feat: Исправление ролей и изменение пароля

2025-06-03 19:11:35 +05:00 · 2025-06-03 19:11:35 +05:00 · 78c654422f
commit 78c654422f
parent c14ecf1767
5 changed files with 10 additions and 12 deletions
--- a/api/app/controllers/appointments_router.py
+++ b/api/app/controllers/appointments_router.py
@ -25,7 +25,7 @@ async def get_all_appointments(

@router.get(
    "/doctor/{doctor_id}/",
-    response_model=AppointmentEntity,
+    response_model=list[AppointmentEntity],
    summary="Get all appointments for doctor",
    description="Returns a list of appointments for doctor",
 )
--- a/api/app/controllers/roles_router.py
+++ b/api/app/controllers/roles_router.py
@ -3,7 +3,7 @@ from sqlalchemy.ext.asyncio import AsyncSession

 from app.database.session import get_db
 from app.domain.entities.role import RoleEntity
-from app.infrastructure.dependencies import require_admin
+from app.infrastructure.dependencies import get_current_user
 from app.infrastructure.roles_service import RolesService

 router = APIRouter()
@ -17,7 +17,7 @@ router = APIRouter()
 )
 async def get_all_roles(
        db: AsyncSession = Depends(get_db),
-        user=Depends(require_admin),
+        user=Depends(get_current_user),
 ):
    roles_service = RolesService(db)
    return await roles_service.get_all_roles()
--- a/api/app/controllers/scheduled_appointments_router.py
+++ b/api/app/controllers/scheduled_appointments_router.py
@ -27,7 +27,7 @@ async def get_all_scheduled_appointments(

@router.get(
    "/doctor/{doctor_id}/",
-    response_model=ScheduledAppointmentEntity,
+    response_model=list[ScheduledAppointmentEntity],
    summary="Get all scheduled appointments for doctor",
    description="Returns a list of scheduled appointments for doctor",
 )
--- a/api/app/domain/entities/change_password.py
+++ b/api/app/domain/entities/change_password.py
@ -1,8 +1,9 @@
+from typing import Optional
+
 from pydantic import BaseModel


 class ChangePasswordEntity(BaseModel):
-    current_password: str
    user_id: int
    new_password: str
    confirm_password: str
--- a/api/app/infrastructure/users_service.py
+++ b/api/app/infrastructure/users_service.py
@ -63,12 +63,6 @@ class UsersService:
                detail='Доступ запрещен',
            )

-        if not user.check_password(data.current_password):
-            raise HTTPException(
-                status_code=status.HTTP_403_FORBIDDEN,
-                detail='Доступ запрещен',
-            )
-
        if data.new_password != data.confirm_password:
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
@ -143,7 +137,7 @@ class UsersService:
                detail='Пользователь не найден',
            )

-        if user.id != current_user.id and current_user.role.title != 'Администратор':
+        if user_id and current_user.role.title != 'Администратор':
            raise HTTPException(
                status_code=status.HTTP_403_FORBIDDEN,
                detail='Доступ запрещен',
@ -153,6 +147,9 @@ class UsersService:
        user_model.last_name = user.last_name
        user_model.patronymic = user.patronymic

+        if current_user.role.title == 'Администратор' and user_id != current_user.id:
+            user_model.role_id = user.role_id
+
        user_model = await self.users_repository.update(user_model)

        return self.model_to_entity(user_model)