Spaces:

ashwinR
/

Gurucool_Test

Build error

App Files Files Community

Gurucool_Test / api /endpoints /personal_note.py

ashwinR

Upload 245 files

b7a7f32 over 1 year ago

raw

history blame

6.51 kB

	from typing import Any, List

	from fastapi import APIRouter, Depends
	from sqlalchemy.orm import Session

	from utils import deps
	from cruds import crud_personal_note
	from schemas import PersonalNote, PersonalNoteUpdate, PersonalNoteCreate
	from models import User
	from core import settings
	from fastapi import HTTPException

	router = APIRouter()


	# get personal note:
	# student: get only theirs
	# teacher: get only theirs
	# admin: none
	# super admin: all
	@router.get("/", response_model=List[PersonalNote])
	def get_personal_note(
	db: Session = Depends(deps.get_db),
	skip: int = 0,
	limit: int = 100,
	current_user: User = Depends(deps.get_current_active_user),
	) -> Any:

	if not current_user:
	# user not found!
	raise HTTPException(status_code=404, detail="Error ID: 116")

	if current_user.user_type >= settings.UserType.TEACHER.value:
	personal_note_list = []
	personal_notes = current_user.personalnote
	for note in personal_notes:
	personal_note = crud_personal_note.get(db, id=note.id)
	personal_note_list.append(personal_note)
	return personal_note_list

	if current_user.user_type == settings.UserType.ADMIN.value:
	raise HTTPException(
	status_code=403,
	detail="Error ID: 117",
	) # user has no authorization for retrieving personal notes, cause they personal fam!

	if current_user.user_type == settings.UserType.SUPERADMIN.value:
	personal_note = crud_personal_note.get_multi(db, skip=skip, limit=limit)
	return personal_note


	# Create new personal note
	# student: can create only theirs
	# teacher: can create only theirs
	# admin: no create previlege
	# superadmin: can create all
	@router.post("/", response_model=PersonalNote)
	def create_personal_note(
	db: Session = Depends(deps.get_db),
	*,
	obj_in: PersonalNoteCreate,
	current_user: User = Depends(deps.get_current_active_user),
	) -> Any:
	if not current_user:
	# user not found!
	raise HTTPException(status_code=404, detail="Error ID: 119")

	if current_user.user_type >= settings.UserType.TEACHER.value:
	if obj_in.user_id != current_user.id:
	raise HTTPException(
	status_code=403,
	detail="Error ID: 118",
	) # user has no authorization to create personal note for another user
	else:
	personal_note = crud_personal_note.create(db, obj_in=obj_in)
	return personal_note

	if current_user.user_type == settings.UserType.ADMIN.value:
	raise HTTPException(
	status_code=403,
	detail="Error ID: 120",
	) # user has no authorization to create personal notes

	if current_user.user_type == settings.UserType.SUPERADMIN.value:
	personal_note = crud_personal_note.create(db, obj_in=obj_in)
	return personal_note


	# get specific personal note,
	# student and teacher can only get that specific note if they own it
	# admin can has no permission
	# superadmin can get it
	@router.get("/{id}/", response_model=PersonalNote)
	def get_specific_personal_note(
	db: Session = Depends(deps.get_db),
	*,
	id: int,
	current_user: User = Depends(deps.get_current_active_user),
	) -> Any:
	if not current_user:
	# user not found!
	raise HTTPException(status_code=404, detail="Error ID: 121")

	if current_user.user_type == settings.UserType.ADMIN.value:
	raise HTTPException(
	status_code=403,
	detail="Error ID: 122",
	) # user has no authorization to get personal notes

	if current_user.user_type >= settings.UserType.TEACHER.value:
	personal_notes = get_personal_note(db, current_user=current_user)
	for notes in personal_notes:
	if id == notes.id:
	personal_note = crud_personal_note.get(db, id)
	return personal_note

	raise HTTPException(
	status_code=403,
	detail="Error ID: 123",
	) # user has no authorization to get other user's personal notes

	if current_user.user_type == settings.UserType.SUPERADMIN.value:
	personal_note = crud_personal_note.get(db, id)
	return personal_note


	@router.put("/{id}/", response_model=PersonalNote)
	def update_personal_note(
	db: Session = Depends(deps.get_db),
	*,
	id: int,
	obj_in: PersonalNoteUpdate,
	current_user: User = Depends(deps.get_current_active_user),
	) -> Any:
	if not current_user:
	# user not found!
	raise HTTPException(status_code=404, detail="Error ID: 124")

	if current_user.user_type == settings.UserType.ADMIN.value:
	raise HTTPException(
	status_code=403,
	detail="Error ID: 125",
	) # user has no authorization to edit personal notes

	if current_user.user_type >= settings.UserType.TEACHER.value:
	if obj_in.user_id == current_user.id:

	personal_note = crud_personal_note.get(db, id)
	return crud_personal_note.update(db, db_obj=personal_note, obj_in=obj_in)

	else:
	raise HTTPException(
	status_code=403,
	detail="Error ID: 126",
	) # user has no authorization to get other user's personal notes

	if current_user.user_type == settings.UserType.SUPERADMIN.value:
	personal_note = crud_personal_note.get(db, id)
	return crud_personal_note.update(db, db_obj=personal_note, obj_in=obj_in)


	# XXX: For deleting all, is this needed?

	# @router.delete("/{}")
	# def deletePersonalNotes(
	# db: Session = Depends(deps.get_db),
	# *,
	# current_user: User = Depends(deps.get_current_active_superuser);
	# )->Any:
	# crud_personal_note.delete


	@router.delete("/{id}/")
	def deleteSpecificPersonalNote(
	db: Session = Depends(deps.get_db),
	*,
	id: int,
	current_user: User = Depends(deps.get_current_active_user),
	) -> Any:

	if current_user.user_type == settings.UserType.SUPERADMIN.value:
	personalNote = crud_personal_note.remove(db, id=id)
	return personalNote

	if current_user.user_type == settings.UserType.ADMIN.value:
	raise HTTPException(
	status_code=403,
	detail="Error ID: 142", # user has no authorization to delete notes of other users
	)

	personalNote = get_specific_personal_note(db, id=id, current_user=current_user)

	personalNote = crud_personal_note.remove(db, id=personalNote.id)

	return personalNote