From 78c654422f3dad34a9653996360e05b4a4faabe5 Mon Sep 17 00:00:00 2001 From: andrei Date: Tue, 3 Jun 2025 19:11:35 +0500 Subject: [PATCH] =?UTF-8?q?feat:=20=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2?= =?UTF-8?q?=D0=BB=D0=B5=D0=BD=D0=B8=D0=B5=20=D1=80=D0=BE=D0=BB=D0=B5=D0=B9?= =?UTF-8?q?=20=D0=B8=20=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD=D0=B5=D0=BD=D0=B8?= =?UTF-8?q?=D0=B5=20=D0=BF=D0=B0=D1=80=D0=BE=D0=BB=D1=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/app/controllers/appointments_router.py | 2 +- api/app/controllers/roles_router.py | 4 ++-- api/app/controllers/scheduled_appointments_router.py | 2 +- api/app/domain/entities/change_password.py | 3 ++- api/app/infrastructure/users_service.py | 11 ++++------- 5 files changed, 10 insertions(+), 12 deletions(-) diff --git a/api/app/controllers/appointments_router.py b/api/app/controllers/appointments_router.py index 1fb9307..678cd78 100644 --- a/api/app/controllers/appointments_router.py +++ b/api/app/controllers/appointments_router.py @@ -25,7 +25,7 @@ async def get_all_appointments( @router.get( "/doctor/{doctor_id}/", - response_model=AppointmentEntity, + response_model=list[AppointmentEntity], summary="Get all appointments for doctor", description="Returns a list of appointments for doctor", ) diff --git a/api/app/controllers/roles_router.py b/api/app/controllers/roles_router.py index cd3fb18..c755172 100644 --- a/api/app/controllers/roles_router.py +++ b/api/app/controllers/roles_router.py @@ -3,7 +3,7 @@ from sqlalchemy.ext.asyncio import AsyncSession from app.database.session import get_db from app.domain.entities.role import RoleEntity -from app.infrastructure.dependencies import require_admin +from app.infrastructure.dependencies import get_current_user from app.infrastructure.roles_service import RolesService router = APIRouter() @@ -17,7 +17,7 @@ router = APIRouter() ) async def get_all_roles( db: AsyncSession = Depends(get_db), - user=Depends(require_admin), + user=Depends(get_current_user), ): roles_service = RolesService(db) return await roles_service.get_all_roles() diff --git a/api/app/controllers/scheduled_appointments_router.py b/api/app/controllers/scheduled_appointments_router.py index 4d6be85..508444b 100644 --- a/api/app/controllers/scheduled_appointments_router.py +++ b/api/app/controllers/scheduled_appointments_router.py @@ -27,7 +27,7 @@ async def get_all_scheduled_appointments( @router.get( "/doctor/{doctor_id}/", - response_model=ScheduledAppointmentEntity, + response_model=list[ScheduledAppointmentEntity], summary="Get all scheduled appointments for doctor", description="Returns a list of scheduled appointments for doctor", ) diff --git a/api/app/domain/entities/change_password.py b/api/app/domain/entities/change_password.py index 7f00a6e..2eaa307 100644 --- a/api/app/domain/entities/change_password.py +++ b/api/app/domain/entities/change_password.py @@ -1,8 +1,9 @@ +from typing import Optional + from pydantic import BaseModel class ChangePasswordEntity(BaseModel): - current_password: str user_id: int new_password: str confirm_password: str diff --git a/api/app/infrastructure/users_service.py b/api/app/infrastructure/users_service.py index 6e293c2..dd039f1 100644 --- a/api/app/infrastructure/users_service.py +++ b/api/app/infrastructure/users_service.py @@ -63,12 +63,6 @@ class UsersService: detail='Доступ запрещен', ) - if not user.check_password(data.current_password): - raise HTTPException( - status_code=status.HTTP_403_FORBIDDEN, - detail='Доступ запрещен', - ) - if data.new_password != data.confirm_password: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, @@ -143,7 +137,7 @@ class UsersService: detail='Пользователь не найден', ) - if user.id != current_user.id and current_user.role.title != 'Администратор': + if user_id and current_user.role.title != 'Администратор': raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail='Доступ запрещен', @@ -153,6 +147,9 @@ class UsersService: user_model.last_name = user.last_name user_model.patronymic = user.patronymic + if current_user.role.title == 'Администратор' and user_id != current_user.id: + user_model.role_id = user.role_id + user_model = await self.users_repository.update(user_model) return self.model_to_entity(user_model)