="Error ID: 122",
        )  # user has no authorization to get personal notes

    if current_user.user_type >= settings.UserType.TEACHER.value:
        personal_notes = get_personal_note(db, current_user=current_user)
        for notes in personal_notes:
            if id == notes.id:
                personal_note = crud_personal_note.get(db, id)
                return personal_note

        raise HTTPException(
            status_code=403,
            detail="Error ID: 123",
        )  # user has no authorization to get other user's personal notes

    if current_user.user_type == settings.UserType.SUPERADMIN.value:
        personal_note = crud_personal_note.get(db, id)
        return personal_note


@router.put("/{id}/", response_model=PersonalNote)
def update_personal_note(
    db: Session = Depends(deps.get_db),
    *,
    id: int,
    obj_in: PersonalNoteUpdate,
    current_user: User = Depends(deps.get_current_active_user),
) -> Any:
    if not current_user:
        # user not found!
        raise HTTPException(status_code=404, detail="Error ID: 124")

    if current_user.user_type == settings.UserType.ADMIN.value:
        raise HTTPException(
            status_code=403,
            detail="Error ID: 125",
        )  # user has no authorization to edit personal notes

    if current_user.user_type >= settings.UserType.TEACHER.value:
        if obj_in.user_id == current_user.id:

            personal_note = crud_personal_note.get(db, id)
            return crud_personal_note.update(db, db_obj=personal_note, obj_in=obj_in)

        else:
            raise HTTPException(
                status_code=403,
                detail="Error ID: 126",
            )  # user has no authorization to get other user's personal notes

    if current_user.user_type == settings.UserType.SUPERADMIN.value:
        personal_note = crud_personal_note.get(db, id)
        return crud_personal_note.update(db, db_obj=personal_note, obj_in=obj_in)


# XXX: For deleting all, is this needed?

# @router.delete("/{}")
# def deletePersonalNotes(
#     db: Session = Depends(deps.get_db),
#     *,
#     current_user: User = Depends(deps.get_current_active_superuser);
# )->Any:
#     crud_personal_note.delete


@router.delete("/{id}/")
def deleteSpecificPersonalNote(
    db: Session = Depends(deps.get_db),
    *,
    id: int,
    current_user: User = Depends(deps.get_current_active_user),
) -> Any:

    if current_user.user_type == settings.UserType.SUPERADMIN.value:
        personalNote = crud_personal_note.remove(db, id=id)
        return personalNote

    if current_user.user_type == settings.UserType.ADMIN.value:
        raise HTTPException(
            status_code=403,
            detail="Error ID: 142",  # user has no authorization to delete notes of other users
        )

    personalNote = get_specific_personal_note(db, id=id, current_user=current_user)

    personalNote = crud_personal_note.remove(db, id=personalNote.id)

    return personalNote