andrei/visus-plus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Исправление ролей и изменение пароля

Browse Source
This commit is contained in:
Андрей Дувакин 2025-06-03 19:11:35 +05:00
parent c14ecf1767
commit 78c654422f
5 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/app/controllers/appointments_router.py
View File

@ -25,7 +25,7 @@ async def get_all_appointments(
@router.get( @router.get(
"/doctor/{doctor_id}/", "/doctor/{doctor_id}/",
response_model=AppointmentEntity, response_model=list[AppointmentEntity],
summary="Get all appointments for doctor", summary="Get all appointments for doctor",
description="Returns a list of appointments for doctor", description="Returns a list of appointments for doctor",
) )

4
api/app/controllers/roles_router.py
View File

@ -3,7 +3,7 @@ from sqlalchemy.ext.asyncio import AsyncSession
from app.database.session import get_db from app.database.session import get_db
from app.domain.entities.role import RoleEntity from app.domain.entities.role import RoleEntity
from app.infrastructure.dependencies import require_admin from app.infrastructure.dependencies import get_current_user
from app.infrastructure.roles_service import RolesService from app.infrastructure.roles_service import RolesService
router = APIRouter() router = APIRouter()
@ -17,7 +17,7 @@ router = APIRouter()
) )
async def get_all_roles( async def get_all_roles(
db: AsyncSession = Depends(get_db), db: AsyncSession = Depends(get_db),
user=Depends(require_admin), user=Depends(get_current_user),
): ):
roles_service = RolesService(db) roles_service = RolesService(db)
return await roles_service.get_all_roles() return await roles_service.get_all_roles()

2
api/app/controllers/scheduled_appointments_router.py
View File

@ -27,7 +27,7 @@ async def get_all_scheduled_appointments(
@router.get( @router.get(
"/doctor/{doctor_id}/", "/doctor/{doctor_id}/",
response_model=ScheduledAppointmentEntity, response_model=list[ScheduledAppointmentEntity],
summary="Get all scheduled appointments for doctor", summary="Get all scheduled appointments for doctor",
description="Returns a list of scheduled appointments for doctor", description="Returns a list of scheduled appointments for doctor",
) )

3
api/app/domain/entities/change_password.py
View File

@ -1,8 +1,9 @@
from typing import Optional
from pydantic import BaseModel from pydantic import BaseModel
class ChangePasswordEntity(BaseModel): class ChangePasswordEntity(BaseModel):
current_password: str
user_id: int user_id: int
new_password: str new_password: str
confirm_password: str confirm_password: str

11
api/app/infrastructure/users_service.py
View File

@ -63,12 +63,6 @@ class UsersService:
detail='Доступ запрещен', detail='Доступ запрещен',
) )
if not user.check_password(data.current_password):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail='Доступ запрещен',
)
if data.new_password != data.confirm_password: if data.new_password != data.confirm_password:
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
@ -143,7 +137,7 @@ class UsersService:
detail='Пользователь не найден', detail='Пользователь не найден',
) )
if user.id != current_user.id and current_user.role.title != 'Администратор': if user_id and current_user.role.title != 'Администратор':
raise HTTPException( raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, status_code=status.HTTP_403_FORBIDDEN,
detail='Доступ запрещен', detail='Доступ запрещен',
@ -153,6 +147,9 @@ class UsersService:
user_model.last_name = user.last_name user_model.last_name = user.last_name
user_model.patronymic = user.patronymic user_model.patronymic = user.patronymic
if current_user.role.title == 'Администратор' and user_id != current_user.id:
user_model.role_id = user.role_id
user_model = await self.users_repository.update(user_model) user_model = await self.users_repository.update(user_model)
return self.model_to_entity(user_model) return self.model_to_entity(user_model)