6ff78b2150
Until now the out-of-tolerance authorization ("Autorizzazione capoturno")
required is_admin, conflating shift-leader authority with full system
administration. Introduce a combinable Supervisor role so a capoturno can
authorize overrides without admin privileges (roadmap D-0.8 / Phase 2).
Backend:
- users router: add "Supervisor" to the allowed roles (centralized as
VALID_ROLES, deduplicating the create/update validation).
- middleware: add require_supervisor dependency (admins still bypass).
Frontend:
- measure.validate_supervisor: authorize users with the Supervisor role OR
is_admin (was is_admin only).
- admin/users: Supervisor checkbox + orange role badge.
- profile: explicit Supervisor badge styling.
- EN translation for the new role label.
roles is a free JSON column, so no migration is required.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
147 lines
5.3 KiB
Python
147 lines
5.3 KiB
Python
"""Users router - CRUD operations (admin only)."""
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy import select
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
|
|
from src.backend.database import get_db
|
|
from src.backend.api.middleware.api_key import require_admin_user
|
|
from src.backend.models.orm.user import User
|
|
from src.backend.models.api.user import UserCreate, UserPasswordChange, UserResponse, UserUpdate
|
|
from src.backend.services.auth_service import create_user, hash_password, regenerate_api_key
|
|
|
|
router = APIRouter(prefix="/api/users", tags=["users"])
|
|
|
|
# Combinable user roles. Supervisor (capoturno) authorizes out-of-tolerance
|
|
# overrides during measurement without needing full admin privileges.
|
|
VALID_ROLES = {"Maker", "MeasurementTec", "Metrologist", "Supervisor"}
|
|
|
|
|
|
@router.get("", response_model=list[UserResponse])
|
|
async def list_users(
|
|
admin: User = Depends(require_admin_user),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
"""List all users (admin only)."""
|
|
result = await db.execute(select(User).order_by(User.username))
|
|
users = result.scalars().all()
|
|
return [UserResponse.model_validate(u) for u in users]
|
|
|
|
|
|
@router.post("", response_model=UserResponse, status_code=status.HTTP_201_CREATED)
|
|
async def create_new_user(
|
|
data: UserCreate,
|
|
admin: User = Depends(require_admin_user),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
"""Create a new user (admin only)."""
|
|
# Check username uniqueness
|
|
existing = await db.execute(
|
|
select(User).where(User.username == data.username)
|
|
)
|
|
if existing.scalar_one_or_none():
|
|
raise HTTPException(
|
|
status_code=status.HTTP_409_CONFLICT,
|
|
detail=f"Username '{data.username}' already exists",
|
|
)
|
|
# Validate roles
|
|
for role in data.roles:
|
|
if role not in VALID_ROLES:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
|
|
detail=f"Invalid role '{role}'. Valid roles: {VALID_ROLES}",
|
|
)
|
|
user = await create_user(
|
|
db,
|
|
username=data.username,
|
|
password=data.password,
|
|
display_name=data.display_name,
|
|
email=data.email,
|
|
roles=data.roles,
|
|
is_admin=data.is_admin,
|
|
language_pref=data.language_pref,
|
|
theme_pref=data.theme_pref,
|
|
)
|
|
return UserResponse.model_validate(user)
|
|
|
|
|
|
@router.put("/{user_id}", response_model=UserResponse)
|
|
async def update_user(
|
|
user_id: int,
|
|
data: UserUpdate,
|
|
admin: User = Depends(require_admin_user),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
"""Update user (admin only)."""
|
|
result = await db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if user is None:
|
|
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
|
|
|
|
update_data = data.model_dump(exclude_unset=True)
|
|
# Validate roles if provided
|
|
if "roles" in update_data:
|
|
for role in update_data["roles"]:
|
|
if role not in VALID_ROLES:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
|
|
detail=f"Invalid role '{role}'. Valid roles: {VALID_ROLES}",
|
|
)
|
|
for field, value in update_data.items():
|
|
setattr(user, field, value)
|
|
await db.flush()
|
|
await db.refresh(user)
|
|
return UserResponse.model_validate(user)
|
|
|
|
|
|
@router.put("/{user_id}/password", status_code=status.HTTP_200_OK)
|
|
async def change_user_password(
|
|
user_id: int,
|
|
data: UserPasswordChange,
|
|
admin: User = Depends(require_admin_user),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
"""Change user password (admin only)."""
|
|
result = await db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if user is None:
|
|
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
|
|
user.password_hash = hash_password(data.password)
|
|
await db.flush()
|
|
return {"message": f"Password changed for user {user.username}"}
|
|
|
|
|
|
@router.delete("/{user_id}", status_code=status.HTTP_204_NO_CONTENT)
|
|
async def deactivate_user(
|
|
user_id: int,
|
|
admin: User = Depends(require_admin_user),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
"""Soft-delete user (set active=False)."""
|
|
result = await db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if user is None:
|
|
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
|
|
if user.id == admin.id:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail="Cannot deactivate yourself",
|
|
)
|
|
user.active = False
|
|
user.api_key = None
|
|
await db.flush()
|
|
|
|
|
|
@router.post("/{user_id}/regenerate-key")
|
|
async def regenerate_user_key(
|
|
user_id: int,
|
|
admin: User = Depends(require_admin_user),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
"""Regenerate API key for a user (admin only)."""
|
|
result = await db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if user is None:
|
|
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
|
|
new_key = await regenerate_api_key(db, user_id)
|
|
return {"api_key": new_key, "message": f"API key regenerated for user {user.username}"}
|