cleanup in _common

api/kiwi_vpn_api/routers/_common.py

@@ -85,19 +85,16 @@ async def get_current_user_if_exists(
     return current_user
 
 
-async def get_current_user_if_admin(
+async def current_user_is_admin(
     current_user: User = Depends(get_current_user_if_exists),
 ) -> User:
     """
-    Get the currently logged-in user if it is an admin.
+    Fail if the currently logged-in user is not an admin.
     """
 
-    # fail if not requested by an admin
     if not current_user.can(UserCapabilityType.admin):
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)
 
-    return current_user
-
 
 async def get_user_by_name(
     user_name: str,

api/kiwi_vpn_api/routers/admin.py

@@ -8,7 +8,7 @@ from sqlmodel import select
 
 from ..config import Config
 from ..db import Connection, User, UserCapabilityType, UserCreate
-from ._common import Responses, get_current_user_if_admin
+from ._common import Responses, current_user_is_admin
 
 router = APIRouter(prefix="/admin", tags=["admin"])
 
@@ -79,7 +79,7 @@ async def create_initial_admin(
 )
 async def set_config(
     config: Config,
-    _: User = Depends(get_current_user_if_admin),
+    _: User = Depends(current_user_is_admin),
 ):
     """
     PUT ./config: Edit `kiwi-vpn` main config.

api/kiwi_vpn_api/routers/user.py

@@ -8,7 +8,8 @@ from pydantic import BaseModel
 
 from ..config import Config
 from ..db import User, UserCapabilityType, UserCreate, UserRead
-from ._common import Responses, get_current_user, get_current_user_if_admin
+from ._common import (Responses, current_user_is_admin,
+                      get_current_user_if_exists, get_user_by_name)
 
 router = APIRouter(prefix="/user", tags=["user"])
 
@@ -58,7 +59,7 @@ async def login(
 
 @router.get("/current", response_model=UserRead)
 async def get_current_user(
-    current_user: User | None = Depends(get_current_user),
+    current_user: User = Depends(get_current_user_if_exists),
 ):
     """
     GET ./current: Respond with the currently logged-in user.
@@ -80,7 +81,7 @@ async def get_current_user(
 )
 async def add_user(
     user: UserCreate,
-    _: User = Depends(get_current_user_if_admin),
+    _: User = Depends(current_user_is_admin),
 ) -> User:
     """
     POST ./: Create a new user in the database.
@@ -112,20 +113,13 @@ async def add_user(
     response_model=User,
 )
 async def remove_user(
-    user_name: str,
-    _: User = Depends(get_current_user_if_admin),
+    _: User = Depends(current_user_is_admin),
+    user: User = Depends(get_user_by_name),
 ):
     """
     DELETE ./{user_name}: Remove a user from the database.
     """
 
-    # get the user
-    user = User.get(user_name)
-
-    # fail if user not found
-    if user is None:
-        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
-
     # delete user
     user.delete()
 
@@ -140,17 +134,14 @@ async def remove_user(
     },
 )
 async def extend_capabilities(
-    user_name: str,
     capabilities: list[UserCapabilityType],
-    _: User = Depends(get_current_user_if_admin),
+    _: User = Depends(current_user_is_admin),
+    user: User = Depends(get_user_by_name),
 ):
     """
     POST ./{user_name}/capabilities: Add capabilities to a user.
     """
 
-    # get and change the user
-    user = User.get(user_name)
-
     user.set_capabilities(user.get_capabilities() | set(capabilities))
 
     user.update()
@@ -166,17 +157,14 @@ async def extend_capabilities(
     },
 )
 async def remove_capabilities(
-    user_name: str,
     capabilities: list[UserCapabilityType],
-    _: User = Depends(get_current_user_if_admin),
+    _: User = Depends(current_user_is_admin),
+    user: User = Depends(get_user_by_name),
 ):
     """
     DELETE ./{user_name}/capabilities: Remove capabilities from a user.
     """
 
-    # get and change the user
-    user = User.get(user_name)
-
     user.set_capabilities(user.get_capabilities() - set(capabilities))
 
     user.update()