SAE3A_MemoryMap
/
api
5
0
Fork 0
Code Issues 7 Pull Requests Packages Projects 1 Releases Wiki Activity

Added routes for user management: list of users and deletion of a user by UID.
continuous-integration/drone/push Build is passing Details

Browse Source
master
Alix JEUDI--LEMOINE 2 days ago
parent c1c65cdc87
commit 9c41e925d2
3 changed files with 43 additions and 3 deletions
Show Stats Download Patch File Download Diff File

2
app/dto/__init__.py
Unescape View File

@ -1,3 +1,3 @@
from .FriendAddDTO import FriendAddDTO
from .user import UserDTO, UserRegisterDTO
from .user import UserDTO, UserRegisterDTO, UserAdminDTO
from .pin import PinDTO, PinShareDTO

5
app/dto/user.py
Unescape View File

@ -7,3 +7,8 @@ class UserDTO(BaseModel):
class UserRegisterDTO(BaseModel):
username: str
password: str
class UserAdminDTO(BaseModel):
uid: str
username: str
is_admin: bool

35
app/routes/admin.py
Unescape View File

@ -8,6 +8,7 @@ from app.models import User, HTTPError
from app.models.config import SystemConfig, DBConfig
from app.routes.auth import users_collection
from app.routes.utils import get_admin_user
from app.dto import UserAdminDTO
# Database setup
client = pymongo.MongoClient(config.MONGODB_URL, username=config.MONGODB_USERNAME, password=config.MONGODB_PASSWORD)
@ -196,3 +197,37 @@ async def update_config(
config.MAX_FRIENDS_PER_USER = new_config.max_friends_per_user
return new_config
@admin_router.get(
path="/users",
responses={401: {"model": HTTPError}, 403: {"model": HTTPError}},
response_model=list[UserAdminDTO]
)
async def list_users(admin_user: User = Depends(get_admin_user)):
"""Liste tous les utilisateurs (sans le mot de passe) - Route admin uniquement"""
users = users_collection.find({}, {"password": 0}) # Exclure le mot de passe
users_list = []
for user in users:
user["uid"] = str(user["_id"])
user = UserAdminDTO(**user)
users_list.append(user)
return users_list
@admin_router.delete(
path="/user/{uid}",
responses={401: {"model": HTTPError}, 403: {"model": HTTPError}, 404: {"model": HTTPError}, 400: {"model": HTTPError}}
)
async def delete_user(uid: str, admin_user: User = Depends(get_admin_user)):
try:
ObjectId(uid)
except:
raise HTTPException(status_code=400, detail="UID invalide")
user = users_collection.find_one({"_id": ObjectId(uid)})
if not user:
raise HTTPException(status_code=404, detail="Utilisateur non trouvé")
users_collection.delete_one({"_id": ObjectId(uid)})
return {"message": "Utilisateur supprimé avec succès"}

Write Preview
Loading…
Cancel
Save