From be9454eb48452f68aaf98ab3a6ea66624c1ec9d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn-Michael=20Miehe?=
 <40151420+ldericher@users.noreply.github.com>
Date: Sat, 19 Mar 2022 18:06:28 +0000
Subject: [PATCH] new user creation

---
 api/kiwi_vpn_api/routers/_deps.py |  4 ++++
 api/kiwi_vpn_api/routers/user.py  | 35 +++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+)

diff --git a/api/kiwi_vpn_api/routers/_deps.py b/api/kiwi_vpn_api/routers/_deps.py
index ac6431e..4566a75 100644
--- a/api/kiwi_vpn_api/routers/_deps.py
+++ b/api/kiwi_vpn_api/routers/_deps.py
@@ -29,6 +29,10 @@ class Responses:
         "description": "Must be admin",
         "content": None,
     }
+    entry_exists = {
+        "description": "Entry exists in database",
+        "content": None,
+    }
 
 
 async def get_current_user(
diff --git a/api/kiwi_vpn_api/routers/user.py b/api/kiwi_vpn_api/routers/user.py
index ce3397d..0f4552c 100644
--- a/api/kiwi_vpn_api/routers/user.py
+++ b/api/kiwi_vpn_api/routers/user.py
@@ -47,3 +47,38 @@ async def get_current_user(
     current_user: schemas.User | None = Depends(_deps.get_current_user),
 ):
     return current_user
+
+
+@router.post(
+    "/new",
+    responses={
+        status.HTTP_200_OK: _deps.Responses.ok,
+        status.HTTP_400_BAD_REQUEST: _deps.Responses.not_installed,
+        status.HTTP_401_UNAUTHORIZED: _deps.Responses.needs_user,
+        status.HTTP_403_FORBIDDEN: _deps.Responses.needs_admin,
+        status.HTTP_409_CONFLICT: _deps.Responses.entry_exists,
+    },
+    response_model=schemas.User,
+)
+async def add_user(
+    user: schemas.UserCreate,
+    current_config: Config | None = Depends(Config.load),
+    current_user: schemas.User | None = Depends(_deps.get_current_user),
+    db: Session | None = Depends(Connection.get),
+):
+    if current_config is None:
+        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
+
+    if current_user is None or "admin" not in current_user.capabilities:
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)
+
+    new_user = schemas.User.create(
+        db=db,
+        user=user,
+        crypt_context=await current_config.crypto.crypt_context,
+    )
+
+    if new_user is None:
+        raise HTTPException(status_code=status.HTTP_409_CONFLICT)
+
+    return new_user