""" /admin endpoints. """ from fastapi import APIRouter, Depends, HTTPException, status from sqlmodel import select from ..config import Config from ..db import Capability, Connection, User, UserCreate from ._common import Responses, get_current_user_if_admin router = APIRouter(prefix="/admin", tags=["admin"]) @router.put( "/install/config", responses={ status.HTTP_200_OK: Responses.OK, status.HTTP_400_BAD_REQUEST: Responses.INSTALLED, }, ) async def initial_configure( config: Config, current_config: Config | None = Depends(Config.load), ): """ PUT ./install/config: Configure `kiwi-vpn`. """ # fail if already configured if current_config is not None: raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST) # create config file, connect to database await config.save() Connection.connect("sqlite:///tmp/vpn.db") @router.put( "/install/admin", responses={ status.HTTP_200_OK: Responses.OK, status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED, status.HTTP_409_CONFLICT: Responses.ENTRY_EXISTS, }, ) async def create_initial_admin( admin_user: UserCreate, current_config: Config | None = Depends(Config.load), ): """ PUT ./install/admin: Create the first administrative user. """ # fail if not configured if current_config is None: raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST) with Connection.session as db: if db.exec(select(User)).first() is not None: raise HTTPException(status_code=status.HTTP_409_CONFLICT) # create an administrative user new_user = User.create(**admin_user.dict()) new_user.set_capabilities([Capability.login, Capability.admin]) new_user.update() @router.put( "/config", responses={ status.HTTP_200_OK: Responses.OK, status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED, status.HTTP_401_UNAUTHORIZED: Responses.NEEDS_USER, status.HTTP_403_FORBIDDEN: Responses.NEEDS_ADMIN, }, ) async def set_config( new_config: Config, current_config: Config | None = Depends(Config.load), _: User | None = Depends(get_current_user_if_admin), ): """ PUT ./config: Edit `kiwi-vpn` main config. """ # fail if not installed if current_config is None: raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST) # update config file, reconnect to database await new_config.save() Connection.connect("sqlite:///tmp/vpn.db")