115 lines
3.1 KiB
Python
115 lines
3.1 KiB
Python
"""
|
|
Router preset permessi (sottoruoli nominati).
|
|
|
|
Endpoint:
|
|
GET /api/v1/permission-presets → lista preset del tenant
|
|
POST /api/v1/permission-presets → crea preset
|
|
GET /api/v1/permission-presets/{id} → dettaglio preset
|
|
PUT /api/v1/permission-presets/{id} → aggiorna preset
|
|
DELETE /api/v1/permission-presets/{id} → elimina preset
|
|
|
|
Accesso: admin e supervisor.
|
|
"""
|
|
|
|
import uuid
|
|
|
|
from fastapi import APIRouter
|
|
|
|
from app.dependencies import DB, SupervisorOrAdminUser
|
|
from app.schemas.permission_preset import (
|
|
PermissionPresetCreate,
|
|
PermissionPresetResponse,
|
|
PermissionPresetUpdate,
|
|
)
|
|
from app.services.permission_preset_service import PermissionPresetService
|
|
|
|
router = APIRouter(prefix="/permission-presets", tags=["Preset permessi"])
|
|
|
|
|
|
@router.get(
|
|
"",
|
|
response_model=list[PermissionPresetResponse],
|
|
summary="Lista preset permessi del tenant",
|
|
)
|
|
async def list_presets(
|
|
current_user: SupervisorOrAdminUser,
|
|
db: DB,
|
|
) -> list[PermissionPresetResponse]:
|
|
service = PermissionPresetService(db)
|
|
presets = await service.list_presets(current_user.tenant_id)
|
|
return [PermissionPresetResponse.model_validate(p) for p in presets]
|
|
|
|
|
|
@router.post(
|
|
"",
|
|
response_model=PermissionPresetResponse,
|
|
status_code=201,
|
|
summary="Crea un nuovo preset di permessi",
|
|
)
|
|
async def create_preset(
|
|
body: PermissionPresetCreate,
|
|
current_user: SupervisorOrAdminUser,
|
|
db: DB,
|
|
) -> PermissionPresetResponse:
|
|
service = PermissionPresetService(db)
|
|
preset = await service.create_preset(
|
|
tenant_id=current_user.tenant_id,
|
|
data=body,
|
|
created_by=current_user,
|
|
)
|
|
return PermissionPresetResponse.model_validate(preset)
|
|
|
|
|
|
@router.get(
|
|
"/{preset_id}",
|
|
response_model=PermissionPresetResponse,
|
|
summary="Dettaglio preset",
|
|
)
|
|
async def get_preset(
|
|
preset_id: uuid.UUID,
|
|
current_user: SupervisorOrAdminUser,
|
|
db: DB,
|
|
) -> PermissionPresetResponse:
|
|
service = PermissionPresetService(db)
|
|
preset = await service.get_preset(preset_id, current_user.tenant_id)
|
|
return PermissionPresetResponse.model_validate(preset)
|
|
|
|
|
|
@router.put(
|
|
"/{preset_id}",
|
|
response_model=PermissionPresetResponse,
|
|
summary="Aggiorna un preset",
|
|
)
|
|
async def update_preset(
|
|
preset_id: uuid.UUID,
|
|
body: PermissionPresetUpdate,
|
|
current_user: SupervisorOrAdminUser,
|
|
db: DB,
|
|
) -> PermissionPresetResponse:
|
|
service = PermissionPresetService(db)
|
|
preset = await service.update_preset(
|
|
preset_id=preset_id,
|
|
tenant_id=current_user.tenant_id,
|
|
data=body,
|
|
updated_by=current_user,
|
|
)
|
|
return PermissionPresetResponse.model_validate(preset)
|
|
|
|
|
|
@router.delete(
|
|
"/{preset_id}",
|
|
status_code=204,
|
|
summary="Elimina un preset",
|
|
)
|
|
async def delete_preset(
|
|
preset_id: uuid.UUID,
|
|
current_user: SupervisorOrAdminUser,
|
|
db: DB,
|
|
) -> None:
|
|
service = PermissionPresetService(db)
|
|
await service.delete_preset(
|
|
preset_id=preset_id,
|
|
tenant_id=current_user.tenant_id,
|
|
deleted_by=current_user,
|
|
)
|